Layer7 API Management

 View Only
  • 1.  Routing oauth1 request to oauth1 API endpoint

    Posted Nov 13, 2019 06:24 PM
    Hi,

    I am new to API Gateway. What we have so far are purely "passthrough" routing policies, no fancy assertion before routing assertion. Now I have a need to add new policy for an endpoint that provide APIs using authorization authentication namely OAuth 1.0. I am not expert with that application nor am I expert in API Gateway or OAuth but if I understand our setup correctly the endpoint has OAuth 1.0 server installed and I was successful in getting the access token and secret hitting the OAuth server's APIs directly (going through the 3 steps process of request, authorize and access) and so we need API Gateway to allow requesting, authorizing and finally granting access token and allowing request with access token to get to the endpoint resource. I have no clue what I need on the policy but created one with just generating of OAuth signature base string assertion and then routing assertion with OAuth 1.0 authorization. I used either SOAPUI or Postman client and gets Error 400 - Invalid header name. 

    Does anyone has a sample policy to share for achieving the basic action of allowing authorization request and responding access token etc? Or if my basic policy is on the right track what is it that I am not configuring to get the policy to work?


  • 2.  RE: Routing oauth1 request to oauth1 API endpoint
    Best Answer

    Posted Jan 16, 2020 03:12 AM
    Edited by Christopher Hackett Jan 21, 2020 11:38 AM
    NOTE : You must have OTK toolkit installed.

    If you install OTK 3.x (example exist for version 1 of Oauth)
    https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-api-management/api-management-oauth-toolkit/3-5/apis-and-assertions/apis/oauth-validation-point-ovp-api.html

    However v1 is not available in version 4.x 

    If you install the OTK toolkit 4.x (you will have a sample client you can access  YOURGWURL/oauth/v2/client/authcode)
    https://techdocs.broadcom.com/content/broadcom/techdocs/language-masters/en/ca-enterprise-software/layer7-api-management/api-management-oauth-toolkit/4-3/apis-and-assertions/oauth-client-assertions.html
    You can use Retrieve OAuth 1.0 Token Properties



  • 3.  RE: Routing oauth1 request to oauth1 API endpoint

    Posted Jan 16, 2020 03:20 AM
    If you are using a third party Oauth function you can just provide the OAUTH access_token in your Routing Policy 
    --- Basically after some sort of authentication you can Retrieve the Oauth 1.0 access_token using Retrieve option
    --- This save it in a variable called oauth.auth_token(hover over the policy to the get the exact name)
    --- Use that to access the Backend Service with version 1 selected as Authentication Scheme