Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.

Service Callout using LocalTargetConnection not setting proxy.pathsuffix variable

Not applicable

Hi All,

I am trying to call endpoint of another proxy using service call out. When I make direct call it works fine but when I make same call using service call out it's doesn't match with flow because proxy.pathsuffix is null hence it's not executing any policies in flow.

Following is section of service callout

<LocalTargetConnection>
 <APIProxy>proxyname</APIProxy>
 <ProxyEndpoint>default</ProxyEndpoint>
 <Path>/tokeninfo</Path> 
</LocalTargetConnection>

When I trace my proxy I can see proxy.pathsuffix as null hence call is failing.

Any idea why it's not setting context variables as it should not matter where from call is getting initiated?

Thanks

Harmeet

Solved Solved
1 8 3,158
1 ACCEPTED SOLUTION

Hi @harmeet.sra,

Thank you for posting, I ran into a similar problem when I tried to setup a service callout for a JWKS.

So I followed @Mike Dunker's advice to set the Request -> Set -> Path.

<ServiceCallout name="Get-JWKS" ...>
  <DisplayName>Get JWKS</DisplayName>
    <Properties/>
    <Request>
      <Set>
        <Verb>GET</Verb>
        <Path>/oauth2/v3/certs</Path>
      </Set>
    </Request>
    <Response>jwks.Response</Response>
    <LocalTargetConnection>
      <APIProxy>Identity_v1</APIProxy>
      <ProxyEndpoint>default</ProxyEndpoint>
    </LocalTargetConnection>
</ServiceCallout>

A quick trace on the local target api proxy shows the proxy path suffix is not set correctly.

proxy.basepath /identity/v1
proxy.client.ip 127.0.0.1
proxy.name default
proxy.pathsuffix
proxy.url http://localhost:8443/oauth2/v3/certs

We also see that the proxy url is incorrect. This lead me to reinterpret @Mike Dunker suggestion as <Path>/base path/path suffix</Path>

<ServiceCallout name="Get-JWKS" ...>
  <DisplayName>Get JWKS</DisplayName>
  <Properties/>
  <Request>
    <Set>
      <Verb>GET</Verb>
      <Path>/indentity/v1/oauth2/v3/certs</Path>
    </Set>
  </Request>
  <Response>ftr.jwksResponse</Response>
  <LocalTargetConnection>
    <APIProxy>Identity_v1</APIProxy>
    <ProxyEndpoint>default</ProxyEndpoint>
  </LocalTargetConnection>
</ServiceCallout>
proxy.basepath /identity/v1
proxy.client.ip 127.0.0.1
proxy.name default
proxy.pathsuffix /oauth2/v3/certs
proxy.url https://localhost:8443/identity/v1/oauth2/v3/certs

Low and behold, the proxy url and proxy path suffix are now populated correctly.

Many thanks @harmeet.sra and @Mike Dunker for blazing the trail and sharing your pain I wouldn't have been able to figure this out with out you.

I hope this helps future proxy chainers!

View solution in original post

8 REPLIES 8