[Dev] [Announce] [Architecture] WSO2 Enterprise Integrator 6.3.0-M11 Released !

[Malaka Gangananda]

Hi All,

The WSO2 Integration team is pleased to announce the release of Enterprise
Integrator 6.3.0-M11. It is available for download now here

.

*Tasks/Bug Fixes and Improvements*

   - https://github.com/wso2/product-ei/milestone/42?closed=1

*​​List of Open Issues*

   - https://wso2.org/jira/issues/?filter=13994
   - https://github.com/wso2/product-ei/issues?q=is%3Aopen+is%3Aissue


*Documentation*

   - https://docs.wso2.com/display/EI6xx/WSO2+Enterprise+
   Integrator+Documentation

*How To Contribute*

Your feedback is most welcome!

*Reporting Issues​*

We encourage you to report issues, improvements and feature requests
regarding WSO2 Integrator through WSO2 EI GIT Issues
.

*Mailing Lists*

Join our mailing lists and correspond with the developers directly.

Developer List : dev@wso2.org | Subscribe | Mail Archive

WSO2 Architecture List: architect...@wso2.org

User Forum : StackOverflow 

~ The WSO2 Integration Team ~

Thanks,
-- 
Malaka.
-- 
Malaka Gangananda - Software Engineer | WSO2
Email : mala...@wso2.com
Mobile : +94713564340
Web : http://wso2.com
  
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [Architecture] [VOTE] Release of WSO2 Identity Server 5.6.0 RC1

[Madawa Soysa]

Hi All,

We are closing the vote as IS-Analytics is not released yet. Will call for
another vote soon once the IS-Analytics is released.

Thanks,
Madawa

On Mon, Jun 11, 2018 at 6:45 AM Dewni Weeraman  wrote:

> Hi,
>
> Tested below scenarios on RC1 pack,
>
>- OAuth token revocation.
>- Create, update, get, delete an OAuth app using Dynamic Client
>Registration endpoint.
>- Entitlement policy creation using write policy in xml and publishing.
>- Using REST APIs via XACML to manage entitlement.
>
>
> No blocking issues found.
>
> [+] Stable - Go ahead and release
>
> Thanks,
> Dewni
>
> On Sun, Jun 10, 2018 at 7:15 PM, Nilasini Thirunavukkarasu <
> nilas...@wso2.com> wrote:
>
>> Hi,
>>
>> Tested below scenarios on the RC1 pack,
>>
>>
>>- Authorization code grant
>>- Implicit grant
>>- Client credential grant
>>- Password grant
>>- Invoke user info with the access token retrieved from authorization
>>code grant
>>- OIDC federation with two IS
>>
>> [+] Stable - Go ahead and release
>>
>> Thanks,
>> Nila.
>>
>>
>>
>> On Sat, Jun 9, 2018 at 3:35 PM, Madawa Soysa  wrote:
>>
>>> Hi all,
>>>
>>> We are pleased to announce the first release candidate of WSO2 Identity
>>> Server 5.6.0.
>>>
>>> This is the first release candidate (RC) of the WSO2 Identity Server
>>> 5.6.0 release.
>>>
>>> This release fixes the following issues
>>>
>>>- 5.6.0-RC1 Fixes
>>>
>>>- 5.6.0-Beta Fixes
>>>
>>>- 5.6.0-Alpha2 Fixes
>>>
>>>- 5.6.0-Alpha Fixes
>>>
>>>- 5.6.0-M7 Fixes
>>>
>>>- 5.6.0-M6 Fixes
>>>
>>>- 5.6.0-M5 Fixes
>>>
>>>- 5.6.0-M4 Fixes
>>>
>>>- 5.6.0-M3 Fixes
>>>
>>>- 5.6.0-M2 Fixes
>>>
>>>- 5.6.0-M1 Fixes
>>>
>>>
>>> Source and distribution,
>>> -  https://github.com/wso2/product-is/releases/tag/v5.6.0-rc1
>>>
>>> Please download, test the product and vote.
>>>
>>> [+] Stable - go ahead and release
>>> [-] Broken - do not release (explain why)
>>>
>>> Thanks,
>>> WSO2 Identity and Access Management Team -
>>> --
>>>
>>> Madawa Soysa / Senior Software Engineer
>>> mada...@wso2.com / +94714616050
>>>
>>> *WSO2 Inc.*
>>> lean.enterprise.middleware
>>>
>>>   
>>>
>>>
>>>
>>>
>>
>>
>> --
>> Nilasini Thirunavukkarasu
>> Software Engineer - WSO2
>>
>> Email : nilas...@wso2.com
>> Mobile : +94775241823
>> Web : http://wso2.com/
>>
>>
>> 
>>
>> ___
>> Architecture mailing list
>> architect...@wso2.org
>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
>>
>>
>
>
> --
> *Dewni Weeraman*
> Trainee Software Engineer | WSO2
>
> Email: de...@wso2.com
> Mobile: +94772979049
> Web: http://wso2.com/
>
>
>
>

-- 

Madawa Soysa / Senior Software Engineer
mada...@wso2.com / +94714616050

*WSO2 Inc.*
lean.enterprise.middleware

  
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [Architecture] [VOTE] Release of WSO2 Identity Server 5.6.0 RC1

[Dewni Weeraman]

Hi,

Tested below scenarios on RC1 pack,

   - OAuth token revocation.
   - Create, update, get, delete an OAuth app using Dynamic Client
   Registration endpoint.
   - Entitlement policy creation using write policy in xml and publishing.
   - Using REST APIs via XACML to manage entitlement.


No blocking issues found.

[+] Stable - Go ahead and release

Thanks,
Dewni

On Sun, Jun 10, 2018 at 7:15 PM, Nilasini Thirunavukkarasu <
nilas...@wso2.com> wrote:

> Hi,
>
> Tested below scenarios on the RC1 pack,
>
>
>- Authorization code grant
>- Implicit grant
>- Client credential grant
>- Password grant
>- Invoke user info with the access token retrieved from authorization
>code grant
>- OIDC federation with two IS
>
> [+] Stable - Go ahead and release
>
> Thanks,
> Nila.
>
>
>
> On Sat, Jun 9, 2018 at 3:35 PM, Madawa Soysa  wrote:
>
>> Hi all,
>>
>> We are pleased to announce the first release candidate of WSO2 Identity
>> Server 5.6.0.
>>
>> This is the first release candidate (RC) of the WSO2 Identity Server
>> 5.6.0 release.
>>
>> This release fixes the following issues
>>
>>- 5.6.0-RC1 Fixes
>>
>>- 5.6.0-Beta Fixes
>>
>>- 5.6.0-Alpha2 Fixes
>>
>>- 5.6.0-Alpha Fixes
>>
>>- 5.6.0-M7 Fixes
>>
>>- 5.6.0-M6 Fixes
>>
>>- 5.6.0-M5 Fixes
>>
>>- 5.6.0-M4 Fixes
>>
>>- 5.6.0-M3 Fixes
>>
>>- 5.6.0-M2 Fixes
>>
>>- 5.6.0-M1 Fixes
>>
>>
>> Source and distribution,
>> -  https://github.com/wso2/product-is/releases/tag/v5.6.0-rc1
>>
>> Please download, test the product and vote.
>>
>> [+] Stable - go ahead and release
>> [-] Broken - do not release (explain why)
>>
>> Thanks,
>> WSO2 Identity and Access Management Team -
>> --
>>
>> Madawa Soysa / Senior Software Engineer
>> mada...@wso2.com / +94714616050
>>
>> *WSO2 Inc.*
>> lean.enterprise.middleware
>>
>>   
>>
>>
>>
>>
>
>
> --
> Nilasini Thirunavukkarasu
> Software Engineer - WSO2
>
> Email : nilas...@wso2.com
> Mobile : +94775241823
> Web : http://wso2.com/
>
>
> 
>
> ___
> Architecture mailing list
> architect...@wso2.org
> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
>
>


-- 
*Dewni Weeraman*
Trainee Software Engineer | WSO2

Email: de...@wso2.com
Mobile: +94772979049
Web: http://wso2.com/
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] `java.sql.SQLException: Subquery returns more than 1 row` in a clustered deployment of WSO2 Enterprise Integrator

[Chiranga Alwis]

Hi all,

I am currently working on building Kubernetes resources for WSO2 products.

During the process of building Kubernetes resources for WSO2 Enterprise
Integrator, I've been experiencing the $subject error, intermittently
during server startup. It was mostly experienced when attempting to start
two profile nodes (e.g. two Integrator profile pods), in parallel.

I've already created an issue in the product repository under which the
complete set of server startup logs (including the error logs) have been
provided [1].

Any help and suggestions are highly appreciated.

[1]: https://github.com/wso2/product-ei/issues/2235

-- 
Yours sincerely,

*Chiranga Alwis*
Software Engineer | WSO2

*Mobile : *+94775930497
*Email: *chirangaal...@gmail.com
*LinkedIn: *https://lk.linkedin.com/in/chiranga-alwis-391342a9
*Medium:* https://medium.com/@chirangaalwis


___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] HTTP 504 Gateway Timeout error when attempting to access the WSO2 Identity Server Analytics Dashboard portal

[Chiranga Alwis]

Hi all,

I am currently working on building Kubernetes resources for WSO2 products.

During the process of building Kubernetes resources for WSO2 Identity
Server's deployment pattern 2, I experienced the following HTTP 504 Gateway
Timeout error when attempting to access the WSO2 Identity Server Analytics
Dashboard.

*[2018-06-09 17:45:56,095]  INFO
{org.apache.shindig.gadgets.http.BasicHttpFetcher} -
https://wso2is-analytics/shindig/rpc?method=system.listMethods=-1:-1:0:*:0:0:default:1528566365

has timed out because of the following exception:
org.apache.shindig.gadgets.http.BasicHttpFetcher - wso2is-analytics: Name
or service not known - 177 ms.*
*[2018-06-09 17:45:56,276] ERROR
{org.apache.shindig.gadgets.render.DefaultServiceFetcher} -  An HTTP 504
error occurred when fetching service methods from the
https://wso2is-analytics/shindig/rpc 
endpoint.*

According to [1], this occurs when shindig attempts to load Google
Analytics APIs and is deemed to be fixed in the past.

As per the logs, it is clear that the host name `*wso2is-analytics*` I have
provided under the Kubernetes Ingress resource is not resolvable. Based on
[2], I tried editing the shindig.host (with `*wso2is-analytics`*) and
shindig.port (with port 443) properties in the
*/repository/deployment/server/webapps/shindig/WEB-INF/web.xml*
file.
But it was not successful.

How can I fix this issue? Any help and suggestions are highly appreciated.

[1]: [Dev] Shindig error on DS portal startup, due to connectivity errors
to google
[2]:
https://docs.wso2.com/display/IS550/Setting+Up+Deployment+Pattern+2#SettingUpDeploymentPattern2-Settingupthedashboard

-- 
Yours sincerely,

*Chiranga Alwis*
Software Engineer | WSO2

*Mobile : *+94775930497
*Email: *chirangaal...@gmail.com
*LinkedIn: *https://lk.linkedin.com/in/chiranga-alwis-391342a9
*Medium:* https://medium.com/@chirangaalwis


___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] Subject Alternative Names in certificate

[Godwin Amila Shrimal]

Hi,

I have a clarifications related to $subject. When we create the keystore we
can give the SAN as below.

keytool -genkey -alias wso2carbon -keyalg RSA -keystore wso2carbon.jks
-keysize 2048 -ext SAN=dns:xyz.com,dns:abc.com,dns:hello.com

I have following two questions
1. AFAIK SANs is a meta data of public certificate. Is it correct ?
2. When we create the CSR do we have to give SANs again or is it remain
what we given while creating keystore?
3. Can we override and give different SANs while creating CSR ? I have seen
[1] we need to give SANs while creating CSR

I am bit confused on this. Can you give your feedback on this ?

[1]
https://support.microsoft.com/en-gb/help/931351/how-to-add-a-subject-alternative-name-to-a-secure-ldap-certificate

Thanks
Godwin
-- 
*Godwin Amila Shrimal*
Associate Technical Lead
WSO2 Inc.; http://wso2.com
lean.enterprise.middleware

mobile: *+94772264165*
linkedin: *https://www.linkedin.com/in/godwin-amila-2ba26844/
*
twitter: https://twitter.com/godwinamila

___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Restrict Admin console within localhost in WSO2 IS 5.5.0

[Darshana Gunawardana]

Hi Shiva,

This need to be configured in the host OS or in a firewall to block port
9443 (with default configs)..

Thanks,

On Sat, Jun 9, 2018 at 12:54 PM Shiva Kumar 
wrote:

> Hi All,
>
> I want to restrict access to admin console within localhost how I can
> configure WSO2 IS 5.5.0 for that.
>
> Thanks,
>
> Shiva
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>


-- 
Regards,


*Darshana Gunawardana*Technical Lead
WSO2 Inc.; http://wso2.com

*E-mail: darsh...@wso2.com *
*Mobile: +94718566859*Lean . Enterprise . Middleware
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [VOTE] Release of WSO2 Identity Server 5.6.0 RC1

[Nilasini Thirunavukkarasu]

Hi,

Tested below scenarios on the RC1 pack,


   - Authorization code grant
   - Implicit grant
   - Client credential grant
   - Password grant
   - Invoke user info with the access token retrieved from authorization
   code grant
   - OIDC federation with two IS

[+] Stable - Go ahead and release

Thanks,
Nila.



On Sat, Jun 9, 2018 at 3:35 PM, Madawa Soysa  wrote:

> Hi all,
>
> We are pleased to announce the first release candidate of WSO2 Identity
> Server 5.6.0.
>
> This is the first release candidate (RC) of the WSO2 Identity Server 5.6.0
> release.
>
> This release fixes the following issues
>
>- 5.6.0-RC1 Fixes
>
>- 5.6.0-Beta Fixes
>
>- 5.6.0-Alpha2 Fixes
>
>- 5.6.0-Alpha Fixes
>
>- 5.6.0-M7 Fixes
>
>- 5.6.0-M6 Fixes
>
>- 5.6.0-M5 Fixes
>
>- 5.6.0-M4 Fixes
>
>- 5.6.0-M3 Fixes
>
>- 5.6.0-M2 Fixes
>
>- 5.6.0-M1 Fixes
>
>
> Source and distribution,
> -  https://github.com/wso2/product-is/releases/tag/v5.6.0-rc1
>
> Please download, test the product and vote.
>
> [+] Stable - go ahead and release
> [-] Broken - do not release (explain why)
>
> Thanks,
> WSO2 Identity and Access Management Team -
> --
>
> Madawa Soysa / Senior Software Engineer
> mada...@wso2.com / +94714616050
>
> *WSO2 Inc.*
> lean.enterprise.middleware
>
>   
>
>
>
>


-- 
Nilasini Thirunavukkarasu
Software Engineer - WSO2

Email : nilas...@wso2.com
Mobile : +94775241823
Web : http://wso2.com/



___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] WSO2 and OAuth 2.0

[Janak Amarasena]

>
> (1)  Does  consumer_key and consumer_password has any expiry time?


No, it doesn't expire.



> (2)  I see Token API has responded with Oauth2 token with a field *expires_in
> = 13940*.  Does it mean this token would expire *after 13940 seconds once
> I receive it*?
>

Yes, it is normally set to expire after a certain amount of time(it is
possible to adjust the time[1]).

[1] - https://docs.wso2.com/display/AM210/Client+Credentials+Grant



On Sun, Jun 10, 2018 at 2:31 PM, shibsankar  wrote:

> Yup.  Its working fine now.
>
> I get Oauth2 token now. Please see screenshot (*oauth-token-received
> screenshot attached*)
>
> Also, I can use this token to invoke my published API and I get API
> response ! ! (*api response screenshot attached*)
>
> This is very good.
>
>
> Two question here,
>
> (1)  Does  consumer_key and consumer_password has any expiry time?
> (2)  I see Token API has responded with Oauth2 token with a field *expires_in
> = 13940*.  Does it mean this token would expire *after 13940 seconds once
> I receive it*?
>
> Regards
> Shib
>
>
>
>
>
>
>
> On Sun, Jun 10, 2018 at 1:54 PM, Janak Amarasena  wrote:
>
>> Have you specified a grant type? You need to specify a grant type like
>> bellow (the following is for client credentials grant type);
>>
>>
>>
>>
>> You can directly import curl commands into Postman as well.
>> ​
>> ​Best Regards,
>>
>> On Sun, Jun 10, 2018 at 1:30 PM, shibsankar  wrote:
>>
>>> Yes. I  tested with correct header and base 64 encoded consumer key
>>> value in POSTMAN  now (*postman-testing screenshot attached*)
>>>
>>> Verified that I'm testing with the same parameters and values as shown
>>> by generated curl also.  (*curl-OAuth screenshot attached*)
>>>
>>> Still, No OAuth2 token received.
>>>
>>> What is going wrong?
>>>
>>> Regards
>>> Shib
>>>
>>>
>>> On Sun, Jun 10, 2018 at 12:56 PM, Janak Amarasena 
>>> wrote:
>>>
 Hi Shib,

 As I can see the way you're sending the consumer_key and
 consumer_secret is wrong.

 It should be in the *Authorization* header in the following form.

 *key* = Base64 encoded consumer_key:consumer_secret

 and the *Authorization *header value should look like this.

 *Authorization: Basic key*



 *​*
 Best Regards,

 On Sun, Jun 10, 2018 at 12:33 PM, shibsankar  wrote:

> Yes. I see consumer key and consumer secret now when I click generate
> key (*screenshot key-value attached*)
>
> However, when I call token API with these key and secrets from
> Postman, I  don't receive any OAuth 2 token. (*screenshot
> access-token attached*)
>
> What is going wrong ?
>
> Regards
> Shib
>
>
>
> On Sun, Jun 10, 2018 at 11:53 AM, Harsha Kumara 
> wrote:
>
>>
>>
>> On Sun, Jun 10, 2018 at 11:16 AM shibsankar  wrote:
>>
>>> I checked [1] https://docs.wso2.com/disp
>>> lay/AM210/Subscribe+to+an+API  , yes, It gives a token for sure
>>> when you subscribe API.
>>>
>>> But is it an Oauth2 token?  Or just a normal access token?
>>>
>> API Manager is compliant with OAuth2 specification. Hence the tokens
>>> you obtained will use OAuth2.  When you click generate keys button, you
>>> will receive a consumer key and secret.
>>> *Please see the screenshot attached.*
>>>
>>> Regards
>>> Shib
>>>
>>>
>>>
>>> On Sun, Jun 10, 2018 at 9:47 AM, Pubudu Gunatilaka >> > wrote:
>>>
 Hi Shib,

 You can refer [1] for getting the token. This explains how to get
 the Oauth2 token.

 You do not need to have WSO2 Identity Server for getting an Oauth2
 token. It is coming with API Manager.

 Using the token API [2], you can get a token.

 [1] - https://docs.wso2.com/display/AM210/Subscribe+to+an+API
 [2] - https://docs.wso2.com/display/AM210/Token+API

 Thank you!

 On Sat, Jun 9, 2018 at 9:07 PM shibsankar  wrote:

> Hi,
> I would like to do the following :
>
>
> *My Objective *:
>
> I have published my API in WSO2 API Gateway. API is working fine.
>
> Now I would like to secure my API with OAuth 2.0. I plan to invoke
> the published API with OAuth 2.0 token from my Angular front-end
> application.
>
>
> *My Query *:
> How do I get the OAuth 2.0 token?
>
> *Q1*: Do I need to install WSO2 Identity server to get OAuth 2.0
> token? *Or  *I  can get OAuth token from WSO2 API Manager itself?
>
> *Q2*: Is there any WSO2 OAuth 2.0 API which provides OAuth token
> when invoked? whats the URL?
>
> Regards
> Shib
> ___
> Dev mailing list
> Dev@wso2.org
> 

Re: [Dev] WSO2 and OAuth 2.0

[Janak Amarasena]

Have you specified a grant type? You need to specify a grant type like
bellow (the following is for client credentials grant type);




You can directly import curl commands into Postman as well.
​
​Best Regards,

On Sun, Jun 10, 2018 at 1:30 PM, shibsankar  wrote:

> Yes. I  tested with correct header and base 64 encoded consumer key  value
> in POSTMAN  now (*postman-testing screenshot attached*)
>
> Verified that I'm testing with the same parameters and values as shown by
> generated curl also.  (*curl-OAuth screenshot attached*)
>
> Still, No OAuth2 token received.
>
> What is going wrong?
>
> Regards
> Shib
>
>
> On Sun, Jun 10, 2018 at 12:56 PM, Janak Amarasena  wrote:
>
>> Hi Shib,
>>
>> As I can see the way you're sending the consumer_key and consumer_secret
>> is wrong.
>>
>> It should be in the *Authorization* header in the following form.
>>
>> *key* = Base64 encoded consumer_key:consumer_secret
>>
>> and the *Authorization *header value should look like this.
>>
>> *Authorization: Basic key*
>>
>>
>>
>> *​*
>> Best Regards,
>>
>> On Sun, Jun 10, 2018 at 12:33 PM, shibsankar  wrote:
>>
>>> Yes. I see consumer key and consumer secret now when I click generate
>>> key (*screenshot key-value attached*)
>>>
>>> However, when I call token API with these key and secrets from Postman,
>>> I  don't receive any OAuth 2 token. (*screenshot access-token attached*)
>>>
>>> What is going wrong ?
>>>
>>> Regards
>>> Shib
>>>
>>>
>>>
>>> On Sun, Jun 10, 2018 at 11:53 AM, Harsha Kumara 
>>> wrote:
>>>


 On Sun, Jun 10, 2018 at 11:16 AM shibsankar  wrote:

> I checked [1] https://docs.wso2.com/display/AM210/Subscribe+to+an+API
>  , yes, It gives a token for sure when you subscribe API.
>
> But is it an Oauth2 token?  Or just a normal access token?
>
 API Manager is compliant with OAuth2 specification. Hence the tokens
> you obtained will use OAuth2.  When you click generate keys button, you
> will receive a consumer key and secret.
> *Please see the screenshot attached.*
>
> Regards
> Shib
>
>
>
> On Sun, Jun 10, 2018 at 9:47 AM, Pubudu Gunatilaka 
> wrote:
>
>> Hi Shib,
>>
>> You can refer [1] for getting the token. This explains how to get the
>> Oauth2 token.
>>
>> You do not need to have WSO2 Identity Server for getting an Oauth2
>> token. It is coming with API Manager.
>>
>> Using the token API [2], you can get a token.
>>
>> [1] - https://docs.wso2.com/display/AM210/Subscribe+to+an+API
>> [2] - https://docs.wso2.com/display/AM210/Token+API
>>
>> Thank you!
>>
>> On Sat, Jun 9, 2018 at 9:07 PM shibsankar  wrote:
>>
>>> Hi,
>>> I would like to do the following :
>>>
>>>
>>> *My Objective *:
>>>
>>> I have published my API in WSO2 API Gateway. API is working fine.
>>>
>>> Now I would like to secure my API with OAuth 2.0. I plan to invoke
>>> the published API with OAuth 2.0 token from my Angular front-end
>>> application.
>>>
>>>
>>> *My Query *:
>>> How do I get the OAuth 2.0 token?
>>>
>>> *Q1*: Do I need to install WSO2 Identity server to get OAuth 2.0
>>> token? *Or  *I  can get OAuth token from WSO2 API Manager itself?
>>>
>>> *Q2*: Is there any WSO2 OAuth 2.0 API which provides OAuth token
>>> when invoked? whats the URL?
>>>
>>> Regards
>>> Shib
>>> ___
>>> Dev mailing list
>>> Dev@wso2.org
>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>
>>
>>
>> --
>> *Pubudu Gunatilaka*
>> Committer and PMC Member - Apache Stratos
>> Senior Software Engineer
>> WSO2, Inc.: http://wso2.com
>> mobile : +94774078049
>>
>>
>

 --
 Harsha Kumara
 Associate Technical Lead, WSO2 Inc.
 Mobile: +94775505618
 Blog:harshcreationz.blogspot.com

>>>
>>>
>>> ___
>>> Dev mailing list
>>> Dev@wso2.org
>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>
>>>
>>
>>
>> --
>> *Janak Amarasena*
>>
>> Software Engineer
>>
>> Email: ja...@wso2.com
>>
>> Mobile: +9464144
>>
>> Web: https://wso2.com
>>
>>
>> 
>>
>
>


-- 
*Janak Amarasena*

Software Engineer

Email: ja...@wso2.com

Mobile: +9464144

Web: https://wso2.com



___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] WSO2 and OAuth 2.0

[Janak Amarasena]

Hi Shib,

As I can see the way you're sending the consumer_key and consumer_secret is
wrong.

It should be in the *Authorization* header in the following form.

*key* = Base64 encoded consumer_key:consumer_secret

and the *Authorization *header value should look like this.

*Authorization: Basic key*



*​*
Best Regards,

On Sun, Jun 10, 2018 at 12:33 PM, shibsankar  wrote:

> Yes. I see consumer key and consumer secret now when I click generate key 
> (*screenshot
> key-value attached*)
>
> However, when I call token API with these key and secrets from Postman, I
> don't receive any OAuth 2 token. (*screenshot access-token attached*)
>
> What is going wrong ?
>
> Regards
> Shib
>
>
>
> On Sun, Jun 10, 2018 at 11:53 AM, Harsha Kumara  wrote:
>
>>
>>
>> On Sun, Jun 10, 2018 at 11:16 AM shibsankar  wrote:
>>
>>> I checked [1] https://docs.wso2.com/display/AM210/Subscribe+to+an+API
>>>  , yes, It gives a token for sure when you subscribe API.
>>>
>>> But is it an Oauth2 token?  Or just a normal access token?
>>>
>> API Manager is compliant with OAuth2 specification. Hence the tokens you
>>> obtained will use OAuth2.  When you click generate keys button, you will
>>> receive a consumer key and secret.
>>> *Please see the screenshot attached.*
>>>
>>> Regards
>>> Shib
>>>
>>>
>>>
>>> On Sun, Jun 10, 2018 at 9:47 AM, Pubudu Gunatilaka 
>>> wrote:
>>>
 Hi Shib,

 You can refer [1] for getting the token. This explains how to get the
 Oauth2 token.

 You do not need to have WSO2 Identity Server for getting an Oauth2
 token. It is coming with API Manager.

 Using the token API [2], you can get a token.

 [1] - https://docs.wso2.com/display/AM210/Subscribe+to+an+API
 [2] - https://docs.wso2.com/display/AM210/Token+API

 Thank you!

 On Sat, Jun 9, 2018 at 9:07 PM shibsankar  wrote:

> Hi,
> I would like to do the following :
>
>
> *My Objective *:
>
> I have published my API in WSO2 API Gateway. API is working fine.
>
> Now I would like to secure my API with OAuth 2.0. I plan to invoke the
> published API with OAuth 2.0 token from my Angular front-end application.
>
>
> *My Query *:
> How do I get the OAuth 2.0 token?
>
> *Q1*: Do I need to install WSO2 Identity server to get OAuth 2.0
> token? *Or  *I  can get OAuth token from WSO2 API Manager itself?
>
> *Q2*: Is there any WSO2 OAuth 2.0 API which provides OAuth token when
> invoked? whats the URL?
>
> Regards
> Shib
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>


 --
 *Pubudu Gunatilaka*
 Committer and PMC Member - Apache Stratos
 Senior Software Engineer
 WSO2, Inc.: http://wso2.com
 mobile : +94774078049


>>>
>>
>> --
>> Harsha Kumara
>> Associate Technical Lead, WSO2 Inc.
>> Mobile: +94775505618
>> Blog:harshcreationz.blogspot.com
>>
>
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 
*Janak Amarasena*

Software Engineer

Email: ja...@wso2.com

Mobile: +9464144

Web: https://wso2.com



___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] WSO2 and OAuth 2.0

[Harsha Kumara]

Depend on your grant type you will need to set appropriate parameters.
Please follow[1] and check the parameters set in the curl request. I think
it would be best to read about the spec and posts on grant types. Resource
in [2] will be helpful.

[1] https://docs.wso2.com/display/AM210/Client+Credentials+Grant
[2] http://www.bubblecode.net/en/2016/01/22/understanding-oauth2/

On Sun, Jun 10, 2018 at 12:33 PM shibsankar  wrote:

> Yes. I see consumer key and consumer secret now when I click generate key 
> (*screenshot
> key-value attached*)
>
> However, when I call token API with these key and secrets from Postman, I
> don't receive any OAuth 2 token. (*screenshot access-token attached*)
>
> What is going wrong ?
>
> Regards
> Shib
>
>
>
> On Sun, Jun 10, 2018 at 11:53 AM, Harsha Kumara  wrote:
>
>>
>>
>> On Sun, Jun 10, 2018 at 11:16 AM shibsankar  wrote:
>>
>>> I checked [1] https://docs.wso2.com/display/AM210/Subscribe+to+an+API
>>>  , yes, It gives a token for sure when you subscribe API.
>>>
>>> But is it an Oauth2 token?  Or just a normal access token?
>>>
>> API Manager is compliant with OAuth2 specification. Hence the tokens you
>>> obtained will use OAuth2.  When you click generate keys button, you will
>>> receive a consumer key and secret.
>>> *Please see the screenshot attached.*
>>>
>>> Regards
>>> Shib
>>>
>>>
>>>
>>> On Sun, Jun 10, 2018 at 9:47 AM, Pubudu Gunatilaka 
>>> wrote:
>>>
 Hi Shib,

 You can refer [1] for getting the token. This explains how to get the
 Oauth2 token.

 You do not need to have WSO2 Identity Server for getting an Oauth2
 token. It is coming with API Manager.

 Using the token API [2], you can get a token.

 [1] - https://docs.wso2.com/display/AM210/Subscribe+to+an+API
 [2] - https://docs.wso2.com/display/AM210/Token+API

 Thank you!

 On Sat, Jun 9, 2018 at 9:07 PM shibsankar  wrote:

> Hi,
> I would like to do the following :
>
>
> *My Objective *:
>
> I have published my API in WSO2 API Gateway. API is working fine.
>
> Now I would like to secure my API with OAuth 2.0. I plan to invoke the
> published API with OAuth 2.0 token from my Angular front-end application.
>
>
> *My Query *:
> How do I get the OAuth 2.0 token?
>
> *Q1*: Do I need to install WSO2 Identity server to get OAuth 2.0
> token? *Or  *I  can get OAuth token from WSO2 API Manager itself?
>
> *Q2*: Is there any WSO2 OAuth 2.0 API which provides OAuth token when
> invoked? whats the URL?
>
> Regards
> Shib
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>


 --
 *Pubudu Gunatilaka*
 Committer and PMC Member - Apache Stratos
 Senior Software Engineer
 WSO2, Inc.: http://wso2.com
 mobile : +94774078049


>>>
>>
>> --
>> Harsha Kumara
>> Associate Technical Lead, WSO2 Inc.
>> Mobile: +94775505618
>> Blog:harshcreationz.blogspot.com
>>
>
>

-- 
Harsha Kumara
Associate Technical Lead, WSO2 Inc.
Mobile: +94775505618
Blog:harshcreationz.blogspot.com
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] WSO2 and OAuth 2.0

[shibsankar]

Yes. I see consumer key and consumer secret now when I click generate
key (*screenshot
key-value attached*)

However, when I call token API with these key and secrets from Postman, I
don't receive any OAuth 2 token. (*screenshot access-token attached*)

What is going wrong ?

Regards
Shib



On Sun, Jun 10, 2018 at 11:53 AM, Harsha Kumara  wrote:

>
>
> On Sun, Jun 10, 2018 at 11:16 AM shibsankar  wrote:
>
>> I checked [1] https://docs.wso2.com/display/AM210/Subscribe+to+an+API
>>  , yes, It gives a token for sure when you subscribe API.
>>
>> But is it an Oauth2 token?  Or just a normal access token?
>>
> API Manager is compliant with OAuth2 specification. Hence the tokens you
>> obtained will use OAuth2.  When you click generate keys button, you will
>> receive a consumer key and secret.
>> *Please see the screenshot attached.*
>>
>> Regards
>> Shib
>>
>>
>>
>> On Sun, Jun 10, 2018 at 9:47 AM, Pubudu Gunatilaka 
>> wrote:
>>
>>> Hi Shib,
>>>
>>> You can refer [1] for getting the token. This explains how to get the
>>> Oauth2 token.
>>>
>>> You do not need to have WSO2 Identity Server for getting an Oauth2
>>> token. It is coming with API Manager.
>>>
>>> Using the token API [2], you can get a token.
>>>
>>> [1] - https://docs.wso2.com/display/AM210/Subscribe+to+an+API
>>> [2] - https://docs.wso2.com/display/AM210/Token+API
>>>
>>> Thank you!
>>>
>>> On Sat, Jun 9, 2018 at 9:07 PM shibsankar  wrote:
>>>
 Hi,
 I would like to do the following :


 *My Objective *:

 I have published my API in WSO2 API Gateway. API is working fine.

 Now I would like to secure my API with OAuth 2.0. I plan to invoke the
 published API with OAuth 2.0 token from my Angular front-end application.


 *My Query *:
 How do I get the OAuth 2.0 token?

 *Q1*: Do I need to install WSO2 Identity server to get OAuth 2.0
 token? *Or  *I  can get OAuth token from WSO2 API Manager itself?

 *Q2*: Is there any WSO2 OAuth 2.0 API which provides OAuth token when
 invoked? whats the URL?

 Regards
 Shib
 ___
 Dev mailing list
 Dev@wso2.org
 http://wso2.org/cgi-bin/mailman/listinfo/dev

>>>
>>>
>>> --
>>> *Pubudu Gunatilaka*
>>> Committer and PMC Member - Apache Stratos
>>> Senior Software Engineer
>>> WSO2, Inc.: http://wso2.com
>>> mobile : +94774078049
>>>
>>>
>>
>
> --
> Harsha Kumara
> Associate Technical Lead, WSO2 Inc.
> Mobile: +94775505618
> Blog:harshcreationz.blogspot.com
>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] WSO2 and OAuth 2.0

[Harsha Kumara]

On Sun, Jun 10, 2018 at 11:16 AM shibsankar  wrote:

> I checked [1] https://docs.wso2.com/display/AM210/Subscribe+to+an+API
>  , yes, It gives a token for sure when you subscribe API.
>
> But is it an Oauth2 token?  Or just a normal access token?
>
API Manager is compliant with OAuth2 specification. Hence the tokens you
> obtained will use OAuth2.  When you click generate keys button, you will
> receive a consumer key and secret.
> *Please see the screenshot attached.*
>
> Regards
> Shib
>
>
>
> On Sun, Jun 10, 2018 at 9:47 AM, Pubudu Gunatilaka 
> wrote:
>
>> Hi Shib,
>>
>> You can refer [1] for getting the token. This explains how to get the
>> Oauth2 token.
>>
>> You do not need to have WSO2 Identity Server for getting an Oauth2 token.
>> It is coming with API Manager.
>>
>> Using the token API [2], you can get a token.
>>
>> [1] - https://docs.wso2.com/display/AM210/Subscribe+to+an+API
>> [2] - https://docs.wso2.com/display/AM210/Token+API
>>
>> Thank you!
>>
>> On Sat, Jun 9, 2018 at 9:07 PM shibsankar  wrote:
>>
>>> Hi,
>>> I would like to do the following :
>>>
>>>
>>> *My Objective *:
>>>
>>> I have published my API in WSO2 API Gateway. API is working fine.
>>>
>>> Now I would like to secure my API with OAuth 2.0. I plan to invoke the
>>> published API with OAuth 2.0 token from my Angular front-end application.
>>>
>>>
>>> *My Query *:
>>> How do I get the OAuth 2.0 token?
>>>
>>> *Q1*: Do I need to install WSO2 Identity server to get OAuth 2.0 token? *Or
>>> *I  can get OAuth token from WSO2 API Manager itself?
>>>
>>> *Q2*: Is there any WSO2 OAuth 2.0 API which provides OAuth token when
>>> invoked? whats the URL?
>>>
>>> Regards
>>> Shib
>>> ___
>>> Dev mailing list
>>> Dev@wso2.org
>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>
>>
>>
>> --
>> *Pubudu Gunatilaka*
>> Committer and PMC Member - Apache Stratos
>> Senior Software Engineer
>> WSO2, Inc.: http://wso2.com
>> mobile : +94774078049
>>
>>
>

-- 
Harsha Kumara
Associate Technical Lead, WSO2 Inc.
Mobile: +94775505618
Blog:harshcreationz.blogspot.com
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev