flutter>> wso2_APIM_JWT_Injector>> 返回
项目作者: tmkasun

项目描述 :
Inject new claims from API Request headers
高级语言: Java
项目地址: git://github.com/tmkasun/wso2_APIM_JWT_Injector.git
创建时间: 2018-09-12T12:02:55Z
项目社区:https://github.com/tmkasun/wso2_APIM_JWT_Injector
开源协议:MIT License
下载


How this stuff works!

  • This org.wso2.carbon.custom.jwt.handler is a custom gateway handler for WSO2 API Manager 2.5.0.

  • This microService is a simple micro service implementation to echo back the incoming request information(Headers/Body) and dumps the JWT claims if there any.

This repository contains a sample implementation for altering the JWT token issued by Key Manager(KM) (WSO2 IS-as-KM or Pre-Pack KM in APIM) in the Gateway node and injecting (Adding new) JWT claims which is/are extracted from the incoming API request HTTP headers.

How to try!

  1. Build org.wso2.carbon.custom.jwt.handler maven project
  2. Put the jar file into /repository/components/dropins/
  3. Start the WSO2 API Manager 2.5 and create an API , Put the production endpoint URL as http://localhost:8008/api assume that microService is running on the localhost in it’s default port(8008)
  4. Goto API Manager 2.5 Store, Subscribe the newly created API to application and generate keys
  5. Add the following handler element to API synapse file in <APIM_HOME>/repository/deployment/server/synapse-configs/default/api/
    1. <handler class="org.wso2.carbon.custom.jwt.handler.AlterJWTHandler"></handler>
  6. Start the WSO2 API Manager 2.5 server
  7. Start the microService by running ./echo_microservice.py
    • note: You need to have Python 3.5+
  8. Try out the following http or curl command
    1. http --verify=no "https://localhost:8243/sample/1.1.1/allep" "accept: application/json"  "Authorization: Bearer 7bf6fe85-b61f-30f2-85d7-de535785b96b" "x-myKey: gFqxSTuvRdIuhMr8pO57Vcz0OMAa"
  1. curl -vk "https://localhost:8243/sample/1.1.1/allep" -H "accept: application/json"  -H "Authorization: Bearer 7bf6fe85-b61f-30f2-85d7-de535785b96b" -H "x-myKey: gFqxSTuvRdIuhMr8pO57Vcz0OMAa"
  1. x-myKey is the custom header given in the API request, and this header and it’s value will be available in the JWT token receive to the Echo MicroService
  2. Look for the JWT payload dump in the terminal

Console log from Echo Micro Service

echo_out

Response from Echo Micro Service

echo_response

WSO2 APIM Console log from AlterJWTHandler

mediator_out