How to check Implicit grant_type with WSO2 using REST client or CURL?

[ghost]

As I can see only grant_type=password and client_credentials are working. But I don't see authorization_code, implicit , refresh_token ,redirect are working. Could you please help on this?

[angel-git]

I don't really know what you mean with your comment. This application does not generate any tokens, it only validates the access token that you send to it against wso2 IS. I just created a new access token of grant_type=authorization_code and is working. See this page on how to create an authorization_code token http://charithaka.blogspot.nl/2013/07/oauth-20-grant-types-with-wso2-api.html.

See this post for more info on this project: http://www.yenlo.nl/nl/wso2-spring-oauth2-integration-with-identity-server/

[ghost]

As per the RFC from the link https://tools.ietf.org/html/rfc6749#page-31, one need to pass token value to check implicit flow. It should be given 302 status code which is nothing but redirection

[angel-git]

It looks like you have issues with wso2 generating tokens. Please use their ticket system to open issues on their repository. Hence closing the issue.

[ghost]

No, I'm getting token properly, but I was looking to check OAuth2 "Implicit work flow", To check "Implicit work flow" - you need to send "token" in a CURL command and it should say redirecting

[angel-git]

Not really sure if I follow you, but if you want to try with the curl command you should call something like (i haven't tested myself): curl -L http://localhost:9763/oauth2/authorize?response_type=token&client_id=YOUR_CLIENT_ID&redirect_uri=http://localhost:8080/greeting -k this should return you the IS authentication page: https://localhost:9443/authenticationendpoint/login.do one you are logged and give your permission a redirect is produced and you will go to the redirect_uri specified before. Take into a account that the redirect will look something like: http://localhost:8080/greeting#access_token=d82f7e1813b5a22d1, if you pay attention there is hashtag instead of a question mark and this could lead to some issues in some servers (like in this repository). is this the information you need?

[ghost]

Excellent

[ghost]

Hello,

Do you know how to get UserName from WSO2's token? And how to assign userAuthentication (context) into the WSWso2TokenStore?

regards,

On Wed, Apr 1, 2015 at 1:01 AM, angel notifications@github.com wrote:

Not really sure if I follow you, but if you want to try with the curl command you should call something like (i haven't tested myself): curl -L http://localhost:9763/oauth2/authorize?response_type=token&client_id=YOUR_CLIENT_ID&redirect_uri=http://localhost:8080/greeting -k this should return you the IS authentication page: https://localhost:9443/authenticationendpoint/login.do one you are logged and give your permission a redirect is produced and you will go to the redirect_uri specified before. Take into a account that the redirect will look something like: http://localhost:8080/greeting#access_token=d82f7e1813b5a22d1, if you pay attention there is hashtag instead of a question mark and this could lead to some issues in some servers (like in this repository). is this the information you need?

— Reply to this email directly or view it on GitHub https://github.com/angel-git/wso2is-springoauth/issues/2#issuecomment-88171968 .

[angel-git]

You can get the username from a token using the OAuth2TokenValidationService, the operation findOAuthConsumerIfTokenIsValid, the user related to the token will come inside the response. About the context, no i don't know.