Hi Madusanka, I think it's better to provide an option to store an Access Token Obtained from an Authorization Server. >From what I understood, in this scenario, the API acts as a client and the token generated or provided is only another form of credential used to access the backend. If this is the case, is it correct to put this under the OAuth Mediator? The OAuth Mediator seems to validating the Token before sending it to the backend, but here what we need is a way of embedding a token.
On Thu, Feb 12, 2015 at 11:25 AM, Madusanka Premaratne <madusan...@wso2.com> wrote: > Hi, > We need to add a property to the messageContext to store the access token. > Planning to use the property name as *oauth.accessToken*. > The OAuth Mediator configuration changes are as below. > > Current OAuth configurations for the token verification, > <oauthService > > remoteServiceUrl="https://10.100.5.179:9444/services/"; > username="user" > password="user"/> > > The new configuration for both token generation and validation. Newly > added ones are bolded to identify easily. > <oauthService > > *mode="tokenGenerate"* > > remoteServiceUrl="https://10.100.5.179:9444/services/"; > username="user" > password="user"> > > *<tokenServer /><consumerKey /><consumerSecret />* > > </oauthService> > > Thanks, > > > On Thu, Feb 12, 2015 at 10:23 AM, Nuwan Dias <nuw...@wso2.com> wrote: > >> Hi Madusanka, >> >> Shall we come up with the OAuth mediator configuration changes >> (additions) we'll be coming up with to support this feature? >> >> Thanks, >> NuwanD. >> >> On Wed, Feb 11, 2015 at 4:44 PM, Madusanka Premaratne < >> madusan...@wso2.com> wrote: >> >>> Hi All, >>> In API Manager, we only support secure endpoints through basic auth. To >>> improve it to use OAuth, we are going to use ESB OAuth Mediator. But >>> currently the above mediator only validates the keys and the consumer. >>> >>> Improvement : >>> >>> - Feed client key, secret and *token endpoint* to the mediator from >>> the UI. >>> - Generate a token for the consumer and stores it to use with API >>> Manager (or any other product) >>> - Store the lifetime / remaining time of the token >>> - If token expires, generate a token automatically and store it for >>> future use >>> >>> Please see the attachment below for graphical representation[1] >>> >>> [1] - >>> https://drive.google.com/a/wso2.com/file/d/0B6h6rqrZ11fFQWZ5UkJXZ1JZX2c/view?usp=sharing >>> >>> Your feedback and suggestions are welcome. >>> Thanks, >>> >>> -- >>> *Madusanka Premaratne* | Associate Software Engineer >>> WSO2, Inc | lean. enterprise. middleware. >>> #20, Palm Grove, Colombo 03, Sri Lanka >>> Mobile: +94 71 835 70 73| Work: +94 112 145 345 >>> Email: madusan...@wso2.com | Web: www.wso2.com >>> >>> [image: Facebook] <https://www.facebook.com/rmmpremaratne> [image: >>> Twitter] <https://twitter.com/rmmpremaratne> [image: Google Plus] >>> <https://plus.google.com/u/0/+MadusankaPremaratnemaduz/about/p/pub> [image: >>> Linkedin] <http://lk.linkedin.com/in/madusanka/> [image: Instagram] >>> <http://instagram.com/madusankapremaratne> [image: Skype] >>> <http://@rmmpremaratne> >>> >>> >> >> >> -- >> Nuwan Dias >> >> Associate Tech Lead - WSO2, Inc. http://wso2.com >> email : nuw...@wso2.com >> Phone : +94 777 775 729 >> > > > > -- > *Madusanka Premaratne* | Associate Software Engineer > WSO2, Inc | lean. enterprise. middleware. > #20, Palm Grove, Colombo 03, Sri Lanka > Mobile: +94 71 835 70 73| Work: +94 112 145 345 > Email: madusan...@wso2.com | Web: www.wso2.com > > [image: Facebook] <https://www.facebook.com/rmmpremaratne> [image: > Twitter] <https://twitter.com/rmmpremaratne> [image: Google Plus] > <https://plus.google.com/u/0/+MadusankaPremaratnemaduz/about/p/pub> [image: > Linkedin] <http://lk.linkedin.com/in/madusanka/> [image: Instagram] > <http://instagram.com/madusankapremaratne> [image: Skype] > <http://@rmmpremaratne> > > > _______________________________________________ > Architecture mailing list > Architecture@wso2.org > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- *Amila De Silva* WSO2 Inc. mobile :(+94) 775119302
_______________________________________________ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
