Re: [Dev] JWT WSO2

[Felipe Pinheiro]

Hello,

I need to add new information in the token, but this information will be
sent when to call the /token.

For example, I have this return:

eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Ik5UQXhabU14TkRNeVpEZzNNVFUxWkdNME16RXpPREpoWldJNE5ETmxaRFUxT0dGa05qRmlNUSJ9.eyJhdWQiOiJodHRwOlwvXC9vcmcud3NvMi5hcGltZ3RcL2dhdGV3YXkiLCJzdWIiOiJhZG1pbiIsImFwcGxpY2F0aW9uIjp7ImlkIjoyLCJuYW1lIjoidGVzdCIsInRpZXIiOiJVbmxpbWl0ZWQiLCJvd25lciI6ImFkbWluIn0sInNjb3BlIjoiZGVmYXVsdCIsImlzcyI6Imh0dHBzOlwvXC9sb2NhbGhvc3Q6OTQ0M1wvb2F1dGgyXC90b2tlbiIsImtleXR5cGUiOiJQUk9EVUNUSU9OIiwic3Vic2NyaWJlZEFQSXMiOltdLCJjb25zdW1lcktleSI6ImhGNG9UTzVONnJtX3d1QWVnWDdGWldFdWRFTWEiLCJleHAiOjE1NDk0ODM2MDQsImlhdCI6MTU0OTQ4MDAwNDgwMSwianRpIjoiOTIwNzM5ZWEtZjE2NS00ZDRjLTliYTEtNDRjYWFjZmZlNzQxIn0=.Gt60ZRnGC7KYUQ6dv7SbVljIA6ION3fp5yqo4qGtbSlvqHCBw6mAYYQlXHDc_5RRVa3xnTsqPvW3f8LcKTHvWZriRjj4j31GTwBobM7nfACEsghGV7cSCkgIyAdqT36Tm7EECi2zkI30KlcznE5bZ6P3ts6yPAHcMi-L_gCH3NDWaqrTg9dXo_YF9grTxoYglaf_T9WiuLlkgohk46uatRTTtEBZQKTrjlXbALK3uPdFYurFY1sQGIa_BTDNgTWRi2yQsjTce6ElgDAxhNyNKKh0x3oksKWoSV6-_pSx2QPTiKt90I1rAvp-P_SOm_Y83QGSFCJ7MlaK5wYQlih-vA==

{
  "aud" : "http://org.wso2.apimgt/gateway;,
  "sub" : "admin",
  "application" : {
"id" : 2,
"name" : "test",
"tier" : "Unlimited",
"owner" : "admin"
  },
  "scope" : "default",
  "iss" : "https://localhost:9443/oauth2/token;,
  "keytype" : "PRODUCTION",
  "subscribedAPIs" : [ ],
  "consumerKey" : "hF4oTO5N6rm_wuAegX7FZWEudEMa",
  "exp" : 1549483604,
  "iat" : 1549480004801,
  "jti" : "920739ea-f165-4d4c-9ba1-44caacffe741"
}

But I have to add a new value, as the example below:

{
  "aud" : "http://org.wso2.apimgt/gateway;,
  "sub" : "admin",
  "application" : {
"id" : 2,
"name" : "test",
"tier" : "Unlimited",
"owner" : "admin"
  },
  "scope" : "default",
  "iss" : "https://localhost:9443/oauth2/token;,
  "keytype" : "PRODUCTION",
  "subscribedAPIs" : [ ],
  "consumerKey" : "hF4oTO5N6rm_wuAegX7FZWEudEMa",
  "exp" : 1549483604,
  "iat" : 1549480004801,
  "jti" : "920739ea-f165-4d4c-9ba1-44caacffe741"
  "accountid":"330"
}

So, The accountID information should be sent using /token resource and
added in the token returned.

I don't know if this makes sense.

Thanks,
Felipe Pinheiro
Software Developer
[image: telephone] +55 85 996123367 [image: skype]
live:felipeagpinheiro [image:
linkedin] linkedin.com/in/felipe-pinheiro-8b045587

Innovating Commerce with Shopping Intelligence
[image: OSF Banner]

https://www.osf-commerce.com/


Em qui, 7 de fev de 2019 às 18:41, Farasath Ahamed 
escreveu:

>
>
> On Thu, Feb 7, 2019 at 9:56 PM Felipe Pinheiro <
> felipe.pinhe...@ifactory.com.br> wrote:
>
>> Hello,
>>
>> I am trying to make a change in JWT by adding new information sent in the
>> request (/token).
>>
>
> So by JWT are you referring to the id_token?
>
>>
>> Is there a way to send a parameter in a custom grant type and add that
>> parameter inside JWT?
>>
>> I am with this issue there for some weeks and I don't know if is possible
>> to perform that change in the JWT.
>>
>
> If you could explain your use case in detail devs will be able to guide on
> achieving it using a suitable configuration/extension point.
>
>>
>> Thank you very much.
>>
>> Cheers,
>> Felipe Pinheiro
>> Software Developer
>> [image: telephone] +55 85 996123367 [image: skype] live:felipeagpinheiro 
>> [image:
>> linkedin] linkedin.com/in/felipe-pinheiro-8b045587
>> 
>> Innovating Commerce with Shopping Intelligence
>> [image: OSF Banner]
>> 
>> https://www.osf-commerce.com/
>> ___
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>
>
> --
> Farasath Ahamed
> Senior Software Engineer, WSO2 Inc.; http://wso2.com
> Mobile: +94777603866
> Blog: blog.farazath.com
> Twitter: @farazath619 
> 
>
>
>
>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] EI_Analytics_StatApp.siddhi error when purging

[Sajith Dimal]

Hi Bernard,

We have identified the possible cause for the issue.
Please track the fixes with the public issue:
https://github.com/wso2/analytics-solutions/issues/208

Thanks,
Sajith Dimal

On Thu, Feb 7, 2019 at 11:05 PM Sajith Dimal  wrote:

> Hi Bernard,
>
> Sorry for the late reply!
> Could you let us know the Postgres Database version and the connector
> version?
>
> Best Regards,
> Sajith Dimal
>
> On Wed, Feb 6, 2019 at 7:15 PM Bernard Paris 
> wrote:
>
>> Hi team,
>>
>> We are running wso2 EI-6.4 package (EI + Analytics worker)
>>
>> I get this error, I understand it but really don't know how to solve it
>> (EI_Analytics_StatApp.siddhi file is just "out of the box"; we use postgres
>> for datasources)
>>
>>  Error performing record deletion on table 'ConfigEntryTable': Batch
>> entry 0 DELETE FROM ConfigEntryTable WHERE (ConfigEntryTable.eventTimestamp
>> < '1548194400031' ) was aborted: ERROR: operator does not exist: bigint <
>> character varying
>>   Hint: No operator matches the given name and argument type(s). You
>> might need to add explicit type casts.
>>
>> How could I manage that ?
>> Thanks a lot,
>> Bernard
>>
>>
>> ___
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>
>
> --
> 
> Sajith Dimal
> Senior Software Engineer
> Email: saji...@wso2.com
> Mobile: +94783101496
> WSO2 Inc. | http://wso2.com
> lean.enterprise.middleware
>
>
> Disclaimer: This communication may contain privileged or other
> confidential information and is intended exclusively for the addressee/s.
> If you are not the intended recipient/s, or believe that you may have
> received this communication in error, please reply to the sender indicating
> that fact and delete the copy you received and in addition, you should not
> print, copy, re-transmit, disseminate, or otherwise use the information
> contained in this communication. Internet communications cannot be
> guaranteed to be timely, secure, error or virus-free. The sender does not
> accept liability for any errors or omissions.
>


-- 

Sajith Dimal
Senior Software Engineer
Email: saji...@wso2.com
Mobile: +94783101496
WSO2 Inc. | http://wso2.com
lean.enterprise.middleware


Disclaimer: This communication may contain privileged or other confidential
information and is intended exclusively for the addressee/s. If you are not
the intended recipient/s, or believe that you may have received this
communication in error, please reply to the sender indicating that fact and
delete the copy you received and in addition, you should not print, copy,
re-transmit, disseminate, or otherwise use the information contained in
this communication. Internet communications cannot be guaranteed to be
timely, secure, error or virus-free. The sender does not accept liability
for any errors or omissions.
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Fwd: Wso2 Identity Server: identity-inbound-auth-cas

[Mohammed Al Nagdy]

Thanks a lot for your reply. I actually did try before i post this question
to extend the source code. I want to just be guided to apply the fix and
hopefully submit a PR.

On Fri, Feb 8, 2019 at 2:14 PM Kanapriya Kuleswararajan 
wrote:

> Hi Mohammed Yousef,
>
> Actually, CAS service URL is the identifier of the application that the
> client is trying to access. In almost all cases, this will be the URL of
> the application (https://[server-address]/cas-client-webapp/) and the
> server-address should always point to the location where this sample
> application (cas-client-webapp) is deployed.
>
> If I understood you correctly, you are setting Service Url:
> https://test.kfupm.edu.sa in the service provider configuration and
> trying to access that service using some other URL say
> https://test.kfupm.edu.sa/en/?next=/details and you end up with 500
> internal server error.
>
> If that so, the reason for this error is, When we processing the login
> response we are getting the serviceUrlFromRequest [1] (ie,
> https://test.kfupm.edu.sa/en/?next=/details) and with this URL, the
> service provider details get retrieved [2]. Since you are not registering
> the service provider with the service URL:
> https://test.kfupm.edu.sa/en/?next=/details it returns the default
> service provider configurations. That causes an issue here.
>
> As a workaround, you may extend the source code [3] and you may pass the
> exact base URL of the service instead of getting the service URL from the
> request then hopefully, it will give the exact service provider
> configurations.
>
> [1]
> https://github.com/wso2-extensions/identity-inbound-auth-cas/blob/master/components/cas-inbound-authenticator/src/main/java/org/wso2/carbon/identity/sso/cas/processor/SSOLoginProcessor.java#L77
> [2]
> https://github.com/wso2-extensions/identity-inbound-auth-cas/blob/master/components/cas-inbound-authenticator/src/main/java/org/wso2/carbon/identity/sso/cas/util/CASSSOUtil.java#L120
> [3] https://github.com/wso2-extensions/identity-inbound-auth-cas
>
> Thanks,
> Kanapriya Kuleswararajan
> Software Engineer
> Mobile : - 0774894438
> Mail: - kanapr...@wso2.com
> LinkedIn : - https://www.linkedin.com/in/kanapriya-kules-94712685/
> WSO2, Inc.
> lean. enterprise. middleware
>
>
>
> On Wed, Feb 6, 2019 at 3:47 PM Shakila Sasikaran  wrote:
>
>> [Forwarding to dev]
>>
>> -- Forwarded message -
>> From: Mohammed Yousef M. Alnajdi 
>> Date: Tue, Feb 5, 2019 at 3:31 PM
>> Subject: Wso2 Identity Server: identity-inbound-auth-cas
>> To: dev@wso2.org 
>> Cc: shak...@wso2.com  > >
>>
>>
>> Greeting Team,
>>
>> I would like to express that i am really grateful to the work you guys
>> put for the open source community.
>>
>> I have 1 small comment/issue regarding the "identity-inbound-auth-cas" i
>> will try to describe my issue and how i want to solve it.
>>
>>
>>- I configured a new service provider with the name test.kfupm.edu.sa
>>- I configured the CAS URL as https://test.kfupm.edu.sa
>>- If i go now to https://test.kfupm.edu.sa everything works fine and
>>i can see in the url i am getting the sp=test.kfupm.edu.sa
>>but when i try to have anything like this
>>https://test.kfupm.edu.sa/en/?next=/details the cas configuration
>>won't work and i would get the sp=default.
>>So the issue is i can only have 1 url for cas i want it accept and
>>check for the base url which is https://test.kfupm.edu.sa which
>>should be
>>enough for CAS to find out which SP it is.
>>
>>
>>
>> https://stackoverflow.com/questions/54396657/how-to-extend-wso2-identity-inbound-auth-cas-to-accept-a-wildcard-url
>>
>> Thanks a lot
>>
>> *Best Regards.*
>> *Mohammed Y. Alnajdi.*
>> *Software Developer.*
>> *ICTC - Solution Delivery Team.*
>>
>> ___
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Fwd: Wso2 Identity Server: identity-inbound-auth-cas

[Kanapriya Kuleswararajan]

Hi Mohammed Yousef,

Actually, CAS service URL is the identifier of the application that the
client is trying to access. In almost all cases, this will be the URL of
the application (https://[server-address]/cas-client-webapp/) and the
server-address should always point to the location where this sample
application (cas-client-webapp) is deployed.

If I understood you correctly, you are setting Service Url:
https://test.kfupm.edu.sa in the service provider configuration and trying
to access that service using some other URL say
https://test.kfupm.edu.sa/en/?next=/details and you end up with 500
internal server error.

If that so, the reason for this error is, When we processing the login
response we are getting the serviceUrlFromRequest [1] (ie,
https://test.kfupm.edu.sa/en/?next=/details) and with this URL, the service
provider details get retrieved [2]. Since you are not registering the
service provider with the service URL:
https://test.kfupm.edu.sa/en/?next=/details it returns the default service
provider configurations. That causes an issue here.

As a workaround, you may extend the source code [3] and you may pass the
exact base URL of the service instead of getting the service URL from the
request then hopefully, it will give the exact service provider
configurations.

[1]
https://github.com/wso2-extensions/identity-inbound-auth-cas/blob/master/components/cas-inbound-authenticator/src/main/java/org/wso2/carbon/identity/sso/cas/processor/SSOLoginProcessor.java#L77
[2]
https://github.com/wso2-extensions/identity-inbound-auth-cas/blob/master/components/cas-inbound-authenticator/src/main/java/org/wso2/carbon/identity/sso/cas/util/CASSSOUtil.java#L120
[3] https://github.com/wso2-extensions/identity-inbound-auth-cas

Thanks,
Kanapriya Kuleswararajan
Software Engineer
Mobile : - 0774894438
Mail: - kanapr...@wso2.com
LinkedIn : - https://www.linkedin.com/in/kanapriya-kules-94712685/
WSO2, Inc.
lean. enterprise. middleware



On Wed, Feb 6, 2019 at 3:47 PM Shakila Sasikaran  wrote:

> [Forwarding to dev]
>
> -- Forwarded message -
> From: Mohammed Yousef M. Alnajdi 
> Date: Tue, Feb 5, 2019 at 3:31 PM
> Subject: Wso2 Identity Server: identity-inbound-auth-cas
> To: dev@wso2.org 
> Cc: shak...@wso2.com   >
>
>
> Greeting Team,
>
> I would like to express that i am really grateful to the work you guys put
> for the open source community.
>
> I have 1 small comment/issue regarding the "identity-inbound-auth-cas" i
> will try to describe my issue and how i want to solve it.
>
>
>- I configured a new service provider with the name test.kfupm.edu.sa
>- I configured the CAS URL as https://test.kfupm.edu.sa
>- If i go now to https://test.kfupm.edu.sa everything works fine and i
>can see in the url i am getting the sp=test.kfupm.edu.sa
>but when i try to have anything like this
>https://test.kfupm.edu.sa/en/?next=/details the cas configuration
>won't work and i would get the sp=default.
>So the issue is i can only have 1 url for cas i want it accept and
>check for the base url which is https://test.kfupm.edu.sa which should
>be
>enough for CAS to find out which SP it is.
>
>
>
> https://stackoverflow.com/questions/54396657/how-to-extend-wso2-identity-inbound-auth-cas-to-accept-a-wildcard-url
>
> Thanks a lot
>
> *Best Regards.*
> *Mohammed Y. Alnajdi.*
> *Software Developer.*
> *ICTC - Solution Delivery Team.*
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev