3

When invoking a published API with invalid access token, a XML response was got. 900901 Invalid Credentials Access failure for API: /sit/zxq/oapi/ut/1.0, version: 1.0 with key: b645348f2ca7fea5a9cf498e4085a471. Make sure your have given the correct access token

How could we customize such response to following JSON format? { "req_id": "REQ_ENT_1356985018299_9678", "err_resp": { "code": "28001", "msg": "Invalid access token" } }

Thanks and looking forward to your expertise.

lingchen5726
  • 41
  • 3

2 Answers2

0

We've recently done something similar with our API Manager implementation. You can find the fault sequences in /repository/deployment/server/synapise-configs/default/sequences, match on the error code, and provide your own JSON content. You can also use a switch mediator (the fault sequences are just mediation sequences) to return the correct content type for various Accept header values. Just replace the payload written in the fault.xml file with the equivalent JSON content (or as suggested, write a switch to allow the support of both content types).

Kjata30
  • 721
  • 7
  • 20
0

You need to target the error codes from https://docs.wso2.com/display/AM260/Error+Handling and update it to your custom JSON messages. For auth token related errors try modify _auth_failure_handler_ as below:

<sequence name="_auth_failure_handler_" xmlns="http://ws.apache.org/ns/synapse">
<property name="error_message_type" value="application/json"/>
<filter source="get-property('ERROR_CODE')" regex="405">
  <then>
      <sequence key="converter"/>
      <drop/>
  </then>
  <else>
  </else>
</filter>
<filter source="get-property('ERROR_CODE')" regex="900901">
    <then>
        <sequence key="invalidCredential"/>
        <drop/>
    </then>
    <else>
    </else>
</filter>
<filter source="get-property('ERROR_CODE')" regex="900902">
    <then>
        <sequence key="missingCredential"/>
        <drop/>
    </then>
    <else>
    </else>
</filter>
<sequence key="_cors_request_handler_"/>

For your case Invalid Credential has a 900901 code , so it will match and need to define invalidCredential.xml as below :

<?xml version="1.0" encoding="UTF-8"?>
<sequence xmlns="http://ws.apache.org/ns/synapse" name="invalidCredential">
    <payloadFactory media-type="json">
        <format>{ "req_id": "REQ_ENT_1356985018299_9678", "err_resp": { "code": "28001", "msg": "Invalid access token" } </format>
    <!--Add your custom message and format here. This will be your output-->
    </payloadFactory>
    <property name="RESPONSE" value="true"/>
    <header name="To" action="remove"/>
    <property name="HTTP_SC" value="401" scope="axis2"/>
    <property name="messageType" value="application/json" scope="axis2"/>
    <send/>
</sequence>
crystalthinker
  • 1,200
  • 15
  • 30