> 데이터 베이스 > MySQL 튜토리얼 > Testing WSO2 Identity Server OAuth 2.0 support with Curl

Testing WSO2 Identity Server OAuth 2.0 support with Curl

WBOY
풀어 주다: 2016-06-07 15:14:36
원래의
1224명이 탐색했습니다.

WSO2 Identity Server adds OAuth 2.0 support from it's very next release. Hopefully by the end of this August. OAuth Core specification supports four grant types. 1. Authorization Code Grant (authorization_code) 2. Implicit Grant 3. Resourc

WSO2 Identity Server adds OAuth 2.0 support from it's very next release. Hopefully by the end of this August. OAuth Core specification supports four grant types.

1. Authorization Code Grant (authorization_code)
2. Implicit Grant
3. Resource Owner Password Credentials Grant (password)
4. Client Credentials Grant (client_credentials)

In this blog post we only talk about last two grant types - since those can be directly executed via curl.

First you need to download the WSO2 Identity Server 4.0.0 server from here.

1. Start the server
2. Login with admin/admin
3. Main/Manage/OAuth/Register New Application

Testing WSO2 Identity Server OAuth 2.0 support with Curl













4. Select OAuth 2.0
5. Give an Application Name and any Callback Url [need not to be real for this case]

Testing WSO2 Identity Server OAuth 2.0 support with Curl


















6. Once you click on "Add" you will be taken to the OAuth Management page
7. Click on the application you just created.

Testing WSO2 Identity Server OAuth 2.0 support with Curl













8. Copy the values of Client Id and Client Secret -- we need these values later.

Testing WSO2 Identity Server OAuth 2.0 support with Curl






















Now lets see how we get an access token from Identity Server via curl.


This is how it works under Resource Owner Password Credentials grant type.

This is useful when the end user or the resource owner trusts the application. I will not talk about the advantages and disadvantages of this grant type here - will have another blog post on that. Anyway this is a grant type you should use with extra care.

$ curl --user Client_Id:Client_Secret  -k -d "grant_type=password&username=admin&password=admin" -H "Content-Type:application/x-www-form-urlencoded"  https://localhost:9443/oauth2/token

You need to replace Client_Id:Client_Secret with your values... 

The response would be something like...

{"token_type":"bearer",
"expires_in":3600,
"refresh_token":"d78e445a78c9bdce17f349068495ebe",
"access_token":"3a1d3e2983fafc73eec3f894cb6eb4"} 

Now you can use this access_token to access the protected resource.

Let's how to execute curl to get an access_token with Client Credentials Grant type. Here the client becomes the resource owner. Almost similar to 2-legged OAuth we talked under OAuth 1.0.

curl --user Client_Id:Client_Secret  -k -d "grant_type=client_credentials&username=admin&password=admin" -H "Content-Type:application/x-www-form-urlencoded"  https://localhost:9443/oauth2/token 

You need to replace Client_Id:Client_Secret with your values...

The response would be.

{"token_type":"bearer",
"expires_in":3600,

"access_token":"9cdd18286e27dd768b74577276f217be"}



http://blog.facilelogin.com/2012/08/testing-wso2-identity-server-oauth-20.html


관련 라벨:
원천:php.cn
본 웹사이트의 성명
본 글의 내용은 네티즌들의 자발적인 기여로 작성되었으며, 저작권은 원저작자에게 있습니다. 본 사이트는 이에 상응하는 법적 책임을 지지 않습니다. 표절이나 침해가 의심되는 콘텐츠를 발견한 경우 admin@php.cn으로 문의하세요.
인기 튜토리얼
더>
최신 다운로드
더>
웹 효과
웹사이트 소스 코드
웹사이트 자료
프론트엔드 템플릿