Testing WSO2 Identity Server OAuth 2.0 support with Curl
2014-04-10 17:09
543 查看
WSO2 Identity Server adds OAuth 2.0 support from it's very next release. Hopefully by the end of this August. OAuth Core specification
supports four grant types.
1. Authorization Code Grant (authorization_code)
2. Implicit Grant
3. Resource Owner Password Credentials Grant (password)
4. Client Credentials Grant (client_credentials)
In this blog post we only talk about last two grant types - since those can be directly executed via curl.
First you need to download the WSO2 Identity Server 4.0.0 server from here.
1. Start the server
2. Login with admin/admin
3. Main/Manage/OAuth/Register New Application
4. Select OAuth 2.0
5. Give an Application Name and any Callback Url [need not to be real for this case]
6. Once you click on "Add" you will be taken to the OAuth Management page
7. Click on the application you just created.
8. Copy the values of Client Id and Client Secret -- we need these values later.
Now lets see how we get an access token from Identity Server via curl.
This is how it works under Resource Owner Password Credentials grant type.
This is useful when the end user or the resource owner trusts the application. I will not talk about the advantages and disadvantages of this grant type here - will have another
blog post on that. Anyway this is a grant type you should use with extra care.
$ curl --user Client_Id:Client_Secret -k -d "grant_type=password&username=admin&password=admin" -H "Content-Type:application/x-www-form-urlencoded" https://localhost:9443/oauth2/token
You need to replace Client_Id:Client_Secret with your values...
The response would be something like...
{"token_type":"bearer",
"expires_in":3600,
"refresh_token":"d78e445a78c9bdce17f349068495ebe",
"access_token":"3a1d3e2983fafc73eec3f894cb6eb4"}
Now you can use this access_token to access the protected resource.
Let's how to execute curl to get an access_token with Client Credentials Grant type. Here the client becomes the resource owner. Almost similar to 2-legged OAuth we talked
under OAuth 1.0.
curl --user Client_Id:Client_Secret -k -d "grant_type=client_credentials&username=admin&password=admin" -H "Content-Type:application/x-www-form-urlencoded" https://localhost:9443/oauth2/token
You need to replace Client_Id:Client_Secret with your values...
The response would be.
{"token_type":"bearer",
"expires_in":3600,
"access_token":"9cdd18286e27dd768b74577276f217be"}
转自:http://blog.facilelogin.com/2012/08/testing-wso2-identity-server-oauth-20.html
supports four grant types.
1. Authorization Code Grant (authorization_code)
2. Implicit Grant
3. Resource Owner Password Credentials Grant (password)
4. Client Credentials Grant (client_credentials)
In this blog post we only talk about last two grant types - since those can be directly executed via curl.
First you need to download the WSO2 Identity Server 4.0.0 server from here.
1. Start the server
2. Login with admin/admin
3. Main/Manage/OAuth/Register New Application
4. Select OAuth 2.0
5. Give an Application Name and any Callback Url [need not to be real for this case]
6. Once you click on "Add" you will be taken to the OAuth Management page
7. Click on the application you just created.
8. Copy the values of Client Id and Client Secret -- we need these values later.
Now lets see how we get an access token from Identity Server via curl.
This is how it works under Resource Owner Password Credentials grant type.
This is useful when the end user or the resource owner trusts the application. I will not talk about the advantages and disadvantages of this grant type here - will have another
blog post on that. Anyway this is a grant type you should use with extra care.
$ curl --user Client_Id:Client_Secret -k -d "grant_type=password&username=admin&password=admin" -H "Content-Type:application/x-www-form-urlencoded" https://localhost:9443/oauth2/token
You need to replace Client_Id:Client_Secret with your values...
The response would be something like...
{"token_type":"bearer",
"expires_in":3600,
"refresh_token":"d78e445a78c9bdce17f349068495ebe",
"access_token":"3a1d3e2983fafc73eec3f894cb6eb4"}
Now you can use this access_token to access the protected resource.
Let's how to execute curl to get an access_token with Client Credentials Grant type. Here the client becomes the resource owner. Almost similar to 2-legged OAuth we talked
under OAuth 1.0.
curl --user Client_Id:Client_Secret -k -d "grant_type=client_credentials&username=admin&password=admin" -H "Content-Type:application/x-www-form-urlencoded" https://localhost:9443/oauth2/token
You need to replace Client_Id:Client_Secret with your values...
The response would be.
{"token_type":"bearer",
"expires_in":3600,
"access_token":"9cdd18286e27dd768b74577276f217be"}
转自:http://blog.facilelogin.com/2012/08/testing-wso2-identity-server-oauth-20.html
相关文章推荐
- 使用WSO2自动生成DataService
- WSO2 Enterprise Integrator---(1)
- wso2——(11)esb 服务 API调用
- WSO2 ——(9)ESB功能:数据转换
- WSO2——(8)ESB功能:消息路由
- WSO2 ——(7)ESB功能:协议转换
- WSO2 ——(6)开发几种services的方法:SOAP与REST
- wso2 ——(4)esb 汉化
- wso2 ——(2)esb 基本组件介绍
- WSO2 ESB(1)
- 使用wso2的bps平台开发一个定时任务的流程
- 常用bpmn工作流引擎
- wso2 identity server 的openid实例
- WSO2 IS 4.6.0 报错:Access token identifier is not present in the validation request
- OpenID 说明
- OAuth 2.0 Bearer Token Profile Vs MAC Token Profile
- OAuth 2.0 Support with WSO2 Identity Server
- wso2 API Manager主要概念介绍
- wso2governance registry 元数据功能简介
- 大中华地区最佳WSO2 PaaS 平台解决方案社区 qq群号:229849173