Hi Prabath, Do we have client libraries process the response from introspection endpoint?
Thanks, Sameera. On Wed, Nov 18, 2015 at 3:20 PM, Prabath Siriwardana <[email protected]> wrote: > Hi Sameera, > > As we discussed during the WSO2Con, I have implemented RFC 7662, with some > TODOs for IS 5.1.0. > > You can build it from > https://svn.wso2.org/repos/wso2/people/prabath/mss-security/org.wso2.carbon.identity.oauth.introspection > and deploy it as a war file in IS 5.1.0 latest build. > > You can download the latest IS build from > https://svn.wso2.org/repos/wso2/people/hasintha/pre-RC1/wso2is-5.1.0-SNAPSHOT.zip > . > > Now we need to build a JWT token builder to IS - I guess we can reuse the > component already developed by Dinusha. > > Please find below the usage of the introspection API. > > 1. Empty Token: > > curl -k -H 'Content-Type: application/x-www-form-urlencoded' -X POST > --data 'token=' https://idp1.federationhub.org:9443/introspect > > Response: > > {"active":false} > > 2. Invalid Token > > curl -k -H 'Content-Type: application/x-www-form-urlencoded' -X POST > --data 'token=Bjhk98792k9hkjhk' > https://idp1.federationhub.org:9443/introspect > > Response: > > {"active":false,"token_type":"bearer"} > > 3. Valid Token > > 3.1 Get a token first: > > curl -v -X POST --basic -u > LUG28MI5yjL5dATxQWdYGhDLSywa:b855n2UIxixrl_MN_juUuG7cnTUa -H "Content-Type: > application/x-www-form-urlencoded;charset=UTF-8" -k -d > "grant_type=client_credentials" https://localhost:9443/oauth2/token > > 3.1.1 Validate the token > > curl -k -H 'Content-Type: application/x-www-form-urlencoded' -X POST > --data 'token=99f0a7092c71a6e772cbcf77addd39ea' > https://idp1.federationhub.org:9443/introspect > > Response: > > { > "username":"[email protected]", > "nbf":3272, > "active":true, > "token_type":"bearer", > "client_id":"LUG28MI5yjL5dATxQWdYGhDLSywa" > } > > 3.2 Get a token with scopes > > curl -v -X POST --basic -u > LUG28MI5yjL5dATxQWdYGhDLSywa:b855n2UIxixrl_MN_juUuG7cnTUa -H "Content-Type: > application/x-www-form-urlencoded;charset=UTF-8" -k -d > "grant_type=client_credentials&scope=test1 test2" > https://localhost:9443/oauth2/token > > 3.2.1 Validate the token > > curl -k -H 'Content-Type: application/x-www-form-urlencoded' -X POST > --data 'token=c78ac96fe9b59061b53d0223d46ecc24' > https://idp1.federationhub.org:9443/introspec > > Response: > > { > "username":"[email protected]", > "scope":"test1 test2 ", > "nbf":3240, > "active":true, > "token_type":"bearer", > "client_id":"LUG28MI5yjL5dATxQWdYGhDLSywa" > } > > -- > Thanks & Regards, > Prabath > > Twitter : @prabath > LinkedIn : http://www.linkedin.com/in/prabathsiriwardena > > Mobile : +1 650 625 7950 > > http://blog.facilelogin.com > http://blog.api-security.org > -- Sameera Jayasoma, Software Architect, WSO2, Inc. (http://wso2.com) email: [email protected] blog: http://blog.sameera.org twitter: https://twitter.com/sameerajayasoma flickr: http://www.flickr.com/photos/sameera-jayasoma/collections Mobile: 0094776364456 Lean . Enterprise . Middleware
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
