A custom Grant Handler & Grant Validator implementation for WSO2 API Manager
The developed custom grant expects the following to authenticate and generate access tokens
- name: a unique name
- location: supported location
- key: a unique key value
Given below are a set of sample values
- name:
locus-10-09874,ocus-10-01219 - location:
LK-COLOMBO,LK-KANDY - key:
0987654321,1234567890
Use the following command to build the project
mvn clean packageCopy and place the built JAR artifact inside the <APIM>/repository/components/lib directory. Then navigate and open the <APIM>/repository/conf/identity/identity.xml and add the our custom grant under the <SupportedGrantTypes> section as follows
<SupportedGrantTypes>
<SupportedGrantType>
<GrantTypeName>locus</GrantTypeName>
<GrantTypeHandlerImplClass>com.grant.sample.handler.LocusGrantHandler</GrantTypeHandlerImplClass>
<GrantTypeValidatorImplClass>com.grant.sample.validator.LocusGrantValidator</GrantTypeValidatorImplClass>
<IdTokenAllowed>false</IdTokenAllowed>
</SupportedGrantType>
</SupportedGrantTypes>Fire up the WSO2 API Manager server by navigating to <APIM>/bin directory and executing the following based on your OS
# linux env
sh wso2server.sh
# windows env
wso2server.batRoute to Carbon Management Console '/carbon', and direct to Main > Identity > Service Providers > Add and create a new Service Provider for demo purposes.
Register an OAuth/OpenID Connect and select the locus Grant Type. Copy the Client ID and the Client Secret of the Service Provider to invoke the Token endpoint.
Given below is a sample cURL command to invoke the Token endpoint of WSO2 API Manager with our developed custom grant
curl --location --request POST 'https://localhost:8243/token' \
--header 'Authorization: Basic {base64<ClientID:Client Secret>}' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=locus' \
--data-urlencode 'name=locus-10-09874' \
--data-urlencode 'location=LK-COLOMBO' \
--data-urlencode 'key=0987654321'