Unable to create an API having Policy Templates other than default using PAPI

book

Article ID: 130098

calendar_today

Updated On:

Products

CA API Developer Portal CA API Gateway

Issue/Introduction

We created custom policy templates:  GetRequestHeaders, SetPortRestriction, SetResponseHeaders to be added as a policy template. When developer uses PAPI to deploy new API get the following error: 


{"error": {
"code": "ValidationException",
"message": {
"lang": "en",
"value": "The request could not be completed due to data input errors."
},
"detail": {
"errorCode": "483",
"devErrorMessage": "The request could not be completed due to data input errors.",
"userErrorMessage": "The request could not be completed due to data input errors.",
"userErrorKey": "error.validation.entity",
"validationErrors": [
{
"field": "ApiEula",
"error": "API Eula referenced doesn't exist.",
"key": "error.apiApiEulaNotExists"
},
{
"field": "PolicyTemplateArguments",
"error": "Cannot save Portal Published API with mismatch of Policy Template arguments compared to Gateway Policy Template.",
"key": "error.api.gateway.policytemplate.arg.mismatch"
}
]
}
}}



Problem facing was related to the endpoint POSTING to
/tenantname/Apis
This reference is for the 1.0 version which did not support multiple templates 

The current endpoint is:
/tenantname//2.0/Apis
Supports multiple policy templates also has different format for payload 
 

Environment

Portal 4.2

Resolution

[INSTRUCTION]
=============
Step 1 Create custom policy template 
  • Created Policy add logic for service getRequestHeaders
  • Set as Portal Publisher Fragment 
  • Create Encapsulated Assertion
Click link for more details related to policy template

Step 2 Check that the Policy Template is available in the Portal review API look under “Proxy Configuration”
 

<Please see attached file for image>

Portal Templates
Step 3 Retrieve the UUID for the APIEulas from the portal
This can be done in API Explorer, SoapUI, or Postman 

API Explorer example:
  • Access Portal Tenant: https://tenant4.support.local/admin/
  • Click “Portal API” this will take you to Admin Portal (example: https://apim.support.local/admin)
  • API Pull down select “Portal API (tenant4)
  • Portal API (Tenant4) click “ApisAulas: API Enf usericenseAgreement operation”
  • Click GET /ApiEulas, then submit (Take down the UUID)

<Please see attached file for image>

APIEulas


Step 4  Retrieve the Policy template info (UUID of the policy objects)
This can be done in API Explorer, SoapUI, or Postman 

API Explorer example:
  • Access Portal Tenant: https://tenant4.support.local/admin/
  • Click “Portal API” this will take you to Admin Portal (example: https://apim.support.local/admin)
  • API Pull down select “Portal API (tenant4)
  • Portal API (Tenant4) click “Apis: API operations” 
     

<Please see attached file for image>

Explore_APIS

Navigate down to GET /policyTemplates
Click Submit
This will use the API key and Shared Secret to return all the info related to the Policy Template - suggest coping the Response body to text editor (from here you have the UUID and arguments

Postman example, first need to get access_token

CURL: 

c:\curl --insecure -X POST -d "username=tenant4%5cadmin&password=7layer&grant_type=password&client_id=53f1d4d58cd34181b63dc59589e18515&client_secret=52ecc9a73dbb4ebb81fa783952128ebe" https://apim-ssg.support.local:9443/auth/oauth/v2/token

json return: 

{
  "access_token":"09174147-3ef9-4613-88b8-0f328e17c6b0",
  "token_type":"Bearer",
  "expires_in":3600,
  "refresh_token":"a0c8f961-422e-4b07-934f-c32360a7bfa3",
  "scope":"oob"}

Postman/SoapUI:
Call #1 to receive OAuth Token:

Method: POST
Endpoint: https://{{ PAPI_PORTAL_TSSG }}:9443/auth/oauth/v2/token
Endpoint Example: https://apim-ssg.support.local:9443/auth/oauth/v2/token


Query Parameters (Get values from the Application for PAPI details in API Explorer):
client_id = 53f1d4d58cd34181b63dc59589e18515
client_secret = 52ecc9a73dbb4ebb81fa783952128ebe
grant_type = client_credentials


Headers:
Content-Type = application/x-www-form-urlencoded


Response #1 will look like:
{
  "access_token": "af5dfa2b-bf96-4e7a-a635-e928f56adaf7",
  "token_type": "Bearer",
  "expires_in": 3600,
  "scope": "oob"
}


Call #2 to PAPI endpoint, example to List APIs:
Method: GET
Endpoint Template: https://{{ PAPI_PORTAL_TSSG }}:9443/{{ papi_tenant_id }}/2.0/Apis
Endpoint Example: https://apim-ssg.ca.com:9443/tenant2/2.0/Apis


Headers:
Authorization = Bearer af5dfa2b-bf96-4e7a-a635-e928f56adaf7

Launch Postman
GET for Policy Templates: https://apim-ssg.support.local:9443/tenant4/policyTemplates
Authorization use the access_token from curl results as followed 

<Please see attached file for image>

Postname1
 
 

Data contained in the Body:

<Please see attached file for image>

postname-body
 

Step 5: To build the payload for multiple/custom policy temples need to do a get on /2.0/Apis NOT /Apis (this is old with different structure) to understand json structure

NOTE: there is no swagger for Get /2.0/Apis need to use a tool like Postman 

<Please see attached file for image>

postname-2.0 apis


       "PolicyEntities": {
            "results": [
                {
                    "PolicyEntityUuid": "172594b6-18ba-4b0c-8d61-807db457e81d",
                    "PolicyTemplateArguments": {
                        "results": []
                    }
                }
            ]

Step 6: Build Payload (structure)
Two templates in this example: 
  • Custom getRequestHeaders
  • Quota by Month
getRequestHeaders:

        {
            "uuid": "30a6d908-497b-4336-b25e-bf2c0e31f5be",
            "encassId": "35df6c7e5522c546d000161fbf78ffea",
            "name": "getRequestHeaders",
            "description": "",
            "policyGuid": "6c113c5e-6811-4270-b00a-d5eb4eadb83b",
            "fragmentDetails": {
                "hasRouting": false,
                "parsedPolicyDetails": ""
            },
            "arguments": [],
            "default": false
        }


Quota by Month:

        {
            "uuid": "952820cd-9454-458b-92e1-3c45bdb7a6aa",
            "encassId": "3322031b114b9ab1ed3b2fdb6f575424",
            "name": "Quota by Month",
            "description": "Quota by Month",
            "policyGuid": "9821aceb-20c8-4f54-a056-fced22834530",
            "fragmentDetails": {
                "hasRouting": false,
                "parsedPolicyDetails": ""
            },
            "arguments": [
                {
                    "name": "quotaHitsPerMonth",
                    "type": "int",
                    "label": "Hits (max: 2000000000) *"
                }
            ],
            "default": false
        },

       
Final payloaded using the UUIDs for both templates and arguments 

{
  "Name": "My Swagger Petstore 69",
  "Version": "1",
  "ApiEulaUuid": "bcb5798d-1cc8-40f3-a443-887db30c24af",
  "PrivateDescription": "",
  "Description": "This is a sample server Petstore server. You can find out more about Swagger at [http://swagger.io](http://swagger.io) or on [irc.freenode.net, #swagger](http://swagger.io/irc/). ",
  "SsgUrl": "PetStore_69",
  "PolicyEntities": {
    "results": [
                      {
                    "PolicyEntityUuid": "30a6d908-497b-4336-b25e-bf2c0e31f5be",
                    "PolicyTemplateArguments": {
                        "results": []
                    }
                },
                                {
                   "PolicyEntityUuid": "952820cd-9454-458b-92e1-3c45bdb7a6aa",
                    "PolicyTemplateArguments": {
                        "results": [
                            {
                                "ApiUuid": "{{GENERATED_UUID}}",
                                "Name": "quotaHitsPerMonth",
                                 "Value": "0",
                                 "Label": "Hits (max: 2000000000) *",
                                 "Type": "int",
                                 "PolicyTemplateUuid": "952820cd-9454-458b-92e1-3c45bdb7a6aa"
                            }
                            ]
                        }
                }
    ]
  },
  "AuthenticationType": "NONE",
  "AuthenticationParameters": "{}",
  "ApiLocationUrl": "https://petstore.swagger.io/v2/70",
  "Uuid": "{{GENERATED_GUID}}"
}

Step 7: Validate new API and it’s templates:

<Please see attached file for image>

Deployed

Attachments

1558688103880000130098_sktwi1f5rjvs16fi3.png get_app
1558688101984000130098_sktwi1f5rjvs16fi2.png get_app
1558688100150000130098_sktwi1f5rjvs16fi1.png get_app
1558688098212000130098_sktwi1f5rjvs16fi0.png get_app
1558688096098000130098_sktwi1f5rjvs16fhz.png get_app
1558688094135000130098_sktwi1f5rjvs16fhy.png get_app
1558688091090000130098_sktwi1f5rjvs16fhx.png get_app