Thanks Johann for confirming the issue. I have created a JIRA[1] to track the issue.
[1] : https://wso2.org/jira/browse/APIMANAGER-3236 On Tue, Dec 23, 2014 at 8:31 AM, Sanjeewa Malalgoda <[email protected]> wrote: > The reason for the initial issue dilan mentioned was due to passing admin > as auth_user when we generate tokens. And when we generate tokens through > auth endpoint authz_user will be [email protected]. These two entries > are considered different and due to that we will get two tokens. This issue > was not there in APIM 1.7.0 and assume this is due to something added in > APIM 1.8.0. In addition to that we might need to fix the issue mentioned by > johann. Please create public jiras for this. > > Thanks, > sanjeewa. > > On Tue, Dec 23, 2014 at 2:21 AM, Johann Nallathamby <[email protected]> > wrote: > >> This needs to be fixed. Even for tenant users there is a problem due to >> scopes. When requesting tokens through the API gateway the scope is set to >> default. But when directly getting an access token from IS, there is no >> default scope (scope=null). Therefore again we get 2 different tokens. Both >> these issues need to be fixed. >> >> >> On Monday, December 22, 2014, Abimaran Kugathasan <[email protected]> >> wrote: >> >>> Hi Lakshman, >>> >>> I couldn't find any JIRAs, and not sure about this behaviour is correct >>> or wrong. >>> >>> On Mon, Dec 22, 2014 at 4:20 PM, Lakshman Udayakantha < >>> [email protected]> wrote: >>> >>>> Hi, >>>> >>>> @abimaran. >>>> have any jira on this? >>>> >>>> Thanks >>>> >>>> On Mon, Dec 22, 2014 at 1:28 PM, Abimaran Kugathasan <[email protected] >>>> > wrote: >>>> >>>>> Hi Dilan, >>>>> >>>>> It's a known issue. >>>>> >>>>> It occurs because, through UI, the admin user actually treated with >>>>> username [email protected] and through the Token API, admin user was >>>>> admin. So both are considered as different users. But, ideally same user. >>>>> it happens only for super tenant admin. >>>>> >>>>> On Mon, Dec 22, 2014 at 1:06 PM, Dilan Udara Ariyaratne < >>>>> [email protected]> wrote: >>>>> >>>>>> Hi Harshan, >>>>>> >>>>>> According to https://docs.wso2.com/display/AM170/Token+API, this >>>>>> scope field is optional. >>>>>> >>>>>> Anyway I tried with production scope and still the result is the same. >>>>>> >>>>>> Thanks for the feedback. >>>>>> >>>>>> >>>>>> >>>>>> *Dilan U. Ariyaratne* >>>>>> Software Engineer >>>>>> WSO2 Inc. <http://wso2.com/> >>>>>> Mobile: +94775149066 >>>>>> lean . enterprise . middleware >>>>>> >>>>>> On Mon, Dec 22, 2014 at 1:02 PM, Harshan Liyanage <[email protected]> >>>>>> wrote: >>>>>> >>>>>>> Hi Dilan, >>>>>>> >>>>>>> Did you tried sending the scope (Production / Sandbox) parameter >>>>>>> along with the token request? >>>>>>> >>>>>>> Thanks, >>>>>>> >>>>>>> Lakshitha Harshan >>>>>>> Software Engineer >>>>>>> Mobile: *+94724423048* >>>>>>> Email: [email protected] >>>>>>> Blog : http://harshanliyanage.blogspot.com/ >>>>>>> *WSO2, Inc. :** wso2.com <http://wso2.com/>* >>>>>>> lean.enterprise.middleware. >>>>>>> >>>>>>> On Mon, Dec 22, 2014 at 12:49 PM, Dilan Udara Ariyaratne < >>>>>>> [email protected]> wrote: >>>>>>> >>>>>>>> Hi All, >>>>>>>> >>>>>>>> I have been working on writing some test cases for a solution >>>>>>>> provided to emm product on the following issue. >>>>>>>> https://wso2.org/jira/browse/EMM-695 >>>>>>>> >>>>>>>> During the process of writing a test case for the insert query of >>>>>>>> device registration functionality of EMM, >>>>>>>> I have noticed the following behavior at the API Management module >>>>>>>> of EMM. >>>>>>>> >>>>>>>> [1] I have tried to access both client key(id) and client secret of >>>>>>>> admin user for the default application >>>>>>>> through both >>>>>>>> http://localhost:9763/productapistore/site/pages/subscriptions.jag >>>>>>>> ui and the rest client. >>>>>>>> As expected, those values happened to be similar. >>>>>>>> >>>>>>>> Please refer to screenshot 1 and 2 for this. >>>>>>>> >>>>>>>> [2] Then, I tried to access the access token from the rest client >>>>>>>> as shown in screenshot 3 and >>>>>>>> was able to successfully retrieve an access token from the >>>>>>>> http://localhost:9763/oauth2/token endpoint. >>>>>>>> >>>>>>>> However the problem is that the access token value I am >>>>>>>> getting from the product-api-store web app ui (as in screenshot 1) >>>>>>>> and the access token I am getting from the rest client call >>>>>>>> (as in screenshot 3) are two different values. >>>>>>>> >>>>>>>> Is this a bug or the standard behaviour of the module? >>>>>>>> >>>>>>>> Highly appreciate any feedback on this. >>>>>>>> >>>>>>>> Thanks. >>>>>>>> >>>>>>>> >>>>>>>> *Dilan U. Ariyaratne* >>>>>>>> Software Engineer >>>>>>>> WSO2 Inc. <http://wso2.com/> >>>>>>>> Mobile: +94775149066 >>>>>>>> lean . enterprise . middleware >>>>>>>> >>>>>>> >>>>>>> >>>>>> >>>>>> _______________________________________________ >>>>>> Dev mailing list >>>>>> [email protected] >>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>>> >>>>>> >>>>> >>>>> >>>>> -- >>>>> Thanks >>>>> Abimaran Kugathasan >>>>> >>>>> Software Engineer | WSO2 Inc >>>>> Data & APIs Technologies Team >>>>> Mobile : +94 773922820 >>>>> >>>>> <http://stackoverflow.com/users/515034> >>>>> <http://lk.linkedin.com/in/abimaran> >>>>> <http://www.lkabimaran.blogspot.com/> <https://github.com/abimaran> >>>>> <https://twitter.com/abimaran> >>>>> >>>>> >>>>> _______________________________________________ >>>>> Dev mailing list >>>>> [email protected] >>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>> >>>>> >>>> >>>> >>>> -- >>>> Lakshman Udayakantha >>>> WSO2 Inc. www.wso2.com >>>> lean.enterprise.middleware >>>> Mobile: *0711241005 <0711241005>* >>>> >>>> >>> >>> >>> -- >>> Thanks >>> Abimaran Kugathasan >>> >>> Software Engineer | WSO2 Inc >>> Data & APIs Technologies Team >>> Mobile : +94 773922820 >>> >>> <http://stackoverflow.com/users/515034> >>> <http://lk.linkedin.com/in/abimaran> >>> <http://www.lkabimaran.blogspot.com/> <https://github.com/abimaran> >>> <https://twitter.com/abimaran> >>> >>> >> >> -- >> Thanks & Regards, >> >> *Johann Dilantha Nallathamby* >> Associate Technical Lead & Product Lead of WSO2 Identity Server >> Integration Technologies Team >> WSO2, Inc. >> lean.enterprise.middleware >> >> Mobile - *+94777776950* >> Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>* >> >> >> _______________________________________________ >> Dev mailing list >> [email protected] >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> >> > > > -- > > *Sanjeewa Malalgoda* > WSO2 Inc. > Mobile : +94713068779 > > <http://sanjeewamalalgoda.blogspot.com/>blog > :http://sanjeewamalalgoda.blogspot.com/ > <http://sanjeewamalalgoda.blogspot.com/> > > > -- Thanks Abimaran Kugathasan Software Engineer | WSO2 Inc Data & APIs Technologies Team Mobile : +94 773922820 <http://stackoverflow.com/users/515034> <http://lk.linkedin.com/in/abimaran> <http://www.lkabimaran.blogspot.com/> <https://github.com/abimaran> <https://twitter.com/abimaran>
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
