Closed nsklikas closed 2 months ago
To run hydra you need to:
device-flow-poc
)make docker
This is needed to run the postgres migrations. If you don't want to do that you need to comment out the migration job in the docker compose and run the migrations manually using the hydra CLI.
docker-compose -f docker-compose.dev.yml up --build --force-recreate
export KRATOS_PUBLIC_URL="http://localhost:4433"
export HYDRA_ADMIN_URL="http://localhost:4445"
export BASE_URL="http://localhost:4455"
export PORT="4455"
export TRACING_ENABLED="false"
export LOG_LEVEL="debug"
export AUTHORIZATION_ENABLED="false"
# Run this from the root of the repo
go run . serve
export DSN="postgres://hydra:secret@localhost:5432/hydra?sslmode=disable&max_conns=20&max_idle_conns=4"
# Run this from the root of the repo
go run . serve -c ./contrib/quickstart/5-min/hydra.yml all --dev
To test the flow run:
code_client=$(hydra create client \
--endpoint http://localhost:4445 \
--grant-type authorization_code,refresh_token,urn:ietf:params:oauth:grant-type:device_code \
--response-type code \
--format json \
--scope openid,offline_access,email,profile \
--redirect-uri http://127.0.0.1:4446/callback \
--audience app_client \
)
curl -X POST localhost:4444/oauth2/device/auth \
-d "scope=openid email" \
-d client_id=`echo "$code_client" | yq .client_id` \
-u `echo "$code_client" | yq .client_id`:`echo "$code_client" | yq .client_secret`
You can test the token endpoint by running:
curl -X POST localhost:4444/oauth2/token \
-u "`echo "$code_client" | yq .client_id`:`echo "$code_client" | yq .client_secret`" \
-d "grant_type=urn:ietf:params:oauth:grant-type:device_code" \
-d device_code=<device_code>
POC for Hydra device flow.
To test:
OAUTH_CLIENT_ID="<client_id>"
, whereNote