-
Notifications
You must be signed in to change notification settings - Fork 74
CURL jans client api
Jans Client Api is a REST application that is developed using Weld 4.x (JSR-365) and JAX-RS. Can be used by web application developers to facilitate user authentication and authorization with an external OAuth 2.0 identity provider. It includes the server which is a simple REST application designed to work over the web (via https), making it possible for many apps across many servers to leverage a central jans-client-api service for OAuth 2.0 security.
You will need:
Jans Client Api endpoint URL: https://<client.api.url>/jans-client-api/
1.- REGISTER SITE (if you dont have a client)
Format -----> curl -L -X POST 'https://<client.api.url>/jans-client-api/register-site' -H 'Content-Type: application/json' --data-raw '<json with params>'
Example ----->
curl -L -X POST 'https://example.jans.io/jans-client-api/register-site' -H 'Content-Type: application/json' --data-raw '{
"op_host": "https://example.jans.io",
"redirect_uris": [
"https://client.example.com/cb/home1"
],
"response_types": [
"code",
"id_token",
"token"
],
"scope": [
"openid",
"jans_client_api"
],
"grant_types": [
"authorization_code",
"client_credentials"
]
}'
Response ----->
{
"rp_id": "072aec00-280f-4f6e-9e28-2333fb8aa1df",
"op_host": "https://example.jans.io",
"client_id": "8c37acc9-47a6-48e6-8ec7-92b9e7431ade",
"client_name": "jans_client_api client for rp: 072aec00-280f-4f6e-9e28-2333fb8aa1df",
"client_secret": "b5244b2a-2a24-4482-a302-5a81ee2ca3ff",
"client_registration_access_token": "2d04e103-8a5b-4922-b9f0-1e2cd3403d0e",
"client_registration_client_uri": "https://example.jans.io/jans-auth/restv1/register?client_id=8c37acc9-47a6-48e6-8ec7-92b9e7431ade",
"client_id_issued_at": 1661467178,
"client_secret_expires_at": 1661553578
}2.- GET CLIENT TOKEN (Using step 1 response: client_id,client_secret)
Format -----> curl -L -X POST 'https://<client.api.url>/jans-client-api/get-client-token' -H 'Content-Type: application/json' --data-raw '<json with params>'
Example ----->
curl -L -X POST 'https://example.jans.io/jans-client-api/get-client-token' -H 'Content-Type: application/json' --data-raw '{
"client_id": "8c37acc9-47a6-48e6-8ec7-92b9e7431ade",
"client_secret": "b5244b2a-2a24-4482-a302-5a81ee2ca3ff",
"op_host": "https://example.jans.io",
"scope": [
"openid",
"jans_client_api"
]
}'
Response ----->
{
"access_token": "4a4b8025-5117-4f87-a3c8-df66cfdd67a7",
"expires_in": 299,
"scope": [
"openid",
"jans_client_api"
]
}3.- GET AUTHORIZATION URL (Using step 1,2 responses: rp_id,access_token)
Format -----> curl -L -X POST 'https://<client.api.url>/jans-client-api/get-authorization-url' -H 'Authorization: Bearer <access_token>' -H 'AuthorizationRpId: <rp_id>' -H 'Content-Type: application/json' --data-raw '{ "rp_id" : "<rp_id>" }'
Example -----> curl -L -X POST 'https://example.jans.io/jans-client-api/get-authorization-url' -H 'Authorization: Bearer af183b25-39be-41ea-a61f-b2dc6ea63af0' -H 'AuthorizationRpId: 5693ebaf-0667-4b13-a89d-dc8c42507ae0' -H 'Content-Type: application/json' --data-raw '{ "rp_id" : "5693ebaf-0667-4b13-a89d-dc8c42507ae0" }'
Response ----->
{
"authorization_url": "https://example.jans.io/jans-auth/restv1/authorize?response_type=code+id_token+token&client_id=8c37acc9-47a6-48e6-8ec7-92b9e7431ade&redirect_uri=https://client.example.com/cb/home1&scope=openid+jans_client_api&state=kj74j1d3lk9s7q745kl9uf9bpe&nonce=9i2orhaup451hri10kkjutcb5r"
}