Hi!
I've created an Angular application that uses 'http-proxy-middleware' for connecting to backend services, one of my services uses https and one is http.
I'm using a Node server for deployment. This works fine locally when I use the backend services.
When I deploy on Azure App Service (Linux/Node) I get a 403 Forbidden when calling the proxy (see below).
So my Node server in the App Service uses http on port 8080. The App Service uses https with url https://[myappname].azurewebsites.net/
This is a bit confusing to me. Is it just port forwarding from 443 to 8080? Do we have a valid certificate for my URL (is it needed)?
I also tried to start my Node server with https on port 8080 but that didn't work.
What do work is a POST to the the /docebo proxy (used for authenticating the user), but a GET on the REST API returns a 403.
When doing a curl GET directly to Docebo endpoint (not through proxy) while logged on to my App Service server the call works fine.
The call to the other proxy which has a http target all calls works fine (GET/POST/PUT/DELETE).
The owner of the Docebo API says that the problem is not on their end. So what am I doing wrong?
When comparing request-response debug info with POST and GET I find these differences:
Getting data (403) :
useChunkedEncodingByDefault: false,
method: 'GET',
path: '/manage/v1/user?search_text=Test01',
authorization: [
'authorization',
'Bearer [theTokenIGotFromLoginIsHere]'
],
accept: [ 'accept', 'application/json' ],
Login posting (ok) :
useChunkedEncodingByDefault: true,
method: 'POST',
path: '/oauth2/token',
accept: [ 'accept', 'application/json, text/plain, */*' ],
'content-type': [
'content-type',
'multipart/form-data; boundary=----WebKitFormBoundaryyLgRE2snV888KOzE'
],
Node Express server with proxy.
var createProxyMiddleware = require('http-proxy-middleware')
app.use('/docebo', createProxyMiddleware({
target: 'https://[mysandbox].docebosaas.com/',
secure: true,
timeout: 8000,
changeOrigin: true,
logLevel: "debug",
"pathRewrite": {
"^/docebo": ""
}
}));
Response from above GET when running in Azure App Service (Node).
{
"name": "Forbidden",
"message": [
""
],
"code": 0,
"status": 403
}