I want to use the Get OAuth Info policy to retrieve info for the token provided in the request header as “Authorization: Bearer {token}”.
The only way I know to accomplish this is to first copy the token to another portion of the request or a custom context variable via a Javascript policy. This is a little frustrating because the regular OAuth policy will pick up the bearer token without any extra effort.
Can the “get oauth info” policy not do the same? Is there a syntax I’m missing? Something like the below (which doesn’t work of course):
<AccessToken ref="request.header.Authorization:Bearer"/>
You could use an ExtractVariables policy before the GetOauthV2Info policy:
<ExtractVariables>
<Headername="Authorization">
<PatternignoreCase="false">Bearer {oauthtoken}</Pattern>
</Header>
</ExtractVariables>
Then use the extracted variable (oauthtoken) as a reference, like so:
<GetOAuthV2Info>
<AccessToken ref="oauthtoken"/>
</GetOAuthV2Info>
2 Likes
That does look like a pretty clean way to do it. But still, I’m wondering if it’s possible without the extra policy.
Putting it properly; there were a few spaces missing in the above:
<ExtractVariables>
<Header name="Authorization">
<Pattern ignoreCase="false">Bearer {oauthtoken}</Pattern>
</Header>
</ExtractVariables>
If i wanted to get this access token in java script how would i pull it,was that request.getVariable(“oauthtoken”) ?
After the given ExtractVariables policy, you would use something like this code in JavaScript:
var token = context.getVariable('oauthtoken');