The authorization tokens provided to our API can be generated from the key:secret pair of developer apps or company apps.
What variables are available in EDGE that can be used to determine if the app accessing the api is a company app or a developer app?
I did two traces, one for a company app and one for a dev app, and downloaded the trace results to compare. The only thing I’ve been able to spot is the availability of a ‘company’ property and a ‘developer’ property.
<Point id="FlowInfo">
<DebugInfo>
<Timestamp>30-09-15 15:23:59:656</Timestamp>
<Properties>
<Property name="Identifier">company</Property>
</Properties>
</DebugInfo>
</Point>
------------------------------------
<Point id="FlowInfo">
<DebugInfo>
<Timestamp>30-09-15 15:26:34:825</Timestamp>
<Properties>
<Property name="Identifier">developer</Property>
</Properties>
</DebugInfo>
</Point>
I’ve added a JavaScript policy (in the pre-flow) to access them:
var dev = context.getVariable('developer');
var co = context.getVariable('company');
if(dev) { // do something }
if(co) { // do something }
And set a context variable accordingly:
context.setVariable('customHeaderValue', bar);
But I’m running into this error when setting the value:
"Access to Java class “com.apigee.steps.oauth.DeveloperAttributesFlowInfo” is prohibited.
I’m not really totally sure if I’m going down the right path. Any guidance?
This seems to work:
var developer = context.getVariable('developer.userName');
var company = context.getVariable('company.name');
if(company){
context.setVariable('foo', 'COMPANY:'+company);
}
else if(developer) {
context.setVariable('foo', 'DEVELOPER:'+developer);
}
else {
context.setVariable('foo', 'UNKNOWN');
}