Sunday, December 18, 2016

How to use SimpleHTTPServer


Prerequisite:- 

Linux flavor OS
python installed

What is SimpleHTTPServer :-

The SimpleHTTPServer module that comes with Python is a simple HTTP server. The SimpleHTTPServer provides standard GET and HEAD request handlers. With SimpleHTTPServer you can turn any directory in your system into your web server directory.

If you installed python, you don't have anything to install or configure. It is built in HTTP server with python.
If you don't install python use below apt-get command to install it first,

sudo apt-get install python

How to use it :-

Start the server by using below command (which is start with default HTTP port- 8000),

python -m SimpleHTTPServer

If you need to start the server by specifying the port. You need to used below command format,

python -m SimpleHTTPServer [port]
Sample command below,

python -m SimpleHTTPServer 8085

 How to share a directory and files :-

First you need to cd (change directory) as you wish.

$ cd /home/pradeepa/shareDirectory/

Now you can start the SimpleHTTPServer in current directory and wish to have access via browser,
/shareDirectory $ python -m SimpleHTTPServer 8085

Just after hit enter you can see below massage,
Serving HTTP on 0.0.0.0 port 8085 ...

Click your favorite browser and type any of following addresses,

http://localhost:8085/
http://127.0.0.1:8085/
http://your_ip_address:8085/

Now you can listed all the directories and files.

Happy sharing with python  SimpleHTTPServer .

 Reference:-

[1] https://docs.python.org/2/library/simplehttpserver.html

Posted by at No comments:
Labels: , , , , ,

Wednesday, December 7, 2016

Useful curl:// commands in WSO2 Identity Server


Background of curl:// :-

March-20-1998 to be curl's birthday. Curl is recursive acronym "Curl URL Request Library " and some times call backronym. You can refer more details regarding curl in this official site[1]. Further you can download everything-curl.pdf file in same site.

[1] https://curl.haxx.se/

Prerequisite:- 

java 1.7 or above
WSO2 IS 5.2.0(still [December 7, 2016] latest version)

You can used curl command to different scenarios in WSO2 IS.

First example using curl for SCIM(System for Cross-domain Identity Management ) user creation in primary and secondary user store.


Primary User Store:-
curl -v -k --user admin:admin --data "{"schemas":[],"name":{"familyName":"Wickramasinghe","givenName":"Pradeepa"},"userName":'Pradeepa',"password":"qazwsx"}" --header "Content-Type:application/json" https://localhost:9443/wso2/scim/Users

Secondary User Store:-
curl -v -k --user admin:admin --data "{"schemas":[],"name":{"familyName":"Wickramasinghe","givenName":"Pradeepa"},"userName":'VIRTUSA.COM/Pradeepa',"password":"qazwsx"}" --header "Content-Type:application/json" https://localhost:9443/wso2/scim/Users

Further is it possible to create OAuth2 access token using curl://.

For this you need to create service provider using WSO2 IS management console. Refer WSO2 document for more details [2].

[2] https://docs.wso2.com/display/IS520/Session+Management+with+Playground

According to the Oauth 2.0 specification available four grant types. Those are,
  1. Authorization Code
  2. Implicit
  3. Password(Resource Owner Password Credentials)
  4. Client Credentials
Below we use two grant type to create OAuth token using curl.

password:-
curl --user  EFT1_0yv2HL84MYtH_wUtuh8Enga:x2QHCl9_OGzfGc0qZpSmSGfTp9Ua -k -d "grant_type=password&username=virtusa.com/Pradeepa&password=qazwsx&scope=openid" -H  "Content-Type: application/x-www-form-urlencoded" https://localhost:9443/oauth2/token

client credentials:-
curl -u  EFT1_0yv2HL84MYtH_wUtuh8Enga:x2QHCl9_OGzfGc0qZpSmSGfTp9Ua -k -d "grant_type=client_credentials" -H  "Content-Type: application/x-www-form-urlencoded" https://localhost:9443/oauth2/token

Refresh token usage

sample curl command format,

curl -k -d "grant_type=refresh_token&refresh_token=<refresh_token>" -H "Authorization: Basic <Base64Encoded(Client_Id:Client_Secret)>" -H "Content-Type: application/x-www-form-urlencoded" https://localhost:9443/oauth2/token

Access token Revoke

sample curl command format,

curl -X POST --basic -u "<client id>:<client secret>" -H "Content-Type: application/x-www-form-urlencoded;charset=UTF-8" -k -d "token=<token to revoke>&token_type_hint=access_token" https://localhost:9443/oauth2/revoke




Posted by at No comments:
Labels: , , , , , ,

Tuesday, October 18, 2016

Define custom claims for OpenID Connect Response

WSO2 Identity Server followed the OpenID connect core specification[1]. According to the specification[2] OpenID connect have a number of scope such as Openid, profile, email, address, phone etc..
Each scope have define set of claims. As an example, scope profile has set of claims below,
name, family_name, given_name, middle_name, nickname, preferred_username, profile, picture, website, gender, birthdate, zoneinfo, locale, and updated_at.
You can refer more details of OpenID Connect in WSO2 official documentation[3]. 
If you need to add custom claim into the default scope which is not defined in specification. Then you need to follow the steps below.
  
[1] http://openid.net/specs/openid-connect-core-1_0.html
[2] http://openid.net/specs/openid-connect-core-1_0.html#ScopeClaims
[3] https://docs.wso2.com/display/IS520/OpenID+Connect
 
Prerequisite:
WSO2 IS 5.2.0
java 1.7.0_80 or above

01. First add your new claim into wso2 claim dialect (http://wso2.org/claims)
Note: we are considering ‘role’ as the new claim throughout this document.

02. Add above claim the OIDC claim dialect (http://wso2.org/oidc/claim)

  • Go Management Console>Main>Identity >Claims
  • Click Add > then click Add new claim
  • Then you saw “Add New Claim” screen
  • Select “http://wso2.org/oidc/claim” dialect in the dropdown
  • Fill the new claim details
  • Click the Add button

03. Add new claim to the registry.

  • Login to the management console go to registry>browse.
  • Expand "_system" and "config".
  • Click on "oidc".
  • Click on "+" sign in "Properties" section. Then it will display the claims set for scopes.
  • Click on "Edit" and add new claims you needs to display in access token user info.
  • Click on "Save


04. After that you can use playground web app to call user-info endpoint. You can see more detail to
setup playground web app here.
https://docs.wso2.com/display/IS510/OAuth+2.0+with+WSO2+Playground

  •  Setting up the playground web app and create a service provider for playground.
  •  You need to configure Oauth/OpenID Connect Configuration section as below.

  •  You can access Playground web app with below URL and see the welcome screen.
http://localhost:8080/playground2/


  •  Go with authorization code grant type to generate authorization code.

  •  Calling to authorize endpoint you need to enter the credential of the user.
  •  After the login you can see the WSO2 IS consent page


  •  Use authorization code to call token end point with client secret.

  •  Use created access token to call user-info endpoint.

  •  Meanwhile you can see the user information as below. User information comes with newly added role claim.

Posted by at No comments:
Labels: , , , , , , ,
Subscribe to: Posts (Atom)