Using 'me' instead of an ID
- Louis Zelus
Created by Louis Zelus
Nov 15, 2017
1 min read
Loading data...
This pattern allows API users to specify that they want their own records when the back end API expects the ID to be passed.
For the following example:
- the backend expects the request to look like https://backend/students/1234 where 1234 is the student's ID.
- the API will accept request that look like https://api/studata/1.0/students/me
- we will retrieve the student's ID from the user's SSO details, specifically the claim http://wso2.org/claims/pid, using a UCSD custom mediator that puts claims into properties.
There's several slightly different ways we could approach this problem, but for this example we will be using xpath to change the url before it's passed to the backend.
Create the API as per usual:
- context: studata
- version: 1.0
- resource: students/me
- backend: https://backend/
When a request https://api/studata/1.0/students/me by the APIM the incoming URL will be broken down by the APIM into the following parts:
- context: studata
- version: 1.0
- resource: students/me
- REST_URL_POSTFIX: students/me
The REST_URL_POSTFIX holds everything after the context/version and is appended to the backend URL before calling. It's this value that we'll be manipulating in this example.
Sequence to replace me with pid
<sequence xmlns="http://ws.apache.org/ns/synapse" name="studata_v7">
<!-- Transfer the claims from the JWT into context properties -->
<class name="edu.ucsd.its.soa.wso2.esb.ucsd_custom_mediators.ExtractJWTClaims"/>
<!-- Grab the pid claim and move it into a more manageable variable name -->
<property name="pid" expression="get-property('claim:http://wso2.org/claims/pid')"/>
<!-- Replace token 'me' with their PID -->
<property scope="axis2" name="REST_URL_POSTFIX" expression="concat(substring-before($axis2:REST_URL_POSTFIX, '/me'), '/', $ctx:pid)"/>
</sequence>
Upload the above file as an incoming mediation sequence and the API should be ready to use.