Powered By Blogger

Dec 1, 2014

OAuth 2.0 Implicit Grant with WSO2 API Manager

Implicit Grant type is the recommended practice if the client is a browser based application such as a JavaScript client. Mainly client receives access token as the result of the authorization request. Also this doesn't include client authentication because it does not make use of client secret. 

You can find the sample web application at http://sourceforge.net/projects/charithablogsam/files/.

Setting up Client

Download playground2.0.war from the above link and copy it to TOMCAT_HOME/webapps directory. Make sure to update the following parameters in WEB-INF/web.xml 

<servlet>
        <servlet-name>oAuth2ClientServlet</servlet-name>
        <servlet-class>com.wso2.identity.oauth.sample.OAuth2ClientServlet</servlet-class>
        <init-param>
             <description>serverUrl</description>
             <param-name>serverUrl</param-name>
             <param-value>https://localhost:9443/services/</param-value>

<servlet>
        <servlet-name>oAuth2AccessResourcePage</servlet-name>
        <jsp-file>/oauth2-access-resource.jsp</jsp-file>
        <init-param>
            <description>setup</description>
            <param-name>setup</param-name>
            <param-value>AM</param-value>
        </init-param>


 Now you can follow the below steps:

 1. After setting up the client you can login to http://localhost:8080/playground2.0/ and click on  "Import Photos" icon

 2. Then from the page you are getting Select Implicit as the Authorization Grant Type. Copy the consumer key value from the application you have subscribed in WSO2 API Manager and include it in Client Id text box.

 3. Then include a value for scope.

4. Then include the Callback URL as  http://localhost:8080/playground2.0/oauth2client

5. After that include Authorize endpoint. This should be the endpoint of authorization server where it accepts the authorization requests. In WSO2 API Manager, there is an API to handle all authorization requests and it can be accessed through http://localhost:8280/authorize.

 6. Next click on  Authorize.

Then you have to provide user name and password (username and password of the resource owner/end user).

Type admin/admin as user name and password respectively and click on login

Now you will receive the Access Token





Posted by
Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)