Encoding part has now been changed to a public method. Can do the same for signing too.
On Fri, Jun 24, 2016 at 3:35 PM, Sanjeewa Malalgoda <[email protected]> wrote: > @Amila, while doing this shouldn't we move encoding and signing part also > to JWT generator? > Then users will get more flexibility to customize those behavior as well. > > Thanks, > sanjeewa. > > On Fri, Jun 24, 2016 at 3:26 PM, Amila De Silva <[email protected]> wrote: > >> Hi All, >> >> In API Gateway , while generating a JWT in the request path, >> TokenGenerator interface is used. Currently it supports the following two >> method overloads; >> >> String generateToken(APIKeyValidationInfoDTO keyValidationInfoDTO, >> String apiContext, String version) throws APIManagementException; >> >> String generateToken(APIKeyValidationInfoDTO keyValidationInfoDTO, >> String apiContext, String version, >> String accessToken) throws >> APIManagementException; >> >> The topmost one was the first method added to the interface, and second >> one was only added to address a limitation in the first one (As of now >> first method is marked as a deprecate one). >> >> I suggest that we add the following method and deprecate both the >> existing two methods; >> >> String generateToken(TokenValidationContext validationContext) throws >> APIManagementException; >> >> Reasons for suggesting this change are >> >> 1. TokenValidationContext contain all the parameters used in the first >> two methods. >> >> 2. JWT Generation happens at the KeyManager while executing >> KeyValidationHandler. JWT Generation is the final phase of that handler, >> and if we pass a TokenValidationContext to generateToken method, then >> whatever the parameters that have been set in previous phases can be made >> available at the JWT Generator (It's an object of the type >> TokenValidationContext, that is passed across other phases in >> KeyValidationHandler) >> >> Please share your thoughts on this. >> >> -- >> *Amila De Silva* >> >> WSO2 Inc. >> mobile :(+94) 775119302 >> >> > > > -- > > *Sanjeewa Malalgoda* > WSO2 Inc. > Mobile : +94713068779 > > <http://sanjeewamalalgoda.blogspot.com/>blog > :http://sanjeewamalalgoda.blogspot.com/ > <http://sanjeewamalalgoda.blogspot.com/> > > > -- *Amila De Silva* WSO2 Inc. mobile :(+94) 775119302
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
