Generate JWT proxy not working

gungc
Participant I

Hi,

Im trying to follow Anil Rupanagudi's tutorial on how to generate a JWT token. I cant seem to get it to work however. When I try to run a post request against it i just get the body response from the back end but the JWT token doesn't appear in the response header.

PreFlow

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<ProxyEndpoint name="default"> 
<Description/> 
<FaultRules/> 
    <PreFlow name="PreFlow"> 
        <Request/>
        <Response>
            <Step> 
                <Name>Assign-Message-1</Name> 
            </Step>
            <Step>
                <Name>Generate-JWT-1</Name>
            </Step>
             <Step>
                <Name>Assign-Message-2</Name>
             </Step>
        </Response>
    </PreFlow>
    <PostFlow name="PostFlow">
        <Request/>
        <Response/>
    </PostFlow>
    <Flows/>
    <HTTPProxyConnection>
        <BasePath>/generatejwt</BasePath>
        <Properties/>
        <VirtualHost>default</VirtualHost>
        <VirtualHost>secure</VirtualHost>
    </HTTPProxyConnection>
    <RouteRule name="default">
        <TargetEndpoint>default</TargetEndpoint>
    </RouteRule></ProxyEndpoint>

Generate JWT-1

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<GenerateJWT async="false" continueOnError="false" enabled="true" name="Generate-JWT-1">
    <DisplayName>Generate JWT-1</DisplayName>
    <Algorithm>HS256</Algorithm>
    <SecretKey>
        <Value ref="private.key"/>
    </SecretKey>
    <Subject>subject-subject</Subject>
    <Issuer>urn://apigee-edge-JWT-policy-test</Issuer>
    <Audience>audience1,audience2</Audience>
    <ExpiresIn>8h</ExpiresIn>
    <AdditionalClaims>
        <Claim name="userId" type="string" ref="request.formparam.username/"/>
    </AdditionalClaims>
    <OutputVariable>jwt-variable</OutputVariable>
</GenerateJWT>

Assign Message 1

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<AssignMessage async="false" continueOnError="false" enabled="true" name="Assign-Message-1">
    <DisplayName>Assign Message-1</DisplayName>
    <Properties/>
    <AssignVariable>
        <Name>private.key</Name>
        <Value>Secret123</Value>
    </AssignVariable>
    <IgnoreUnresolvedVariables>true</IgnoreUnresolvedVariables>
    <AssignTo createNew="false" transport="http" type="response"/>
</AssignMessage>

Assign Message 2 (Header response)

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<AssignMessage async="false" continueOnError="false" enabled="true" name="Assign-Message-2">
    <DisplayName>Assign Message-2</DisplayName>
    <Add>
        <Headers>
            <Header name="jwt-token">{jwt-variable}</Header>
        </Headers>
    </Add>
    <IgnoreUnresolvedVariables>true</IgnoreUnresolvedVariables>
    <AssignTo createNew="false" transport="http" type="response"/>
</AssignMessage>

Back end: https://reqres.in

When I run the post request in post man I get the following headers:

Date →Wed, 09 Jan 2019 16:47:05 GMT

Content-Type →text/html; charset=utf-8

Set-Cookie →__cfduid=d2a2327127fd1c17003d34208d1fbba9c1547052425; expires=Thu, 09-Jan-20 16:47:05 GMT; path=/; domain=.reqres.in; HttpOnly

X-Powered-By →Express

Access-Control-Allow-Origin →*

Expect-CT →max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" Server →cloudflare

CF-RAY →4968623a4a65c566-ORD

Content-Encoding →gzip

X-Cache →MISS from mE0CBBC07437D

X-Cache-Lookup →MISS from mE0CBBC07437D:3128

Via →1.1 mE0CBBC07437D (squid/3.5.23)]

Connection →close

Appreciate any insight, thank you.

Solved Solved
0 4 376
1 ACCEPTED SOLUTION

I suggest that you:

  • use variable names that exclude dash. Try underscore or dot for a separator.
  • to make progress, take a step back. Simplify the API Proxy to just do one thing.: generate the JWT. Then add the "call the backend system" piece.

View solution in original post

4 REPLIES 4

gungc
Participant I

After further investigation I can see that the request returns a 404 as well, so Im not sure why its not being found

I suggest that you:

  • use variable names that exclude dash. Try underscore or dot for a separator.
  • to make progress, take a step back. Simplify the API Proxy to just do one thing.: generate the JWT. Then add the "call the backend system" piece.

Thanks Dino, I tried it without a back end and with underscored and I was able to generate a token. It puts me in a good position to progress.

Great! Glad to hear it.

I think it would be good for Apigee to validate and reject variable names with dashes or other invalid characters, on import or save, but ... for now the tool does not do that.