Azure API 使用查询参数获取令牌的管理策略
Azure API Management policy to get token with query parameters
我希望实施 Azure API 银行账户验证管理政策,作为其中的一部分 API 我想调出令牌端点并将其传递到银行账户验证中.我遇到的问题是将入站发送请求策略设置为接受来自 NamedValues/KeyVault.
的查询参数
令牌验证的URL如下:
我尝试使用设置查询参数策略,但根据以下验证错误,发送请求节点内似乎不允许这样做:
Error in element 'send-request' on line 16, column 10: The element
'send-request' has invalid child element 'set-query-parameter'. List
of possible elements expected: 'set-header, set-body,
authentication-certificate, authentication-token,
authentication-token-store, authentication-managed-identity, proxy'.
One or more fields contain incorrect values:;Error in element
'send-request' on line 16, column 10: The element 'send-request' has
invalid child element 'set-query-parameter'. List of possible elements
expected: 'set-header, set-body, authentication-certificate,
authentication-token, authentication-token-store,
authentication-managed-identity, proxy'.
策略
<policies>
<inbound>
<!-- Send request to Token Server to validate token (see RFC 7662) -->
<send-request mode="new" response-variable-name="tokenstate" timeout="20" ignore-error="true">
<set-url>https://apps.applyfinancial.co.uk/validate-api/rest/authenticate</set-url>
<set-method>POST</set-method>
<set-query-parameter name="username" exists-action="override">
<value>{{BankValidationUsername}}</value>
</set-query-parameter>
<set-query-parameter name="password" exists-action="override">
<value>{{BankValidationPassword}}</value>
</set-query-parameter>
</send-request>
<base />
</inbound>
<backend>
<base />
</backend>
<outbound>
<base />
</outbound>
<on-error>
<base />
</on-error>
</policies>
我的问题是如何在 API 策略的发送请求部分设置查询参数?
好的,
您不能在发送请求范围内设置查询参数,但您可以在离子绑定策略中设置。此外,将 KeyVault 托管的命名值拉入变量并以这种方式在请求中使用它们似乎更好。
<policies>
<inbound>
<rewrite-uri template="/" />
<set-variable name="username" value="{{BankValidationUsername}}" />
<set-variable name="password" value="{{BankValidationPassword}}" />
<set-variable name="errorresponse" value="" />
<send-request mode="new" response-variable-name="tokenstate" ignore-error="false">
<set-url>@($"https://apps.applyfinancial.co.uk/validate-api/rest/authenticate?username={(string)context.Variables["username"]}&password={(string)context.Variables["password"]}")</set-url>
<set-method>POST</set-method>
</send-request>
<set-query-parameter name="token" exists-action="override">
<value>@((string)((IResponse)context.Variables["tokenstate"]).Body.As<JObject>()["token"])</value>
</set-query-parameter>
<base />
</inbound>
<backend>
<base />
</backend>
<outbound>
<base />
</outbound>
<on-error>
<set-header name="ErrorSource" exists-action="override">
<value>@(context.LastError.Source)</value>
</set-header>
<set-header name="ErrorReason" exists-action="override">
<value>@(context.LastError.Reason)</value>
</set-header>
<set-header name="ErrorMessage" exists-action="override">
<value>@(context.LastError.Message)</value>
</set-header>
<set-header name="ErrorScope" exists-action="override">
<value>@(context.LastError.Scope)</value>
</set-header>
<set-header name="ErrorSection" exists-action="override">
<value>@(context.LastError.Section)</value>
</set-header>
<set-header name="ErrorPath" exists-action="override">
<value>@(context.LastError.Path)</value>
</set-header>
<set-header name="ErrorPolicyId" exists-action="override">
<value>@(context.LastError.PolicyId)</value>
</set-header>
<set-header name="ErrorStatusCode" exists-action="override">
<value>@(context.Response.StatusCode.ToString())</value>
</set-header>
<base />
</on-error>
</policies>
我希望实施 Azure API 银行账户验证管理政策,作为其中的一部分 API 我想调出令牌端点并将其传递到银行账户验证中.我遇到的问题是将入站发送请求策略设置为接受来自 NamedValues/KeyVault.
的查询参数令牌验证的URL如下:
我尝试使用设置查询参数策略,但根据以下验证错误,发送请求节点内似乎不允许这样做:
Error in element 'send-request' on line 16, column 10: The element 'send-request' has invalid child element 'set-query-parameter'. List of possible elements expected: 'set-header, set-body, authentication-certificate, authentication-token, authentication-token-store, authentication-managed-identity, proxy'. One or more fields contain incorrect values:;Error in element 'send-request' on line 16, column 10: The element 'send-request' has invalid child element 'set-query-parameter'. List of possible elements expected: 'set-header, set-body, authentication-certificate, authentication-token, authentication-token-store, authentication-managed-identity, proxy'.
策略
<policies>
<inbound>
<!-- Send request to Token Server to validate token (see RFC 7662) -->
<send-request mode="new" response-variable-name="tokenstate" timeout="20" ignore-error="true">
<set-url>https://apps.applyfinancial.co.uk/validate-api/rest/authenticate</set-url>
<set-method>POST</set-method>
<set-query-parameter name="username" exists-action="override">
<value>{{BankValidationUsername}}</value>
</set-query-parameter>
<set-query-parameter name="password" exists-action="override">
<value>{{BankValidationPassword}}</value>
</set-query-parameter>
</send-request>
<base />
</inbound>
<backend>
<base />
</backend>
<outbound>
<base />
</outbound>
<on-error>
<base />
</on-error>
</policies>
我的问题是如何在 API 策略的发送请求部分设置查询参数?
好的,
您不能在发送请求范围内设置查询参数,但您可以在离子绑定策略中设置。此外,将 KeyVault 托管的命名值拉入变量并以这种方式在请求中使用它们似乎更好。
<policies>
<inbound>
<rewrite-uri template="/" />
<set-variable name="username" value="{{BankValidationUsername}}" />
<set-variable name="password" value="{{BankValidationPassword}}" />
<set-variable name="errorresponse" value="" />
<send-request mode="new" response-variable-name="tokenstate" ignore-error="false">
<set-url>@($"https://apps.applyfinancial.co.uk/validate-api/rest/authenticate?username={(string)context.Variables["username"]}&password={(string)context.Variables["password"]}")</set-url>
<set-method>POST</set-method>
</send-request>
<set-query-parameter name="token" exists-action="override">
<value>@((string)((IResponse)context.Variables["tokenstate"]).Body.As<JObject>()["token"])</value>
</set-query-parameter>
<base />
</inbound>
<backend>
<base />
</backend>
<outbound>
<base />
</outbound>
<on-error>
<set-header name="ErrorSource" exists-action="override">
<value>@(context.LastError.Source)</value>
</set-header>
<set-header name="ErrorReason" exists-action="override">
<value>@(context.LastError.Reason)</value>
</set-header>
<set-header name="ErrorMessage" exists-action="override">
<value>@(context.LastError.Message)</value>
</set-header>
<set-header name="ErrorScope" exists-action="override">
<value>@(context.LastError.Scope)</value>
</set-header>
<set-header name="ErrorSection" exists-action="override">
<value>@(context.LastError.Section)</value>
</set-header>
<set-header name="ErrorPath" exists-action="override">
<value>@(context.LastError.Path)</value>
</set-header>
<set-header name="ErrorPolicyId" exists-action="override">
<value>@(context.LastError.PolicyId)</value>
</set-header>
<set-header name="ErrorStatusCode" exists-action="override">
<value>@(context.Response.StatusCode.ToString())</value>
</set-header>
<base />
</on-error>
</policies>