Hi Harsha, Chamin, Please find my answers inline.
So this means we are having two ways of handling JWT (normal method and WS > specific method) scenarios? If so, we will need additional methods to cover > this flow. Will there be a code/logic duplication due to this? > No. In this implementation, the same JWT token generation method is used. The default ws token validation method is modified to generate the jwt token. https://github.com/wso2/carbon-apimgt/pull/5519/commits/decc193eddecbaccc8eccc22075d2d9876821480 In WS APIs, when user send a Header, isn't it going to back-end by default? > Why we need special prefix as we removed it in the outflow? > In Web Socket apis, the headers that we send in the client - gateway handshake are not being sent in the gateway - backend handshake. Only the default headers were set[1] and the incoming headers are set as the properties in axis2 message context. In order to send the header to the backend, we need to get the specific property and attach it as a header to the gateway - backend handshake. As the transport sender implementation should be generic, we send the headers that should be sent to the backend with a prefix and in the WebSocketTransportSender, we get those properties, extract the actual header and set them as handshake headers.[2] So we do not need to alter the transport implementation if we need to send any headers as required. [1] https://github.com/wso2/carbon-mediation/blob/master/components/carbon-transports/websocket/org.wso2.carbon.websocket.transport/src/main/java/org/wso2/carbon/websocket/transport/WebsocketConnectionFactory.java#L170 [2] https://github.com/wso2/carbon-mediation/pull/1068/commits/a3d204dfc53138aab7097d6e168d1c0df7382c01 On Fri, Jun 29, 2018 at 7:55 PM, Harsha Kumara <[email protected]> wrote: > > > On Fri, Jun 29, 2018 at 11:25 AM Menaka Jayawardena <[email protected]> > wrote: > >> Hi, >> >> >> *With reference to [RRT][APIM] Code Review - Sending Enduser information >> to WS Backends and based on the offline discussion with Kevin.* >> >> *Initial Requirement:* When the JWT token generation is enabled in API >> Manager, the jwt token should be sent to the Web socket backend. >> >> *Current Approach:* As the websocket communication happens as frames, we >> could not add the jwt token into the frames. And also it is not a best >> practice as it is a overhead for the message that is being sent. >> So, the token will be attached as a header to the initial web socket >> handshake. >> >> In the current implementation, we generate the jwt token and set as an >> intermediate header from the api gateway. This header is then picked up >> from the axis2 message context in the WebSocketTransportSender and attach >> to the Gateway - WS-BackEnd handshake requst. >> >> But, as per this implementation, if the user needs to send another >> header, the WebSocketTransportSender implementation should be changed to >> support the new header. To avoid this, the implementation will be done in a >> generic manner. >> >> *Solution:* >> The headers that should be sent to the websocket backends, have to be >> sent with a prefix. The format of would be <prefix>.<header> >> >> Ex: If we need to send the header X-JWT-Assertion to the backend, it >> should be sent as *websocket.header.**X-JWT-Assertion*. >> >> In WebSocketTransportSender, it will get only the properties with the >> *websocket.header.* prefix, extract the header string and attach them as >> new headers to the Handshake request. >> > In WS APIs, when user send a Header, isn't it going to back-end by > default? Why we need special prefix as we removed it in the outflow? > >> >> Any comments, suggestions are highly appreciated. >> >> Thanks and Regards, >> Menaka >> >> -- >> >> *Menaka Jayawardena* >> Senior Software Engineer >> WSO2 Inc. >> >> Phone : +94 71 350 5470 >> LinkedIn : https://lk.linkedin.com/in/menakajayawardena >> Blog : https://menakamadushanka.wordpress.com/ >> >> > > -- > Harsha Kumara > Associate Technical Lead, WSO2 Inc. > Mobile: +94775505618 > Blog:harshcreationz.blogspot.com > -- *Menaka Jayawardena* Senior Software Engineer WSO2 Inc. Phone : +94 71 350 5470 LinkedIn : https://lk.linkedin.com/in/menakajayawardena Blog : https://menakamadushanka.wordpress.com/
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
