Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

User identity throttling example does not work. #6431

Closed
leftler opened this issue Mar 28, 2018 — with docs.microsoft.com · 4 comments
Closed

User identity throttling example does not work. #6431

leftler opened this issue Mar 28, 2018 — with docs.microsoft.com · 4 comments
Assignees
@vladvino
Labels
api-management/svc assigned-to-author doc-bug Pri2 triaged

Comments

@leftler docs.microsoft.com
Copy link
Contributor

leftler commented Mar 28, 2018
edited
Loading

In the example User identity throttling it has the following code example.

<rate-limit-by-key calls="10"
    renewal-period="60"
    counter-key="@(context.Request.Headers.GetValueOrDefault("Authorization","").AsJwt()?.Subject)" />

This will not work as the value of Authorization will be something like Bearer eyJ0eXAiO... this causes .AsJwt() to return null. To get this to work I had to do

 context.Request.Headers.GetValueOrDefault("Authorization","").Substring("Bearer ".Length).AsJwt()

to get .AsJwt() to not return null. Is this a error in the documentation or is this a error in the .AsJwt() call?

Document Details

Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.
@AdamS-MSFT
Copy link
Member

@leftler Thanks for the feedback! I have assigned the issue to the content author to evaluate and update as appropriate.

@vladvino
Copy link
Contributor

@leftler example is correct and doesn't work due to a regression. Bug fix will be deployed in the coming weeks. Thank you for the heads up!

@vladvino
Copy link
Contributor

#please-close

@seanperera
Copy link

seanperera commented Mar 6, 2020
edited
Loading

I experienced the issue where the jwt token didn't have the sub(subject) claim and APIM was throwing a 500 internal error with the message "Expression value is invalid. The counter-key field is required." The error recorded in AppInsights when i enabled diagnostics logging for APIM.

Registered claims (iss (issuer), exp (expiration time), sub (subject), aud (audience)) in jwt token is not mandatory but recommended. so fix the jwt token to include sub claim (the user) and the following worked.

<rate-limit-by-key calls="10"
renewal-period="60"
counter-key="@(context.Request.Headers.GetValueOrDefault("Authorization","").AsJwt()?.Subject)" />

@PRMerger17 PRMerger17 added the Pri2 label Mar 6, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@vladvino vladvino

Labels
api-management/svc assigned-to-author doc-bug Pri2 triaged
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@vladvino @leftler @seanperera @PRMerger17 @AdamS-MSFT @Mike-Ubezzi-MSFT