I'm a novice in IBM API Connect. What I want to realize is to pass the client certificate used in the mutual TLS connection between an API caller and IBM API Connect to a backend server as a value of Client-Cert HTTP header.
I thought that Set-Variable could be used for the purpose, but a request forwarded to the backend server does not contain the Client-Cert HTTP header.
Could anyone help me out?
swagger: '2.0'
info:
version: 1.0.0
title: test
x-ibm-name: test
basePath: /test
x-ibm-configuration:
properties:
target-url:
value: https://httpdump.io/tqvg_
description: URL of the proxy policy
encoded: false
cors:
enabled: true
gateway: datapower-api-gateway
type: rest
phase: realized
enforced: true
testable: true
assembly:
execute:
- set-variable:
version: 2.0.0
title: client-cert
actions:
- value: ':$(application.certificate.Base64):'
type: string
add: Client-Cert
- value: My-Value
add: My-Header
type: string
description: >-
Set the client certificate used in the mutual TLS connection to the
Client-Cert HTTP header in the format defined in "Client-Cert HTTP
Header Field".
- invoke:
version: 2.2.0
title: invoke
backend-type: detect
header-control:
type: blocklist
values: []
parameter-control:
type: blocklist
values: []
http-version: HTTP/1.1
timeout: 60
verb: POST
chunked-uploads: true
persistent-connection: true
cache-response: protocol
cache-ttl: 900
stop-on-error: []
websocket-upgrade: false
target-url: $(target-url)
graphql-send-type: detect
finally: []
activity-log:
enabled: true
success-content: activity
error-content: payload
paths:
/:
get:
responses:
'200':
description: success
schema:
type: string
consumes: []
produces: []
put:
responses:
'200':
description: success
schema:
type: string
consumes: []
produces: []
post:
responses:
'200':
description: success
schema:
type: string
consumes: []
produces: []
delete:
responses:
'200':
description: success
schema:
type: string
consumes: []
produces: []
head:
responses:
'200':
description: success
schema:
type: string
consumes: []
produces: []
patch:
responses:
'200':
description: success
schema:
type: string
consumes: []
produces: []
schemes:
- https
Your variable name should be message.headers.Client-Cert if you want to add a header. Otherwise you're just creating an internal variable that never gets read.
Related
I have just started using postman so that I can serve my front end.
I have managed to create a mock service and define some schema and some endpoints. I have also added the bearer authorization. I do not understand how to implement the login endpoint to get back the auth token.
I understand it must be a POST, with no security check, sending email and psw
What other values should I consider?
openapi: 3.0.0
info:
version: 'draft'
title: 'MY API'
license:
name: MIT
servers:
- url: 'https://e9d52583-3413-476e-b0a9-02c4151be665.mock.pstmn.io'
paths:
/user:
get:
summary: 'User: Returns details about a particular user'
operationId: listUser
tags:
- user
parameters:
- name: id
in: query
description: ID of the user
required: true
schema:
type: integer
format: int32
responses:
'200':
description: 'User: Details about a user by ID'
headers:
x-next:
description: A link to the next page of responses
schema:
type: string
content:
application/json:
schema:
$ref: '#/components/schemas/User'
default:
description: Unexpected error
content:
application/json:
schema:
$ref: '#/components/schemas/Error'
/brands:
get:
summary: 'Brands: List all brands'
operationId: listBrands
tags:
- brands
responses:
200:
description: 'Brands: An array of brands'
headers:
x-next:
description: 'Brands: A link to the next page of responses'
schema:
type: string
content:
application/json:
schema:
$ref: "#/components/schemas/Brands"
401:
description: 'Not authorized'
content:
application/json:
schema:
$ref: '#/components/schemas/Error'
default:
description: Unexpected error
content:
application/json:
schema:
$ref: "#/components/schemas/Error"
/brand:
get:
summary: 'Brand: Returns details about a particular brand'
operationId: listBrand
tags:
- brand
parameters:
- name: id
in: query
description: ID of the user
required: true
schema:
type: integer
format: int32
responses:
'200':
description: 'Brand: Details about a brand by ID'
headers:
x-next:
description: A link to the next page of responses
schema:
type: string
content:
application/json:
schema:
$ref: '#/components/schemas/Brand'
default:
description: Unexpected error
content:
application/json:
schema:
$ref: '#/components/schemas/Error'
components:
schemas:
User:
type: object
required:
- id
- name
properties:
id:
type: integer
format: int64
name:
type: string
tag:
type: string
Brand:
type: object
required:
- id
- name
properties:
id:
type: integer
format: int64
name:
type: string
tag:
type: string
Brands:
type: array
items:
$ref: "#/components/schemas/Brand"
Error:
type: object
required:
- code
- message
properties:
code:
type: integer
format: int32
message:
type: string
securitySchemes:
bearerAuth:
type: http
scheme: 'bearer'
bearerFormat: 'JWT'
responses:
UnauthorizedError:
description: Access token is missing or invalid
security:
- bearerAuth: []
I need a very secure cloud function so I'm trying to put it behind a API Gateway.
The function works fine when I call it directy passing a Bearer token in header:
https://us-central1-<my-project>.cloudfunctions.net/<my-hello-function>
However I want to allow it to be used with a API token thru API Gateway (and then do something more useful than saying "hello"):
https://my-gateway-xxxxxxxx.uc.gateway.dev/v1/stats&key=<my-API-token>
When I try to call it I get:
{
"code": 404,
"message": "Path does not match any requirement URI template."
}
My API Gateway config file:
swagger: "2.0"
info:
title: my-gateway
version: "1.0.0"
basePath: "/v1"
schemes:
- "https"
produces:
- application/json
paths:
/stats:
get:
tags:
- "stats"
summary: "get service stats"
description: "Returns statistics"
operationId: "hello_world"
#produces:
#- "application/json"
parameters:
- name: "since"
in: "header"
description: "Date to retrieve information"
required: false
type: "string"
format: "date"
x-google-backend:
address: https://us-central1-<my-project>.cloudfunctions.net/<my-hello-function>
path_translation: CONSTANT_ADDRESS
protocol: h2
responses:
"200":
description: "successful operation"
schema:
$ref: "#"
"400":
description: "Invalid datetime supplied"
"404":
description: "Unknown path"
security:
- api_key: []
securityDefinitions:
api_key:
type: "apiKey"
name: "api_key"
in: "query"
definitions:
ApiResponse:
type: "object"
properties:
code:
type: "integer"
format: "int32"
type:
type: "string"
message:
type: "string"
What's missing? What am I doing wrong?
I tested your file and I reviewed your HTTP call. I noticed that in your security definitions you are naming the API key as api_key but in your URL you are using the parameter key, also, it is not necessary to set path_translation: CONSTANT_ADDRESS because this is the default directive
Additionally, you can check if your gateway is using the latest configuration.
This is the config that I used and works as expected (I changed the apikey to key and I removed path_translation)
swagger: "2.0"
info:
title: my-gateway
version: "1.0.0"
basePath: "/v1"
schemes:
- "https"
produces:
- application/json
paths:
/stats:
get:
tags:
- "stats"
summary: "get service stats"
description: "Returns statistics"
operationId: "hello_world"
parameters:
- name: "since"
in: "header"
description: "Date to retrieve information"
required: false
type: "string"
format: "date"
x-google-backend:
address: https://us-central1-[myproject].cloudfunctions.net/[functionname]
protocol: h2
responses:
"200":
description: "successful operation"
schema:
$ref: "#"
"400":
description: "Invalid datetime supplied"
"404":
description: "Unknown path"
security:
- api_key: []
securityDefinitions:
api_key:
type: "apiKey"
name: "key"
in: "query"
definitions:
ApiResponse:
type: "object"
properties:
code:
type: "integer"
format: "int32"
type:
type: "string"
message:
type: "string"
I've written a swagger and imported the same which will be validating the length of mobile number which should take 10 digits and also an input type which should accept only 1 Character as input or else it should throw an Error. But the message was going from APIM to ESB fairly. Should I've to make any more changes in API Manager or Code. Please suggest,
swagger: "2.0"
info:
version: v1.0.0
title: TestValidation
description: "This API to Test length Validation\n\n\nSupported operations :\n\n1. validation"
schemes:
- https
- http
consumes:
- application/json
produces:
- application/json
paths:
/validation:
post:
summary: dfgdf
description: fghfg
parameters:
- in: body
name: Payload
description: Request Body
required: false
schema:
$ref: "#/definitions/validation-request"
responses:
"200":
description: OK
schema:
$ref: "#/definitions/validation-response"
"400":
schema:
$ref: "#/definitions/TestValidation-api-error"
description: Bad Request. Invalid request or validation error.
"415":
schema:
$ref: "#/definitions/TestValidation-api-error"
description: Unsupported Media Type. The entity of the request was in a not supported format.
"500":
schema:
$ref: "#/definitions/TestValidation-api-error"
description: Internal Server Error
produces:
- application/json
consumes:
- application/json
x-auth-type: "Application & Application User"
x-throttling-tier: Unlimited
definitions:
validation-request:
type: object
properties:
MobileNum:
format: int64
type: number
minLength: 10
maxLength: 10
inputType:
type: string
minLength: 1
maxLength: 1
validation-response:
type: object
properties:
response:
type: object
TestValidation-api-error:
title: Error object returned with HTTP status
type: object
properties:
fault:
type: object
properties:
code:
format: int64
type: integer
type:
type: string
message:
description: Error message.
type: string
description:
description: A detail description about the error message.
type: string
required:
- code
- message
This feature is available in APIM 3.0.0. You have to enable it for each API you want it.
Here is the doc.
https://apim.docs.wso2.com/en/3.0.0/Learn/APISecurity/APIRequestResponseSchemaValidation/json-schema-validator/
0 with express-session but i am not able to send the cookie i.e session.sid in header.its showing in curl but its not showing in server. So can anyone help me how to set it?
swagger: '2.0'
info:
description: This is the list of API pr
version: 1.0.0
tags:
- name: developers
description: Operations available to regular developers
host: localhost:3000
schemes:
- http
securityDefinitions:
api_key:
type: apiKey
name: cookie
in: header
/api/details/{id}:
get:
summary: List all
description: ""
produces:
- application/json
parameters:
- name: id
in: path
required: true
type: integer
security:
- api_key: []
responses:
200:
description: " "
I was exploring Swagger and I must acknowledge I'm loving it.
I understand Swagger is primarily for RESTful web services, but I was wondering if we can make it work with SOAP web services as well.
May be translate SOAP based web services to RESTful? Or simply call SOAP based services via Swagger UI? Some hack? Has anyone done it?
Based on the present spec, I do not think so. It would not be easily possible to mention various aspects of a WSDL in swagger
To name a few:
PortTypes
Schemas and namespaces of request and response messages
SOAP encodings (RPC/Literal etc.)
online "translate SOAP based web services to RESTful" is what exactly DreamFactory does. Open Source API management tool based on Swagger. Here you can read about SOAP-to-REST functionality.
This might be worth a try: Swagger connector and Preparing the API for consumption.
There is a module for pointing at a SOAP WSDL to expose it through a Loopback server: http://strongloop.com/strongblog/soap-into-rest-apis-with-loopback-node-js/
As an API server to glue existing and new data sources, LoopBack is
designed to facilitate your backend data integration. With the
release of loopback-connector-soap module, you can now easily consume
SOAP web services and transform them into REST APIs.
I can't yet confirm that it works, but it looks like a way of exposing a SOAP service using Swagger.
openapi: 3.0.1
info:
version: 1.0.0
title: SOAP
description: |-
# Introduction
> ## 1.1. Purpose
IMG
>>> ![Service description](./IMGs/ServiceDescription.png)
TABLE
>>>>| TH1 | TH2 | TH3 | TH4 |
>>>>| --------------- | ------------- | ------------- | ----------- |
>>>>| Body1 | Body1 | Body3 | Body4 |
termsOfService: https://anas.badwais.com/en/terms-conditions
contact:
email: itconsultant89#anas.badwais.com
license:
name: Anas Badwais
url: http://anas.badwais.com/licenses/LICENSE-2.0.html
externalDocs:
description: Service description (WSDL)
url: 'http://WSDL_URL/?wsdl'
servers:
- description: testing
url: '{protocol}{Environment}{port}{version}'
variables:
protocol:
enum:
- 'https://'
- 'http://'
default: 'http://'
Environment:
enum:
- 'IPAddress'
default: 'IPAddress'
port:
enum:
- 'Port'
default: 'Port'
version:
enum:
- 'Version'
default: 'Version'
tags:
- name: tagName
externalDocs:
description: Find out more
url: ''
paths:
/{OperationName}/:
post:
tags:
- tagName
summary: OperationName - Breif Description
description: |-
description
operationId: OperationName
parameters:
- description: OperationName
name: OperationName
required: true
in: path
schema:
type: string
enum:
- 'SOAPURL_IF_EXISTS'
default: 'SOAPURL_IF_EXISTS'
- description: SOAPAction header for soap 1.1
name: SOAPAction
required: true
in: header
schema:
type: string
enum:
- OperationName
default: OperationName
requestBody:
$ref: '#/components/requestBodies/OperationNameEnvelope'
responses:
'200':
description: OK
headers:
Access-Control-Allow-Origin:
schema:
type: string
Access-Control-Allow-Methods:
schema:
type: string
Access-Control-Allow-Headers:
schema:
type: string
Transfer-Encoding:
description : chunked
schema:
type: string
content:
text/xml charset=UTF-8 :
schema:
$ref: '#/components/schemas/OperationNameResponseEnvelope'
examples:
HappyScenario:
$ref: '#/components/examples/OperationName_RS_HappyScenario'
'500':
description: Internal Server Error
headers:
Access-Control-Allow-Origin:
schema:
type: string
Access-Control-Allow-Methods:
schema:
type: string
Access-Control-Allow-Headers:
schema:
type: string
Transfer-Encoding:
description: chunked
schema:
type: string
content:
text/xml charset=UTF-8:
schema:
$ref: '#/components/schemas/faultEnvelope'
# security:
components:
examples:
OperationName_HappyScenario:
value:
Header:
Body:
OperationName: '1'
#-----------------#
#----------------------------------#
OperationName_RS_HappyScenario:
value:
Header:
Body:
OperationName: '1'
#-----------------#
#----------------------------------#
#-----------------#
requestBodies:
OperationNameEnvelope:
description: ''
content:
text/xml charset=UTF-8:
schema:
$ref: '#/components/schemas/OperationNameEnvelope'
examples:
HappyScenario:
$ref: '#/components/examples/OperationName_HappyScenario'
#-----------------#
#----------------------------------#
#-----------------#
schemas:
OperationNameEnvelope:
type: object
xml:
name: Envelope
prefix: soapenv
namespace: 'http://schemas.xmlsoap.org/soap/envelope/'
properties:
Header:
type: string
xml:
name: Header
prefix: soapenv
example:
Body:
type: object
xml:
name: Body
prefix: soapenv
properties:
OperationNameRequestMessage:
$ref: '#/components/schemas/OperationNameRequestMessage'
#-----------------#
OperationNameRequestMessage:
type: object
xml:
prefix: tns
namespace: 'https://anas.badwais.com/'
properties:
OperationElement:
type: number
#-----------------#
#----------------------------------#
#-----------------#
OperationNameResponseEnvelope:
type: object
xml:
name: Envelope
prefix: soapenv
namespace: 'http://schemas.xmlsoap.org/soap/envelope/'
properties:
Header:
type: string
description: ''
xml:
prefix: soapenv
example:
Body:
type: object
description: ''
xml:
prefix: soapenv
properties:
OperationNameResponseMessage:
$ref: '#/components/schemas/OperationNameResponseMessage'
#-----------------#
OperationNameResponseMessage:
type: object
description: ''
required:
- Response
xml:
prefix: tns
namespace: 'https://anas.badwais.com/'
properties:
ResponseElements:
type: integer
#-----------------#
#----------------------------------#
#-----------------#
faultEnvelope:
type: object
xml:
name: Envelope
prefix: soapenv
namespace: 'http://schemas.xmlsoap.org/soap/envelope/'
properties:
Header:
type: object
xml:
name: Header
prefix: soapenv
Body:
type: object
xml:
name: Body
prefix: soapenv
properties:
getVisitorInfo:
$ref: '#/components/schemas/fault'
#-----------------#
fault:
type: object
xml:
name: Fault
prefix: soapenv
namespace: 'http://schemas.xmlsoap.org/soap/envelope/'
properties:
faultcode:
type: string
xml:
name: faultcode
example: 1
faultstring:
type: string
xml:
name: faultstring
example: Error
faultactor:
type: string
xml:
name: faultactor
example: 1
detail:
type: object
xml:
name: detail
properties:
Fault:
$ref: '#/components/schemas/FaultBody'
#-----------------#
FaultBody:
type: object
xml:
name: Fault
prefix: flt
namespace: 'http://schemas.xmlsoap.org/soap/envelope/'
properties:
ErrorCode:
type: integer
format: int64
xml:
name: Fault
prefix: flt
example: 1
ErrorType:
type: string
xml:
name: Fault
prefix: flt
enum:
- System
- Functional
Message:
type: string
xml:
name: Fault
prefix: flt
example: error
# securitySchemes: