WSO2-Api Manager-将Post Body参数作为URL查询字符串传递给Moodle

我们正在实施WSO2-AM，以处理希望从Internet公开的Moodle LMS对某些内部API的访问。

我正在配置通过WSO2对此LMS的访问权限，但是遇到了无法解决的问题。

我意识到WSO2文档非常丰富，但是我实际上无法找到此配置的特定实例。

背景： Moodle本身以非常不标准的方式实现了其API。他们称它们为REST，但并不是真正的宁静。某些参数（例如，用户令牌）在URL查询字符串中传递，而不是使用查询主体中的标头。

首先，我在WSO2中配置了两个API，一个用于向Moodle请求用户令牌（Moodle要求此权限以允许特定用户访问该API），另一个用于获取用户注册的课程列表。

通过WSO2从Moodle获取用户令牌的第一个请求按预期进行。我按您期望的那样通过标头传递了用户名/密码/服务参数（以便通过HTTPS对其进行加密）传递给WSO2，并将其作为POST推送到Moodle。Moodle通过WSO2做出的响应符合预期，这是一个JSON有效负载，其中包含令牌，我的客户端随后对该令牌进行解析以在后续请求中使用。

然后，下一个请求是在Moodle中调用更有用的服务，以使用户注册课程。这里有两个我不确定如何解决的问题。

问题： Moodle希望对Web服务的调用使用GET或POST参数。当我使用方便测试的GET时，从客户端传递到WSO2的参数要么是错误的（对于“ userid”而言），要么是丢失的（对于wstoken字段而言，该信息在帖子中）身体）。

在API发布者中，我将WSO2中的API配置为POST，URL模式为{version} / courses / {userid}，API定义如下：

API端点配置为：

网址：http：//（moodleurl）/webservice/rest/server.php?wstoken= {uri.var.wstoken}＆wsfunction = core_enrol_get_users_courses＆moodlewsrestformat = json＆userid = {uri.var.userid}

GET URL as received by Apache hosting Moodle is: xx.xx.xx.xx - - [09/Aug/2016:10:36:03 +0930] "POST /webservice/rest/server.php?wstoken=&wsfunction=core_enrol_get_users_courses&moodlewsrestformat=json&userid=6/6 HTTP/1.1" 200 270

So, the two issues are the missing 'wstoken' parameter (which is in the post body provided to WSO2, and the 'userid' being doubled up with a slash between the items.

I have run the client via a proxy and the data appears to be sent correctly to WSO2:

So I'm wondering what I can do about these problems:

Is there a different URL parameter I can use to correctly include a posted body param in the URL out to the service API address?

Is there some specific configuration problem I've made that's causing the userid parameter to break in this manner?

The posted parameters from the client do appear to be included in the post to Moodle by WSO2; so it is likely they can be stripped from the URL and simply included in the post body to Moodle by WSO2, meaning that it's likely only the issue with the userid parameter that needs to be resolved to allow this to work - unfortunately I'm not sure how to place a proxy between WSO2 and Moodle itself to validate the parameters that are posted to the API, short of using Wireshark.