gabriel-farache opened a new issue, #1899:
URL: https://github.com/apache/incubator-kie-issues/issues/1899
Sometimes, users find it helpful to access information from a specific JWT
token passed to the workflow service.
SonataFlow runtime can have a custom out-of-the-box function capable of
parsing and decoding these tokens so that users can access the claims in the
DSL expressions. For example:
```
functions:
- name: extractUser
type: custom
operation: "service:org.acme.workflow.auth.JWTParserHelper::extractUser"
states:
- name: extractUserName
type: operation
actions:
- name: extractUserAction
functionRef:
refName: extractUser
arguments:
token: "${
$WORKFLOW.headers.\"X-Authorization-acme_financial_auth\" }"
stateDataFilter:
output: "${ { user: .preferred_username } }"
```
In this excerpt, the DSL refers to a custom Java function within the project
that parses the JWT token from the header
"X-Authorization-acme_financial_auth."
Later, the workflow author can access the "user" attribute to return a
personalized message to the requester:
```
- name: loanApproved
type: inject
data:
loanApproved: true
stateDataFilter:
output: "${ { message: \"Congrats \\(.user)! Your loan has been
approved!\", loanApproved } }"
```
As a shortcut, the function can take the custom header as an input and
output the [JWT Payload](https://jwt.io/introduction) in JSON format, which can
be merged into the workflow data context.
This function can also be added to the [Serverless Workflow Functions
catalog](https://github.com/serverlessworkflow/catalog)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
