Reputation: 10214
Why is Google api gateway not passing my query parameter to my cloud function?
TLDR - moved from one query param (api key) to two in my google api gateway config and it only accepts the first one in the url
Seems like this should be easy, but it's not working. I create a google cloud function with some hardcoded params, deployed it, and put it behind an google api gateway with an api key for auth. Everything worked great. (I was basically following https://cloud.google.com/api-gateway/docs/secure-traffic-console.)
https://GATEWAY_URL/hello?key=API_KEY works. Without a valid api key, I get unauthorized, as desired.
Now I want to add another query param as an input to my cloud function. A small step, one would think. I updated the function so it requires the param, and everything works in the cloud console. Thus, I believe the problem lies with the gateway. But when I update the gateway's config for the additional param, it shows this unexpected behavior:
curl https://GATEWAY_URL/hello?key=API_KEY&foo=bar => internal server error due to foo qp not being passed to cloud function (confirmed in cloud function's logs). This should work, because the qp is there. So gateway did not pass foo=bar to cloud function.
curl https://GATEWAY_URL/hello?foo=bar&key=API_KEY => unauthorized. I feel this should be no different from the previous. Leads me to believe only one QP is being allowed, or perhaps using an api key in query creates undocumented limitations for other path operations' parameters.
The config I have been wrestling with is shown below. I have tried adding the api key to the list of params (no change), I have tried changing the x-google-backend params, and I am not sure what else to try. New section is marked with + symbols in left column
# openapi2-functions.yaml
swagger: "2.0"
info:
title: hello-world test
description: A description
version: 1.0.0
basePath: /v1
schemes:
- https
paths:
/search-predict:
get:
operationId: hello-world
summary: Returns a hello
x-google-backend:
address: https://redacted.cloudfunctions.net/hello-world-1
produces:
- application/json
security:
- api_key: []
+ parameters:
+ - name: foo
+ in: query
+ description: assdasd
+ required: true
+ type: string
responses:
200:
description: OK
securityDefinitions:
# This section configures basic authentication with an API key.
api_key:
type: "apiKey"
name: "key"
in: "query"
Upvotes: 1
Views: 672
Answers (1)
Reputation: 75970
To achieve that, you must indicate to API Gateway to append the source data to the address, like this:
x-google-backend:
address: https://us-central1-genai-proof-of-concept.cloudfunctions.net/hello-world-1
path_translation: APPEND_PATH_TO_ADDRESS
More details here
Upvotes: 0
Related Questions
- Google API Gateway: Provide API key in header
- Google Cloud API Gateway API Key Authentication Not Working
- GCP: Calling a Cloud Function via API Gateway using a Google ID received from 'Sign In With Google for Web'
- Google API Gateway OpenApi Swaagger 2.0 to CloudRun Parameter configured for Path turns out in query instead of path
- Google Cloud API Gateway User Authentication
- How to initialize a Google BigQuery Client within a Cloud Function using the JWT of a service account passed by API Gateway to the Cloud Function
- Google API Gateway - streaming data in response
- passing path parameter in google endpoints to backend not working