Retrieving the developer app callback

Google Cloud Apigee
1

I am struggling to retrieve this piece of information. The documentation says I should be able to access it using GetOAuthV2Info by specifying the client id. (or maybe I am misunderstanding what this is saying?)

http://apigee.com/docs/api-services/reference/get-oauth-v2-info-policy

At the point I am trying to access the “redirect_uris” I have also validated OAuthV2 access token with the OAuthV2 policy and VerifyAccessToken operation (I have disabled GenerateResponse and allow continue on error).

I am unable to change the authorization code/access token generation policies to add the callback/redirect_uri as a stored attribute.

Any help figuring out how to get this information would be helpful.

1 Like
2

Hi Jason,

I hope this helps you out. If it doesn’t address your question, please comment back with more details about the problem you’re having.

I think your question has two parts. First, you want to get the Callback URL for a client app using the GetOAuthV2Info policy. Second, you want to populate an access token’s metadata with a custom attribute (the URL).

First part:

This configuration of GetOAuthV2Info will look up the client_id that’s passed in a query parameter and populate variables with data associated with the client app associated with that ID:

<GetOAuthV2Info async="false" continueOnError="false" enabled="true" name="GetV2Info">      

    <DisplayName>GetV2Info</DisplayName>      

    <ClientId ref="request.queryparam.client_id"></ClientId>

</GetOAuthV2Info>

(You don’t have to obtain the client_id from a query parameter, since you just validated the access token you should be able to obtain it from a flow variable, like apigee.client_id. The point is that this policy needs a valid client ID).

When the policy executes, it populates a several variables with information about the client associated with that ID, including the client’s Callback URL, which goes into this variable: oauthv2client.{policy_name}.redirection_uris. For example: {oauthv2accesstoken.SetV2Info.redirection_uris}. The complete list of variables is in the policy doc topic.

Second part:

You can set a custom attribute in an access token’s metadata like this (where the access token is stored in a flow variable called 'apigee.access_token’). I’m setting a custom attribute called ‘mySetUri’ and setting it to a static value, but the value could be obtained from a flow variable as well:

<SetOAuthV2Info async="false" continueOnError="false" enabled="true" name="SetV2Info">      

    <DisplayName>SetV2Info</DisplayName>      

    <AccessToken ref='apigee.access_token'></AccessToken>      

    <Attributes>          

        <Attribute name="mySetUri" ref="">http://helloworld.com</Attribute>      

    </Attributes>

</SetOAuthV2Info>

Finally, you can call an API to Get the OAuth 2 Access token to prove that the custom attribute was added:

Link to the API doc:

http://apigee.com/docs/management/apis/get/organizations/%7Borg_name%7D/oauth2/accesstokens/%7Baccess_token%7D

Partial result of calling that API, showing “mySetUri” was added to the access token:

{

“app”: “083bf35-6851-46dc-935b-532c888f40a”,

“appId”: “083b135-6851-46dc-935b-5328388f40a”,

“attributes”: [

{

“name”: “mySetUri”,

“value”: “http://helloworld.com

}

3

Thank you for the response. The first part is what I was looking for, sorry about the confusion for the second part. How did you do the fancy policy formatting? I am happy to edit this to make it more readable.

Part #1

I was trying something similar to what you describe, and also tried your suggestion, but I am still not getting the callback. I get the other data though. I will outline what I am doing and what I am seeing.

Policies: JavaScript extraction stuff → VerifyAccessToken → GetRedirectInfo → UpdateRequest

I will skip the JavaScript stuff it is just cleaning out headers and extracting access token information and preparing for the next policies.

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>

VerifyAccessToken

false

VerifyAccessToken

extracted_access_token

Then

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>

GetRedirectInfo

Then

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>

UpdateRequest

{oauthV2.VerifyAccessToken.failed} {oauthV2.VerifyAccessToken.fault.name} {oauthv2authcode.GetRedirectInfo.redirect_uri} {oauthv2authcode.GetRedirectInfo.redirect_uris} {oauthv2authcode.GetRedirectInfo.redirect_uris} {oauthv2authcode.GetRedirectInfo.client_id} {oauthv2authcode.GetRedirectInfo.client_secret} {oauthv2authcode.GetRedirectInfo.developer.email} {oauthv2authcode.GetRedirectInfo.developer.app.name} {oauthv2authcode.GetRedirectInfo.developer.id} {accesstoken.user_id} {accesstoken.impersonated_user_id} {accesstoken.roles} {client_id}

true

This results in the following values from UpdateRequest:

X-uTest-Token-Validate-Failed false (correct)

X-uTest-Token-Validate-Failed-Reason (nothing — correct)

X-uTest-User ***** (correct)

X-uTest-Roles ***** (correct)

X-uTest-Client-Id ***** (correct)

X-uTest-Token-Redirect

X-uTest-Token-Redirect2

X-uTest-Token-Redirect3

X-uTest-Token-Redirect4

X-uTest-Token-Redirect5

X-uTest-Token-Redirect6

X-uTest-Token-Redirect7

X-uTest-Token-Redirect8

X-uTest-Token-Redirect9

Above where I am setting the headers I have tried without success the following:

oauthv2authcode.{policy}.variable

oauthv2client.{policy}.variable

oauthv2accesstoken.{policy}.variable

based on information I found here :

http://apigee.com/docs/api-services/reference/get-oauth-v2-info-policy

I tried adding to GetRedirectInfo policy in addition to the client id and also tried the various oauthv2authcode, oauthv2client, and oauthv2accesstoken. With some success if I use oauthv2accesstoken. If I use the oauth2accesstoken I can get the following correct values:

oauthv2accesstoken.GetRedirectInfo.client_id

oauthv2accesstoken.GetRedirectInfo.developer.app.name

oauthv2accesstoken.GetRedirectInfo.developer.email

oauthv2accesstoken.GetRedirectInfo.developer.id

Hopefully this all made sense. If I cut to many corners to describe please let me know where I can add clarity.

Thanks!

4

Hi Jason,

I just tried all the steps you followed, and was successful. Then, I noticed that the problem may be this simple – the variable name you’re after should be oauthv2client.GetV2Info.redirection_uris not “redirect_uris”.

Here’s what I put in AssignMessage:

<Header name="THE_REDIRECT_URI">{oauthv2client.GetV2Info.redirection_uris}</Header>

And I get the expected response header:

THE_REDIRECT_URI: [http://example.com](http://example.com)

I hope this works for you.

I also corrected a typo in the doc, where it incorrectly said Client ID variables are populated when the executes. I think this also caused a little confusion for you. It should read:

Client ID Variables

These variables are populated when the operation executes:

1 Like
5

That did it! Thank you very much. I don’t know when the typo was introduced but thank you for seeing what I did not. And clarifying the appropriate usage of GetOAuthV2Info.

Just as an aside, if I had both AccessToken and ClientId in the policy at the same time you can’t get the redirection_uris out.

1 Like
6

How to pass callback url as a request parameter to documentai api through c# code for processing document.

1 Like