API Connect

API Connect

Join this online group to communicate across IBM product users and experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only

  • 1.  Custom Error in UnauthorizedError in API Connect

    Posted Mon November 21, 2022 04:00 PM
    Hello.  API Connect 10 lovers.

    I need customize Errors when unautherized client access. But In the documentation Error cases supported by assembly catches  is not supported UnauthorizedError, I tried to capture, but without success. 

    In catch I tried this.

    catch:
        - errors:
                 - UnauthorizedError
          execute:
               - gatewayscript:
                    ..... some code ...
                context.message.header.set('Content-Type', "application/json");
                context.message.body.write(json);


    ------------------------------
    Oscar Gonzalez
    ------------------------------


  • 2.  RE: Custom Error in UnauthorizedError in API Connect

    Posted Mon November 28, 2022 10:25 AM

    Hi Oscar,

    This would need to be done in a post error global policy.  Where is the catch that you referenced above?

    Regards,

    Steve



    ------------------------------
    Steve Linn
    Senior Consulting I/T Specialist
    IBM
    ------------------------------

    Original Message


  • 3.  RE: Custom Error in UnauthorizedError in API Connect

    Posted Tue September 12, 2023 10:51 AM

    HI Steve, 

    we are trying to send custom error in Apic v10, so we used  error global policy, but the catch is not triggering. But I can see the config in Datapower API Collections main rule catch.

    I don't see any errors related to policy or xslt . this xslt is working in the assembly if i put throw action and define catch with the same xslt.

    As of now now its configred with error global policy, but we get the default apic error from api, instead of gloabl error policy error.

    global-policy: 1.0.0
     
    info:
      name: sample-error-policy
      title: Sample Error Policy
      version: 2.0.0
     
    gateways:
      - datapower-api-gateway
     
    assembly:
      catch:
        - errors:
            - ConnectionError
            - UnauthorizedError
            - BadRequestError
            - ForbiddenError
            - SOAPError
          execute:
            - xslt:
                version: 2.0.0
                title: xslt
                input: true
                source: >-  
                   <! Sime xslt to send custom message based on the error codes>


    ------------------------------
    pratap vadlapati
    ------------------------------

    Original Message


  • 4.  RE: Custom Error in UnauthorizedError in API Connect

    Posted Tue September 12, 2023 11:03 AM

    Hi Pratap,
    Is this the case for the Connection and SOAP Errors too, or just the UnauthorizedError for example?   There is an open issue for OAuth API requests that OAuth errors of any type are not caught by the global post-error policy.   I'd suggest enabling debug logging on your DataPower apiconnect domain, run a transaction, and then you should be able to (tediously) follow the many logs and match up with the assembly flow to find the error and the invocation (or non-invocation) of the post-error  catch logic.  If OAuth related, you should open a PMR.
    Best Regards,
    Steve



    ------------------------------
    Steve Linn
    Senior Consulting I/T Specialist
    IBM
    ------------------------------

    Original Message


  • 5.  RE: Custom Error in UnauthorizedError in API Connect

    Posted Thu September 14, 2023 01:28 PM

    Hi Steve,

    I couldn't find the logs yet, 

    ideally we need to capture 

              ConnectionError
            - UnauthorizedError
            - BadRequestError
            - ForbiddenError

    Do we need to use trow action in API assembly to invoke Global-error-policy ? if yes how will be able to handle 400 params missing error(as below), Bcoz it not available in assembly to throw.

    {

    "httpCode": "400",

    "httpMesage": "Bad Request",

    "moreInfo": "One or more required API paramenters are missing in the API request"

    }



    ------------------------------
    pratap vadlapati
    ------------------------------

    Original Message


  • 6.  RE: Custom Error in UnauthorizedError in API Connect

    Posted Mon September 18, 2023 09:36 AM
    Edited by Steve Linn Mon September 18, 2023 10:36 AM

    Hi Pratap,
    The global error policy will catch uncaught errors.  This could be from an UnauthorizedError which is done in the preflow assembly, an error in your API assembly, for example, an invoke policy with stop-on-error for ConnectionError, or a throw policy encountered for whatever you named the error.  There is an issue for OAuth request errors not being catchable, so for example, if your API security required was for a clientId and clientSecret which fails, you should be able to catch the UnauthorizedError from that exception, but if your API security requirement was for OAuth, that exception would not be catchable.  Is the latter your issue?

    As for the BadRequestError where you are missing a required parameter, I did a simple test case and looked at the DataPower logs

    20230918T133437.274Z [0x88c00023][apigw][error] apigw(apiconnect): tid(36812848)[request][w.x.y.z] gtid(196c5565650851ed0231b830): Assembly rule 'default-assembly-rule-global' is interrupted: One or more required API parameters are missing in the API request..
20230918T133437.274Z [0x88c00024][apigw][info] apigw(apiconnect): tid(36812848)[request][w.x.y.z] gtid(196c5565650851ed0231b830): Cannot find the assembly error rule for 'APIRuleError'.
20230918T133437.274Z [0x88c001e0][apigw][info] apigw(apiconnect): tid(36812848)[request][w.x.y.z] gtid(196c5565650851ed0231b830): #^R5^A1:swlinnorg^A2:sandbox^A3:^A4:^A5:^A6:^A7:test-required-param^A8:1.0.0^A9:https://w.x.y.z:7444/swlinnorg/sandbox/test-required-param/path-1^AA:GET^AB:^AC:^AE:^AF:^AG:^AN:^AO:w.x.y.z^AP:result^AQ:default-api-result^AR:2.0.0^AS:^AT:1^AU:request^AW:^AX:^B6:1^B7:^B8:^BB:0^BC:^BD:^BE:1^BF:0#^
20230918T133437.274Z [0x88c001db][apigw][debug] apigw(apiconnect): tid(36812848)[request][w.x.y.z] gtid(196c5565650851ed0231b830): Response Code: 400 Bad Request

    Notice that although the HTTP response code is set to a 400 Bad Request, the actual error thrown is APIRuleError.  Add a catch for that exception to resolve that issue.
    Best Regards,

    Steve



    ------------------------------
    Steve Linn
    Senior Consulting I/T Specialist
    IBM
    ------------------------------

    Original Message