Author: Shahzeb Ali Khan
Policies enforce regulations to help manage security, control traffic, and improve API adoption. For example, a policy can control authentication, access, and service level agreements (SLAs). Anypoint Platform offers us many out-of-the-box policies which we can apply to our APIs. But sometimes we have some specific business requirements and to achieve those we develop a Custom Policy.
The normal way of developing a custom policy is through writing the xml code manually as a mule policy does not allow using the flow designer. Now this has several drawbacks.
- XML code is not readable
- Complexity of writing the logic increases
- Development time increases.
Now , there is a workaround to avoid writing everything in xml code and to be able to use flow designer to write the logic. To begin with creating a custom policy and setting up the settings.xml you can refer to these links:
- Custom Policy in Mule 4 – Apisero
- Publishing a Mule 4 Custom Policy | MuleSoft Documentation
Using Flow Designer to develop the policy
Once you have created and imported the policy in your anypoint studio, In your template.xml,
- Keep the attributes, payload or any fields you fetch from the UI of the policy in separate variables.(Only if it’s required)
- Now all you have to do is, in xml make a flow reference inside <http-policy:source> , and point to a flow.
- Now you can go to the flow designer and start creating flow with the same name which you referred to in flow-ref and implement the logic.
- You can store the result in a variable and after the flow-ref, you can validate the response and send a response from policy as usual.
- If you want to use attributes, you will have to store it in a variable before flow-ref , otherwise it will evaluate to null in sub-flow.
- Make sure your flow begins after </http-policy:proxy>.
- You have to create the flow inside template.xml only. If you have multiple mule configuration xml files, it will fail at build.
To authenticate our APIs, we will receive a JWT assertion in the headers. Our custom policy would decode the token , send an HTTP Request to the OAuth provider and then invoke a java method to verify the token based on whether we either allow the request or raise an error. Below is the step by step explanation:
- Create a folder in which you want to create your policy and open a command prompt in that folder. Once done, run the below code(modify it based on your requirement).
|mvn -Parchetype-repository archetype:generate|
-DartifactId=ValidateJWT -Dversion=1.0.0-SNAPSHOT -Dpackage=mule-policy
- After we import the project to anypoint studio,we will configure 4 fields to be taken from the custom policy UI. In your project folder Goto <project_name>.yaml file and use the code below.
|id: Validate JWT Token|
name: Validate JWT Token
description: This policy would validate the JWT token received.
– propertyName: clientIds
description: A comma-separated list of required Client Ids
– propertyName: accountServerUrl
– propertyName: expiryTime
name: Expiry Time
– propertyName: scopes
Now we are going to use the trick mentioned above. We would save whatever we require in some variables and create a flow-ref inside .
- We can now go to the message flow.
- Drag and drop a flow and give it the same name you used in flow reference.
- You can now start with implementing the business logic.
- In the end of the flow make sure you store the final response in a variable.