I have so far seen no online resources to invoke a AWS API gateway API from APIGEE. I always get the following when i trace
{
"fault": {
"faultstring": "The Service is temporarily unavailable",
"detail": {
"errorcode": "messaging.adaptors.http.flow.ServiceUnavailable"
}
}
I have followed the following resource from APIGEE webinars here link
and was unsuccessful.
You can put your API invocation endpoint in API Gateway as target endpoint in APIGEE like a HTTP proxy.
Doing a callout to the AWS api is tricky because you'll need to generate an access token.
It might be easier to orchestrate that in a JavaScript callout to make the call (so you can calculate headers and your SHA keys) then set the token as a flow variable and do your callouts from there.
In terms of API Gateway integration, at a minimum the APIGEE client will need to be configured to:
Support SNI
Sign the request with AWS SigV4 if "AWS_IAM" auth is enabled for the API method
SSL handshake failures are often a result of missing SNI support in the client.
Any APIGEE implementation specifics may be better fielded by APIGEE support.
Cheers,
Ryan
For Apigee, if you are on the Free plan there is no SNI support. So if you are trying to make an HTTPS request it won't happen, you'll need to upgrade your account to make it work.
You can find more details from Apigee here: https://community.apigee.com/questions/9237/apigee-proxie-with-amazon-gateway-api-503-service.html
Related
I want to use Firebase Remote Config API via REST in a mobile app. Due to technical limitations, I can't use the Android/iOS SDK so I have to resort to the REST API.
However, that API requires authentication using a private key -- obviously I can't include that key in the application.
I don't need any other Firebase service at this time, just the remote config.
How can I work around this limitation? I tried following the guide at https://firebase.google.com/docs/remote-config/use-config-rest, but as mentioned it requires to first generate a short-lived OAuth2 token using the auth API.
According to the documentation on using the Remote Config REST API:
This document describes how you can use the Remote Config REST API to read and modify the set of JSON-formatted parameters and conditions known as the Remote Config template.
So the REST API is for modifying Remote Config variables, the type of action you could also do in the Firebase console. It is not for use in regular clients, which consume the configuration variables. For that you'll have to use one of the provided clients, as there is no REST API and the wire protocol is not documented.
We plan to have a REST API exposed by Apigee Edge. The client-facing endpoints will be managed by Apigee. Another REST service will be hosted behind the Apigee. When the Apigee endpoint is invoked, we plan to store the request in Kafka so that it can be processed asynchronously. After the server has processed it, we intend to Push a message to the client application that made the request.
Is this a common practice?
Does Apigee have a feature to remember the client such as its websocket so that the notification can be pushed?
First and foremost, Apigee is a Gateway for synchroneous APIs. There is no default way to do "come back" to a request that has been processed earlier. So: No, this is not common practice.
A more common practice would be to add an asynchroneous callout to "another REST service behind Apigee", meaning that Apigee returns a response immediately without waiting for the target to complete. That backend service would then implement the callback on its own, possibly via some other Apigee proxy.
In your specific case, the pattern you're implementing is basically a message queue, utilizing Kafka as the message broker. In such patterns, it's best practice to have the message receiver send a reply message as soon as it finished its work.
Regarding websockets, Apigee doesn't support it at the moment (see https://community.apigee.com/questions/60513/apigee-as-websocket-proxy.html).
I'm developing an application following quite closely Feldman Elm SPA example with the API hosted on AWS API Gateway. My problem is the following:
I need to sign my API calls with AWS API Signature v4. It is a less trivial task than I initially thought in Elm:
There is no Elm AWS signature package, so I naturally looked at JS libraries to use via Ports.
Option 1: Use AWS Amplify API that does all the job => But then how to process the result in the most Elm-esque way (ideally with RemoteData).
Option 2: Use a third-party JS library just to sign the request forged by Elm Http.request and send send/process the HTTP request via Elm => So far I found only buggy implementations of AWS Sigv4, I would prefer an official implementation anyway.
In the 2 cases, I'm stuck with the Main Parent / Page Children communication: I can send the request 1) or 2) via Port from the Child. But then, how to can the Child receive the response to his request? Indeed, all responses go into Elm via the same port subscription. Do I need to 'tag' the outgoing requests and then dispatch the response based on the tag? But it will look horrible and won't scale well.
Please note that it is a question about App pattern and architecture. It is not a basic question about Elm Ports (I already successfully call the API from Elm).
Any recommendations or pointers appreciated. Thanks!
Additional info about my setup (following the first comment)
I follow the AWS best practices (scenario #3 Access Resources with API Gateway and Lambda with a User Pool)
Front-end App users are managed by:
Cognito User Pool (signup, sign-in, etc...)
Cognito Identity Pool (map users with IAM role to access AWS resources, including the API Gateway)
Back-end is Serverless: API Gateway + Lambda functions
API Gateway: Lambda proxy integration + Authorization = IAM => this requires the AWS Signature
I don't use API keys because:
I don't want to provide any access to the back-end to unauthenticated users
I need to identify the user from the request headers
I don't want to rely on long-term secrets for authentication on client side
I am trying find answers for few questions regarding wso2.
Does wso2 api gateway accept encrypted json message and have the capability to decrypt?
Does wso2 api gateway capable to call 2 Apis in a sequence? eg: can api gateway call Api1 and depending on the response call Api2.
I am not able to find these in any of the documentation. Kindly suggest.
Yes.
Both of your requirements are possible with mediation sequences. You can implement the sequence as per your requirement and deploy them in APIM gateway.
Please refer the following documentation for,
Message mediation https://docs.wso2.com/display/ESB500/Mediating+Messages
Dynamic Endpoints https://docs.wso2.com/display/AM210/Working+with+Endpoints
Adding mediation sequence to your API. https://docs.wso2.com/display/AM210/Adding+Mediation+Extensions
Does anyone know if there are any CalDav web clients or even any client libraries that will connect to the Google Calendar CALDAV API/server (we the recent oAuth2 additions)? We want to do this so that Google calendars can be managed in a standard way, and embedded in our own application.
One possible library is gaye/dav on github. It was initially written for Firefox OS and provides support for an OAuth2 transport.
That aside, adding OAuth2 support to any other existing library is probably not that hard. When you know it is a Google CalDAV server, do the OAuth exchange to get the access token. Then, if the library has a hook (or a function that can be monkeypatched) that runs just before a request is sent, set the request header Authorization: Bearer <oauth access token> with each request.