Thank you Sanjeewa ! Le ven. 26 oct. 2018 à 08:26, Sanjeewa Malalgoda <[email protected]> a écrit :
> Hi Nicolas, > Yes default synapse gateway implemented to work with OAuth 2.0 tokens > while microgateway can handler both OAuth tokens and JWT tokens. > You can install microgateway with API Manager or alone as it can work with > or without connection to key manager. If gateway do not have access to key > manager or central system then microgateway can use with JWT. > > Thanks, > sanjeewa. > > On Wed, Oct 24, 2018 at 6:51 PM Nicolas Maujean < > [email protected]> wrote: > >> Hi, >> >> I should understand that api manager can't handle jwt tokens but only >> microgateway ? if yes microgateway should be install with api manager or >> alone ? >> >> best regards, >> >> Nicolas Maujean >> >> Le mer. 24 oct. 2018 à 12:47, Nuwan Dias <[email protected]> a écrit : >> >>> Hi Nicolas, >>> >>> To get a JWT token from the API Manager, the Token Type of the >>> application you are trying with needs to be set to 'JWT'. This needs to be >>> done from the API Store UI under the Edit Application section. See the >>> section "Generate a JWT token and invoke the API" of the document [1] to >>> see what this looks like. >>> >>> [1] - https://docs.wso2.com/display/AM260/Microgateway+Quick+Start >>> >>> Thanks, >>> NuwanD. >>> >>> On Wed, Oct 24, 2018 at 3:45 PM Nicolas Maujean < >>> [email protected]> wrote: >>> >>>> >>>> hi, >>>> >>>> Why wso2 token call return oauth token whereas we configured wso2 to >>>> return jwt token, the following way : >>>> >>>> >>>> https://docs.wso2.com/display/AM170/Passing+Enduser+Attributes+to+the+Backend+Using+JWT >>>> >>>> when we call the command, to get the token, we get the following result >>>> : >>>> >>>> [root@DL-OPEN-INT conf]# curl -k -d "grant_type=client_credentials" \ >>>> >>>> -H "Authorization: Basic >>>> OXpEQWNFaEljOVN5aElwcDFDaFhJRUxRSTFrYTo2dVY4MGQyM2lIYUZjWHZva2c4bUtrTDB1UDhh" >>>> \ >>>> https://10.200.36.22:8243/token >>>> >>>> {"access_token":"d4dce5b7-d75d-327c-a5e9-a13ca48782d6","scope":"am_application_scope >>>> default","token_type":"Bearer","expires_in":3600}[root@DL-OPEN-INT >>>> conf]# >>>> >>>> here is the api-manager.xml : >>>> >>>> <JWTConfiguration> >>>> <!-- Enable/Disable JWT generation. Default is false. --> >>>> <EnableJWTGeneration>true</EnableJWTGeneration> >>>> >>>> <!-- Name of the security context header to be added to the validated >>>> requests. --> >>>> <JWTHeader>X-JWT-Assertion</JWTHeader> >>>> >>>> <!-- Fully qualified name of the class that will retrieve additional >>>> user claims >>>> to be appended to the JWT. If not specified no claims will be >>>> appended.If user wants to add all user claims in the >>>> jwt token, he needs to enable this parameter. >>>> The DefaultClaimsRetriever class adds user claims from the >>>> default carbon user store. --> >>>> >>>> <ClaimsRetrieverImplClass>org.wso2.carbon.apimgt.impl.token.DefaultClaimsRetriever</ClaimsRetrieverImplClass> >>>> >>>> <!-- The dialectURI under which the claimURIs that need to be appended >>>> to the >>>> JWT are defined. Not used with custom ClaimsRetriever >>>> implementations. The >>>> same value is used in the keys for appending the default >>>> properties to the >>>> JWT. --> >>>> <ConsumerDialectURI>http://wso2.org/claims</ConsumerDialectURI> >>>> >>>> <!-- Signature algorithm. Accepts "SHA256withRSA" or "NONE". To >>>> disable signing explicitly specify "NONE". --> >>>> <SignatureAlgorithm>NONE</SignatureAlgorithm> >>>> >>>> <!-- This parameter specifies which implementation should be used for >>>> generating the Token. JWTGenerator is the >>>> default implementation provided. --> >>>> >>>> <JWTGeneratorImpl>org.wso2.carbon.apimgt.keymgt.token.JWTGenerator</JWTGeneratorImpl> >>>> >>>> <!-- This parameter specifies which implementation should be used for >>>> generating the Token. For URL safe JWT >>>> Token generation the implementation is provided in >>>> URLSafeJWTGenerator --> >>>> >>>> <!--<JWTGeneratorImpl>org.wso2.carbon.apimgt.keymgt.token.URLSafeJWTGenerator</JWTGeneratorImpl>--> >>>> >>>> <!-- Remove UserName from JWT Token --> >>>> <!-- >>>> <RemoveUserNameFromJWTForApplicationToken>true</RemoveUserNameFromJWTForApplicationToken>--> >>>> </JWTConfiguration> >>>> >>>> >>>> best regards, >>>> >>>> >>>> Nicolas Maujean >>>> >>>> _______________________________________________ >>>> Architecture mailing list >>>> [email protected] >>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>>> >>> >>> >>> -- >>> *Nuwan Dias* | Director | WSO2 Inc. >>> (m) +94 777 775 729 | (e) [email protected] >>> [image: Signature.jpg] >>> _______________________________________________ >>> Architecture mailing list >>> [email protected] >>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>> >> _______________________________________________ >> Architecture mailing list >> [email protected] >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> > > > -- > *Sanjeewa Malalgoda* > Software Architect | Associate Director, Engineering - WSO2 Inc. > (m) +94 712933253 | (e) [email protected] | (b) Blogger > <http://sanjeewamalalgoda.blogspot.com>, Medium > <https://medium.com/@sanjeewa190> > > GET INTEGRATION AGILE <https://wso2.com/signature> > Integration Agility for Digitally Driven Business > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
