Exposing Azure Service Bus through APIM, generating a SAS Token

 

On one of my recent projects, a client application was required to place a message onto an Azure Service Bus by using a HTTP endpoint rather than using the Service Bus SDK and with the following constraints.

·       The client is unable to generate the Service Bus SAS token.

·       Service Bus Session Id needs to be set to the customer number found in the message to ensure ordered delivery by the consumer.

·       Custom HTTP Request Headers may be used.

I decided upon a solution that uses Azure APIM to expose the Service Bus endpoint.

1.     The first step of this solution  is to create an Azure Service Bus with a queue called ‘apimqueue.

Please refer below screen shot.





2.    Next click on created queue and navigate Shared access policy and added ‘apimqueuesend’ which has only Send claims.





3.    Click on created shared access policies and copy primary key for further use.


4.    Next is to create an API using the ‘Blank API’ template similar to what I have done below. Note the ‘Web service URL’ value is the base address of the Service Bus topic URL.



5.    Enter the Name and give web service URL of your service bus and click on create.


6.       Next Add operation based on your request like Post, Get Methods.



Before we add policy's create Named Values and our primary key is saskey, use this saskey as string key in our policy. 



Refer below screen after crated operation.



7.       Next step to added polices in added operation.

<policies>

    <inbound>

        <base />

        <cache-lookup-value key="apimqueuesend" variable-name="apimqueuesend" />

        <choose>

            <when condition="@(context.Variables.GetValueOrDefault&lt;string>("apimqueuesend") == null)">

                <cache-store-value key="crmsbsas" value="@{

                        string resourceUri = "https://dwproject.servicebus.windows.net/apimqueue";

                        string keyName = "apimqueuesend";

                        string key = "saskey";

                        TimeSpan sinceEpoch = DateTime.UtcNow - new DateTime(1970, 1, 1);

                        var expiry = Convert.ToString((int)sinceEpoch.TotalSeconds + 120);

                        string stringToSign = System.Uri.EscapeDataString(resourceUri) + "\n" + expiry;

                        HMACSHA256 hmac = new HMACSHA256(Encoding.UTF8.GetBytes(key));

                        var signature = Convert.ToBase64String(hmac.ComputeHash(Encoding.UTF8.GetBytes(stringToSign)));

                        var sasToken = String.Format("SharedAccessSignature sr={0}&amp;sig={1}&amp;se={2}&amp;skn={3}",

                                        System.Uri.EscapeDataString(resourceUri),

                                        System.Uri.EscapeDataString(signature), expiry, keyName);

                        return sasToken;

                    }" duration="10" />

                <cache-lookup-value key="apimqueuesend" variable-name="apimqueuesend" />

            </when>

        </choose>

        <set-backend-service base-url="https://dwproject.servicebus.windows.net" />

        <rewrite-uri template="apimqueue/messages" />

        <set-header name="Content-Type" exists-action="override">

            <value>vnd.microsoft.servicebus.yml</value>

        </set-header>

        <set-header name="Authorization" exists-action="override">

            <value>{{apimqueuesend}}</value>

        </set-header>

        <set-header name="BrokerProperties" exists-action="override">

            <value>@{

                    var json = new JObject();

                    json.Add("MessageId", context.RequestId);

                    return json.ToString(Newtonsoft.Json.Formatting.None);

                }</value>

        </set-header>

        <set-body>@{

                JObject json = context.Request.Body.As<JObject>(preserveContent: true);

                return JsonConvert.SerializeObject(json);

            }</set-body>

    </inbound>

    <backend>

        <base />

    </backend>

    <outbound>

        <base />

    </outbound>

    <on-error>

        <base />

        <return-response>

            <set-status code="200" reason="OK" />

        </return-response>

    </on-error>

</policies>

 9.       To test added policy please navigate to test in APIM section, please give required headers and json data and click on send.







10.       Finally Navigate to our queue and check whether message have received.




Reference Link:


https://joeblogs.technology/2021/07/posting-to-azure-service-bus-from-api-management/?utm_source=rss&utm_medium=rss&utm_campaign=posting-to-azure-service-bus-from-api-management

 

https://www.serverlessnotes.com/docs/expose-service-bus-queue-through-api-management

 

https://connectedcircuits.blog/2018/09/25/exposing-azure-service-bus-through-apim-generating-a-sas-token-and-setting-the-session-id/

















Comments

Post a Comment

Popular posts from this blog

Open canvas app with Customize the command bar using command designer

Image
  This topic guides you through creating and editing modern commands using the command designer and Power Fx. Create a new model-driven app using modern app designer 1.      Sign into  Power Apps 2.      On the left navigation pane, select  Solutions  and then open or create a solution to contain the new model-driven app. 3.      Select  New  >  App  >  Model-driven app 4.      Select  Modern app designer , and then select  Create .    Enter a  Name  for your app, and then select  Create . More information:  Create a model-driven app that has an account table page 1.      On the left navigation pane, select  Solutions , and then open the solution containing the existing model-driven app. 2.      Select the model-driven app, and then select --  >  Edit ...
Read more

How to implement approval in Teams using Adaptive Cards

Image
  Adaptive Cards are self-contained user interface components that transcend platform boundaries. Crafted in JSON format, these snippets of UI can be seamlessly exchanged between applications. Upon reaching a particular application, the JSON content is dynamically rendered into native UI elements, seamlessly blending with the app's aesthetic. This approach facilitates the creation and seamless integration of lightweight UI elements across diverse platforms and frameworks. User Story: We're preparing to implement a leave approval workflow in Teams utilizing adaptive cards. Employees will submit their leave requests, and line managers will receive notifications within Teams. Step 1 – Design the Adaptive Card Prior to establishing the flow, let's initiate the card design process using the designer tool to ensure readiness. Visit https://adaptivecards.io/designer/   to access the designer interface and adjust the 'host app' setting to Microsoft Teams – Light /...
Read more

Create email templates in dynamic 365 and send email using Power Automate

Image
We can utilize email templates with Power Automate to send emails. Follow these steps to use email templates with Power Automate. ·         Create Email Template in dynamic 365. ·         Configure Power Automate to Email Template. Create Email Template in dynamic 365: Navigate to Power Platform admin center, navigate to the Environments tab, and select your environment you wish to create email template refer below screen short. Click on setting and look for Templets and click on Email Template. Click on new on tool bar. The Email Template Type dialog box will open. Select the desired entity and then click OK. On the template form, provide a name for your email template and, if desired, add a description. Note that the email template name and description will not be visible to the recipient. Enter the text you want to send in the message. Use the formatting toolbar to edit and style your...
Read more

HTTP Request Methods

Image
  1. 𝗚𝗘𝗧 : GET Method is used to request information from a website, Server or from API. Example: GET/api/employee/{employee-id}   2. 𝗣𝗢𝗦𝗧 : POST Method is used to create a new resource in server. We can send data to the server in the request body. Example: POST/api/employee/department   3. 𝗣𝗨𝗧 : PUT Method is used to update an existing record by sending the updated data as the content to request body to the server. Example: POST/api/employee/55445   4. 𝗗𝗘𝗟𝗘𝗧𝗘 : DELETE Method is used to remove resources from the server. Example: DELETE/api/employee/55445   5. 𝗣𝗔𝗧𝗖𝗛 : PATCH and PUT are similar use to updates a resource, but it will update data partially but not fully. Example: PATCH/api/employee/55445{"Name: Employee Name"}   6. 𝗛𝗘𝗔𝗗 : HEAD Method is like the GET but it doesn't have any response body. Example: HEAD/api/employee   7. 𝗢𝗣𝗧𝗜𝗢𝗡𝗦 : OPTIONS Method is used to get the informatio...
Read more

Duplicate Detection in Dynamics 365 using power apps.

Image
  User Case: When setting up a contact in Dynamics 365, verify if a contact with the same email address already exists. If it does, prompt an error message indicating a duplicate email address. Step 1 :  Navigate to make.powerapps.com, screen 1 à Create a Blank Canvas App à Connect with Dynamics 365 Data Source à Connect Contact Entity as Dataset (You can connect other entity also as per your requirement) Step 2:   Screen 2 - Insert a new Blank Screen to show Duplicate Detection Dialog Step 3:   Add few Text Input and Button Controls in Screen 1 or design as per your need. Step 4:  Add below formula on Button Control (onSelect property) to find Duplicate Record. If ( IsBlank ( LookUp ( Contacts , emailaddress1 = Emailaddress_Text . Text )), UpdateContext ({ result: "Duplicates Record not found" }), Navigate ( DuplicateDetectionDailogbox , ScreenTransition . CoverRight ) ) ; You can use following formula also on Button Control (onSelect property...
Read more