Here in this post we will discuss how to use custom code for JWT generation and Claims retrieve logic. I have explained custom JWT generation with API Manager 1.8.0 in this post(http://sanjeewamalalgoda.blogspot.com/2014/12/how-to-generate-custom-jwt-in-wso2-api.html). Moving forward we will see how we can call custom claim retrieve method from JWT generator implementation. Once everything configured properly you will see JWT similar to below.
{"iss":"wso2.org/products/am","exp":"1418619165375","http://wso2.org/claims/subscriber":"admin","http://wso2.org/claims/applicationid":"2","http://wso2.org/claims/applicationname":"DefaultApplication","http://wso2.org/claims/applicationtier":"Unlimited","http://wso2.org/claims/apicontext":"/testam/sanjeewa","http://wso2.org/claims/version":"1.0.0","http://wso2.org/claims/tier":"Bronze","http://wso2.org/claims/keytype":"PRODUCTION","http://wso2.org/claims/usertype":"APPLICATION_USER","http://wso2.org/claims/enduser":"admin","http://wso2.org/claims/enduserTenantId":"-1234","current_timestamp":"1418618265391","messge":"This is custom JWT"}
As you can see current_timestamp and message properties will be there in JWT with customized JWT generator code.
Also if need to generate custom claims based on access token you can extend org.wso2.carbon.apimgt.impl.token.ClaimsRetriever class and implement method for that as follows.
{"iss":"wso2.org/products/am","exp":"1418619165375","http://wso2.org/claims/subscriber":"admin","http://wso2.org/claims/applicationid":"2","http://wso2.org/claims/applicationname":"DefaultApplication","http://wso2.org/claims/applicationtier":"Unlimited","http://wso2.org/claims/apicontext":"/testam/sanjeewa","http://wso2.org/claims/version":"1.0.0","http://wso2.org/claims/tier":"Bronze","http://wso2.org/claims/keytype":"PRODUCTION","http://wso2.org/claims/usertype":"APPLICATION_USER","http://wso2.org/claims/enduser":"admin","http://wso2.org/claims/enduserTenantId":"-1234","current_timestamp":"1418618265391","messge":"This is custom JWT"}
As you can see current_timestamp and message properties will be there in JWT with customized JWT generator code.
public MappopulateCustomClaims(APIKeyValidationInfoDTO keyValidationInfoDTO, String apiContext, String version, String accessToken)
throws APIManagementException {
Long time = System.currentTimeMillis();
String text = "This is custom JWT";
Mapmap = new HashMap ();
map.put("current_timestamp", time.toString());
map.put("messge" , text);
//If need you can generate access token based claims and embedded them to map.
return map;
}
Also if need to generate custom claims based on access token you can extend org.wso2.carbon.apimgt.impl.token.ClaimsRetriever class and implement method for that as follows.
public SortedMapYou can download complete sample from this URL(Sample Code).getClaims(String endUserName, String accessToken) throws APIManagementException {
//you implementation should go here
}
Then call it inside populateCustomClaims as follows.
public MappopulateCustomClaims(APIKeyValidationInfoDTO keyValidationInfoDTO, String apiContext, String version, String accessToken)
throws APIManagementException {
CustomClaimsRetriever claimsRetriever = (CustomClaimsRetriever)getClaimsRetriever();
if (claimsRetriever != null) {
String tenantAwareUserName = keyValidationInfoDTO.getEndUserName();
if (MultitenantConstants.SUPER_TENANT_ID == APIUtil.getTenantId(tenantAwareUserName)) {
tenantAwareUserName = MultitenantUtils.getTenantAwareUsername(tenantAwareUserName);
}
try {
//Call getClaims method implemented in custom claim retriever class
return claimsRetriever.getClaims(tenantAwareUserName,accessToken);
} catch (Exception e) {
}
}
return null;
}
No comments:
Post a Comment