Wednesday, December 7, 2016

Useful curl:// commands in WSO2 Identity Server


Background of curl:// :-

March-20-1998 to be curl's birthday. Curl is recursive acronym "Curl URL Request Library " and some times call backronym. You can refer more details regarding curl in this official site[1]. Further you can download everything-curl.pdf file in same site.

[1] https://curl.haxx.se/

Prerequisite:- 

java 1.7 or above
WSO2 IS 5.2.0(still [December 7, 2016] latest version)

You can used curl command to different scenarios in WSO2 IS.

First example using curl for SCIM(System for Cross-domain Identity Management ) user creation in primary and secondary user store.


Primary User Store:-
curl -v -k --user admin:admin --data "{"schemas":[],"name":{"familyName":"Wickramasinghe","givenName":"Pradeepa"},"userName":'Pradeepa',"password":"qazwsx"}" --header "Content-Type:application/json" https://localhost:9443/wso2/scim/Users

Secondary User Store:-
curl -v -k --user admin:admin --data "{"schemas":[],"name":{"familyName":"Wickramasinghe","givenName":"Pradeepa"},"userName":'VIRTUSA.COM/Pradeepa',"password":"qazwsx"}" --header "Content-Type:application/json" https://localhost:9443/wso2/scim/Users

Further is it possible to create OAuth2 access token using curl://.

For this you need to create service provider using WSO2 IS management console. Refer WSO2 document for more details [2].

[2] https://docs.wso2.com/display/IS520/Session+Management+with+Playground

According to the Oauth 2.0 specification available four grant types. Those are,
  1. Authorization Code
  2. Implicit
  3. Password(Resource Owner Password Credentials)
  4. Client Credentials
Below we use two grant type to create OAuth token using curl.

password:-
curl --user  EFT1_0yv2HL84MYtH_wUtuh8Enga:x2QHCl9_OGzfGc0qZpSmSGfTp9Ua -k -d "grant_type=password&username=virtusa.com/Pradeepa&password=qazwsx&scope=openid" -H  "Content-Type: application/x-www-form-urlencoded" https://localhost:9443/oauth2/token

client credentials:-
curl -u  EFT1_0yv2HL84MYtH_wUtuh8Enga:x2QHCl9_OGzfGc0qZpSmSGfTp9Ua -k -d "grant_type=client_credentials" -H  "Content-Type: application/x-www-form-urlencoded" https://localhost:9443/oauth2/token

Refresh token usage

sample curl command format,

curl -k -d "grant_type=refresh_token&refresh_token=<refresh_token>" -H "Authorization: Basic <Base64Encoded(Client_Id:Client_Secret)>" -H "Content-Type: application/x-www-form-urlencoded" https://localhost:9443/oauth2/token

Access token Revoke

sample curl command format,

curl -X POST --basic -u "<client id>:<client secret>" -H "Content-Type: application/x-www-form-urlencoded;charset=UTF-8" -k -d "token=<token to revoke>&token_type_hint=access_token" https://localhost:9443/oauth2/revoke




Posted by at
Labels: , , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)