Reputation: 23
WSO2 ESB Fronting a Rest Service with OAuth token validation - 202 Response
I am experimenting with WSO2 ESB to secure by REST APIs, by following this approach: https://docs.wso2.com/display/ESB480/Securing+REST+APIs
My API configuration:
<?xml version="1.0" encoding="UTF-8"?>
<api xmlns="http://ws.apache.org/ns/synapse"
name="Test"
context="/test">
<resource methods="GET">
<inSequence>
<log level="full">
<property name="STATUS" value="***** REQUEST HITS IN SEQUENCE *****"/>
</log>
<send>
<endpoint>
<http method="get" uri-template="http://localhost:8080/document"/>
</endpoint>
</send>
</inSequence>
</resource>
<handlers>
<handler class="org.wso2.handler.SimpleOauthHandler"/>
</handlers>
</api>
When I remove the handler section, I can see my service being invoked. But when I include the ouath handler, I can see my WSO2 Identity Server receiving the token validation call but the response from ESB is always HTTP 202.
curl -v -X GET -H "Authorization: Bearer UQFffmYViFDxTHfCLOwDpjcX3qXZYQuiJ8EgJ_m-F1V7JTgqb6lbyA8QMT3" http://localhost:8285/document
> GET /document HTTP/1.1
> User-Agent: curl/7.33.0
> Host: 192.168.2.162:8285
> Accept: */*
> Authorization: Bearer UQFffmYViFDxTHfCLOwDpjcX3qXZYQuiJ8EgJ_m-F1V7JTgqb6lbyA8QMT3
>
< HTTP/1.1 202 Accepted
< Date: Fri, 10 Apr 2015 20:44:57 GMT
* Server WSO2-PassThrough-HTTP is not blacklisted
< Server: WSO2-PassThrough-HTTP
< Transfer-Encoding: chunked
Any pointers on what am I missing or how I can debug would be appreciated.
Thank you.
Upvotes: 1
Views: 652
Answers (1)
Reputation: 23
It was in fact issue with my access token. Using the right token worked right. Also OAuth mediator can be used instead of handler.
<api xmlns="http://ws.apache.org/ns/synapse"
name="Test"
context="/test">
<resource methods="GET">
<inSequence>
<log level="full">
<property name="STATUS" value="***** REQUEST HITS IN SEQUENCE *****"/>
</log>
<oauthService remoteServiceUrl="https://localhost:9445/services/" username="admin" password="admin"/>
<send>
<endpoint>
<http method="get" uri-template="http://localhost:8080/document"/>
</endpoint>
</send>
</inSequence>
</resource>
</api>
Upvotes: 0
Related Questions
- OAuth validation fails for valid token in wso2 IS 4.6
- WSO2 HTTP Response
- Validating OAuth2 token in WSO2
- How to Integrate RESTful service in the WSO2 ESB
- WSO2 http endpoint
- Securing Rest API in WSO2 ESB
- Passing Username and Password to a REST API in WSO2 ESB
- WSO2 ESB providing HTTP 202 response on Proxy Service
- How to implement a dummy REST API in WSO2 ESB
- WSO2 API Manager oAuth2 secret_token validation service problems