TokenType(user, application) identification in JWT claim in 4.0.0

[lahirugmg]

Description:

We have been passing the following attribute to the backend via JWT in APIM 2.1.0.

"http://wso2.org/claims/usertype", "APPLICATION|APPLICATION_USER"

The requirement is, that if the API call comes with a token issued for Client Credential grant type(Application level), backends should be able to access that information in JWT.

With the new implementation of IS 5.11.0/APIM 4.0.0 this information is not available at building JWT.

AccessTokenInfo class already has a variable to carry this information - "isApplicationToken"

package org.wso2.carbon.apimgt.api.model;

import org.json.simple.JSONObject;

import java.util.Arrays;
import java.util.HashMap;

/**

Details about an Access Token.
*/
public class AccessTokenInfo {
private boolean isTokenValid;

private boolean isApplicationToken;

We are ignoring token-type info from introspecting call in the Key validation(introspect) handler. We need to get information from "aut" field and set it isApplicationToken,

public class IntrospectInfo {

    @SerializedName("active")
    private boolean active;
    @SerializedName("client_id")
    private String clientId;
    @SerializedName("device_id")
    private String deviceId;
    @SerializedName("exp")
    private long expiry;
    @SerializedName("aut")
    private long aut;
    ...

Steps to reproduce:

Affected Product Version:

APIM 4.0.0

Environment details (with versions):

• Env (Docker/K8s): Docker

[dushaniw]

Need to add it to master. - In progress