below is the code(partial) using which I am able to generate JWT token and subsequently access token using single scope=profile,
how to combine another scope (offline_access) to generate JWT token which which gives me access token as well as refresh token
claims.put("aud", "http://localhost:4502/oauth/token"); claims.put("iss", "u3a3i5pn1mgalf3fq7oof8jk33-iyz0qx0v"); claims.put("sub", "admin"); claims.put("exp", exp); claims.put("iat", iat); claims.put("scope", "profile"); //claims.put("scope", "offline_access"); claims.put("cty", "code"); token = Jwts.builder().setClaims(claims).signWith(SignatureAlgorithm.RS256, privateKey).compact();
This seems like a custom implementation for OAuth, is it? I suppose you're using AEM as a (SP) Service Provider? If so, what IdP (Identity Provider) you are integerating with?
Generally the IdP would provide API or tech documentation on how SP can consume different tokens from it.
I'll wait for the above answers before digging deeper.
You can't have AEM (or any application) as both SP and IdP
From your description it seems to be that you are probably using AEM as SP, since you are trying to fetch access token in it.
Here's a sample project where AEM (as SP) is integrated with Linked (as IdP) for users to login using OAuth. This should give you a good idea implementing custom OAuth in AEM.