OAuth Auth – Credential Enrichment and HTTP Header Sending

If you wanted to add HTTP Headers to the junctioned request, similar to how the old OAuth EAS used to. For example sending the Client ID, or the Token details as HTTP headers, there is an easy way to do this from the OAuth Mapping rule.

Here I am not only adding things like the OAuth STATE ID (The immutable reference identifier for the OAuth request) into the credential, but I’m also sending it as a header to all the junctioned resources.

//In your mapping rule, find a place where the request_type is resource.
if(request_type == "resource")
    var customoauthstate = 
        OAuthMappingExtUtils.getAssociation(state_id, "STORED_STATE");
    //This is a runtime flow. 
    //Add current token state to request headers
    stsuu.addContextAttribute(new Attribute("CUSTOM-OAUTH-STATE", 
        "urn:ibm:names:ITFIM:oauth:response:attribute", customoauthstate));
    var accessURL = stsuu.getContextAttributes()
    IDMappingExtUtils.traceString("URL accessed is: " + accessURL);

    //Add state_id - to be used by OTP endpoint
       new Attribute("state_id", "urn:ibm:names:ITFIM:oauth:response:attribute", 
    //Using TagValue Always, the Reverse Proxy will send the following
    //Cred attributes as HTTP Headers.
    stsuu.addContextAttribute(new Attribute("tagvalue_always", 
      "CUSTOM-OAUTH-STATE:CUSTOM-OAUTH-STATE,state_id:state_id" +

Comments are closed.

Website Built with WordPress.com.

Up ↑

%d bloggers like this: