Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Custom introspection

See original GitHub issue

We’re using IS4 1.5.0. In an effort to support multi-tenancy, we’ve customized the introspection endpoint (by implementing IIntrospectionRequestValidator) to allow additional scopes to be specified in the request. This allows claims return by the introspection endpoint to be in a different (tenant)context than the original authN request. It essentially allows API resources to augment requests with different or additional tenant IDs.

To make this work we need a method to allow the introspection middleware to inspect an incoming API request, and based that inspection, specify additional parameters on the introspection request. Maybe something similiar to way token retrieval works:

string token = Options.TokenRetriever(Context.Request);

e.g.

IDictionary<string, string> introspectionParameters = Options.AdditionalParameterRetriever(Context.Request);

which gets added to the introspection request:

public class IntrospectionRequest
{
	public string Token { get; set; }
	public IDictionary<string, string> Parameters { get; set; }
	...
}

There’s also the issue of caching. I hope this makes sense. Thoughts on this approach?

Thanks, Andrew

Issue Analytics

  • State:closed
  • Created 6 years ago
  • Comments:11 (5 by maintainers)

github_iconTop GitHub Comments

1reaction
andrew-laughlincommented, Jun 5, 2017

ok thanks. I’ve updated this PR to consume the IdentityModel 2.9.1 release --> https://github.com/IdentityModel/IdentityModel.AspNetCore.OAuth2Introspection/pull/14

0reactions
github-actions[bot]commented, Feb 20, 2021

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue.

Read more comments on GitHub >

github_iconTop Results From Across the Web

How to write a Custom Introspection Data Provider — WSO2 ...
Let's try out invoking the introspection endpoint with the custom introspection data provider. First, invoke the token endpoint to get the ...
Read more >
Allow Token Introspection to be customized · Issue #493
At the moment, the Token Introspection endpoint cannot be customized. We will look at adding this support soon. In the meantime, the JWT ......
Read more >
Introspection & Custom ID Generation
This API defines a method for a protected resource to query an OAuth 2.0 authorization server to determine the active state of an...
Read more >
oauth 2.0 - How to implement custom ...
It seems you have two goals: Customize a jwt, by adding custom claims. Obtain those claims via the introspection endpoint from a resource ......
Read more >
OAuth introspection
OAuth introspection. An Introspection URL implemented to the spec of RFC 7662 allows for information about an access token to be returned.
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Discovery endpoint retrieval problem

Next page

Snyk vulnerability in v3.1.2