Hi All, I'm currently working on implementing protection API endpoints for UMA 2.0 . To access the protection API endpoints it is a must to have a valid PAT (Protection API Access Token) in the request. PAT represents the authorization of the resource owner for the resource server to use the authorization server for protecting resources.
I have used the existing REST authentication valve available at [1] to filter out the required values. I have a requirement to check if the token has the scope as uma_protection. The issue is that the current valve implementation doesn't have a way to obtain the scope. I have to add another parameter at [2] to obtain the scope to proceed with the authentication. Please provide your thoughts on this. [1] https://github.com/wso2-extensions/identity-carbon-auth-rest [2] https://github.com/wso2-extensions/identity-carbon-auth-rest/blob/master/components/org.wso2.carbon.identity.auth.service/src/main/java/org/wso2/carbon/identity/auth/service/handler/impl/OAuth2AccessTokenHandler.java#L95 Thanks -- *Dewni Weeraman* Trainee Software Engineer | WSO2 Email: de...@wso2.com Mobile: +94772979049 Web: http://wso2.com/
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
