We can do it if we implement it in the way I suggested. In first step we can call Utill method from signJWTWithRSA and deprecate it. But we don't touch signJWT method. Then later we remove signJWTWithRSA method and signJWT will call util method. Still we can use signJWT for extendibility. WDYT?
Thanks & Regards Danushka Fernando Associate Tech Lead WSO2 inc. http://wso2.com/ Mobile : +94716332729 On Thu, Nov 9, 2017 at 4:10 PM, Ruwan Abeykoon <ruw...@wso2.com> wrote: > HI All, > We should not remove extensibility. > We need to look for an alternative way on this do any improvement while > keeping extensibility. > > Cheers, > Ruwan > > On Thu, Nov 9, 2017 at 3:28 PM, Danushka Fernando <danush...@wso2.com> > wrote: > >> Hi All >> In released IS 5.3.0 we have capability of extending the signing >> mechanism of JWT in JWTTokenGenerator and IDTokenBuilder. But in the latest >> code base [1] [2] we have deprecated all the protected methods and removed >> the usage of them as well. With this, we have removed the capability of >> extending signing mechanism. >> >> Previously we had following method structure. >> >> generateToken >> >> | >> >> -----> signJWT (protected) >> >> | >> -----> signJWTWithRSA (protected) >> >> >> Generate token method calls signJWT method and it calls sign JWT with RSA >> method. So simply by overriding signJWTWithRSA method we can override the >> JWT signing behavior. Currently we have deprecated both these methods and >> also removed the usage of the signJWT method and replaced its occurrence in >> generateToken method with OAuth2Util method. Which means we have removed >> the capability of extending signing. >> >> IMO what we should do here is deprecate signJWTWithRSA method and call >> utll method from signJWTWithRSA method and then in a future release we can >> remove that method and call util method directly from signJWT method. In >> that way we will remove duplicated code while not removing our >> extensibility. >> >> WDYT? Is there a reason for removing the current extensibility? >> >> [1] https://github.com/wso2-extensions/identity-inbound-auth- >> oauth/blob/master/components/org.wso2.carbon.identity. >> oauth/src/main/java/org/wso2/carbon/identity/oauth2/ >> authcontext/JWTTokenGenerator.java >> [2] https://github.com/wso2-extensions/identity-inbound-auth >> -oauth/blob/master/components/org.wso2.carbon.identity. >> oauth/src/main/java/org/wso2/carbon/identity/openidconnect/ >> DefaultIDTokenBuilder.java >> >> Thanks & Regards >> Danushka Fernando >> Associate Tech Lead >> WSO2 inc. http://wso2.com/ >> Mobile : +94716332729 <+94%2071%20633%202729> >> > > > >
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
