UserType字段在APIMgtGatewayJWTGeneratorImpl中

Question

我将wso2从2.6.0版本更新为4.1.0，在旧版本中，只有作为参数'context‘作为TokenValidationContext接收的JWTGenerator生成器类和从这个context.getUserType()获得的类仍然是必需的。

如果接受userType类作为参数，如何在APIMgtGatewayJWTGeneratorImpl中获取JWTInfoDto字段？

为什么在APIMgtGatewayJWTGeneratorImpl类中硬编码为claims.put(方言+ "usertype"，"Application_User")

我用JSON序列化了JWTInfoDto并将其输出到日志中，得到了以下结果：

{
  "applicationTier": "Unlimited",
  "keyType": "PRODUCTION",
  "version": "v1",
  "applicationName": "Yaroslav",
  "endUser": "CARCYAYU/APIUSER@carbon.super",
  "endUserTenantId": -1234,
  "applicationUUId": "5c2336af-fce6-49b2-8a96-a9f8bbf56924",
  "subscriber": "CARCYAYU/APIUSER",
  "subscriptionTier": "Unlimited",
  "applicationId": "3",
  "apiContext": "/bookings-read/carcyayu/v1",
  "apiName": "Bookings Read API",
  "jwtValidationInfo": {
    "user": "APIUSER",
    "issuer": "https:9443/oauth2/token",
    "expiryTime": 1664398068000,
    "issuedTime": 1664394468000,
    "consumerKey": "Zu5A7qXKXqfhu2eG9T4oYTlOgbEa",
    "valid": true,
    "scopes": [
      "default"
    ],
    "claims": {
      "sub": "APIUSER",
      "aut": "APPLICATION",
      "aud": [
        "Zu5A7qXKXqfhu2eG9T4oYTlOgbEa"
      ],
      "nbf": "Sep 28, 2022 10:47:48 PM",
      "azp": "Zu5A7qXKXqfhu2eG9T4oYTlOgbEa",
      "scope": "default",
      "iss": "https:9443/oauth2/token",
      "exp": "Sep 28, 2022 11:47:48 PM",
      "iat": "Sep 28, 2022 10:47:48 PM",
      "jti": "e794778b-5879-450c-a2cf-55789f5e9ae1"
    },
    "jti": "e794778b-5879-450c-a2cf-55789f5e9ae1",
    "validationCode": 0,
    "rawPayload": "eyJ4NXQiOiJOakE0TnpSaE16WXlaVGd6WXpZM1ltVXdOelkyWXprMFl6a3paVFk0Wm1RMFpXRmtZV0UwTlEiLCJraWQiOiJZV1prTWprd09EWXlPVEZrTTJNeU1qRXpOekptWlRkaVptWTNNR0kzTnpZM1l6RTRPV1ExTURFMVl6TTRNV1UyWTJKa1lUZGtORE15TjJVMk9HTmhNUV9SUzI1NiIsImFsZyI6IlJTMjU2In0.eyJzdWIiOiJBUElVU0VSIiwiYXV0IjoiQVBQTElDQVRJT04iLCJhdWQiOiJadTVBN3FYS1hxZmh1MmVHOVQ0b1lUbE9nYkVhIiwibmJmIjoxNjY0Mzk0NDY4LCJhenAiOiJadTVBN3FYS1hxZmh1MmVHOVQ0b1lUbE9nYkVhIiwic2NvcGUiOiJkZWZhdWx0IiwiaXNzIjoiaHR0cHM6OTQ0M1wvb2F1dGgyXC90b2tlbiIsImV4cCI6MTY2NDM5ODA2OCwiaWF0IjoxNjY0Mzk0NDY4LCJqdGkiOiJlNzk0Nzc4Yi01ODc5LTQ1MGMtYTJjZi01NTc4OWY1ZTlhZTEifQ.lRMyTWakh7YLHcGNlhQiKUklEo-do769KTaUt_gzVuotjyVbH7B5H1Kx2RY9Lp-UQkWnGSRxkwRHSH9c5VxwJoM8kmzZYULNbl-AvxDa7mXF6_UHHTTSwgg-ahtLBGe9d5bEOJ6mkEMzYdnOlQfmGSS6c97Wlg0Vyme61_9ZWhwspLJGmfBEtGSIRlqYPLOXlIJnMKEhWRO10TM9rtv70_yG5M4OwQu7OCILME1ubj4D6Vw1tQ7f_f10tBPTitRPPjbwQ-h-LMdZx6RFgfUmeKeirnHsa89xlkXt9JXl9BhMX-cutIqVlaUd6G-lsqNjyEd6oYiM_M0gw6YIjYlXfw",
    "keyManager": "Resident Key Manager",
    "isAppToken": true
  },
  "appAttributes": {},
  "sub": "APIUSER"
}

对象"jwtValidationInfo“有一个"claims”数组，其中有一个字段"aut“，其值为"APPLICATION”。问题：是否等同于 JWTGenerator 和JWTGenerator方法？E 214

Answer 1

用户类型概念(“应用程序用户”，“应用程序”)将从api管理器的最新版本中删除。您也不会在UI中找到这个。现在可以使用作用域实现此功能。这就是为什么jwt中没有它的原因。