Re: [Dev] Missing Attributes in Token Introspection Response

Mon, 21 Aug 2017 01:26:26 -0700 

On Mon, Aug 21, 2017 at 1:23 PM, Gayan Gunawardana <ga...@wso2.com> wrote:

>
>
> On Mon, Aug 21, 2017 at 1:21 PM, Ruwan Abeykoon <ruw...@wso2.com> wrote:
>
>> Hi All,
>> I think we need to add them in introspection result, since they were
>> anyway present in AuthenticationResponse inside JWT.
>>
>> @Gayan,
>> How about the acr, amr ?
>>
> +1 we can add them too.
>

Can we also consider providing an extension point to decide attributes that
go into the introspection response?


>
>> Cheers,
>> Ruwan
>>
>> On Mon, Aug 21, 2017 at 11:08 AM, Gayan Gunawardana <ga...@wso2.com>
>> wrote:
>>
>>> Hi Indunil,
>>>
>>> Form token introspection response I can get below attributes.
>>>
>>> {"scope":"openid","active":true,"token_type":"Bearer","exp":
>>> 1503061170,"iat":1503057570,"client_id":"oRbEK6KkycbSLGxt3JH
>>> ciaitPzoa","username":"admin@carbon.super"}
>>>
>>> But some of optional attributes are not included in introspection
>>> response
>>>
>>>    sub
>>>       OPTIONAL.  Subject of the token, as defined in JWT [RFC7519 
>>> <https://tools.ietf.org/html/rfc7519>].
>>>       Usually a machine-readable identifier of the resource owner who
>>>       authorized this token.
>>>
>>>    aud
>>>       OPTIONAL.  Service-specific string identifier or list of string
>>>       identifiers representing the intended audience for this token, as
>>>       defined in JWT [RFC7519 <https://tools.ietf.org/html/rfc7519>].
>>>
>>>    iss
>>>       OPTIONAL.  String representing the issuer of this token, as
>>>       defined in JWT [RFC7519 <https://tools.ietf.org/html/rfc7519>].
>>>
>>> Do we have any limitation to support above attributes ?
>>>
>>>
>>> [1] https://tools.ietf.org/html/rfc7662
>>>
>>> Thanks,
>>> Gayan
>>> --
>>> Gayan Gunawardana
>>> Senior Software Engineer; WSO2 Inc.; http://wso2.com/
>>> Email: ga...@wso2.com
>>> Mobile: +94 (71) 8020933
>>>
>>
>>
>>
>>
>>
>
>
> --
> Gayan Gunawardana
> Senior Software Engineer; WSO2 Inc.; http://wso2.com/
> Email: ga...@wso2.com
> Mobile: +94 (71) 8020933
>
> _______________________________________________
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>

_______________________________________________
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Reply via email to