Skip to content

Convert OpenAM token to OpenID Connect (JWT)

Jump to bottom Edit New page
vharseko edited this page Mar 15, 2019 · 1 revision 
{
	"name": "10-api",
	"condition": "${matches(request.uri.path, '^/api')}",
	"monitor": true,
	"timer": true,
	"handler": {
		"type": "Chain",
		"config": {
			"filters": [
				{
					"type": "TokenTransformationFilter",
					"config": {
						"openamUri": "${system['openam']}",
						"realm": "/staff",
						"instance": "jwt",
						"from": "OPENAM",
						"to": "OPENIDCONNECT",
						"idToken": "${request.headers['Authorization'][0]}"
					}
				},
				{
					"type": "HeaderFilter",
					"config": {
						"messageType": "REQUEST",
						"remove": [
							"Authorization"
						]
					}
				},
				{
					"type": "ConditionalFilter",
					"config": {
						"condition": "${not empty contexts.sts.issuedToken}",
						"delegate": {
							"type": "HeaderFilter",
							"config": {
								"messageType": "REQUEST",
								"add": {
									"Authorization": [
										"Berear ${contexts.sts.issuedToken}"
									]
								}
							}
						}
					}
				}
			],
			"handler": {
				"type": "DispatchHandler",
				"config": {
					"bindings": [
						{
							"handler": "ClientHandler",
							"capture": ["filtered_request"],
							"baseURI": "${system['endpoint.api']}"
						}
					]
				}
			}
		}
	}
}

OpenIG Logo

Latest release Build Deploy Issues Last commit License Top language Code size in bytes

The Open Identity Gateway (OpenIG) is a high-performance reverse proxy server with specialized session management and credential replay functionality.

Add a custom sidebar
Clone this wiki locally