Skip to content

Instantly share code, notes, and snippets.

@jtriley
Last active February 1, 2023 07:25
Show Gist options
  • Save jtriley/571dfbc94c5d73e11a5752852251f448 to your computer and use it in GitHub Desktop.
Save jtriley/571dfbc94c5d73e11a5752852251f448 to your computer and use it in GitHub Desktop.
Shell script for requesting a boss OIDC access token
#!/bin/bash
BOSS_TOKEN_URL="https://auth.theboss.io/auth/realms/BOSS/protocol/openid-connect/token"
echo -n "BOSS Username: "
read BOSS_USER
echo -n "BOSS Password: "
read -s BOSS_PASSWORD
echo -en "\nBOSS Client Id: "
read BOSS_CLIENT_ID
RESULT=$(curl -s $BOSS_TOKEN_URL \
-X POST \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "username=$BOSS_USER" \
-d "password=$BOSS_PASSWORD" \
-d 'grant_type=password' \
-d "client_id=$BOSS_CLIENT_ID" 2>/dev/null)
TOKEN=$(echo $RESULT | sed 's/.*access_token":"//g' | sed 's/".*//g')
echo -e "\n"
echo "Your authorization token is (copy the entire line):"
echo
echo "bearer $TOKEN"
@Hanumesh906
Copy link

Hi,
Greetings!
I have onboarded my app on OIDC, and i have a client ID, client secret, i'm going on with a Auth Code flow.
Currently in my application i have eliminated the cookie related code, please suggest how do relying party will validates the ID_TOKEN and retrieves the end user.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment