16.08.17 - Apigee Edge for Public Cloud release notes

On Tuesday, August 30, 2016, we released a new version of Apigee Edge for Public Cloud.

New features and updates

Following are the new features and updates in this release.

JSON payloads in Assign Message and Raise Fault

When setting a JSON payload using an Assign Message or Raise Fault policy, users were sometimes required to use workarounds to ensure a JSON message was properly formatted at runtime, such as beginning the payload with a backslash "\" or specifying a variablePrefix and variableSuffix on the Payload element, even if no variables were used in the message.

With this enhancement, no workarounds are needed to ensure proper JSON message formatting, and variables can be specified using curly braces without creating invalid JSON. For example, the following inserts the value of message.content in the JSON message:

<Payload contentType="application/json">{"message" : "{message.content}"}</Payload>

If you used a workaround, your code will continue to work as is. You can also use variablePrefix and variableSuffix instead of curly braces to indicate variables.

See the <Set><Payload> element in the Assign Message policy and Raise Fault policy reference docs. (APIRT-1160)

XML to JSON policy enhancements

The XML to JSON policy has been enhanced with the following capabilities. You can configure the policy to:

  • Treat some XML elements as arrays during conversion, which puts the values in square brackets '[ ]' in the JSON document.
  • Strip or eliminate levels of the XML document hierarchy in the final JSON document.

For more information, see XML to JSON policy. (APIRT-1144)

Multiple wildcards in API Product resource paths

When defining resource paths in API Product, you can include wildcards in multiple places in a resource path. For example, /team/*/invoices/** allows API calls with any one value after /team and any resource paths after invoices/. An allowed URI on an API call would be proxyBasePath/team/finance/invoices/company/a.

If after this release your existing API Product resource paths stop working as expected, set the following property on your organization to revert to the previous behavior: features.enableStandardWildCardMatchForAPIProductResources = true

(MGMT-3273)

Crypto functions in JavaScript

A new set of high-performance JavaScript crypto functions is available for creating, getting, and updating the following has objects: MD5, SHA-1, SHA256, SHA512. The crypto object also lets you get the date in various formats. For more information, see JavaScript object model. (APIRT-2886)

Java Callout JAR version checking

When uploading a Java JAR resource to an API proxy, an HTTP 400 status code is returned (instead of a 500) if the version of the Java resource is incompatible with the Edge supported version of Java, listed in Supported software and supported versions. (MGMT-3420)

API proxy resources validation

When you have API proxy resource files (such as JavaScript or Java JARs) stored at the environment or organization scope, the validation framework no longer requires you to also include those resources at the API proxy level in a proxy bundle for import to pass validation. Resource validation now occurs at deploy time, not at import time. (MGMT-1430)

Configure the timeout for individual API proxies

You can configure API proxies to time out after a specified time (with a 504 gateway timeout status). The primary use case is for Private Cloud customers who have API proxies that take longer to execute. For example, say you need specific proxies to time out at 3 minutes. You can use a new api.timeout property in the configuration for an API proxy. Here's how you'd do it with the 3-minute example:

  1. First, be sure to configure the load balancer, router, and message processor to time out after 3 minutes.
  2. Then configure the relevant proxies to time out at 3 minutes. Specify the value in milliseconds. For example:
    <ProxyEndpoint name="default">
      <HTTPProxyConnection>
        <BasePath>/v1/weather</BasePath> 
        <Properties> 
          <!-- api.timeout is in milliseconeds -->
          <Property name="api.timeout">180000</Property>
        </Properties>
        ...
    
  3. Note, however, that raising the system timeouts could result in performance issues, because all proxies without an api.timeout setting use the new, higher load balancer, router, and message processor timeouts. So configure other API proxies that don't require longer timeouts to use lower timeouts. For example, the following sets an API proxy to time out after 1 minute:
    <Property name="api.timeout">60000</Property>

Cloud customers, who can't modify the Edge timeouts, can also configure an API proxy timeout, as long as the timeout is shorter than the standard Edge message processor timeout of 57 seconds.

You cannot populate the value with a variable. This property is covered in the Endpoint properties reference. (APIRT-1778)

TLS/SSL for Message logging Policy

<KeyStore> and <TrustStore> can be set in the SSLInfo configuration on the Message Logging policy, allowing one- and two-way TLS/SSL with a logging service. You configure SSLInfo on the Message Logging policy the same way you would on a proxy TargetEndpoint. However, Message Logging TLS/SSL supports only the TCP protocol. (APIRT-1858)

Bugs fixed

The following bugs are fixed in this release. This list is primarily for users checking to see if their support tickets have been fixed. It's not designed to provide detailed information for all users.

Issue ID Description
SECENG-609 Runtime calls not failing during the delete of the associated truststore or when the valid cert in the truststore is deleted
MGMT-3404 Viewing/retrieving Node.js logs and deploying proxies is very slow
MGMT-3400 Call to the /userroles management API fails if the user doing the call has a "+" sign in the name
MGMT-3368 java.lang.ArrayIndexOutOfBoundsException: 1, when importing an API Proxy bundle that contains resources/node/resources directory
MGMT-3364 OAuthV2: redirect_uri check
MGMT-3319 List entries in a vault which has null value in one of the entries doesn't work for orgs (CPS and non-CPS)
MGMT-3226 Querying at organization/environment level should not pull all data causing API to fail
Release_160302 had a bug where the listing of resources at organization-level/environment level failed if the cumulative size of the resources is above 16MB, this fix takes care of it.
AXAPP-2429 Analytics API using response_status_code returns data access error
AXAPP-2386 Fix empty reports content in analytics daily email reports
AXAPP-2347 Not receiving daily analytics summary emails
APIRT-3141 Java Callouts fail when calling new ExecutionResult() , because the constructor has been made private
APIRT-3140 ServiceCallout policy not working in HEAD api calls
APIRT-3131 Incorrect createdBy shown for an API Proxy when using monetization with an external authentication provider
APIRT-3121 Org resource file change made is not 100% effective
APIRT-3117 MP reached 100% CPU utilization and stopped serving traffic
APIRT-3016 Router "Call timed out" errors on deployments
APIRT-2975 Upload cert bundle failure
APIRT-2955 Unable to mask certain attributes of JSON response data for FHIR-complaint Content-Type header 'application/json+fhir'
APIRT-2946 OAuthV2-RefreshToken Policy not hiding attributes even though display is set to false
APIRT-2908 Enforcing TLS1.2 for internal API call is required post TLS1.2 update on virtualhost
APIRT-2901 Gzipped responses returned from cache are double compressed
APIRT-2873 MPs throw NullPointerException related to VerifyAPIKey after deletion of products/developers/proxies
APIRT-2871 IOIntensive policies appearing twice in Trace
APIRT-2825 Grammatical error in the accesstoken error response
APIRT-2750 Traffic failures high in specific org
APIRT-2685 Traffic cannot flow with unknown error being thrown
APIRT-2647 "Underlying input stream returned zero bytes" error with nonprod/dev
APIRT-2630 Intermittent issues when trying to read value from cache
APIRT-2620 Separate thread pool for some blocking steps
APIRT-2610 java.lang.ClassCastException with Response Cache policy
APIRT-2608 Last-Modified headers parsing error in Response Cache policies
APIRT-2605 "organization" and "environment" variables should not be allowed to overwritten via policies
APIRT-2566 OAuthV2 policy returns malformed WWW-Authenticate Header
APIRT-2491 TargetServer update failed due to RPC timeout between management and mps
APIRT-2386 Empty string scope is created in an API product with an empty Allowed OAuth scopes
APIRT-2383 XSL Transformation policies do not seem to log any data upon an error
APIRT-2364 OAuth fault flow variables not getting updated on error
APIRT-2216 Server sent events - event stream having issues in prod
APIRT-2079 DEBUG cURL call not stopping after the timeout expires for the created session
APIRT-1495 XML Threat Protection not catching fhir Content-Type
APIRT-347 The XSL Policy is not properly validated upon import (does not assign results to output variables as documented)