Uploaded image for project: 'Kogito'
  1. Kogito
  2. KOGITO-7057

[KSW][OpenAPI] - Add Token Propagation support to OpenAPI Extension


    • False
    • None
    • False
    • ---
    • ---
    • 2022 Week 17-19 (from Apr 25), 2022 Week 20-22 (from May 16)

      After KOGITO-6970, we are now looking for adding support to Token Propagation.

      This enhancement will add an option to the extension that users can set a given security scheme to use token propagation instead of the classic OAuth2 Client Filter.

      So, instead of filtering a given request with an OAuth2 classic filter that will try to create a token, the propagation filter should take the token from the original request and propagate it to the request.

      We need research around this topic to understand exactly how that will work in SW environments:

      Client Service -> Kogito SW -> Target 3rd party. Where:

      • Client Service, the original caller will have the token to 3rd party
      • Kogito SW, an OpenAPI function within the flow will call the target 3rd party and propagate the token

      How to map between the given operation and the token in the Client Service? What if the Client Service must call more than one OpenAPI function that requires token propagation? Users should be able to control this behavior by specifying in the properties a header in the original request that will be used to do the token propagation.

      See https://quarkus.io/guides/security-openid-connect-client#token-propagation for reference.

            wmedvede@redhat.com Walter Medvedeo
            rhn-support-zanini Ricardo Zanini
            0 Vote for this issue
            2 Start watching this issue