Testing WSO2 Identity Server OAuth 2.0 support with Curl
来源:互联网 发布:尼尔机械纪元n卡优化 编辑:程序博客网 时间:2024/05/17 22:48
WSO2 Identity Server adds OAuth 2.0 support from it's very next release. Hopefully by the end of this August. OAuth Core specification supports four grant types.
1. Authorization Code Grant (authorization_code)
2. Implicit Grant
3. Resource Owner Password Credentials Grant (password)
4. Client Credentials Grant (client_credentials)
In this blog post we only talk about last two grant types - since those can be directly executed via curl.
First you need to download the WSO2 Identity Server 4.0.0 server from here.
1. Start the server
2. Login with admin/admin
3. Main/Manage/OAuth/Register New Application
4. Select OAuth 2.0
5. Give an Application Name and any Callback Url [need not to be real for this case]
6. Once you click on "Add" you will be taken to the OAuth Management page
7. Click on the application you just created.
8. Copy the values of Client Id and Client Secret -- we need these values later.
Now lets see how we get an access token from Identity Server via curl.
This is how it works under Resource Owner Password Credentials grant type.
This is useful when the end user or the resource owner trusts the application. I will not talk about the advantages and disadvantages of this grant type here - will have another blog post on that. Anyway this is a grant type you should use with extra care.
$ curl --user Client_Id:Client_Secret -k -d "grant_type=password&username=admin&password=admin" -H "Content-Type:application/x-www-form-urlencoded" https://localhost:9443/oauth2/token
You need to replace Client_Id:Client_Secret with your values...
The response would be something like...
{"token_type":"bearer",
"expires_in":3600,
"refresh_token":"d78e445a78c9bdce17f349068495ebe",
"access_token":"3a1d3e2983fafc73eec3f894cb6eb4"}
Now you can use this access_token to access the protected resource.
Let's how to execute curl to get an access_token with Client Credentials Grant type. Here the client becomes the resource owner. Almost similar to 2-legged OAuth we talked under OAuth 1.0.
curl --user Client_Id:Client_Secret -k -d "grant_type=client_credentials&username=admin&password=admin" -H "Content-Type:application/x-www-form-urlencoded" https://localhost:9443/oauth2/token
You need to replace Client_Id:Client_Secret with your values...
The response would be.
{"token_type":"bearer",
"expires_in":3600,
1. Authorization Code Grant (authorization_code)
2. Implicit Grant
3. Resource Owner Password Credentials Grant (password)
4. Client Credentials Grant (client_credentials)
In this blog post we only talk about last two grant types - since those can be directly executed via curl.
First you need to download the WSO2 Identity Server 4.0.0 server from here.
1. Start the server
2. Login with admin/admin
3. Main/Manage/OAuth/Register New Application
4. Select OAuth 2.0
5. Give an Application Name and any Callback Url [need not to be real for this case]
6. Once you click on "Add" you will be taken to the OAuth Management page
7. Click on the application you just created.
8. Copy the values of Client Id and Client Secret -- we need these values later.
Now lets see how we get an access token from Identity Server via curl.
This is how it works under Resource Owner Password Credentials grant type.
This is useful when the end user or the resource owner trusts the application. I will not talk about the advantages and disadvantages of this grant type here - will have another blog post on that. Anyway this is a grant type you should use with extra care.
$ curl --user Client_Id:Client_Secret -k -d "grant_type=password&username=admin&password=admin" -H "Content-Type:application/x-www-form-urlencoded" https://localhost:9443/oauth2/token
You need to replace Client_Id:Client_Secret with your values...
The response would be something like...
{"token_type":"bearer",
"expires_in":3600,
"refresh_token":"d78e445a78c9bdce17f349068495ebe",
"access_token":"3a1d3e2983fafc73eec3f894cb6eb4"}
Now you can use this access_token to access the protected resource.
Let's how to execute curl to get an access_token with Client Credentials Grant type. Here the client becomes the resource owner. Almost similar to 2-legged OAuth we talked under OAuth 1.0.
curl --user Client_Id:Client_Secret -k -d "grant_type=client_credentials&username=admin&password=admin" -H "Content-Type:application/x-www-form-urlencoded" https://localhost:9443/oauth2/token
You need to replace Client_Id:Client_Secret with your values...
The response would be.
{"token_type":"bearer",
"expires_in":3600,
"access_token":"9cdd18286e27dd768b74577276f217be"}
转自:http://blog.facilelogin.com/2012/08/testing-wso2-identity-server-oauth-20.html
0 0
- Testing WSO2 Identity Server OAuth 2.0 support with Curl
- OAuth 2.0 Support with WSO2 Identity Server
- wso2 identity server 的openid实例
- curl with ssl support 编译
- Automation Server with mfc support
- Server-side Java testing with Cactus
- 解决Curl development headers with SSL support NOT FOUND 问题
- Testing Support Library
- Unit testing support(译文)
- Android Testing Support Library
- WSO2 Business Process Server简介
- WS02-WSO2 Application server介绍
- Setup https server with a self SSL certificate for testing.
- WSO2 Business Process Server(WSO2 BPS)使用简易教程
- OAuth 2.0 Authorization Server 代码copy
- Google Play services and OAuth Identity Tools
- How to build cURL static library with SSL support on Windows
- 【OAuth】理解OAuth 2.0
- Ruby 如何排序Hash数组
- const、static、内部链接属性和外部链接属性整理
- 定义一个名为Vehicles(交通工具)的基类
- 千元4G手机 中兴红牛V5“威武”发布
- java中synchronized的用法详解
- Testing WSO2 Identity Server OAuth 2.0 support with Curl
- web.xml详细解答
- IIS HTTP 错误 403.1 - 禁止访问:执行访问被拒绝
- 关于在pjsip中添加视频的流程说明
- 全新中级SUV领衔 本田北京车展阵容公布
- 网络安全数据加密问题
- Git 常用命令速查表(三)
- 使用kettle完成数据迁移
- c#学习笔记之时间类