Hi,
Below is an sample token response I received when I generated a token with
*scope=openid.*
The format of the JWT as I understood is
base64(headers).base64(claims).signature
However below response seems not to include signature. What is the cause
for this?
When I decode the headers, it shows alg as "none". Does this has an impact
on the scenario.
{"alg":"none","typ":"JWT"}
Note that algorithm is specified in identity.xml
<SignatureAlgorithm>SHA256withRSA</SignatureAlgorithm>
curl --user BcNIficDsmuTutxLMdnpx7TFJDAa:fMl07neyfjKcN1ZckD1DpTh5UVMa -k
-d "grant_type=password&username=admin&password=admin&scope=openid" -H
"Content-Type: application/x-www-form-urlencoded"
https://localhost:9443/oauth2/token | python -m json.tool
{
"access_token": "b1d5fd3729d9f11ec081d8ef951dde4",
"expires_in": 3299,
"id_token":
"eyJhbGciOiJub25lIiwidHlwIjoiSldUIn0=\r\n.eyJleHAiOi0zNjQxNzY3MDMsImF6cCI6IkJjTklmaWNEc211VHV0eExNZG5weDdURkpEQWEiLCJz\r\ndWIiOiJhZG1pbkBjYXJib24uc3VwZXIiLCJhdWQiOiJCY05JZmljRHNtdVR1dHhMTWRucHg3VEZK\r\nREFhIiwiaXNzIjoiaHR0cHM6XC9cL2xvY2FsaG9zdDo5NDQzXC9vYXV0aDJlbmRwb2ludHNcL3Rv\r\na2VuIiwiaWF0IjotMzY3Nzc2NzAzfQ==\r\n.",
"refresh_token": "9b2c195841c4777d8113fccb4386c57",
"scope": "openid",
"token_type": "bearer"
}
--
Udara Liyanage
Software Engineer
WSO2, Inc.: http://wso2.com
lean. enterprise. middleware
web: http://udaraliyanage.wordpress.com
phone: +94 71 443 6897
_______________________________________________
Dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/dev
