This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

Set Oauth V2 Info Policy: How to set attribute value at runtime

Posted on 10-24-2016 03:30 PM
Not applicable
Reply posted on --/--/---- --:-- AM

Hi,

I am using Set Oauth V2 Policy in Pre Flow to set attribute in my Access Token, so that I can use that information while calling my API.

My APIs expect info like user id and role id as header parameters, so I want them to be stored in Access Token Profile as attributes when the user first time call the API using access token.

My problem is that I am not able to set the attribute value using Set Oauth V2 Info policy, this is how my Set Oauth V2 Info Policy looks:

<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <SetOAuthV2Info async="false" continueOnError="false" enabled="true" name="Set-OAuth-v20-Info-1"> <DisplayName>Set OAuth v2.0 Info-1</DisplayName> <AccessToken ref="access_token"/> <Attributes> <Attribute name="X-UserId" ref="request.headerparam.value"/> </Attributes> </SetOAuthV2Info>

And below is how I am calling my API using cURL:

curl http://{org-name}-test.apigee.net/v1/getcontentbyid/abcdef1234 -H "Authorization: Bearer {access_token}" -H "X-UserId: troy"

Above call gives me a successful response but it does not store the value for my attribute:

oauthv2accesstoken.Set-OAuth-v20-Info-1.X-UserId: {empty}

I need this value to be stored in my Access Toke profile, so that user do not have to pass this info every time he calls the API.

My oauth policy is below:

<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <OAuthV2 name="GenerateAccessTokenClient"> <!-- This policy generates an OAuth 2.0 access token using the client_credentials grant type --> <Operation>GenerateAccessToken</Operation> <!-- This is in millseconds, so expire in an hour --> <ExpiresIn>3600000</ExpiresIn> <SupportedGrantTypes> <!-- This part is very important: most real OAuth 2.0 apps will want to use other grant types. In this case it is important to NOT include the "client_credentials" type because it allows a client to get access to a token with no user authentication --> <GrantType>client_credentials</GrantType> </SupportedGrantTypes> <GrantType>request.queryparam.grant_type</GrantType> <GenerateResponse/> <Attributes> <Attribute name="X-RoleId" ref="request.header.roleId" display="true">developer</Attribute> <Attribute name="X-UserId" ref="request.headerparam.value" display="true"></Attribute> </Attributes> </OAuthV2>

Please suggest.

Thanks,

Kumud

Solved Solved
0 3 666
Topic Labels
Jump to Solution
0 Likes
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
aswinsegu
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Hi @Kumud Gautam,

As i noticed in the SetOAuthTokenInfo policy code, the syntax is correct except for ref in Attribute element to access header is not correct

<Attributes>
	<Attribute name="X-UserId" ref="request.headerparam.value"/>
</Attributes>

Try using request.header.{header_name} instead of request.headerparam.value

<Attributes>
	<Attribute name="X-UserId" ref="request.header.{header_name}"/>
</Attributes>

View solution in original post

Jump to Solution
3 REPLIES 3
Top Solution Authors
View all