Mule 4 - Retrieve client id from an API with client ID enforcement policy

This article describes how one could retrieve the client_id that is consuming an API protected by client ID enforcement policy in API Manager.

Assumptions:

1. The API is exposed from Anypoint Runtime - API Manager

2. The API policy is applied - Client ID enforcement

3. The client is has requested access to the API via exchange

4. The client is using Basic Authentication to login to the API with client id and secret key.

How it works:

Since the client application is using Basic Authentication to access Mulesoft API, we will always have the header value as below. This value is in a fixed format, which is username:password encoded with Base64.

Note: this is not a very secure method as anyone with basic understanding of authentication would be able to decode and decipher the information. As such, this should always be used together with SSL to avoid unauthorized users from retrieving login information.

We can use Dataweave 2.0 to retrieve the header from attributes.headers.authorization.

Following that, Base64 decode the value and split the value to extract the client id.

Example of Dataweave which sets the payload to be the extracted client id:

%dw 2.0

import * from dw::core::Binaries

output application/java

---

(fromBase64((attributes.headers.authorization replace "Basic " with "")) splitBy(":"))[0] default ""

Using secure configuration properties in Mule 4

Overview

The enterprise edition of Mule runtime comes equipped with a Secure Configuration Properties module which is a very neat tool that allows you to hide your keys from prying eyes.

Here is an example of how you could:

• encrypt strings or entire files
• reference encrypted properties stored in a file
• decrypt them with a master key;
• and use those values to connect to Salesforce cloud to retrieve a list of Accounts.

This article assumes that you have a Salesforce developer account, and possess basic knowledge of Anypoint Studio 7 and various Mule concepts.

1. Get the tool ready, and prepare your encrypted values

Download the encryption tool at https://docs.mulesoft.com/mule4-user-guide/v/4.1/_attachments/secure-properties-tool.jar

Come up with your master key. For this demo I am using My$ecr3tK3y!!

Open DOS and change directory to the folder where your jar file is located.

Create a domain project in Mule 4

A domain project comes in handy when you want to share resources across different Mule projects in your hosted on-premise Mule Runtime.

In Mule Runtime 4, the resources that can be shared are: 

• VM
• TLS Context
• JMS and JMS Caching Connection
• Database
• WMQ
• JBoss, Bitronix Transaction Manager

Invoke static custom Java methods in Mule 4

This example demonstrates how to use Mule 4's Java method to invoke a custom static method with 2 arguments. The custom class is reused from this post: Define and consume custom Java methods using Dataweave 2.0 in Mule 4.

Tips when working with custom java classes in Mule 4:

1. Include your custom namespace in mule-artifact.json
2. If you are making references to third party libraries, include them as maven dependencies in pom.xml

This is a simple example using a HTTP Listener to listen for POST requests to http://localhost:8081/list-files2

Define and consume custom Java methods with Dataweave 2.0 in Mule 4

With the introduction of a brand-new Java module in Mule 4, it is now possible to invoke Java classes in a more straightforward manner from the flow or in Dataweave 2.0 itself.

Here is a simple demonstration of file manipulation using custom Java classes and methods in Mule Anypoint Studio 7.1. This step-by-step tutorial shows how to:
1. Create a custom java class to list files recursively for a local or shared network path
2. Invoking this class from Mulesoft Dataweave 2.0 transformations, and filter information.

Pre-requisites:

There is a dependency on apache commons-io, log4j and joda-time as I will be reusing some methods for file manipulation.

You can find the jar file or maven references here:

https://mvnrepository.com/artifact/commons-io/commons-io/2.6
https://mvnrepository.com/artifact/joda-time/joda-time
https://mvnrepository.com/artifact/log4j/log4j

1. Create your Mule project and add maven dependency

Download the apache commons-io jar file, or alternatively include the reference in your maven pom.xml file.

For this example, I am going to include it as a maven dependency. Copy and paste the code below and include it between the dependencies node in pom.xml, before the closing node: