edgemicro authorization validation via queryparam

anonymous · August 21, 2017, 8:51am

We are trying to validate authorization via a query string OR the header for edgemicro.

I have changed the OoB oauth plugin as below:

if ((apiKey = reqUrl.query['cid']) || (apiKey = req.headers[apiKeyHeaderName])) {
 exchangeApiKeyForToken(req, res, next, config, logger, stats, middleware, apiKey);

By changing like above, i could get success for 1 API tried till now but majority shows 403 Forbidden.

Could anyone please help me understand on what could cause this.

current nodejs version is v7.6.0

current edgemicro version is 2.3.5

Thanks.

anonymous · August 21, 2017, 3:27pm

I do not recommend changing the OOTB plugin with custom logic. If you are writing custom logic, create a fork/new plugin.

A second simpler method is to write a custom plugin (and add it before the OAuth plugin) that looks for a query param, removes it and adds it to the header. The OAuth plugin will anyway look for it in the header.

Topic		Replies	Views
Both apikey and oauth in Edge micro Apigee api-runtime	10	0	January 30, 2017
Microgateway working even without Oauth token in header Apigee api-runtime	6	2	January 24, 2018
Microgateway api key does not work, although OAuth does Apigee api-runtime	2	3	February 21, 2018

edgemicro authorization validation via queryparam

AI Suggested topics