This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

feature vs features- features.OAuthTokenHashingAlgorithm

Posted on 09-15-2021 01:23 AM
sjm2000
Silver 1
Silver 1
Reply posted on --/--/---- --:-- AM

Team,

Please find below my APIGEE organization property details .

Version: OPDK Apigee for private cloud version 4.50

 

 

"properties" : {
"property" : [ {
"name" : "features.OAuthTokenFallbackHashingAlgorithm",
"value" : "PLAIN"
}, {
"name" : "features.OAuthTokenHashingAlgorithm",
"value" : "SHA256"
}, {
"name" : "features.isOAuthTokenHashingEnabled",
"value" : "true"
}, {
"name" : "feature.enableMultipleXForwardCheckForACL",
"value" : "true"
}, {
"name" : "features.isOAuthTokenFallbackHashingEnabled",
"value" : "true"
} ]
},

 

The oAuth Hashing is not taking place even after enabling the above.

What could be the reason?

Is it "features" or "feature"?

Would certainly appreciate quick response 🙂

Thank you

 

 

Solved Solved
0 6 231
Jump to Solution
0 Likes
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
dchiesa1
Staff
In response to sjm2000
Reply posted on --/--/---- --:-- AM

Seems like either a bug, or a mis-configuration.  Yes, I would advise raising a support ticket. My further advice: Be as thorough as you can in the initial report to avoid the round-trip back-and-forths in which the support engineer will ask incremental questions.  For example, be clear about how you came to the conclusion that newly minted tokens are not hashed. Show the exact steps you performed and the results you saw. etc etc. 

 

View solution in original post

Jump to Solution
0 Likes
6 REPLIES 6

Posted on --/--/---- --:-- AM
API-Evangelist
Silver 5
Silver 5
Reply posted on --/--/---- --:-- AM

Hope you followed https://docs.apigee.com/api-platform/security/oauth/hashing-tokens

Un-sure but may be try restarting and see if it make any difference.

 

 

 

Jump to Solution

Posted on --/--/---- --:-- AM
sjm2000
Silver 1
Silver 1
In response to API-Evangelist
Reply posted on --/--/---- --:-- AM

Yes we had enabled the hashing as per the document .

 

Also we have done the restart  . However the token is still not hashed .

 

Is there something else we have to do ?

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
dchiesa1
Staff
In response to sjm2000
Reply posted on --/--/---- --:-- AM

You said

However the token is still not hashed .

which token is not hashed? Are you referring to newly minted tokens? Or existing tokens?  I would expect this hashing to happen only on newly minted tokens. 

Jump to Solution

Posted on --/--/---- --:-- AM
sjm2000
Silver 1
Silver 1
In response to dchiesa1
Reply posted on --/--/---- --:-- AM

Hello 👋

 

Newly minted tokens , using client ID and client secret belonging to existing app.

 

Thanks 

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
sjm2000
Silver 1
Silver 1
In response to dchiesa1
Reply posted on --/--/---- --:-- AM

hi @dchiesa1 @API-Evangelist 

could this be a bug? Or something else could be wrong?

Regards
Sujith

PS: do i need to raise support ticket?

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
dchiesa1
Staff
In response to sjm2000
Reply posted on --/--/---- --:-- AM

Seems like either a bug, or a mis-configuration.  Yes, I would advise raising a support ticket. My further advice: Be as thorough as you can in the initial report to avoid the round-trip back-and-forths in which the support engineer will ask incremental questions.  For example, be clear about how you came to the conclusion that newly minted tokens are not hashed. Show the exact steps you performed and the results you saw. etc etc. 

 

Jump to Solution
0 Likes