I am implementing handler for REST API in Java (org.apache.synapse.rest.Handler interface). And there is a case, when I need to access Secure Vault and get a value.
I know that you are able to achieve this by expression="wso2:vault-lookup('YOUR.KEY.HERE')" in sequence, but can't find api to do this in handler. I believe that org.apache.synapse.MessageContext can help, but not sure how.
You can use below code segment in the custom handler.
public String getSecretPassword(String alias, MessageContext messageContext){
RegistrySecretRepository regRepo = new RegistrySecretRepository();
regRepo.setSynCtx(messageContext);
return regRepo.getSecret(alias);
}
Dependency for pom.xml, the version needs to be changed according to your product version.
<dependency>
<groupId>org.wso2.carbon</groupId>
<artifactId>org.wso2.carbon.mediation.security</artifactId>
<version>4.2.0</version>
</dependency
Please refer - http://malantech.blogspot.com/2016/10/basic-authentication-handler-with.html
Thanks
I believe you will not be able to get the value of the security vault directly from your handler so I advise you to recover the password and put it in a property and inside your handler to retrieve the property.
<property name="passwordvault"
expression="wso2:vault-lookup('YOUR.KEY.HERE')"
scope="default"/>
And use the MessageContext to get the propertie like this:
context.getProperty("passwordvault");
That's just a workaround which is not advisable , i believe you can try below code as i have used similar earlier as well and it worked
<property expression="wso2:vault-lookup('ei.training.userid')" name="UserID" scope="default" type="STRING"/>
<log>
<property expression="wso2:vault-lookup('ei.training.userid')" name="UID"/>
</log>
And I will answer my own question.
I've created a dummy sequence and placed it into Registry
<sequence name="SecureVaultSeq" trace="disable" xmlns="http://ws.apache.org/ns/synapse">
<property expression="wso2:vault-lookup('MY.PASS')" name="NAME"
scope="default" type="STRING"
xmlns:ns="http://org.apache.synapse/xsd" xmlns:ns3="http://org.apache.synapse/xsd"/>
</sequence>
Then in my handler i retrieved it like this:
messageContext.getConfiguration().getSequence("conf:Resources/sequences/SecureVaultSeq.xml").mediate(messageContext);
key = (String) messageContext.getProperty("NAME");
Hope this will help someone.
Related
I am using wso2 API manager 3.2 and in my API there are some headers and Query Parameter.
My API has some path variable in URL in this way
http://example.com/data/readsomeData/{entityId}/{someId}
for the path variable I use the following mediator
<property name="REST_URL_POSTFIX" scope="axis2" action="remove"/>
and it works fine.
also I change some of incoming header's name . For example incoming header is IN_HEADER , I translate it to OUT_HEADER ,my backend expects OUT_HEADER.
I also use this mediator
<property name="IN_HEADER" expression="get-property('transport', 'IN_HEADER')"/>
<property name="OUT_HEADER" expression="get-property('IN_HEADER')" scope="transport"/>
<property name="IN_HEADER" scope="transport" action="remove"/>
It also works fine too.
The given API describe above also has some optional query parameters (limit, max, min) . For example if I use limit=10 in my API, I have to get 10 records, with out limit I get just one record.
In WSO2 API Manager Publisher I defined the above query parameters as the other parameters.
The problem is when I use each of query parameter I get the result same as the way I do not use the query parameters. I get only one record.
I think the API manager does not pass the query parameters to backend.
I don't know this problem related to the mediator I use or not!
You can approach this in a few different ways, below examples should also work on 3.2.0.
Because you remove the REST_URL_POSTFIX the APIM also removes the query parameters.
So option 1:
You could do something similar to what you did for the other headers.
Grab the query parameters and add them as headers for further use. (the $url shorthand should also be available in 3.2.0 as far as I know - it grabs a query parameter by name.)
<property name="limit" expression="$url:limit" scope="transport"/>
<property name="min" expression="$url:min" scope="transport"/>
<property name="max" expression="$url:max" scope="transport"/>
Or you could grab the query parameters from your URL and put them back after removing the POSTFIX.
<property name="newUrlPostfix" expression="substring after($axis2:REST_URL_POSTFIX, '?')"/>
<property name="REST_URL_POSTFIX" scope="axis2" action="remove"/>
<property name="REST_URL_POSTFIX" scope="axis2" expression="concat('?', $ctx:newUrlPostfix"/>
How to retrieve HTTP REST METHOD(GET,PUT,POST,DELETE,OPTIONS) in WSO2 Api Manager's Sequence at runtime? I tried to $ctx:REST_METHOD which returns 'null' value.
<sequence name="ec_rest_dynamic_ep" trace="disable" xmlns="http://ws.apache.org/ns/synapse">
<property expression="$ctx:REST_METHOD" name="restmethod"
scope="default" type="STRING"/>
<log>
<property expression="get-property('restmethod')" name="*******************REST_METHOD***********"/>
</log>
</sequence>
Basically, HTTP REST METHOD value of current service & URL context of that service needed to identify the service in order redirect the service to its endpoint dynamically at runtime.
Try the following property.
<property name="Http_Method" expression="get-property('axis2', 'HTTP_METHOD')"/>
You can find more useful properties in [1].
#Pubci's answer is correct. Here is another way.
<property name="Method" scope="transport" expression="$ctx:api.ut.HTTP_METHOD"/>
Some other properties can be found here.
I'm looking for a way to communicate the user and the subscribed application name from the WSO2 API Manager to specific API's. I already found documentation on using JWT for this, but that would imply that all connected API's get this information, something that is not desirable in our scenario.
Can the same be accomplished using some sort of mediation sequence? I can't find any proper documentation on what parameters and fields are available there.
Thanks in advance.
Yes you can write a custom mediation sequence like this.
<sequence xmlns="http://ws.apache.org/ns/synapse" name="admin--Temp:v1.0.0--In">
<property name="UserName" scope="transport" expression="$ctx:api.ut.userName"/>
<property name="AppName" scope="transport" expression="$ctx:api.ut.application.name"/>
<log level="custom">
<property name="User" expression="$trp:UserName"/>
<property name="App" expression="$trp:AppName"/>
</log>
</sequence>
Here I'm creating 2 transport headers with user name and app name.
I am using the inline javascript prototype feature in the WSO2 API manager and I'm trying to set different HTTP response statuses. Is this possible? If so how is it done?
So far I have tried setting the HTTP_SC property but this doesn't seem to have any effect.
mc.setProperty('HTTP_SC', "404");
I had the same requirement and after much exploring under the hood was able to find a workable solution.
The reason why setting the property:
mc.setProperty('HTTP_SC', "404");
didn't work is that the property needs to be set in the axis2 scope (as Abimaran said). mc.setProperty doesn't set it on that scope. Moreover, the MessageContext object doesn't provide a way to set the scope.
The 'Deploy as Prototype' action actually creates the API definition file by merging the specified in-line script into the a velocity template and storing the resulting API definition into a file.
Template: ./repository/resources/api_templates/prototype_template.xml
Output location: repository/deployment/server/synapse-configs/default/api/
The output file will have a name in the format:
provider--API Name-vVERSION.xml
where provider appears to be the username of the API creator.
What I did was add a filter to the template:
<filter source="boolean(get-property('HTTP_SC'))" regex="false">
<then>
<property name="HTTP_SC" value="200" scope="axis2"/>
</then>
<else>
<property name="HTTP_SC" expression="get-property('HTTP_SC')" scope="axis2"/>
</else>
</filter>
I added it immediately after a similar block (for handling CONTENT_TYPE) at the start of the inSequence element.
You need to add following properties before <send/> mediator
<header name="To" action="remove"/>
<property name="RESPONSE" value="true"/>
<property name="HTTP_SC" value="403" scope="axis2"/>
I am building a ReST to ReST proxy service. I need to be able to pass along some query parameters to that service that are incoming with the request. E.g.
myhost.zz/proxyService?foo=1&bar=2
When I define such proxy - and later try to extract the value of 'foo' I get null.
So is it possible to achieve?
You shouls define an API (if you really want a proxy service, look at the end of this answer) :
<api xmlns="http://ws.apache.org/ns/synapse" name="proxyService" context="/proxyService">
<resource methods="POST GET OPTIONS DELETE PUT">
<inSequence>
<property name="FORCE_SC_ACCEPTED" value="true" scope="axis2" type="STRING"></property>
<log level="custom">
<property name="foo" expression="get-property('query.param.foo')"></property>
<property name="bar" expression="get-property('query.param.bar')"></property>
</log>
</inSequence>
</resource>
</api>
call it with this url : http://host:port/proxyService?foo=12&bar=14
look at wso2-esb-service.log : INFO __SynapseService foo = 12, bar = 14
in the "resource", you can define a uri-template (URL Style = uri-template) with, for exemple, "/{scope}/*" and then when you call your api with http://host:port/proxyService/toto?foo=12&bar=14, you can access the "scope" with get-property('uri.var.scope')
to send a REST request, use a http endpoint with a uri-template using the same logic : uri-template="http://other_host:port/Service/{uri.var.scope}/truc?abc={query.param.foo}&dfc={query.param.bar}"
-->
If you want to use a proxy service, you can access to query parameters like this :
request : http://esb:8280/services/MonService?param1=val1¶m2=val2
<property name="PARAM1"
expression="tokenize(substring-after(syn:get-property('To'),'param1='),'&')"
scope="default"
type="STRING"/>
<property name="PARAM2"
expression="tokenize(substring-after(syn:get-property('To'),'param2='),'&')"
scope="default"
type="STRING"/>
you can use synapse xpath variable $url to read the query parameter values.
check this[1] for example.
Reading Dynamic query parameter in WSO2 APIM