how use wso2 OAuth mediator in micro integrator 4.1

Question

I can not figure out how to use the wso2 OAuth mediator. I use the wso2 micro integrator 4.1, identity server 5.11, and wso2 IntegrationStudio 8.1.

1. Is this true: OAuth mediator gets an access token and sends it to the identity server and gets the answer if the access token is valid or not?

2. We should add an OAuth mediator at the beginning of an inSequence?

3. What should come after the OAuth mediator?

4. What does the curl message look like when using the OAuth mediator?

I have an API like this (without an OAuth mediator):

<api context="/user-service3" name="Soap2Rest" xmlns="http://ws.apache.org/ns/synapse">
<resource methods="POST">
    <inSequence>
        <send>
            <endpoint>
                <http method="post" uri-template="http://localhost:9090/user-service" />
            </endpoint>
        </send>
    </inSequence>
    <outSequence>
        <send/>
    </outSequence>
    <faultSequence>
        <send/>
    </faultSequence>
</resource>

I send a curl message like this:

curl -X 'POST' -k 'https://localhost:8253/user-service3' \
-H 'Content-Type: application/soap+xml' \
-H 'accept: */*' \
-d '
<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:user="http://user.ws.xx.com/">
   <soap:Header/>
   <soap:Body>
      <user:createUser>
         <arg0>abc</arg0>
       </user:createUser>
    </soap:Body>
 </soap:Envelope>'

what should I change in the curl command after adding the OAuth mediator at the beginning of the inSequence?

<oauthService remoteServiceUrl="https://testdomain.org:9444/services/" username="admin" password="admin"/> -->

I tried different ways but get errors from the wso2 identity server. I add the Authorization header to curl.

-H 'Authorization : Bearer 8aa447a9-b929-355c-a885-1b92c5266051' \

But Micro Integrator shows this log:

INFO {LogMediator} - Direction: request, MESSAGE = Executing default 'fault' sequence, 
ERROR_CODE = 0, ERROR_MESSAGE = Error occured while validating oauth 2.0 access token, 
Envelope: 
<?xml version='1.0' encoding='utf-8'?>
<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:user="http://user.ws.xx.com/">
<soap:Body>
  <user:createUser>
     <arg0>abc</arg0>
  </user:createUser>
 </soap:Body></soap:Envelope>

Answer 1

1. Yes
2. It can be anywhere
3. Anything
4. Add the Authorization header to curl.

The curl command is correct. Based on this answer I found out some of the wso2 product's org.wso2.carbon.identity.oauth.stub jar files are not compatible with each other. I thought maybe my problem is that.

I copied the org.wso2.carbon.identity.oauth.stub_6.4.111.jar file from the WSO2 Identity Server to the wso2/components/plugins directory of the WSO2 micro integrator.

cp wso2is-5.11.0/repository/components/plugins/org.wso2.carbon.identity.oauth.stub_6.4.111.jar wso2mi-4.1.0/wso2/components/plugins

Then updated the bundles.info file of the micro integrator:

vi wso2mi-4.1.0/wso2/components/micro-integrator-default/configuration/org.eclipse.equinox.simpleconfigurator/bundles.info

modified this line:

org.wso2.carbon.identity.oauth.stub,6.1.0,../plugins/org.wso2.carbon.identity.oauth.stub_6.1.0.jar,4,true

to this:

org.wso2.carbon.identity.oauth.stub,6.4.111,../plugins/org.wso2.carbon.identity.oauth.stub_6.4.111.jar,4,true

After restarting the micro integrator server, my curl command works fine.