Сan someone explain to me the difference between JWTGenerator and APIMgtGatewayJWTGeneratorImpl classes?
I updated wso2 from version 2.6.0 to 4.1.0 and there was only this JWTGenerator generator class, but now it does not work.
In early versions of WSO2 API Manager, it has opaque token support. So if you are migrating to latest APIM version and still want to use opaque tokens instead of the JWT tokens, you have to use the class JWTGenerator. If you look at the package of this class, it is org.wso2.carbon.apimgt.keymgt.token. So token generation happens at the key manager(KM) side. When an opaque token is used in an API call, the gateway calls the key manager to validates the opaque token and also it generates a backend JWT. Then the gateway receives the backend JWT for a valid access token from the KM and GW sends the Backend JWT to the backend service. Refer - https://apim.docs.wso2.com/en/latest/deploy-and-publish/deploy-on-gateway/api-gateway/passing-enduser-attributes-to-the-backend-via-api-gateway/#customizing-the-jwt-generation-completely
If you are using JWT access tokens to access APIs, then you should use APIMgtGatewayJWTGeneratorImpl. When an access token comes to the gateway, it validates the token itself and generates a backend JWT. So this class is used. Refer - https://apim.docs.wso2.com/en/latest/deploy-and-publish/deploy-on-gateway/api-gateway/passing-enduser-attributes-to-the-backend-via-api-gateway/#jwt-self-contained-access-tokens