Refreshing an Access Token: Difference between revisions

From Chorke Wiki
Jump to navigation Jump to search
No edit summary
 
(7 intermediate revisions by the same user not shown)
Line 1: Line 1:
 
==Access Token Request==
<code>http://api.chorke.org/auth/oauth/token</code>
<code>http://api.chorke.org/auth/oauth/token</code>


{|
{|
| valign="top" |
| valign="top" |
<source lang="properties" style="border:3px dashed blue">
===Request Headers===
<source lang="properties">
;postman authorization header
;postman authorization header
;
;
;
authorization:Basic Y2xpZW50X2lkOmNsaWVudF9wYXNz
authorization:Basic Y2xpZW50X2lkOmNsaWVudF9wYXNz
Content-Type:application/x-www-form-urlencoded
Content-Type:application/x-www-form-urlencoded
;
</source>
</source>


| valign="top" |
===Request Body===
<source lang="properties" style="border:3px dashed blue">
<source lang="properties" style="border:3px dashed blue">
;postman form data
;postman form data
Line 19: Line 20:
grant_type:password
grant_type:password
client_id:chorke_inc
client_id:chorke_inc
</source>
| valign="top" |
===Response Body===
<source lang="json">
{  "refresh_token" : "4c54d888-1143-4cf6-8ea4-7cbf1acfb2c8",
    "access_token"  : "dcddeae6-ee4e-4423-820f-4d040711e0ff",
    "scope"        : "read write",
    "token_type"    : "bearer",
    "expires_in"    : 10720 }
</source>
</source>
|}
|}
==Refreshing an Access Token==
<code>http://api.chorke.org/auth/oauth/token</code>
{|
| valign="top" |
===Request Headers===
<source lang="properties">
;postman authorization header
;
;
authorization:Basic Y2xpZW50X2lkOmNsaWVudF9wYXNz
Content-Type:application/x-www-form-urlencoded
</source>
===Request Body===
<source lang="properties" style="border:3px dashed blue">
;postman form data
grant_type:refresh_token
refresh_token:4c54d888-1143-4cf6-8ea4-7cbf1acfb2c8
</source>
| valign="top" |
===Response Body===
<source lang="json">
{  "refresh_token" : "4c54d888-1143-4cf6-8ea4-7cbf1acfb2c8",
    "access_token"  : "8fd6fd10-0f54-4b71-93d7-e572f71cb42b",
    "scope"        : "read write",
    "token_type"    : "bearer",
    "expires_in"    : 10799 }
</source>
|}
==Accessing Protected Resources==
<code>http://api.chorke.org/rest/api/v1.0/countries/1</code>
{|
| valign="top" |
===Request Headers===
<source lang="properties" style="border:3px dashed blue">
;
;
;postman authorization header
Authorization:bearer f8317bea-5aba-44ea-b942-b8cd531e14fc
</source>
| valign="top" |
===Response Body===
<source lang="json" style="border:3px dashed blue">
[{  "countryCode"  : 1,
    "isoAlpha2Code" :"bd",
    "isoAlpha3Code" :"bgd",
    "countryName"  :"Bangladesh" }]
</source>
|}
==References==
* [https://tools.ietf.org/html/rfc6749#section-7 RFC 6749: Accessing Protected Resources]
* [https://www.baeldung.com/spring-security-oauth2-remember-me OAuth2 Remember Me with Refresh Token]
* [https://tools.ietf.org/html/rfc6749#section-6 RFC 6749: Refreshing an Access Token]
* [https://tools.ietf.org/html/rfc6749#section-4.3.2 RFC 6749: Access Token Request]
* [https://www.baeldung.com/rest-api-spring-oauth2-angular Spring REST API OAuth2 Angular]
* [https://auth0.com/docs/api-auth/tutorials/silent-authentication Silent Authentication]
* [https://auth0.com/docs/tokens/refresh-token/current Refresh Token]

Latest revision as of 03:11, 14 November 2019

Access Token Request

http://api.chorke.org/auth/oauth/token

Request Headers

;postman authorization header
;
;
authorization:Basic Y2xpZW50X2lkOmNsaWVudF9wYXNz
Content-Type:application/x-www-form-urlencoded

Request Body

;postman form data
username:chorkeinc
password:pa$$w0rd
grant_type:password
client_id:chorke_inc

Response Body

{   "refresh_token" : "4c54d888-1143-4cf6-8ea4-7cbf1acfb2c8",
    "access_token"  : "dcddeae6-ee4e-4423-820f-4d040711e0ff",
    "scope"         : "read write",
    "token_type"    : "bearer",
    "expires_in"    : 10720 }

Refreshing an Access Token

http://api.chorke.org/auth/oauth/token

Request Headers

;postman authorization header
;
;
authorization:Basic Y2xpZW50X2lkOmNsaWVudF9wYXNz
Content-Type:application/x-www-form-urlencoded

Request Body

;postman form data
grant_type:refresh_token
refresh_token:4c54d888-1143-4cf6-8ea4-7cbf1acfb2c8

Response Body

{   "refresh_token" : "4c54d888-1143-4cf6-8ea4-7cbf1acfb2c8",
    "access_token"  : "8fd6fd10-0f54-4b71-93d7-e572f71cb42b",
    "scope"         : "read write",
    "token_type"    : "bearer",
    "expires_in"    : 10799 }

Accessing Protected Resources

http://api.chorke.org/rest/api/v1.0/countries/1

Request Headers

;
;
;postman authorization header
Authorization:bearer f8317bea-5aba-44ea-b942-b8cd531e14fc

Response Body

[{  "countryCode"   : 1,
    "isoAlpha2Code" :"bd",
    "isoAlpha3Code" :"bgd",
    "countryName"   :"Bangladesh" }]

References