The authorization tokens provided to our API can be generated from the key:secret pair of developer apps or company apps.
What variables are available in EDGE that can be used to determine if the app accessing the api is a company app or a developer app?
Solved! Go to Solution.
This seems to work:
var developer = context.getVariable('developer.userName'); var company = context.getVariable('company.name'); if(company){ context.setVariable('foo', 'COMPANY:'+company); } else if(developer) { context.setVariable('foo', 'DEVELOPER:'+developer); } else { context.setVariable('foo', 'UNKNOWN'); }
I did two traces, one for a company app and one for a dev app, and downloaded the trace results to compare. The only thing I've been able to spot is the availability of a 'company' property and a 'developer' property.
<Point id="FlowInfo"> <DebugInfo> <Timestamp>30-09-15 15:23:59:656</Timestamp> <Properties> <Property name="Identifier">company</Property> </Properties> </DebugInfo> </Point> ------------------------------------ <Point id="FlowInfo"> <DebugInfo> <Timestamp>30-09-15 15:26:34:825</Timestamp> <Properties> <Property name="Identifier">developer</Property> </Properties> </DebugInfo> </Point>
I've added a JavaScript policy (in the pre-flow) to access them:
var dev = context.getVariable('developer'); var co = context.getVariable('company'); if(dev) { // do something } if(co) { // do something }
And set a context variable accordingly:
context.setVariable('customHeaderValue', bar);
But I'm running into this error when setting the value:
"Access to Java class "com.apigee.steps.oauth.DeveloperAttributesFlowInfo" is prohibited.
I'm not really totally sure if I'm going down the right path. Any guidance?
This seems to work:
var developer = context.getVariable('developer.userName'); var company = context.getVariable('company.name'); if(company){ context.setVariable('foo', 'COMPANY:'+company); } else if(developer) { context.setVariable('foo', 'DEVELOPER:'+developer); } else { context.setVariable('foo', 'UNKNOWN'); }