Re: [Dev] Missing Attributes in Token Introspection Response

Mon, 21 Aug 2017 02:54:31 -0700 

On Mon, Aug 21, 2017 at 1:54 PM, Farasath Ahamed <farasa...@wso2.com> wrote:

>
>
>
> On Mon, Aug 21, 2017 at 1:23 PM, Gayan Gunawardana <ga...@wso2.com> wrote:
>
>>
>>
>> On Mon, Aug 21, 2017 at 1:21 PM, Ruwan Abeykoon <ruw...@wso2.com> wrote:
>>
>>> Hi All,
>>> I think we need to add them in introspection result, since they were
>>> anyway present in AuthenticationResponse inside JWT.
>>>
>>> @Gayan,
>>> How about the acr, amr ?
>>>
>> +1 we can add them too.
>>
>
> Can we also consider providing an extension point to decide attributes
> that go into the introspection response?
>
+1 token binding will introduce some more attributes.

>
>
>>
>>> Cheers,
>>> Ruwan
>>>
>>> On Mon, Aug 21, 2017 at 11:08 AM, Gayan Gunawardana <ga...@wso2.com>
>>> wrote:
>>>
>>>> Hi Indunil,
>>>>
>>>> Form token introspection response I can get below attributes.
>>>>
>>>> {"scope":"openid","active":true,"token_type":"Bearer","exp":
>>>> 1503061170,"iat":1503057570,"client_id":"oRbEK6KkycbSLGxt3JH
>>>> ciaitPzoa","username":"admin@carbon.super"}
>>>>
>>>> But some of optional attributes are not included in introspection
>>>> response
>>>>
>>>>    sub
>>>>       OPTIONAL.  Subject of the token, as defined in JWT [RFC7519 
>>>> <https://tools.ietf.org/html/rfc7519>].
>>>>       Usually a machine-readable identifier of the resource owner who
>>>>       authorized this token.
>>>>
>>>>    aud
>>>>       OPTIONAL.  Service-specific string identifier or list of string
>>>>       identifiers representing the intended audience for this token, as
>>>>       defined in JWT [RFC7519 <https://tools.ietf.org/html/rfc7519>].
>>>>
>>>>    iss
>>>>       OPTIONAL.  String representing the issuer of this token, as
>>>>       defined in JWT [RFC7519 <https://tools.ietf.org/html/rfc7519>].
>>>>
>>>> Do we have any limitation to support above attributes ?
>>>>
>>>>
>>>> [1] https://tools.ietf.org/html/rfc7662
>>>>
>>>> Thanks,
>>>> Gayan
>>>> --
>>>> Gayan Gunawardana
>>>> Senior Software Engineer; WSO2 Inc.; http://wso2.com/
>>>> Email: ga...@wso2.com
>>>> Mobile: +94 (71) 8020933
>>>>
>>>
>>>
>>>
>>>
>>>
>>
>>
>> --
>> Gayan Gunawardana
>> Senior Software Engineer; WSO2 Inc.; http://wso2.com/
>> Email: ga...@wso2.com
>> Mobile: +94 (71) 8020933
>>
>> _______________________________________________
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>


-- 
Gayan Gunawardana
Senior Software Engineer; WSO2 Inc.; http://wso2.com/
Email: ga...@wso2.com
Mobile: +94 (71) 8020933

_______________________________________________
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Reply via email to