How do I alias an image?

Context
In order to aliasing images, please send a request to support@verygoodsecurity.com with your tenant id in order to enable aliasing the Content Type for requests with images. Remember to replace the TENANT_ID, VGS_PROXY_USERNAME, VGS_PROXY_PASSWORD, and the VGS alias in the example below with your vault specific values.

VGS Steps
1a. Create the default "Inbound route" from the default "Add Route" dropdown under the "Routes" section within the VGS Dashboard. See image below.
- Save the inbound route
- Export the YAML

inbound-route.png


1b. open the inbound YAML with an editor, and replace the operations section with the part below. See image directly below. Save and upload the updated YAML file.

operations: |-
[ {
"@type" : "type.googleapis.com/ProcessHttpBodyOperationConfig"
}, {
"@type" : "type.googleapis.com/RevealFileOperationConfig"
} ]

inbound-yaml.png

NOTE: these operations take over what is revealed or redacted for the payload.

1c. Create the default "Outbound route" from the default "Add Route" dropdown under the "Routes" section within the VGS Dashboard. See image below.
- Replace the Upstream Host "echo.apps.verygood.systems" with "www.nationalnotary.org"
- Set the filter conditions to HTTP Method to "GET" and ContentType of "image/jpeg"
- Set the Phase to "Response"
- Save the outbound route
- Export the YAML

outbound-route.png


1d. Open the outbound YAML with an editor, and replace the operations section with the part below. See image directly below. Save and upload the updated YAML file.

operations: |-
[ {
"@type" : "type.googleapis.com/ProcessHttpBodyOperationConfig"
}, {
"@type" : "type.googleapis.com/RedactFileOperationConfig"
} ]

outbound-yaml.png

2.
Download an image file to test with:

curl https://www.nationalnotary.org/Image%20Library/NNA/Bulletin/CALicenseGenderSmall.jpg > CALicenseSmall.jpg


3a.
Alias the image with VGS (via outbound route):

curl https://www.nationalnotary.org/Image%20Library/NNA/Bulletin/CALicenseGenderSmall.jpg -k \
-x <VGS_PROXY_USERNAME>:<VGS_PROXY_PASSWORD>@<TENANT_ID>.sandbox.verygoodproxy.com:8080

RESPONSE: tok_sandbox_ewD28TZuMyVTKtetQtL8Ab

3b. Reveal the image from VGS (via inbound route):

curl https://tnta7xz7ykw.SANDBOX.verygoodproxy.com/post \
-H 'Content-Type: image/jpeg' \
-d 'tok_sandbox_ewD28TZuMyVTKtetQtL8Ab' \
--output test.txt

NOTE: look inside the text file to see the JSON object and the data field with the image details.

 

3c. Verify the image matches the base64 encoded from the last step:

echo -n "$(base64 CALicenseSmall.jpg)"

 

4. Use jq to grab the JSON data and filter out the first part up to the comma "data:application/octet-stream;base64," (see below) and base64 decode to get the image back.

curl https://<TENANT_ID>.SANDBOX.verygoodproxy.com/post \
-H 'Content-Type: image/jpeg' \
-d 'tok_sandbox_ewD28TZuMyVTKtetQtL8Ab' \
| jq -r '.data | sub(".*,"; "")' \
| base64 --decode > result.jpg


Additional Information
Currently the binary file types below can be aliased. If you have a Content-Type not listed, then feel free contact support@verygoodsecurity.com and we can add it to the list.

xml
json
text
application/x-www-form-urlencoded
application/vnd
application/pdf
multipart/form-data
image
application/octet-stream
video
Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.