Access OAuth 2.0 Endpoint in WSO2 IS with curl commands
This is useful for the testing of OAuth 2.0 in Wso2 Identity Server
Here what I’m going to explain is how to get the Access Token for “Resource owner credentials” and “Client credentials” types in OAuth 2.O
1. Start the IS in default port 9443
2. Go to Mange->OAuth->Register New Application
Register the new application in IS and take the Client_ID,Client_Secret
3. Go to command line and send the following curl commands and take the token
Type — “Resource owner credentials” (in the curl command represent as ‘password’)
[sourcecode language=”bash”]
curl -u Client_id:Client_secret -k -d “grant_type=<strong>password</strong>&username=admin&password=admin” -H “Content-Type:application/x-www-form-urlencoded” https://localhost:9443/oauth2endpoints/token
[/sourcecode]
Here you have to give the above Client_id and Client_secret
Then you will receive following JSON message
[sourcecode language=”bash”]
{“token_type”:”bearer”,”expires_in”:3600,”refresh_token”:”39d814011ccf3a07a7d6721ae2fa14",”access_token”:”6d8427ec9faa60c350fffa5caf4b26ec”}
[/sourcecode]
This message contains the access_token
Type — “Client credentials”
[sourcecode language=”bash”]
curl -u Client_Id:Client_Secret -k -d “grant_type=<strong>client_credentials</strong>&username=admin&password=admin” -H “Content-Type:application/x-www-form-urlencoded” https://localhost:9443/oauth2endpoints/token
[/sourcecode]
Then you will receive following JSON message
[sourcecode language=”bash”]
{“token_type”:”bearer”,”expires_in”:3600,”access_token”:”b3882e71aeb2ad9424c76b0f8ece03a”}
[/sourcecode]
In this scenario you doesn’t receive the “refresh_token” according to the OAuth 2.0 spec
Above curl commands you have to specify the correct endpoint URL
ex/ if you need to access the remote IS in 10.100.3.54:9444 then you have to give https://10.100.3.54:9444/oauth2endpoints/token
4. Validate the token buy using the OAuth2TokenValidationService — this is an Admin service
First you have to disable the HideAdminServiceWSDLs property in carbon.xml as follows
<HideAdminServiceWSDLs>false</HideAdminServiceWSDLs> then restart the IS
Now Download the SoapUi project and invoke the OAuth2TokenValidationService
OAuth2TokenValidationService is an admin service so we have to give the username password in soapui project
Once you take the token from curl commands you will receive the access token then you can send the access token to the above validation service through the SoapUI.
Actually we don’t need to send the “client_ID” and “context” values only thing is we have to send the “Access Token” and “Token Type”
