Send Docs Feedback

Python Script policy

What

The Python Script policy lets you add customized Python functionality to your API proxy flow, especially when the functionality you need is beyond what the Edge out-of-the-box policies provide.

Where

This policy can be attached in the following locations, but see the notes following the table for specific guidance.

ProxyEndpoint TargetEndpoint
    PreFlow Flow PostFlow PreFlow Flow PostFlow    
Request    
    Response
    PostFlow Flow PreFlow PostFlow Flow PreFlow    

Samples

Python Script policy

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<Script name="Python-1">
        <DisplayName>Python-1</DisplayName>
        <ResourceURL>py://myscript.py</ResourceURL>
</Script>

In this example, the element, ResourceURL specifies the relevant Python script resource.

Python Script

This shows what you might include in the Python script itself.

import base64

username = flow.getVariable("request.formparam.client_id")
password = flow.getVariable("request.formparam.client_secret")

base64string = base64.encodestring('%s:%s' % (username, password))[:-1]
authorization = "Basic "+base64string

flow.setVariable("authorizationParam",authorization)

Element reference

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<Script name="Python-1">
    <DisplayName>Python-1</DisplayName>
    <ResourceURL>py://myscript.py</ResourceURL>
    <IncludeURL>py://myscript_dependency.py</IncludeURL>
</Script>

The following attributes are common to all policy parent elements.

Attribute Description Default Presence
name

The internal name of the policy. Characters you can use in the name are restricted to: A-Z0-9._\-$ %. However, the Edge management UI enforces additional restrictions, such as automatically removing characters that are not alphanumeric.

Optionally, use the <DisplayName> element to label the policy in the management UI proxy editor with a different, natural-language name.

N/A Required
continueOnError

Set to false to return an error when a policy fails. This is expected behavior for most policies.

Set to true to have flow execution continue even after a policy fails.

false Optional
enabled

Set to true to enforce the policy.

Set to false to "turn off" the policy. The policy will not be enforced even if it remains attached to a flow.

true Optional
async

Note: This attribute does not make the policy execute asynchronously.

When set to true, policy execution is offloaded to a different thread, leaving the main thread free to handle additional requests. When the offline processing is complete, the main thread comes back and finishes handling the message flow. In some cases, setting async to true improves API proxy performance. However, overusing async can hurt performance with too much thread switching.

To use asynchronous behavior in API proxies, see JavaScript callouts.

false Optional

<DisplayName> element

Use in addition to the name attribute to label the policy in the management UI proxy editor with a different, natural-language name.

<DisplayName>Policy Display Name</DisplayName>
Default:

N/A

If you omit this element, the the value of the policy's name attribute is used.

Presence: Optional
Type: String

 

<ResourceURL> element

This element specifies the main Python file that will execute in the API flow. You can store this file at the API proxy scope (under /apiproxy/resources/py in the API proxy bundle or in the Scripts section of the API proxy editor's Navigator pane), or at the organization or environment scopes for reuse across multiple API proxies, as described in Resource files. Your code can use the objects, methods, and properties of the JavaScript object model.

<ResourceURL>py://myscript.py</ResourceURL>
Default: None
Presence: Required
Type: String

Example

See the Samples section.

<IncludeURL> element

Specifies a Python file to be loaded as dependency to the main Python file specified with the <ResourceURL> element. The scripts will be evaluated in the order in which they are listed in the policy.

Include more than one Python dependency resource with additional <IncludeURL> elements.

If your Python files are stored at the organization or environment level, be sure they were uploaded correctly with cURL using the -F option or as a file attachment through a REST client. Content-Type is multipart/form-data. For more information, see Resource files.

    <IncludeURL>py://myscript_dependency.py</IncludeURL>
Default: None
Presence: Optional
Type: String

Usage notes

A Python policy contains no actual code. Instead, a Python policy references a Python 'resource' and defines the Step in the API flow where the Python script executes. You can upload your script through the Management UI proxy editor, or you can include it in the /resources/py directory in API proxies that you develop locally.

System calls, for example network I/O, filesystem read/writes, current user info, process list, and CPU/memory utilization are not permitted by the security model. Although some such calls may be functional, they are unsupported and liable to be actively disabled at any time. For forward compatibility, you should avoid making such calls in your Python scripts.

Related topics

For working samples of API proxies, see the Samples reference.

 

Help or comments?