### Get URI Parameter Value Source: https://github.com/azure/api-management-policy-snippets/blob/master/policy-expressions/README.md Retrieves the value of a URI parameter. If the parameter is not found, it returns an optional default value. ```csharp context.Request.MatchedParameters.GetValueOrDefault("parameter-name","optional-default-value") ``` -------------------------------- ### Get HTTP Header Value Source: https://github.com/azure/api-management-policy-snippets/blob/master/policy-expressions/README.md Retrieves the value of a specified HTTP header. If the header is not found, it returns an optional default value. ```csharp context.Request.Headers.GetValueOrDefault("header-name","optional-default-value") ``` -------------------------------- ### Get Policy Variable Source: https://github.com/azure/api-management-policy-snippets/blob/master/policy-expressions/README.md Retrieves the value of a policy variable, assuming it is a string. If the variable is not found, it returns an optional default value. ```csharp context.Variables.GetValueOrDefault("variable-name","optional-default-value") ``` -------------------------------- ### Get Query String Parameter Value Source: https://github.com/azure/api-management-policy-snippets/blob/master/policy-expressions/README.md Retrieves the value of a query string parameter. If the parameter is not found, it returns an optional default value. ```csharp context.Request.Url.Query.GetValueOrDefault("parameter-name", "optional-default-value") ``` -------------------------------- ### Get Value from JSON Response Variable Source: https://github.com/azure/api-management-policy-snippets/blob/master/policy-expressions/README.md Extracts a value from the JSON body of a response stored in a policy variable using a JSONPath expression. ```csharp (string)((IResponse)context.Variables["response-variable-name"]).Body.As().SelectToken("root.child jsonpath") ``` -------------------------------- ### Get Value from JSON Body Source: https://github.com/azure/api-management-policy-snippets/blob/master/policy-expressions/README.md Extracts a value from the request's JSON body using a JSONPath expression. The preserveContent option ensures the body can be read again. ```csharp (string)context.Request.Body.As(preserveContent: true).SelectToken("root.child jsonpath") ``` -------------------------------- ### Check Client Certificate Existence Source: https://github.com/azure/api-management-policy-snippets/blob/master/policy-expressions/README.md Verifies if a client certificate is present in the request. ```csharp context.Request.Certificate != null ``` -------------------------------- ### Verify Client Certificate Validity (with revocation check) Source: https://github.com/azure/api-management-policy-snippets/blob/master/policy-expressions/README.md Checks if the client certificate is valid, including a check against the certificate revocation list. ```csharp context.Request.Certificate.Verify() == true ``` -------------------------------- ### Check Client Certificate Thumbprint Source: https://github.com/azure/api-management-policy-snippets/blob/master/policy-expressions/README.md Verifies if the client certificate's thumbprint matches a specified uppercase string. ```csharp context.Request.Certificate.Thumbprint == "EXPECTED-THUMBPRINT-IN-UPPER-CASE" ``` -------------------------------- ### Verify Client Certificate Validity (without revocation check) Source: https://github.com/azure/api-management-policy-snippets/blob/master/policy-expressions/README.md Checks if the client certificate is valid, bypassing the certificate revocation list check. ```csharp context.Request.Certificate.VerifyNoRevocation() == true ``` -------------------------------- ### OAuth Proxy Sign-in Policy Source: https://github.com/azure/api-management-policy-snippets/blob/master/examples/oauth-proxy/readme.md This policy initiates a front-channel code/PKCE flow with an Identity Provider. Configure it as the 'signin' operation within an API called 'OAuth'. ```xml ``` -------------------------------- ### Generate Base64 Random Bytes in .NET Source: https://github.com/azure/api-management-policy-snippets/blob/master/examples/oauth-proxy/readme.md Use this .NET code to generate Base 64 encoded random bytes for encryption keys. ```csharp Convert.ToBase64String(RandomNumberGenerator.GetBytes()) ``` -------------------------------- ### Check Client Certificate Issuer Source: https://github.com/azure/api-management-policy-snippets/blob/master/policy-expressions/README.md Verifies if the client certificate's issuer matches a specified string. ```csharp context.Request.Certificate.Issuer == "trusted-issuer" ``` -------------------------------- ### Check URI Parameter Value Source: https://github.com/azure/api-management-policy-snippets/blob/master/policy-expressions/README.md Compares the value of a URI parameter against an expected string, ignoring case. Returns true if they match or if the parameter is not present and the default empty string matches. ```csharp context.Request.MatchedParameters.GetValueOrDefault("parameter-name", "").Equals("expected-value", StringComparison.OrdinalIgnoreCase) == true ``` -------------------------------- ### Protect Web Applications with OAuth Proxy Policies Source: https://github.com/azure/api-management-policy-snippets/blob/master/examples/oauth-proxy/readme.md This XML snippet outlines the inbound, backend, outbound, and error handling policies for an OAuth proxy. It includes fragments for token endpoint, session management, and token validation. ```xml ``` -------------------------------- ### Check Client Certificate Subject Source: https://github.com/azure/api-management-policy-snippets/blob/master/policy-expressions/README.md Verifies if the client certificate's subject name matches a specified string. ```csharp context.Request.Certificate.SubjectName.Name == "expected-subject-name" ``` -------------------------------- ### Check Policy Variable Existence Source: https://github.com/azure/api-management-policy-snippets/blob/master/policy-expressions/README.md Verifies if a specific policy variable exists. ```csharp context.Variables.ContainsKey("variable-name") == true ``` -------------------------------- ### Check Query String Parameter Value Source: https://github.com/azure/api-management-policy-snippets/blob/master/policy-expressions/README.md Compares the value of a query string parameter against an expected string, ignoring case. Returns true if they match or if the parameter is not present and the default empty string matches. ```csharp context.Request.Url.Query.GetValueOrDefault("parameter-name", "").Equals("expected-value", StringComparison.OrdinalIgnoreCase) == true ``` -------------------------------- ### Check HTTP Header Value Source: https://github.com/azure/api-management-policy-snippets/blob/master/policy-expressions/README.md Compares the value of an HTTP header against an expected string, ignoring case. Returns true if they match or if the header is not present and the default empty string matches. ```csharp context.Request.Headers.GetValueOrDefault("header-name", "").Equals("expected-header-value", StringComparison.OrdinalIgnoreCase) ``` -------------------------------- ### Check URI Parameter Existence Source: https://github.com/azure/api-management-policy-snippets/blob/master/policy-expressions/README.md Verifies if a specific URI parameter exists in the request. ```csharp context.Request.MatchedParameters.ContainsKey("parameter-name") == true ``` -------------------------------- ### Check HTTP Header Existence Source: https://github.com/azure/api-management-policy-snippets/blob/master/policy-expressions/README.md Verifies if a specific HTTP header exists in the request. ```csharp context.Request.Headers.ContainsKey("header-name") == true ``` -------------------------------- ### Generate Base64 Random Bytes in Bash Source: https://github.com/azure/api-management-policy-snippets/blob/master/examples/oauth-proxy/readme.md Use this bash command to generate Base 64 encoded random bytes for encryption keys. ```bash openssl rand -base64 32 ``` -------------------------------- ### Check Query String Parameter Existence Source: https://github.com/azure/api-management-policy-snippets/blob/master/policy-expressions/README.md Verifies if a specific query string parameter exists in the request. ```csharp context.Request.Url.Query.ContainsKey("parameter-name") == true ``` -------------------------------- ### Check if Client Certificate is Uploaded in APIM Source: https://github.com/azure/api-management-policy-snippets/blob/master/policy-expressions/README.md Determines if the currently presented client certificate (by thumbprint) has been uploaded to API Management. ```csharp context.Deployment.Certificates.Any(c => c.Value.Thumbprint == context.Request.Certificate.Thumbprint) == true ``` -------------------------------- ### Check Policy Variable Value Source: https://github.com/azure/api-management-policy-snippets/blob/master/policy-expressions/README.md Compares the value of a policy variable (assumed string) against an expected string, ignoring case. Returns true if they match or if the variable is not present and the default empty string matches. ```csharp context.Variables.GetValueOrDefault("variable-name","").Equals("expected-value", StringComparison.OrdinalIgnoreCase) ``` -------------------------------- ### OAuth Proxy Callback Policy Source: https://github.com/azure/api-management-policy-snippets/blob/master/examples/oauth-proxy/readme.md This policy handles an Identity Provider's callback in response to a sign-in request. Configure it as the 'callback' operation within an API called 'OAuth'. ```xml ``` -------------------------------- ### Read JWT Claim Source: https://github.com/azure/api-management-policy-snippets/blob/master/policy-expressions/README.md Extracts a specific claim value from a JWT found in the Authorization header. It assumes the token is Bearer type and correctly formatted. ```csharp context.Request.Headers.GetValueOrDefault("Authorization")?.Split(' ')?[1].AsJwt()?.Claims["claim-name"].FirstOrDefault() ``` -------------------------------- ### OAuth Proxy Sign-out Policy Source: https://github.com/azure/api-management-policy-snippets/blob/master/examples/oauth-proxy/readme.md This policy clears a user's session cookie and removes all token data from the cache. Configure it as the 'signout' operation within an API called 'OAuth'. ```xml ``` -------------------------------- ### Add Property to JSON Body Source: https://github.com/azure/api-management-policy-snippets/blob/master/policy-expressions/README.md Adds a new property to the request's JSON body. The modified JSON is returned as a string. ```csharp JObject body = context.Request.Body.As(); body.Add(new JProperty("property-name", "property-value")); return body.ToString(); ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.