On Tue, Jun 5, 2018 at 3:47 PM, Shiva Kumar <[email protected]> wrote:
> Hi Farasath, > > Thanks for quick response, I can not use the existing revoke service only > because I will generate oauth2 token from my custom handler which will use > proxy authentication to validate user and issue the token. In place of > access token user name will be sent to the revoke endpoint and I will find > the corresponding token for that user name from Tokenfactory and revoke it. > Is there any extension point that I can use to get user name from the token > parameter and replacing it to access token issued to that user name? > What is the custom handler? Is it a custom grant handler? IMO what you are trying to achieve is not suitable to be done by the Revocation endpoint. Revocation endpoint is meant to be used to revoke a token a given its identifier. However, in your case you are persisting the normal access token and sending another value ie. username to identify the token. So this is not the standard oauth2 revocation usecase. Could you explan the reason behind sending the username to the revocation endpoint instead of the actual token that you want to revoke? > > On Tuesday 05 June 2018 03:30 PM, Farasath Ahamed wrote: > > Rather than customizing the whole OSGi service I would say you should try > to achieve your use case using an extension point. > Can you explain the custom logic/custom requirement you are trying to > inject into the OAuth2 revoke flow? > > The reason I am asking this is that there are extension points that get > triggered during the revoke flow which you may be able to utilize instead > of trying to customize the default OAuth2Service class. > > On Tue, Jun 5, 2018 at 3:26 PM, Shiva Kumar <[email protected]> > wrote: > >> Hi Farashath, >> >> Thank you for the reply, I needed customization to /oauth2/revoke >> endpoint. I observed that /oauth2/revoke endpoint internally using >> OAuth2Service for token revoking, I thought of extending this class and >> registering my custom implementation as OSGI service and that endpoint >> should use my class instead of the existing one. How I could achieve this? >> >> On Monday 04 June 2018 11:21 PM, Farasath Ahamed wrote: >> >> >> >> On Saturday, June 2, 2018, Shiva Kumar <[email protected]> wrote: >> >>> Hi, >>> >>> I want to replace existing admin service with my custom particularly >>> OAuthAdminService, How can I do that? >> >> >> You cannot replace admin services that are shipped with the product. You >> can reuse the code and expose new admin services. >> >> Can you elaborate more on your requirement as to why you need to replace >> existing admin services? >> >>> >>> Thanks, >>> >>> Shiva >>> >>> >>> _______________________________________________ >>> Dev mailing list >>> [email protected] >>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>> >> >> >> -- >> Farasath Ahamed >> Senior Software Engineer, WSO2 Inc.; http://wso2.com >> Mobile: +94777603866 >> Blog: blog.farazath.com >> Twitter: @farazath619 <https://twitter.com/farazath619> >> <http://wso2.com/signature> >> >> >> >> >> >> > > > -- > Farasath Ahamed > Senior Software Engineer, WSO2 Inc.; http://wso2.com > Mobile: +94777603866 > Blog: blog.farazath.com > Twitter: @farazath619 <https://twitter.com/farazath619> > <http://wso2.com/signature> > > > > > -- Farasath Ahamed Senior Software Engineer, WSO2 Inc.; http://wso2.com Mobile: +94777603866 Blog: blog.farazath.com Twitter: @farazath619 <https://twitter.com/farazath619> <http://wso2.com/signature>
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
