WSO2IS JWT访问令牌 [英] WSO2IS JWT access token
问题描述
我正在尝试从WSO2 IS获取JWT访问令牌.我遵循了 msf4j Oauth2安全示例中的说明,并设法通过资源所有者密码授予获得JWT acces令牌类型. 但我在外部对令牌进行身份验证时遇到问题.
I am trying get a JWT access token from WSO2 IS. I followed instructions from msf4j Oauth2 Security Sample, and managed to get a JWT acces token by resource owner password grant type. but I have problem authenticating the token externally.
似乎令牌没有被默认的"wso2carbon.jks"签名.
it seems that the token had not been signed by the default "wso2carbon.jks".
此外,我在服务提供商"中的声明配置未反映在jwt内容中
also, my claim configurations in the "service providers" was not reflected in jwt content
所以我的问题是:如何在WSO2IS中配置JWT签名证书?
so my questions: how to config the JWT signing certificate in WSO2IS?
,以及: 如何在JWT中处理声明?
and also: How to manipulate the claims in the JWT?
出于性能方面的考虑,我不想转向全面"端点,我的策略是仅信任IS,仅确保(本地)JWT令牌的真实性
I do not want to turn to the "introspect" endpoint out of performance concern, and my strategy is to just trust the IS, only to make sure(locally) of the authenticity of the JWT token
请告知
谢谢
推荐答案
您可以按照[1]使用WSO2 Identity Server获取JWT访问令牌(自包含访问令牌)
You can follow [1] to get JWT Access Tokens(Self contained access tokens) using WSO2 Identity Server
这篇关于WSO2IS JWT访问令牌的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!