lmccay commented on code in PR #876:
URL: https://github.com/apache/knox/pull/876#discussion_r1519906008
##########
gateway-provider-security-jwt/src/main/java/org/apache/knox/gateway/provider/federation/jwt/filter/AbstractJWTFilter.java:
##########
@@ -300,8 +302,23 @@ protected Subject createSubjectFromToken(final JWT token)
throws UnknownTokenExc
public Subject createSubjectFromTokenIdentifier(final String tokenId) throws
UnknownTokenException {
TokenMetadata metadata = tokenStateService.getTokenMetadata(tokenId);
+ String username = null;
if (metadata != null) {
- return createSubjectFromTokenData(metadata.getUserName(), null);
+ String type = metadata.getMetadata(TYPE);
Review Comment:
Yeah, this is kind of a weird thing. I have a python script that is
targeting this usecase for the time being and is setting that metadata now. It
wouldn't surface in Knox code unless we had specific APIs or UI or something
that leverages this generic capability in such a vertical specific context. I'm
thinking that for now this is just a convention that needs to be followed for
this usecase. Do you have some other suggestion?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: dev-unsubscr...@knox.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
