I have published API in API Publisher. That API have POST method confirm
, which retrieves JSON data with such parameters: userUUID, appName, version. In API Publisher this API takes only two parameters: appName and version.
I don't want to send userUUID from client, but I want to retrieve userUUID from accessToken (it is in user claims) in inSequence and add it to sended JSON as new parameter and then send it all to backend.
Is it possible? Maybe I can retrieve at least user email from accessToken?
I see two ways to pass user information to the backend.
One is the JWT token. In the api-manager.xml you can enable the JWT token generation with the claim retriever. The JWT token will be sent to the backend service as an HTTP header
in the sequence you can call one of the admin services ( see https://docs.wso2.com/display/AM210/WSO2+Admin+Services ) for to get assigned user and application
see https://localhost:9443/services/OAuth2TokenValidationService?wsdl and the validate or buildIntrospectionResponse operation
I hope it helped
I found workaround with getting user info from https://localhost:9443/oauth2/userinfo?schema=openid
First of all, change value RemoveOAuthHeadersFromOutMessage
in OAuthConfigurations
in file [WSO2_AM]/repository/conf/api-manager.xml
Secondly, user claims, that are getting from https://localhost:9443/oauth2/userinfo?schema=openid
should be configured in WSO2 API Manager Carbon Server in Service Providers.
Algorithm:
body_of_zero_call
urlPostfixZero
?schema=openid
as request target REST API method { "status": "Can't get user info"}
user_uuid
) from response body to property user_uuid_first_call
body_of_zero_call
to body urlPostfixZero
to request target REST API method userUUID
to request body userUUID
in body with value from property user_uuid_first_call
Mediator:
<?xml version="1.0" encoding="UTF-8"?>
<sequence xmlns="http://ws.apache.org/ns/synapse" name="token_to_user_uuid" trace="disable">
<!-- 1 -->
<enrich>
<source clone="true" type="body" />
<target action="child" property="body_of_zero_call" type="property" />
</enrich>
<!-- 2 -->
<property expression="$axis2:REST_URL_POSTFIX" name="urlPostfixZero" scope="default" type="STRING" />
<!-- 3 -->
<property name="REST_URL_POSTFIX" scope="axis2" type="STRING" value="?schema=openid" />
<!-- 4 -->
<call blocking="true">
<endpoint>
<http method="get" trace="disable" uri-template="https://localhost:9443/oauth2/userinfo" />
</endpoint>
</call>
<!-- 5 -->
<filter regex="200" source="get-property('axis2', 'HTTP_SC')">
<then>
<!-- 6 -->
<property expression="$body//jsonObject//user_uuid" name="user_uuid_first_call" scope="default" type="STRING" />
<!-- 7 -->
<enrich>
<source clone="true" property="body_of_zero_call" type="property" />
<target type="body" />
</enrich>
<!-- 8 -->
<property expression="get-property('urlPostfixZero')" name="REST_URL_POSTFIX" scope="axis2" type="STRING" />
<!-- 9 -->
<enrich>
<source clone="true" type="inline">
<userUUID xmlns="" />
</source>
<target action="child" xpath="$body//jsonObject" />
</enrich>
<!-- 10 -->
<enrich>
<source clone="true" property="user_uuid_first_call" type="property" />
<target xpath="$body//jsonObject//userUUID" />
</enrich>
<!-- 11 -->
<call blocking="true">
<endpoint>
<http method="post" trace="disable" uri-template="https://localhost:9444/customAuth/services/regulations" />
</endpoint>
</call>
<!-- 12 -->
<respond />
</then>
<else>
<property name="HTTP_SC" scope="axis2" type="STRING" value="500" />
<payloadFactory media-type="json">
<format>{ "status": "Can't get user info"}</format>
<args />
</payloadFactory>
<respond />
</else>
</filter>
</sequence>
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.