On Fri, Dec 13, 2019 at 12:30 PM Rajith Roshan <[email protected]> wrote:
> Hi all, > In microgateway 3.0.2 version we only supports jwt tokens issued by a > single issuer. (The current config [1]). But there can be use cases where > microgateways need to support jwts issued by multiple issuers (STS). > So we are planning to support the multiple issuers with jballerina update > of the microgateway. For each new issuer defined in the config, > authentication handler will be registered during the mgw startup and each > token will be validated by each handler until the correct handler is found > for that particular issuer of the token. > We are planning to extend the configuration as below [2]. > Ideally the config should look like [3]. But in ballerina right now there > is a limitation in the config API in order to read the array objects from > the toml files. > Please find the github issue [4]. > Please share your thoughts about this. > Looks fine till we this getting fix from bellerina. But this will involve with a migration when it's fixed. How soon can we get this fixed from ballerina and proceed with the [3]? > > [1] - > [jwtTokenConfig] > issuer="https://localhost:9443/oauth2/token"; > audience="http://org.wso2.apimgt/gateway"; > certificateAlias="wso2apim" > > [2] > [*jwtTokenConfig*] > issuer="https://localhost:9443/oauth2/token"; > audience="http://org.wso2.apimgt/gateway"; > certificateAlias="wso2apim" > > [*jwtTokenConfig1*] > issuer="issuer1" > audience="aud1" > certificateAlias="alias1" > > [*jwtTokenConfig2*] > issuer="issuer2" > audience="aud2" > certificateAlias="alias2" > > [3] > [[*jwtTokenConfig*]] > issuer="https://localhost:9443/oauth2/token"; > audience="http://org.wso2.apimgt/gateway"; > certificateAlias="wso2apim" > > [[*jwtTokenConfig*]] > issuer="issuer1" > audience="aud1" > certificateAlias="alias1" > > [[*jwtTokenConfig*]] > issuer="issuer2" > audience="aud2" > certificateAlias="alias2" > > [4] - https://github.com/wso2/product-microgateway/issues/271 > > Thanks! > Rajith > -- > *Rajith Roshan* | Associate Technical Lead | WSO2 Inc. > (m) +94-717-064-214 | (e) [email protected] <[email protected]> > blog: http://www.rajithr.com > > <https://wso2.com/signature> > -- *Harsha Kumara* Technical Lead, WSO2 Inc. Mobile: +94775505618 Email: [email protected] Blog: harshcreationz.blogspot.com GET INTEGRATION AGILE Integration Agility for Digitally Driven Business
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
