0

We use Mulesoft currently for our middleware. I am in the process of evaluating Wso2 as a possible alternative. Our primary focus is mobile clients. For the most part we implement OAuth.

Before I give too much detail, when I register an OAuth2 app on Wso2 Identity Server 5.0.0 I am expecting to see a consumer key/id. It does NOT however display one. All I see are :

Access Token Url - https://localhost:9454/oauth2/token

Authorize Url - https://localhost:9454/oauth2/authorize.

Is there something I need to enable, or am I doing something worng ?

P.S. ( "Allowed Grant Types" are all ticked )

maldieve
  • 11
  • 1
  • 3

2 Answers2

0

When you create an OAuth app, you will get a OAuth Client Key & OAuth Client Secret at the table under Inbound Authentication Configuration ->OAuth/OpenID Connect Configuration. Please use this as the consumer key and consumer secret to obtain the access token.

creating the access token can be done as combining the consumer key and consumer secret as follows and encode it by base64.

for e.g : FNZ8oxGPxWer_2elrZBoueS4XcYa:gr0JizDbStaFelXBV06cahh7Lxga

after encoding the above looks as : Rk5aOG94R1B4V2VyXzJlbHJaQm91ZVM0WGNZYTpncjBKaXpEYlN0YUZlbFhCVjA2Y2FoaDdMeGdh

Add the encoded value as follows in the CURL command.

The below Curl command is an example on how you could use it :

curl -k -d "grant_type=password&username=admin&password=admin" -H "Authorization" -H "Authorization: Basic Rk5aOG94R1B4V2VyXzJlbHJaQm91ZVM0WGNZYTpncjBKaXpEYlN0YUZlbFhCVjA2Y2FoaDdMeGdh, Content-type=application/x-www-form-urlencoded" https://domain:9443/oauth2/token

You could also find the following useful

[1] https://docs.wso2.com/display/IS500/Configuring+Inbound+Authentication+for+a+Service+Provider

[2] http://blog.lasindu.com/2014/12/wso2-identity-server-provision-service.html

[3]https://docs.wso2.com/display/IS500/OAuth+Token+Revocation+with+WSO2+Identity+Server

Hope this helps.

Regards, Shani.

Shani Ranasinghe
  • 116
  • 1
  • 1
  • 6
  • Hi Shani, thank you for your response, my problem however is that the consumer key and consumer secret do not show in the table. Everything else shows when i edit the app except those two items. The only place i can see the consumer key is in the browser's url bar, i can't find the consumer secret anywhere. Is there perhaps a setting that i need to set in identity server somewhere that will make them visible when editing the app? – maldieve May 20 '15 at 17:47
  • Just to clarify Are you editing this app via the wso2 IS management console? are you saying in your case, the table at location Inbound Authentication Configuration ->OAuth/OpenID Connect Configuration (before clicking the edit) has empty values under the OAuth Client Key & OAuth Client Secret columns? – Shani Ranasinghe May 21 '15 at 03:53
  • It is in the Identity Server management console. I don't have enough rep to attach an image, could I perhaps send a screen shot of what I see ? – maldieve May 21 '15 at 13:35
0

After a couple of weeks of searching the net for support on this, to speed up the evaluation, I downloaded IS 4.6.0, completed the steps as previous and there appeared the necessary information to continue the evaluation process. I now see all the fields :

Client Id ????????????????????????

Client Secret ??????????????????????

Access Token Url - https://localhost:9454/oauth2/token

Authorize Url - https://localhost:9454/oauth2/authorize.

maldieve
  • 11
  • 1
  • 3