WSO2 API Manager将用户/密码凭证传递给后端端点令牌生成器。

huangapple go评论68阅读模式
英文:

WSO2 Api Manager passing user/password credentials to backend endpoint token generator

问题

我的后端微服务可以在成功的OAuth身份验证过程后访问,该过程会向客户端提供访问令牌和刷新令牌作为响应。在WSO2 Api Manager上,当定义一个新的REST API时,我通过使用OAUTH 2.0设置端点安全性并设置/保存令牌URL端点、客户端ID、客户端秘密、用户名和密码以及附加参数"scope"成功地访问了后端微服务端点。它运行正常!但是我需要从调用的API中动态传递用户名和密码到令牌端点生成器,可能是从注册到API的用户身份。否则,令牌将始终授予始终保存在端点配置数据中的相同用户凭据,无论是谁通过WSO2 Api Manager公开调用API。有什么线索吗?提前感谢!

英文:

My backend microservices can be accessed after successfull OAuth authentication process which provides in response to the client access token and refresh token. On WSO2 Api Manager, when defining a new REST API, I successfully reached a backend micro service endpoint by setting endpoint security with OAUTH 2.0 and setting/saving token URL endpoint, client-id, client-secret, username and password, plus additional parameter "scope". It works fine!
But I'd need to pass username and password dinamically to the token endpoint generator from the invoked API, possibly from the identity of the user registered to the API. Otherwise, tokens would be granted always to the same user credentials persistently saved within the endpoint configuration data, whoever is invoking the API exposed through WSO2 Api Manager. Any clue?
Thanks in advance

答案1

得分: 1

AFAIK with the default implementation, You can't really achieve this. But you can write a custom Extension like this and engage using a Mediation Extension.

Also on a different note, If you already have an IDP that takes care of token generation, why can't you just use the same token to Authenticate in both APIM layer and in the backend?

英文:

AFAIK with the default implementation, You can't really achieve this. But you can write a custom Extension like this and engage using a Mediation Extension.

Also on a different note, If you already have an IDP that takes care of token generation, why can't you just use the same token to Authenticate in both APIM layer and in the backend?

huangapple
  • 本文由 发表于 2023年5月29日 17:44:25
  • 转载请务必保留本文链接:https://go.coder-hub.com/76356259.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定