|
[{"id":"123bde2c.0ee5ea","type":"http in","z":"1b93a20.897555e","name":"","url":"/introspect","method":"post","upload":false,"swaggerDoc":"","x":140,"y":180,"wires":[["631f5d94.d4c6cc"]]},{"id":"6988ae91.cf2668","type":"debug","z":"1b93a20.897555e","name":"log3","active":true,"tosidebar":true,"console":false,"tostatus":false,"complete":"true","targetType":"full","x":310,"y":100,"wires":[]},{"id":"851da745.013c3","type":"http response","z":"1b93a20.897555e","name":"","statusCode":"","headers":{},"x":1090,"y":180,"wires":[]},{"id":"e451c92d.f61fe8","type":"http request","z":"1b93a20.897555e","name":"","method":"POST","ret":"obj","paytoqs":false,"url":"https://us-south.appid.cloud.ibm.com/oauth/v4/<tenantId>/introspect","tls":"","proxy":"","authType":"basic","x":930,"y":180,"wires":[["851da745.013c3"]]},{"id":"2529ab6.a37b554","type":"debug","z":"1b93a20.897555e","name":"log6","active":true,"tosidebar":true,"console":false,"tostatus":false,"complete":"true","targetType":"full","x":1090,"y":140,"wires":[]},{"id":"98d16c1f.3a29f","type":"http request","z":"1b93a20.897555e","name":"","method":"POST","ret":"obj","paytoqs":false,"url":"https://us-south.appid.cloud.ibm.com/oauth/v4/<tenantId>/token","tls":"","proxy":"","authType":"basic","x":550,"y":180,"wires":[["e57d818b.5115a"]]},{"id":"2905ff3e.d98878","type":"debug","z":"1b93a20.897555e","name":"log5","active":true,"tosidebar":true,"console":false,"tostatus":false,"complete":"true","targetType":"full","x":710,"y":140,"wires":[]},{"id":"bf6cba9a.677298","type":"function","z":"1b93a20.897555e","name":"fnParseCredentials","func":"let decodedAuth = msg.temp_authheader;\nlet credentials = decodedAuth.split(\":\");\n\nlet username = credentials[0];\nlet password = credentials[1];\nlet granttype = \"password\";\n\n// if x- was used, then \n// username:password should be overwritten\n// by x- values\nlet xUsername = msg.req.headers['x-introspect-username'];\nlet xPassword = msg.req.headers['x-introspect-password'];\nlet xGranttype = msg.req.headers['x-introspect-granttype'];\nif(xUsername){\n username=xUsername;\n}\nif(xPassword){\n password=xPassword;\n}\nif(xGranttype){\n granttype=xGranttype;\n}\nmsg.payload['grant_type']=granttype;\nmsg.payload['username']=username;\nmsg.payload['password']=password;\n\nreturn msg;","outputs":1,"noerr":0,"x":350,"y":180,"wires":[["98d16c1f.3a29f"]]},{"id":"f6e86a34.7e1398","type":"debug","z":"1b93a20.897555e","name":"log4","active":true,"tosidebar":true,"console":false,"tostatus":false,"complete":"payload","targetType":"msg","x":530,"y":100,"wires":[]},{"id":"e57d818b.5115a","type":"function","z":"1b93a20.897555e","name":"fnParseToken","func":"let accessToken = msg.payload['access_token'];\nlet idToken = msg.payload['id_token'];\nlet tokenType = msg.payload['token_type'];\nlet expiresIn = msg.payload['expires_in'];\n \nmsg.payload['token']=idToken;\n\nreturn msg;","outputs":1,"noerr":0,"x":740,"y":180,"wires":[["e451c92d.f61fe8"]]},{"id":"d2d375c8.01c2e","type":"comment","z":"1b93a20.897555e","name":"POST /introspection","info":"Instead only the /introspection endpoint is called, \nso hence I moved the /token request into the \nintrospection workflow","x":150,"y":80,"wires":[]},{"id":"8605db32.01c38","type":"base64","z":"1b93a20.897555e","name":"decodeAuthHeader","action":"b64","property":"temp_authheader","x":370,"y":300,"wires":[["bf6cba9a.677298"]]},{"id":"631f5d94.d4c6cc","type":"function","z":"1b93a20.897555e","name":"fnParseAuthHeader","func":"let basicAuth = msg.req.headers['authorization'];\nlet encodedAuth = basicAuth.replace(\"Basic \",\"\");\nmsg.temp_authheader = encodedAuth;\n\nreturn msg;","outputs":1,"noerr":0,"x":170,"y":300,"wires":[["8605db32.01c38"]]},{"id":"4a303450.4c764c","type":"debug","z":"1b93a20.897555e","name":"log1","active":true,"tosidebar":true,"console":false,"tostatus":false,"complete":"true","targetType":"full","x":330,"y":340,"wires":[]},{"id":"1e21a84e.2e9738","type":"debug","z":"1b93a20.897555e","name":"log2","active":true,"tosidebar":true,"console":false,"tostatus":false,"complete":"true","targetType":"full","x":530,"y":340,"wires":[]},{"id":"a6a604c7.8b17d","type":"comment","z":"1b93a20.897555e","name":"Allow Basic Auth with username:password","info":"","x":240,"y":260,"wires":[]},{"id":"810f14fd.ec17c","type":"comment","z":"1b93a20.897555e","name":"x-introspect will overwrite Basic Auth","info":"","x":410,"y":140,"wires":[]}] |