Last active
December 7, 2024 10:34
-
-
Save tmclnk/97136177da200bff2eaa44edd84fb98b to your computer and use it in GitHub Desktop.
Revisions
-
tmclnk revised this gist
Dec 8, 2022 . 1 changed file with 7 additions and 22 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -6,7 +6,6 @@ import ( "golang.org/x/oauth2" "golang.org/x/oauth2/clientcredentials" "io/ioutil" "os" ) @@ -34,8 +33,8 @@ func main() { // We register this application as a "Client" in CloudEntity (or Keycloak, or Okta, or...). // The client-id and client-secret are provided. conf := clientcredentials.Config{ ClientID: "", ClientSecret: "", TokenURL: "https://dmsi-poc.us.authz.cloudentity.io/dmsi-poc/spring/oauth2/token", Scopes: []string{"userprofile.edit", "userprofile.view"}, EndpointParams: nil, @@ -47,31 +46,17 @@ func main() { // the client-credentials flow to get an access token. client := conf.Client(ctx) // The Resource Server is configured to receive access tokens. resp, err := client.Get("https://spring.users.runpaste.com/users/123") if err != nil { fmt.Fprintf(os.Stderr, "%s ", err.Error()) os.Exit(1) } else if resp.StatusCode != 200 { fmt.Fprintf(os.Stderr, "Status Code %s ", resp.StatusCode) os.Exit(1) } // Dump the results to stdout bytes, _ := ioutil.ReadAll(resp.Body) fmt.Println(string(bytes)) } -
Dec 6, 2022 . 1 changed file with 3 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -47,7 +47,9 @@ func main() { // the client-credentials flow to get an access token. client := conf.Client(ctx) // The Resource Server is configured to receive access tokens. // Note that we don't interact with the auth flow - this is just a // *http.Client. resp, err := client.Get("https://spring.users.runpaste.com/users/123") bytes := getBody(err, resp) fmt.Println(string(bytes)) -
Dec 6, 2022 . 1 changed file with 2 additions and 2 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -34,8 +34,8 @@ func main() { // We register this application as a "Client" in CloudEntity (or Keycloak, or Okta, or...). // The client-id and client-secret are provided. conf := clientcredentials.Config{ ClientID: "", // TODO configure client-id ClientSecret: "", // TODO configure client-secret TokenURL: "https://dmsi-poc.us.authz.cloudentity.io/dmsi-poc/spring/oauth2/token", Scopes: []string{"userprofile.edit", "userprofile.view"}, EndpointParams: nil, -
Dec 6, 2022 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,75 @@ package main import ( "context" "fmt" "golang.org/x/oauth2" "golang.org/x/oauth2/clientcredentials" "io/ioutil" "net/http" "os" ) /* * This app demonstrates a machine-to-machine ("two-legged") auth flow. * * We have a "Resource Server", https://spring.users.runpaste.com/. This Resource Server * is responsible for User Profiles, and has some scopes that it checks for like * "userprofile.edit". The resource server is registered in CloudEntity with the scopes * it exposes. * * In order for our application to consume services from the Resource Server, it gets registered * as a "Service" Client in CloudEntity. The client must be given access to the Scopes * exposed by the Resource server, e.g. userprofile.edit and userprofile.view. * * This client just needs a token url, client-id, and client-secret in order to make calls against the resource * server. * * See https://auth0.com/blog/using-m2m-authorization/ */ func main() { fmt.Println("Demonstrating machine-to-machine authorization flow.") ctx := context.Background() // We register this application as a "Client" in CloudEntity (or Keycloak, or Okta, or...). // The client-id and client-secret are provided. conf := clientcredentials.Config{ ClientID: "", ClientSecret: "", TokenURL: "https://dmsi-poc.us.authz.cloudentity.io/dmsi-poc/spring/oauth2/token", Scopes: []string{"userprofile.edit", "userprofile.view"}, EndpointParams: nil, AuthStyle: oauth2.AuthStyleInParams, // send client_id and client_secret as a form post } fmt.Printf("Using client_id %s\n", conf.ClientID) // The library gives us a *http.Client, which encapsulates the work of performing // the client-credentials flow to get an access token. client := conf.Client(ctx) // The Resource Server is configured to receive access tokens. resp, err := client.Get("https://spring.users.runpaste.com/users/123") bytes := getBody(err, resp) fmt.Println(string(bytes)) } // Hard fail on error func getBody(err error, resp *http.Response) []byte { if err != nil { fmt.Fprintf(os.Stderr, "%s ", err.Error()) os.Exit(1) } if resp.StatusCode != 200 { fmt.Fprintf(os.Stderr, "Status Code %s ", resp.StatusCode) os.Exit(1) } bytes, err := ioutil.ReadAll(resp.Body) if err != nil { fmt.Fprintf(os.Stderr, "%s ", err.Error()) os.Exit(1) } return bytes }