Option to generate passtickets off z/OS

[1000TurquoisePogs]

Alternative or in addition to https://github.com/zowe/api-layer/issues/3586

Some users wish to use APIML, and generate passtickets, but do so with the minimum resource consumption on z/OS possible. Today, it appears the only option for this is to have APIML on z/OS in order for this code to execute https://github.com/zowe/api-layer/blob/v3.x.x/common-service-core/src/main/java/org/zowe/apiml/passticket/PassTicketService.java

So I am looking for an enhancement to add a second passticket service implementation that runs without using SAF. The passticket algorithm is documented here https://www.ibm.com/docs/en/zos/2.1.0?topic=passticket-incorporating-generator-algorithm-into-your-program and can run independent of z/OS as long as the key material is available.

This would allow APIML to run off z/OS, while still being able to generate passtickets. It does not need to be the default. Just an option.

The enhancements will help adoption of APIML for users who were otherwise considering an alternative gateway technology to meet the requirement of running most of the code off-z/OS.

I am willing to help with the implementation, though my gateway development experience is limited.

[github-actions[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs.