By: Uwaraj Waman named 14 Mar 2022 at 6:09 a.m. CDT

2 Responses

We are looking to intercept the OIDC token request to extract the requestor IP Address. Is there an interception script that gets invoked during OIDC token request processing event that can be used to read http request information? OR can you please point me in right direction to achieve this?

Gluu 4.3 Ubuntu 14.0

closed

By Yuriy Zabrovarnyy staff 14 Mar 2022 at 7:05 a.m. CDT

Copy

It is not possible with Gluu 4.3 but it is possible with jans (next generation of Gluu AS under Linux Foundation). https://github.com/JanssenProject/jans/ In jans you can: 1. add `UpdateTokenType` custom script 2. intercept `getAccessTokenLifetimeInSeconds` just before token get created. In script you can access request object as `context.getHttpRequest()` which returns `javax.servlet.http.HttpServletRequest` under the hood. Hope it helps. Reference: https://github.com/JanssenProject/jans/blob/4babe55a494c0edad899776f086d8c59368031f2/jans-linux-setup/jans_setup/openbanking/static/extension/update_token/UpdateToken.py#L88

By Uwaraj Waman named 14 Mar 2022 at 7:42 a.m. CDT

Copy

Thanks Yuriy.

You need to Login in order to post an answer

Intercepting OIDC Token Request

By: Uwaraj Waman named 14 Mar 2022 at 6:09 a.m. CDT

Answers

By Yuriy Zabrovarnyy staff 14 Mar 2022 at 7:05 a.m. CDT

By Uwaraj Waman named 14 Mar 2022 at 7:42 a.m. CDT

Post an answer