search

krakend / krakend-ce

KrakenD Community Edition: High-performance, stateless, declarative, API Gateway written in Go.
https://www.krakend.io
Apache License 2.0
1.98k stars 452 forks source link

JWT refresh token #162

Closed mkolbusz closed 4 years ago

mkolbusz commented 4 years ago

Describe what are you trying to do I would like to save the refresh_token returned by Krakend. I have my internal issuer backend that returns the JSON with issuer data for access_token and refresh_token. Is there any way to save the refresh_token generated by Krakend by not calling save action from the client to the backend with refresh_token? I mean is it possible by Krakend to call backend to save generated refresh_token directly? Or I have to call save endpoint from client when it gets the tokens? Thanks for the advice!

Your configuration file Below part of my configuration:

{
      "endpoint": "/v1/login",
      "querystring_params": ["*"],
      "method": "POST",
      "backend": [
        {
          "host": [
            "http://users-service"
          ],
          "url_pattern": "/v1/login"
        }
      ],
      "extra_config": {
        "github.com/devopsfaith/krakend-jose/signer": {
          "alg": "HS256",
          "kid": "mykid",
          "keys-to-sign": [
            "access_token", "refresh_token"
          ],
          "jwk-url": "http://users-service/v1/jwk",
          "disable_jwk_security": true
        }
      }
    },
kpacha commented 4 years ago

sequential backend calls are just allowed for GET requests, so you'll need to use a custom martian modifier (https://www.krakend.io/docs/backends/martian/) or a custom http client plugin (https://godoc.org/github.com/devopsfaith/krakend/transport/http/client/plugin)

github-actions[bot] commented 2 years ago

This issue was marked as resolved a long time ago and now has been automatically locked as there has not been any recent activity after it. You can still open a new issue and reference this link.