Konstantin Lapine lapinek
lapinek
/ OAuth2.AppAuth-iOS.SSO.OIDAuthorizationRequest.acr_values.swift
Created
March 1, 2020 22:56
lapinek
/ OAuth2.AppAuth-iOS.SSO.OIDAuthorizationService.present._.externalUserAgent.callback.swift
Created
March 1, 2020 22:48
lapinek
/ OAuth2.AppAuth-iOS.SSO.authState.byPresenting.externalUserAgent.callback.swift
Created
March 1, 2020 22:31
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // . . . | |
| if #available(iOS 11.0, *) { | |
| let externalUserAgent = OIDExternalUserAgentIOSSafari(presentingViewController: self) | |
| appDelegate.currentAuthorizationFlow = OIDAuthState.authState(byPresenting: request, externalUserAgent: externalUserAgent) { | |
| authState, error in | |
| completion(authState, error) | |
| } |
lapinek
/ OAuth2.AppAuth-iOS.SSO.OIDExternalUserAgentIOSSafari.01.swift
Created
March 1, 2020 22:25
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // OIDExternalUserAgentIOSSafari.swift | |
| // . . . | |
| if #available(iOS 10.0, *) { | |
| openedSafari = UIApplication.shared.canOpenURL(requestURL!) | |
| UIApplication.shared.open(requestURL!, options: [:], completionHandler: nil) | |
| } else { | |
| openedSafari = UIApplication.shared.openURL(requestURL!) |
lapinek
/ am_oauth2_pkce_access_token.bash
Last active
September 4, 2018 18:09
AM 6.0 OAuth 2.0 public "pkce" client requesting access token with cURL
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| authz_code=$(curl -s -w "%{redirect_url}" 'http://am-service.sample.svc.cluster.local/openam/oauth2/authorize?response_type=code&client_id=pkce&redirect_uri=http://localhost:9999&scope=openid&code_challenge=code_verifier' \ | |
| -H 'Cookie: iPlanetDirectoryPro='$(curl -s 'http://am-service.sample.svc.cluster.local/openam/json/realms/root/authenticate' \ | |
| -X POST \ | |
| -H 'X-OpenAM-Username:amadmin' \ | |
| -H 'X-OpenAM-Password:password' \ | |
| | sed -e 's/^.*"tokenId":"\([^"]*\)".*$/\1/') \ | |
| | sed 's/^.*?code=\([^&]*\).*$/\1/') \ | |
| && curl 'http://am-service.sample.svc.cluster.local:80/openam/oauth2/access_token' \ | |
| -X POST \ | |
| --data 'client_id=pkce&redirect_uri=http://localhost:9999&grant_type=authorization_code&code='$authz_code \ |
lapinek
/ am_oauth2_pkce_client.bash
Last active
September 4, 2018 18:07
AM 6.0 OAuth 2.0 public "pkce" client with cURL
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| curl 'http://am-service.sample.svc.cluster.local/openam/json/realms/root/realm-config/agents/OAuth2Client/pkce' \ | |
| -X PUT \ | |
| --data '{ | |
| "clientType": "Public", | |
| "redirectionUris": ["http://localhost:9999"], | |
| "scopes": ["openid"], | |
| "responseTypes": ["code"], | |
| "tokenEndpointAuthMethod": "client_secret_post", | |
| "isConsentImplied": true, | |
| "postLogoutRedirectUri": ["http://localhost:9999"] |
NewerOlder