Merge pull request #56 from gfchaves/gfchaves/LoopbackRequestWithHostHeader

ADD: new policy example for loopback call, also with update on readme.md

Author: vladvino

examples/Loopback request for service at same API Management service.xml

@@ -0,0 +1,40 @@
+<!--
+    Send request for a service hosted at same API Management service that is deployed with a virtual network
+
+    This policy will ensure that your API Management service instance knows how to redirect the request into a service that is hosted on the same API Management service instance when is deployed with a virtual network.
+	
+	Ensure that you add/set a HOST header with API Management service's domain for the request that could be redirected back into the same API Management service instance.
+	
+	Subcription key is retrived from the original request to be forward into the new request. Save the new request result into a variable to return after request.
+
+    Maintainer: @gfchaves
+-->
+<policies>
+	<inbound>
+		<base />
+		<set-variable name="subscriptionKey" value="@(context.Request.Headers.GetValueOrDefault("Ocp-Apim-Subscription-Key=""","scheme="" param="""))" />
+		<send-request mode="new" response-variable-name="requestResponse" timeout="300" ignore-error="false">
+			<set-url>https://localhost/{your API Management service endpoint url}</set-url>
+			<set-method>GET</set-method>
+			<set-header name="content-type" exists-action="override">
+				<value>application/json</value>
+			</set-header>
+			<set-header name="HOST" exists-action="override">
+				<value>{your API Management service domain}</value>
+			</set-header>
+			<set-header name="Ocp-Apim-Subscription-Key" exists-action="override">
+				<value>@($"{(string)context.Variables["subscriptionKey"]}")</value>
+			</set-header>
+		</send-request>
+		<return-response response-variable-name="requestResponse" />
+	</inbound>	
+	<backend>
+		<base />
+	</backend>
+	<outbound>
+		<base />
+	</outbound>
+	<on-error>
+		<base />
+	</on-error>
+</policies>

examples/README.md

@@ -34,3 +34,4 @@ Overview
 | <a href="Look up Key Vault secret using Managed Service Identity.policy.xml">Look up Key Vault secret using Managed Service Identity</a>                                           | Look up and use a Key Vault secret using Managed Service Identity   |
 | <a href="Look up Key Vault certificate using Managed Service Identity and call backend.policy.xml">Look up Key Vault certificate using Managed Service Identity</a>                                           | Look up and use a Key Vault certificate using Managed Service Identity and call the backend using it as a client certificate   |
 | <a href="Return HTTP 405 if the HTTP Method of the request is not defined.xml">Return HTTP 405 if the HTTP Method of the request is not defined</a> | Use this policy to translates the HTTP status code from 404 to 405 when the HTTP Method of the request doesn't match the one defined in the corresponding Operation. |
+| <a href="Loopback request for service at same API Management service.xml">Loopback request for service at same API Management service</a> | Use this policy to ensure that you can perform a request on a service that is hosted at the same API Management service instance deployed with a virtual network. |

policy-expressions/README.md

@@ -1,112 +1,112 @@
-# Common policy expressions
-This cheat-sheet contains common policy expressions that are often used when authoring Azure API Management policies.
-
-## Interact with HTTP headers
-
-**Get HTTP header**
-```c#
-context.Request.Headers.GetValueOrDefault("header-name","optional-default-value")
-```
-**Check HTTP header existence**
-```c#
-context.Request.Headers.ContainsKey("header-name") == true
-```
-**Check if HTTP header has expected value**
-```c#
-context.Request.Headers.GetValueOrDefault("header-name", "").Equals("expected-header-value", StringComparison.OrdinalIgnoreCase)
-```
-## Interact with URI parameters
-
-**Get URI parameter**
-```c#
-context.Request.MatchedParameters.GetValueOrDefault("parameter-name","optional-default-value")
-```
-**Check URI parameter existence**
-```c#
-context.Request.MatchedParameters.ContainsKey("parameter-name") == true
-```
-**Check if URI parameter has expected value**
-```c#
-context.Request.MatchedParameters.GetValueOrDefault("parameter-name", "").Equals("expected-value", StringComparison.OrdinalIgnoreCase) == true
-```
-## Interact with query string parameters
-
-**Get query string parameter**
-```c#
-context.Request.Url.Query.GetValueOrDefault("parameter-name", "optional-default-value")
-```
-**Check query string parameter existence**
-```c#
-context.Request.Url.Query.ContainsKey("parameter-name") == true
-```
-**Check if query string parameter has expected value**
-```c#
-context.Request.Url.Query.GetValueOrDefault("parameter-name", "").Equals("expected-value", StringComparison.OrdinalIgnoreCase) == true
-```
-## Interact with policy variables
-
-**Get policy variable** *(assuming type string)*
-```c#
-context.Variables.GetValueOrDefault<string>("variable-name","optional-default-value")
-```
-**Check policy variable existence**
-```c#
-context.Variables.ContainsKey("variable-name") == true
-```
-**Check if policy variable has expected value** *(assuming type string)*
-```c#
-context.Variables.GetValueOrDefault<string>("variable-name","").Equals("expected-value", StringComparison.OrdinalIgnoreCase)
-```
-## Interact with JSON bodies
-
-**Get value from JSON body**
-```c#
-(string)context.Request.Body.As<JObject>(preserveContent: true).SelectToken("root.child jsonpath")
-```
-**Get value from JSON response variable**
-```c#
-(string)((IResponse)context.Variables["response-variable-name"]).Body.As<JObject>().SelectToken("root.child jsonpath")
-```
-**Add property to JSON body**
-```c#
-JObject body = context.Request.Body.As<JObject>(); 
-body.Add(new JProperty("property-name", "property-value"));
-return body.ToString(); 
-```
-## Interact with JSON Web Tokens
-
-**Read claim from bearer token**
-```c#
-context.Request.Headers.GetValueOrDefault("Authorization")?.Split(' ')?[1].AsJwt()?.Claims["claim-name"].FirstOrDefault()
-```
-
-## Interact with client certificates
-
-**Check client certificate existence**
-```c#
-context.Request.Certificate != null
-```
-**Check if client certificate is valid, including a certificate revocation check**
-```c#
-context.Request.Certificate.Verify() == true
-```
-**Check if client certificate is valid, excluding a certificate revocation check**
-```c#
-context.Request.Certificate.VerifyNoRevocation() == true
-```
-**Check if client certificate issuer has expected value**
-```c#
-context.Request.Certificate.Issuer == "trusted-issuer"
-```
-**Check if client certificate subject has expected value**
-```c#
-context.Request.Certificate.SubjectName.Name == "expected-subject-name"
-```
-**Check if client certificate thumbprint has expected value**
-```c#
-context.Request.Certificate.Thumbprint == "EXPECTED-THUMBPRINT-IN-UPPER-CASE"
-```
-**Check if client certificate is uploaded in API Management, based on thumbprint**
-```c#
-context.Deployment.Certificates.Any(c => c.Value.Thumbprint == context.Request.Certificate.Thumbprint) == true
+# Common policy expressions
+This cheat-sheet contains common policy expressions that are often used when authoring Azure API Management policies.
+
+## Interact with HTTP headers
+
+**Get HTTP header**
+```c#
+context.Request.Headers.GetValueOrDefault("header-name","optional-default-value")
+```
+**Check HTTP header existence**
+```c#
+context.Request.Headers.ContainsKey("header-name") == true
+```
+**Check if HTTP header has expected value**
+```c#
+context.Request.Headers.GetValueOrDefault("header-name", "").Equals("expected-header-value", StringComparison.OrdinalIgnoreCase)
+```
+## Interact with URI parameters
+
+**Get URI parameter**
+```c#
+context.Request.MatchedParameters.GetValueOrDefault("parameter-name","optional-default-value")
+```
+**Check URI parameter existence**
+```c#
+context.Request.MatchedParameters.ContainsKey("parameter-name") == true
+```
+**Check if URI parameter has expected value**
+```c#
+context.Request.MatchedParameters.GetValueOrDefault("parameter-name", "").Equals("expected-value", StringComparison.OrdinalIgnoreCase) == true
+```
+## Interact with query string parameters
+
+**Get query string parameter**
+```c#
+context.Request.Url.Query.GetValueOrDefault("parameter-name", "optional-default-value")
+```
+**Check query string parameter existence**
+```c#
+context.Request.Url.Query.ContainsKey("parameter-name") == true
+```
+**Check if query string parameter has expected value**
+```c#
+context.Request.Url.Query.GetValueOrDefault("parameter-name", "").Equals("expected-value", StringComparison.OrdinalIgnoreCase) == true
+```
+## Interact with policy variables
+
+**Get policy variable** *(assuming type string)*
+```c#
+context.Variables.GetValueOrDefault<string>("variable-name","optional-default-value")
+```
+**Check policy variable existence**
+```c#
+context.Variables.ContainsKey("variable-name") == true
+```
+**Check if policy variable has expected value** *(assuming type string)*
+```c#
+context.Variables.GetValueOrDefault<string>("variable-name","").Equals("expected-value", StringComparison.OrdinalIgnoreCase)
+```
+## Interact with JSON bodies
+
+**Get value from JSON body**
+```c#
+(string)context.Request.Body.As<JObject>(preserveContent: true).SelectToken("root.child jsonpath")
+```
+**Get value from JSON response variable**
+```c#
+(string)((IResponse)context.Variables["response-variable-name"]).Body.As<JObject>().SelectToken("root.child jsonpath")
+```
+**Add property to JSON body**
+```c#
+JObject body = context.Request.Body.As<JObject>(); 
+body.Add(new JProperty("property-name", "property-value"));
+return body.ToString(); 
+```
+## Interact with JSON Web Tokens
+
+**Read claim from bearer token**
+```c#
+context.Request.Headers.GetValueOrDefault("Authorization")?.Split(' ')?[1].AsJwt()?.Claims["claim-name"].FirstOrDefault()
+```
+
+## Interact with client certificates
+
+**Check client certificate existence**
+```c#
+context.Request.Certificate != null
+```
+**Check if client certificate is valid, including a certificate revocation check**
+```c#
+context.Request.Certificate.Verify() == true
+```
+**Check if client certificate is valid, excluding a certificate revocation check**
+```c#
+context.Request.Certificate.VerifyNoRevocation() == true
+```
+**Check if client certificate issuer has expected value**
+```c#
+context.Request.Certificate.Issuer == "trusted-issuer"
+```
+**Check if client certificate subject has expected value**
+```c#
+context.Request.Certificate.SubjectName.Name == "expected-subject-name"
+```
+**Check if client certificate thumbprint has expected value**
+```c#
+context.Request.Certificate.Thumbprint == "EXPECTED-THUMBPRINT-IN-UPPER-CASE"
+```
+**Check if client certificate is uploaded in API Management, based on thumbprint**
+```c#
+context.Deployment.Certificates.Any(c => c.Value.Thumbprint == context.Request.Certificate.Thumbprint) == true
 ```