Comments (10)
Both options, I mean for Inbound- and Outbound-Method configuration, rely on one big question: How to identify/configure the API-Method in the API-Configuration file?
Internally, each operation gets a unique ID when importing the API into API-Manager and is used when loading on the WebUI.
But to manage the API-Method configuration externally in the config file, Swagger-Promote must map the external "logical" method name into that internal Method-ID. What should be the logical name?
My idea would be to use the operationID, which is shown in API-Manager like this:
With that, for Inbound-Settings this would look like this
"inboundProfiles": {
"_default": {
"securityProfile": "_default",
"corsProfile": "_default",
"monitorAPI": true,
"monitorSubject": "authentication.subject.id"
},
"weatherImagine": {
"securityProfile": "TestInboundSecProfile",
"corsProfile": null,
"monitorAPI": true,
"monitorSubject": null
}
Of course, the referenced security-profile must be declared as well in the config file otherwise the config is invalid and would be rejected.
This leads to the following config:
For Outbound settings it will look similar:
"outboundProfiles": {
"_default": {
"authenticationProfile": "_default",
"routeType": "proxy",
"requestPolicy": null,
"responsePolicy": null,
"routePolicy": null,
"faultHandlerPolicy": null,
"apiId": null,
"apiMethodId": null,
"parameters": [
]
},
"Country and City": {
"authenticationProfile": "HTTP Basic Outbound",
"routeType": null,
"requestPolicy": null,
"responsePolicy": null,
"routePolicy": null,
"parameters": [
{
"name": "additionalOutboundParam",
"required": false,
"type": "string",
"paramType": "header",
"value": "Test-Value",
"exclude": false,
"additional": true
}
]
}
},
This creates the following configuration:
You would basically need to duplicate the default
Inbound- or Outbound-Profile, configure it as you want for your API-Method and setup the operationId to map it to the correct API-Method.
Would that be an acceptable solution? I'm a bit worried about that the configuration might be become pretty complex. Even if I do plan to add better default support, which means that Swagger-Promote should also accept the following in the future:
"outboundProfiles": {
"_default": {
"authenticationProfile": "_default",
"routeType": "policy",
"requestPolicy": "Custom Routing Policy"
},
"Country and City": {
"authenticationProfile": "HTTP Basic Outbound",
"parameters": [
{
"name": "additionalOutboundParam",
"required": false,
"type": "string",
"paramType": "header",
"value": "Test-Value",
"exclude": false,
"additional": true
}
]
}
},
I believe also this option would useful to configure method setting to a number of API-Methods. Like this:
"outboundProfiles": {
"_default": {
"authenticationProfile": "_default",
"routeType": "policy",
"requestPolicy": "Custom Routing Policy"
},
"Country and City, weatherImagine": {
"authenticationProfile": "HTTP Basic Outbound",
"parameters": [
{
Please note, for now, I don't plan to add support to configure routing to a different Backend-API or API-Method. I marked this in red on the screenshot.
from apimanager-swagger-promote.
Hello,
What about the Outbound Per Method-Configuration ? we use it to pass value of attribute calculate during authentification.
PS : I have push a request to Axway to be able to pass "outbound parameters" directly on the simple api outbound configuration and not for all per-methode override.
from apimanager-swagger-promote.
Yes, there are plans to support per Method-Configuration settings as well. Ultimately you will be able to control all aspects of your APIs.
The structure internally has been prepared to support per Method-Settings, so far it was just a matter of time, but it will come.
from apimanager-swagger-promote.
it’s really what we wanted and we don't use the routing to a different Backend-API or API-Method.
from apimanager-swagger-promote.
@cwiechmann makes sense to use the operationID. So for inbound override for a method, would the config file look something like below? In this case, I want the default to be PassThrough but require a KeyId for one of the method.
"securityProfiles": [
{
"name": "KeyIdProfile",
"isDefault": false,
"devices": [
{
"name": "API Key",
"type": "apiKey",
"order": 0,
"properties": {
"apiKeyFieldName": "KeyId",
"takeFrom": "HEADER",
"removeCredentialsOnSuccess": "true"
}
}
]
}
],
"inboundProfiles": {
"_default": {
"securityProfile": "_default",
"corsProfile": "_default",
"monitorAPI": true,
"monitorSubject": "authentication.subject.id"
},
"weatherImagine": {
"securityProfile": "KeyIdProfile",
"corsProfile": null,
"monitorAPI": true,
"monitorSubject": null
}
}
I agree the config file is going to become complex but I'm not sure there's a better way to support this. I am planning on building a GUI for my developers to generate this config file to make their lives easier.
Another thought, why not use the Authorizations
in the Swagger file itself to define the security profiles in API Manager?
from apimanager-swagger-promote.
Delivered with version 1.6.0
from apimanager-swagger-promote.
Hello Chris,
Thanks for this release.
We have tested it and we are face to an issue while the code should is likely to remove the "faultHandlerPolicy"
4342 ERROR APIManagerAdapter| Unable to parse received response from API-Manager: 'Unrecognized field "faultHandlerPolicy"
We actually are in apigw 7.5.3 sp9.
here is the outboundprofile sent by swagger promote to the api manager :
"outboundProfiles": {
"_default": {
"routeType": "proxy",
"requestPolicy": null,
"responsePolicy": null,
"routePolicy": null,
"apiMethodId": null,
"apiId": null,
"authenticationProfile": "_default",
"parameters": []
},
"59c3c863-deb2-4d7e-a9f6-2b3fa221cf40": {
"routeType": "policy",
"requestPolicy": null,
"responsePolicy": null,
"routePolicy": "",
"faultHandlerPolicy": null,
"apiMethodId": "3668f5d7-2671-4d9a-a8cf-30b0b3a4ab5c",
"apiId": "cb94bdb5-0664-4d8c-8c04-7e5cbde76545",
"authenticationProfile": null,
"parameters": [
{
"name": "X-RoutingParams",
"paramType": "header",
"type": "string",
"value": "TokenNameDnsBackend=DNS_API_PUIC;TokenNamePortBackend=PORT_API_PUIC",
"required": false,
"exclude": false,
"additional": true
}
]
}
},
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
And here is the response in Error
0 INFO nvironmentProperties| Trying to load environment properties from file: env.properties ... not found.
1383 INFO APIManagerAdapter| API-Manager version is: 7.5.3 SP9
1491 INFO IImportConfigAdapter| Loading API-Definition from: http://marketing-api-z01.preprod.macif.fr:8080/referentiel-offre-nemo-rest/v2/api-docs
1737 INFO APIManagerAdapter| No existing API found exposed on: '/v2/referentieloffrenemo'
1738 INFO APIManagerAdapter| Strategy: No existing API found, creating new!
1742 INFO APIManagerAdapter| Importing backend API (Swagger/WSDL Import)
2104 INFO APIManagerAdapter| Create API-Proxy (Front-End API)
4264 INFO APIManagerAdapter| Updating proxy for the following properties: securityProfiles outboundProfiles corsProfiles path version name
4341 ERROR APIManagerAdapter| Last request: {"id":"fdf7cd77-e0f4-493d-adad-7259f61756cb","organizationId":"1dd22b79-5654-420f-9ebc-af2ae12e22a2","apiId":"cb94bdb5-0664-4d8c-8c04-7e5cbde76545","name":"API Referentiel Offre Nemo","version":"2.0.0","vhost":"apigw-vip.vt.macif.fr","path":"/v2/referentieloffrenemo","descriptionType":"original","descriptionManual":null,"descriptionMarkdown":null,"descriptionUrl":null,"summary":"","retired":false,"expired":false,"image":null,"retirementDate":0,"deprecated":false,"state":"unpublished","createdOn":1563280577981,"createdBy":"c7ca8f5a-323f-4e3a-bf2a-ae56994af483","corsProfiles":[{"name":"_default","isDefault":"true","origins":["*"],"allowedHeaders":[],"exposedHeaders":["X-CorrelationID"],"supportCredentials":"false","maxAgeSeconds":"0"}],"securityProfiles":[{"name":"_default","isDefault":true,"devices":[{"name":"API Key","type":"apiKey","order":"0","properties":{"apiKeyFieldName":"KeyId","takeFrom":"HEADER","removeCredentialsOnSuccess":"true"}}]}],"authenticationProfiles":[{"name":"_default","isDefault":true,"parameters":{},"type":"none"}],"inboundProfiles":{"_default":{"securityProfile":"_default","corsProfile":"_default","monitorAPI":true,"monitorSubject":"authentication.subject.id"}},"outboundProfiles":{"_default":{"routeType":"proxy","requestPolicy":null,"responsePolicy":null,"routePolicy":null,"apiMethodId":null,"apiId":null,"authenticationProfile":"_default","parameters":[]},"59c3c863-deb2-4d7e-a9f6-2b3fa221cf40":{"routeType":"policy","requestPolicy":null,"responsePolicy":null,"routePolicy":"","faultHandlerPolicy":null,"apiMethodId":"3668f5d7-2671-4d9a-a8cf-30b0b3a4ab5c","apiId":"cb94bdb5-0664-4d8c-8c04-7e5cbde76545","authenticationProfile":null,"parameters":[{"name":"X-RoutingParams","paramType":"header","type":"string","value":"TokenNameDnsBackend=DNS_API_PUIC;TokenNamePortBackend=PORT_API_PUIC","required":false,"exclude":false,"additional":true}]}},"serviceProfiles":{"_default":{"apiId":"cb94bdb5-0664-4d8c-8c04-7e5cbde76545","basePath":"http://marketing-api-z01.preprod.macif.fr:8080"}},"caCerts":[],"tags":{}}
4342 ERROR APIManagerAdapter| Unable to parse received response from API-Manager: 'Unrecognized field "faultHandlerPolicy" (class com.vordel.apiportal.api.portal.model.proxy.OutboundProfiles), not marked as ignorable (8 known properties: "authenticationProfile", "routeType", "apiId", "apiMethodId", "parameters", "routePolicy", "requestPolicy", "responsePolicy"])
at [Source: (org.glassfish.jersey.message.internal.ReaderInterceptorExecutor$UnCloseableInputStream); line: 1, column: 1913] (through reference chain: com.vordel.apiportal.api.portal.model.proxy.VirtualizedAPI["outboundProfiles"]->java.util.LinkedHashMap["59c3c863-deb2-4d7e-a9f6-2b3fa221cf40"]->com.vordel.apiportal.api.portal.model.proxy.OutboundProfiles["faultHandlerPolicy"])'
4342 ERROR RestAPICall| Response: 'HTTP/1.1 400 Bad Request'
4670 INFO RollbackHandler| Rolled back: '[Frontend-API: true, Backend-API: true]'
4671 ERROR App| Cannot update API-Proxy.
com.axway.apim.lib.AppException: Cannot update API-Proxy.
at com.axway.apim.actions.tasks.UpdateAPIProxy.execute(UpdateAPIProxy.java:54)
at com.axway.apim.actions.CreateNewAPI.execute(CreateNewAPI.java:78)
at com.axway.apim.swagger.APIManagerAdapter.applyChanges(APIManagerAdapter.java:141)
at com.axway.apim.App.run(App.java:183)
at com.axway.apim.App.main(App.java:44)
Caused by: com.axway.apim.lib.AppException: Unable to parse HTTP-Response
at com.axway.apim.actions.rest.RestAPICall.parseResponse(RestAPICall.java:73)
at com.axway.apim.actions.rest.PUTRequest.execute(PUTRequest.java:28)
at com.axway.apim.actions.tasks.UpdateAPIProxy.execute(UpdateAPIProxy.java:52)
... 4 more
Caused by: com.axway.apim.lib.AppException: Unable to parse response
at com.axway.apim.actions.tasks.UpdateAPIProxy.parseResponse(UpdateAPIProxy.java:79)
at com.axway.apim.actions.rest.RestAPICall.parseResponse(RestAPICall.java:65)
... 6 more
Caused by: com.axway.apim.lib.AppException: Unable to parse received response from API-Manager
at com.axway.apim.actions.tasks.UpdateAPIProxy.parseResponse(UpdateAPIProxy.java:77)
... 7 more
Caused by: com.axway.apim.lib.AppException: Error updating API-Proxy. [Return-Code: 400, Response: 'Unrecognized field "faultHandlerPolicy" (class com.vordel.apiportal.api.portal.model.proxy.OutboundProfiles), not marked as ignorable (8 known properties: "authenticationProfile", "routeType", "apiId", "apiMethodId", "parameters", "routePolicy", "requestPolicy", "responsePolicy"])
at [Source: (org.glassfish.jersey.message.internal.ReaderInterceptorExecutor$UnCloseableInputStream); line: 1, column: 1913] (through reference chain: com.vordel.apiportal.api.portal.model.proxy.VirtualizedAPI["outboundProfiles"]->java.util.LinkedHashMap["59c3c863-deb2-4d7e-a9f6-2b3fa221cf40"]->com.vordel.apiportal.api.portal.model.proxy.OutboundProfiles["faultHandlerPolicy"])'
at com.axway.apim.actions.tasks.UpdateAPIProxy.parseResponse(UpdateAPIProxy.java:66)
... 7 more
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
here is the java class used :
public class OutboundProfileHandler implements PropertyHandler {
@Override
public JsonNode handleProperty(IAPI desired, IAPI actual, JsonNode response) throws AppException {
ObjectMapper objectMapper = new ObjectMapper();
validateAuthenticationProfiles(desired);
APIManagerAdapter.getInstance().translateMethodIds(desired.getOutboundProfiles(), actual);
if(desired.getOutboundProfiles().size()!=0) {
((ObjectNode)response).replace("outboundProfiles", objectMapper.valueToTree(desired.getOutboundProfiles()));
}
if(APIManagerAdapter.getApiManagerVersion().startsWith("7.5")){
JsonNode outboundProfiles = response.get("outboundProfiles").get("_default");
if (outboundProfiles instanceof ObjectNode) {
ObjectNode object = (ObjectNode) outboundProfiles;
object.remove("faultHandlerPolicy");
}
}
return response;
}
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
from apimanager-swagger-promote.
Can you please remove the null entries from the config file.
I mean things like:
"faultHandlerPolicy": null
from apimanager-swagger-promote.
Chris,
The transaction above is that was created by promote swagger .
here is the config file
"outboundProfiles":{
"_default":{
"authenticationProfile":"_default",
"routeType":"proxy"
},
"pingUsingGET":{
"routeType":"policy",
"routePolicy": "",
"parameters":[
{
"name": "X-RoutingParams",
"paramType": "header",
"type": "string",
"value": "TokenNameDnsBackend=DNS_API_PUIC;TokenNamePortBackend=PORT_API_PUIC",
"required": false,
"exclude": false,
"additional": true
}
]
}
}
from apimanager-swagger-promote.
Yes, understood the issue. The code is actually removing the Fault-Handler for the Default-Profile only! That’s not correct.
Can you maybe create another issue for that dedicated problem?
However I’m afk and can’t fix it for the next 3 weeks. Maybe you can fix it yourself in the meantime. Should be relatively easy to do the same for all profiles instead of default only.
from apimanager-swagger-promote.
Related Issues (20)
- [Feature] Load Stage-Environment properties from given folder HOT 2
- [Feature] Include default log4j.xml in Maven-Artifact HOT 4
- [Feature] Add support to API custom fields/properties HOT 4
- [Feature] ReturnCode-Mapping HOT 1
- [BUG] Unnecessary update of the Proxy leads to 403 for a published API HOT 1
- [Feature] Abort when existing API owned by different organization HOT 2
- [Feature] Summary of published API no longer changeable HOT 1
- [Feature] Support for OAS3 HOT 1
- [BUG] Vhost setting inconsistent behavior HOT 3
- [BUG] Backend base path is not getting replaced for a Swagger 1.2 spec HOT 4
- [BUG] Update Jackson to version 2.9.10.4
- [Help]Need information on swagger file which contains api defnition needed for this process HOT 5
- [BUG]In issue 213, we asked about post processing. Is that fixed? HOT 3
- [BUG] 403 Forbidden when using V-Host
- [BUG] API Method Path gets messed up when the ResourcePath in Swagger matches first part of method path, HOT 7
- [BUG] retirememt date handling is inconsistant between export and import HOT 1
- [BUG] Cannot set Oauth authentication Profile using its name HOT 4
- [BUG] HOT 3
- API export issue HOT 1
- [BUG] doesn't create package rather throws Error locating assembly descriptor HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from apimanager-swagger-promote.