In addition to customizing and securing your Durable Function status URL, it may be beneficial to shorten the URL for user convenience or to obfuscate complex URL structures. In this article, we will expand on the previous process by incorporating an external URL shortening service. This provides a cleaner and more user-friendly version of the status query URL, which can be shared more easily.
We will use a third-party URL shortening service like Bitly or TinyURL, but in this example, we'll focus on using Bitly for URL shortening. This integration can be done via the Bitly API.
Steps to Shorten the statusQueryGetUri URL
- Customize the URL: Secure the status URL by removing sensitive parameters, as shown in the previous article.
- Shorten the URL: Use an external URL shortening service, such as Bitly, to shorten the modified status URL.
- Return the Shortened URL: After shortening the URL, you can return it to the client in place of the original status URL.
Updated Code Example
Below is the updated version of the Azure Function that not only customizes the URL by removing sensitive parameters but also shortens the URL using the Bitly API.
Full Process:
1. Start the Orchestration
This part of the code is the same as in the previous example. It starts the orchestration and prepares the status response.
var instanceId = await starter.StartNewAsync("RunMainOrchestrator", riskServiceRequests);
log.LogInformation($"Started orchestration with ID = '{instanceId}'.");
// Create a response to check the status of the orchestration
var response = starter.CreateCheckStatusResponse(req, instanceId);
log.LogInformation("Response from CreateCheckStatusResponse received.");
2. Deserialize and Customize the URL
After deserializing the response, we manipulate the statusQueryGetUri to remove sensitive data and add custom parameters like showInput=false.
CheckStatusResponse checkStatusResponse = null;
try
{
checkStatusResponse = await response.Content.ReadAsAsync<CheckStatusResponse>();
log.LogInformation("Response content deserialized successfully.");
}
catch (Exception deserializationEx)
{
log.LogError($"Error during deserialization: {deserializationEx.Message}");
return req.CreateResponse(HttpStatusCode.InternalServerError, "Error during deserialization.");
}
if (checkStatusResponse?.statusQueryGetUri != null)
{
var statusQueryGetUri = checkStatusResponse.statusQueryGetUri;
log.LogInformation($"Original statusQueryGetUri: {statusQueryGetUri}");
UriBuilder uriBuilder = new UriBuilder(statusQueryGetUri);
var queryParams = HttpUtility.ParseQueryString(uriBuilder.Query);
// Remove sensitive parameter
queryParams.Remove("sensitiveParam");
// Add custom parameter to hide input data
if (!queryParams.HasKeys() || !queryParams["showInput"].Equals("false", StringComparison.OrdinalIgnoreCase))
{
queryParams["showInput"] = "false";
}
uriBuilder.Query = queryParams.ToString();
string modifiedUrl = uriBuilder.ToString();
log.LogInformation($"Modified statusQueryGetUri: {modifiedUrl}");
// Update the response with the modified URL
checkStatusResponse.statusQueryGetUri = modifiedUrl;
}
Shorten the URL using Bitly API
Now, we use the Bitly API to shorten the URL. For this, you will need to register for a Bitly account and obtain an API token.
Here’s an example of how to integrate the Bitly API into the Azure Function:
public static async Task<string> ShortenUrlAsync(string longUrl, ILogger log)
{
var apiKey = "YOUR_BITLY_API_KEY"; // Replace with your Bitly API key
var bitlyApiUrl = "https://api-ssl.bitly.com/v4/shorten";
using (var client = new HttpClient())
{
client.DefaultRequestHeaders.Add("Authorization", $"Bearer {apiKey}");
var payload = new
{
long_url = longUrl
};
var response = await client.PostAsJsonAsync(bitlyApiUrl, payload);
if (response.IsSuccessStatusCode)
{
var result = await response.Content.ReadAsAsync<dynamic>();
return result.link;
}
else
{
log.LogError($"Error shortening URL: {response.StatusCode}");
return null;
}
}
}
4.Use the Shortened URL
After shortening the URL, you can now update the response to include the shortened status URL instead of the original long one.
if (checkStatusResponse?.statusQueryGetUri != null)
{
var statusQueryGetUri = checkStatusResponse.statusQueryGetUri;
// Shorten the URL using Bitly API
var shortenedUrl = await ShortenUrlAsync(statusQueryGetUri, log);
if (!string.IsNullOrEmpty(shortenedUrl))
{
log.LogInformation($"Shortened URL: {shortenedUrl}");
checkStatusResponse.statusQueryGetUri = shortenedUrl;
}
else
{
log.LogWarning("Failed to shorten the URL.");
}
}
5. Return the Response
Finally, the function returns the modified response, which now includes the shortened URL.
return new HttpResponseMessage(HttpStatusCode.OK)
{
Content = new StringContent(JsonConvert.SerializeObject(checkStatusResponse), Encoding.UTF8, "application/json")
};
Summary of Changes:
- Secure URL Customization: We first remove sensitive query parameters from the status URL to ensure that private data is not exposed to the client.
- Shorten URL with Bitly: We integrate the Bitly API to shorten the URL, making it more user-friendly and easier to share.
- Return Shortened URL: The final orchestration status response now contains a shortened URL that is both secure and easy to share.
Conclusion:
By combining URL customization and shortening techniques, you can significantly improve both the security and user experience of your Durable Function webhooks. This approach not only hides sensitive data but also makes it easier for end users to interact with the orchestration status, especially when sharing URLs.
Whether you're building internal tools or public-facing applications, these techniques help ensure your webhooks remain secure, concise, and user-friendly. Integrating a URL shortening service like Bitly can be a powerful addition to your Azure Functions setup.
Comments