Layer7 API Management

Expand all | Collapse all

Using OTK Session - Store to hold identifiers

Jump to Best Answer
  • 1.  Using OTK Session - Store to hold identifiers

    Posted 09-19-2016 06:54 PM

    Hi All.

     

    I am trying to use the "OTK Session - Store" assertion to hold a JSON string that stores some identifiers related to the user of the OAuthToken issued

     

    I then use the "OTK Session Get" assertion to retrieve it from the cache.

    This seems to work, however, when I try and access the session variable using Assertions e.g. ${resp.mainpart} the json has been URL encoded. (Note: resp is a {Message} type)

     

    The ${resp.mainpart} also includes "cache". Here is an example:

    mainpart = {String} " %22UIC%22%3A%229988%22%2C+%22LIBRARY+BAR+CODE%22%3A%22CUI3%22%2C+%22Door+Access+Number%22%3A%2238%22%2C+%22Card+Number%22%3A%2296990400%22%2C+%22STAFFUSERNAME%22%3A%22testuser%22%2C+%22PERSONID%22%3A%927174%22%2C+%22UNIX+UID%22%3A%22187%22%2C+%22USERNAME%22%3A%22testuser2%22%2C+%22Staff+UNIX+UID%22%3A%222***%22 cache "

     

    Does anyone know how I can easily get the JSON string back in its original format so I can get each of the values?

    I can work through it with regex and a for Each assertions but is this neccesary or am i missing something/doing something incorrectly? I would have thought this would be a bit 'cleaner'.

    OR

    Does anyone have any recommendations how I could store these so they are easily retrievable? Perhaps I should store each session value in an individually named cache?

     

    If anyone has any recommendations on this or perhaps another way to achieve this, it would be greatly appreciated.

     

    Many Thanks,

    Paul



  • 2.  Re: Using OTK Session - Store to hold identifiers

    Posted 09-19-2016 07:14 PM

    Hi All.

     

    I had an after thought after posting this and think I have resolved.

     

    I found that there is the Encode/Decode Data assertion which when applied resolves my issue and I am able to get the nicely formatted JSON.

     

    I would still appreciate any further thoughts or advice on this, i.e is this good practice? Perhaps I should encode the json in a JWT to store in the OTK Session Store?

     

    Many thanks,

    Paul



  • 3.  Re: Using OTK Session - Store to hold identifiers
    Best Answer

    Posted 09-25-2016 05:35 AM

    Hi Paul!

     

    The assertion takes any value and URL encodes it. But it does not URL decodes it by itself. That is what you have discovered. You can find an example of how its used in /auth/oauth/v2/authorize/login if OTK is installed. The assertion OTK Session GET is setting the variable resp of type XML. You have to use an xpath assertion to extract the value. And that value has to be URL decoded.

     

    Do this after using OTK Session GET:

    • insert an Evaluate XPath Response assertion
    • select resp as input message
    • configure this alias/namespace combination: ns=http://ns.l7tech.com/2012/11/otk-session
    • use this xpath expression: /ns:found/ns:value/text()
    • configure this variable to be set: xpathSessionValue

    Please note that the assertion will fail if no value can be found! To avoid that use /ns:found/ns:value instead as the xpath expression.

     

    After the xpath assertion use an Encode/Decode Data assertion to URL decode the value. Use xpathSessionValue.result as input variable and sessionValue as output variable. That variable now contains your original value.

     

    So it requires 2 additional assertions to retrieve the value. Now that I am reading what I wrote, it looks like there is space for improvement in the usability.

     

    Nevertheless, I hope this helps,

    Sascha