By: Zhanna T user 01 Oct 2014 at 8:17 p.m. CDT

1 Response
Zhanna T gravatar
Would it be possible to confirm that the following is a valid testing environment for PAT issuance. Thanks! Configuration: http://localhost:8080/uma-server/.well-known/uma-configuration {"dynamic_client_endpoint":"http://localhost:8080/uma-server/dyncl_uri”, "user_endpoint":"http://localhost:8080/uma-server/authoriza/", "rpt_endpoint":"http://localhost:8080/uma-server/rpt_uri", "introspection_endpoint":"http://localhost:8080/uma-server/authorize/", "authorization_request_endpoint":"http://localhost:8080/uma-server/authorize", "version":"1.0", "rpt_profiles_supported":"bearer", "issuer":"http://localhost:8080/uma-server/", "resource_set_registration_endpoint":"http://localhost:8080/uma-server/register", "aat_grant_types_supported":"authorization_code", "aat_profiles_supported":"bearer", "pat_grant_types_supported":"authorization_code", "pat_profiles_supported":"bearer", "token_endpoint":"http://localhost:8080/uma-server/token/"} Registration: Request curl -i -X POST -H "Content-Type: application/json” -H "Accept: application/json" -d '{"client_name": "c_3”, “scope":["docs.kantarainitiative.org/uma/scopes/prot.json"] , "redirect_uris": ["https://localhost:8081/authz"], "client_uri" : "http://localhost:8081/"}' http://localhost:8080/uma-server/register Registration Response: HTTP/1.1 200 OK Access-Control-Allow-Origin: * Content-Language: en-US Content-Type: application/json; charset=ISO-8859-1 {"client_id":"myc3”, "client_secret":"password", "client_secret_expires_at":0, "client_id_issued_at":1412003652, "registration_access_token":"XXX-way-too-long", "registration_client_uri":"http://localhost:8080/uma-server/register/myc3", "redirect_uris":["https://localhost:8081/authz"], "client_name":"c_3", "client_uri":"http://localhost:8081/", "contacts":[], "token_endpoint_auth_method":"client_secret_basic", "scope":”docs.kantarainitiative.org/uma/scopes/prot.json email”, "grant_types":["refresh_token","authorization_code"], "response_types":["code"], "default_acr_values":[], "request_uris":[] } 2. AuthZ code request: http://localhost:8080/uma-server/authorize?client_id=myc3&response_type=code&scope=http%3A%2F%2Fdocs%2Ekantarainitiative%2Eorg%2Fuma%2Fscopes%2Fprot%2Ejson&redirect_uri=http%3A%2F%2Flocalhost%3A8081%2Fauthz&username=user&password=password AuthZ code reply: on localhost:8081/authz: "code=Jc7mUG" 3. Request for PAT token curl -i -X POST -H "Authorization: Basic “ -H "Content-Type: application/x-www-form-urlencoded" -d "grant_type=authorization_code& code=Jc7mUG & redirect_uri=http://localhost:8081/authz&scope=http://docs.kantarainitiative.org/uma/scopes/prot.json" http://localhost:8080/uma-server/token .....And, finally, PAT token: "access_token":"eyJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwOlwvXC9sb2NhbGhvc3Q6ODA4MFwvdW1hLXNlcnZlclwvIiwiZXhwIjoxNDEyMTExMjA3LCJpYXQiOjE0MTIxMDc2MDcsImp0aSI6IjFkNzI1YWNmLWUyN2ItNDkzMi1hNTJlLTAzMjFjNzY4NjkwOCJ9.OG0bnZSbCIgyvRrIkjV9b8gYrSOfvYQHrVgdgmJymcUnqSBGewm1p53ENeD7WrrfPvPzNem8AG9B1mUpNZenTQhKYLsrXuZOfk4943h0BL9gQi5ju98e7OmHhe0S2u9t9EZmqC8GQ0dsy8pRT8LASZvMLYptCILhIGRayi9MzZU", "token_type":"Bearer", "expires_in":3599, "scope":"docs.kantarainitiative.org/uma/scopes/prot.json" }

By Yuriy Zabrovarnyy staff 02 Oct 2014 at 8:23 a.m. CDT

Yuriy Zabrovarnyy gravatar
In general yes (I didn't telescope all parameters but idea is correct). Here you've used Authorization Grant to obtain PAT, however I guess there should be other perfectly valid ways to obtains PAT (E.g. Implicit Flow). Hope it help.