Solved: Importing JWT Java Callout Proxy using Apigee Edge... - Page 2

Report Inappropriate Content · 12-05-2017 10:18 AM

Hi - Need some information on deploying the JWT javacallout proxies from Apigee Edge UI.

Source:

https://github.com/gahana/edge-jwt-sample.

1. Can we download the zip and just deploy the individual proxies from Apigee Edge. Or can Apidgee Edge UI handle multiple proxies when importing a bundle.

2. Tried to import Validate proxies individually but getting read error. Do we need to change/set any variables before importing

3. Are all the prerequisites mentioned in above source link required, when importing the proxies from Apigee Edge

4. deploy.sh is rebuilding the jars. Is it mandatory step before deploying these proxies irrespective of Edge UI or Command line process.

Thanks,

Sekhar

,

Hi - Need some information on deploying the JWT javacallout proxies from Apigee Edge UI.

Source:

https://github.com/gahana/edge-jwt-sample.

1. Can we download the zip and just deploy the individual proxies from Apigee Edge. Or can Apidgee Edge UI handle multiple proxies when importing a bundle.

2. Tried to import Validate proxies individually but getting read error. Do we need to change/set any variables before importing

3. Are all the prerequisites mentioned in above source link required, when importing the proxies from Apigee Edge

4. deploy.sh is rebuilding the jars. Is it mandatory step before deploying these proxies irrespective of Edge UI or Command line process.

Thanks.

ssudhindra

Hi Sekhar,

1. You can zip and import one proxy at a time. Or you can use the deploy script on the project.

2. The validate proxy uses a sharedflow. Are you importing it before the validate proxy? Also the proxy in the above repo is designed to take input to run some tests for generating and validating JWTs. You should pick the `edge-jwt-generate.jar` and `jose4j-0.5.7.jar` and use it in your own Java callout. You can see some examples in the readme file.

3. The pre-requisites have the purpose mentioned. If you just want to copy the `edge-jwt-generate.jar` and not build it yourself, you may not need gradle. If you are not using BDD, then you don't need the tools related to it.

4. The deploy script rebuilds the jar only if you specify the java option. You don't have to do it, if you just copy the jars.

View solution in original post

ssudhindra

Taking this question from the previous comment thread.

"Did the extract variables in the shared flow worked for you. As per apigee docs, extract from JSONPayload only works for "Content-Type header is application/json." But in case of JWT the header content is not json. Any inputs on how this extract variables can be achieved."

Not sure I understand the question. Here is what I think you may be referring to.

The sample project is setup up to test the Java callout with various inputs. The test cases are varied based on contents of JSON object in the request body and the same is used to configure the Java callout.

On a production bound Java callout for JWT validation, configuration information like Issuer, Audience, Keys, Algos, etc. should come from an encrypted KVM. This way you can separate config from code, separate different environment values from each other and keep secrets and keys protected.

So instead of an ExtractVariables policy, in your case you would use a KeyValueMapOperations policy to read KVM entries for what to verify in the JWT Java callout. You could also hard code these values in Java callout, to begin with.

The JWT itself can come from the Authorization header. You can use ExtractVariables to get it from header.

    <Header name="Authorization">
        <Pattern ignoreCase="true">Bearer {jwt}</Pattern>
    </Header>

Hope this helps.

View solution in original post

Importing JWT Java Callout Proxy using Apigee Edge UI,JWT Java Callout Proxy Implementation