-
This
org.wso2.carbon.custom.jwt.handleris a custom gateway handler for WSO2 API Manager 2.5.0. -
This
microServiceis a simple micro service implementation to echo back the incoming request information(Headers/Body) and dumps the JWT claims if there any.
This repository contains a sample implementation for altering the JWT token issued by Key Manager(KM) (WSO2 IS-as-KM or Pre-Pack KM in APIM) in the Gateway node and injecting (Adding new) JWT claims which is/are extracted from the incoming API request HTTP headers.
- Build
org.wso2.carbon.custom.jwt.handlermaven project - Put the jar file into <APIM_HOME>/repository/components/dropins/
- Start the WSO2 API Manager 2.5 and create an API , Put the production endpoint URL as
http://localhost:8008/apiassume thatmicroServiceis running on the localhost in it's default port(8008) - Goto API Manager 2.5 Store, Subscribe the newly created API to application and generate keys
- Add the following handler element to API synapse file in
<APIM_HOME>/repository/deployment/server/synapse-configs/default/api/
<handler class="org.wso2.carbon.custom.jwt.handler.AlterJWTHandler"/>- Start the WSO2 API Manager 2.5 server
- Start the
microServiceby running./echo_microservice.py- note: You need to have Python 3.5+
- Try out the following
httporcurlcommand
http --verify=no "https://localhost:8243/sample/1.1.1/allep" "accept: application/json" "Authorization: Bearer 7bf6fe85-b61f-30f2-85d7-de535785b96b" "x-myKey: gFqxSTuvRdIuhMr8pO57Vcz0OMAa"curl -vk "https://localhost:8243/sample/1.1.1/allep" -H "accept: application/json" -H "Authorization: Bearer 7bf6fe85-b61f-30f2-85d7-de535785b96b" -H "x-myKey: gFqxSTuvRdIuhMr8pO57Vcz0OMAa"x-myKeyis the custom header given in the API request, and this header and it's value will be available in the JWT token receive to the Echo MicroService- Look for the JWT payload dump in the terminal
