Skip to content

Instantly share code, notes, and snippets.

@rsp9u

rsp9u/curl-client.sh

Last active October 27, 2019 13:44
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save rsp9u/d6b0c3a108d1dfdfbba29c4315ebd0cb to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save rsp9u/d6b0c3a108d1dfdfbba29c4315ebd0cb to your computer and use it in GitHub Desktop.
Download ZIP
Hydra implicit test
Raw
curl-client.sh
#!/bin/sh
if [ "$1" = "random.js" ]; then
state=$(docker run --rm -v $PWD/random.js:/src/random.js -w /src node:12-alpine sh -c "yarn add uuid && node random.js" | tail -n1)
nonce=$(docker run --rm -v $PWD/random.js:/src/random.js -w /src node:12-alpine sh -c "yarn add uuid && node random.js" | tail -n1)
else
state=$(uuidgen)
nonce=$(uuidgen)
fi
ret=$(curl "http://localhost:4444/oauth2/auth?client_id=my-client&response_type=token&state=$state&nonce=$nonce&scope=openid" -i 2>/dev/null)
next=$(echo "$ret" | grep Location | cut -d" " -f2 | tr -d '\r\n')
oauth2_csrf=$(echo "$ret" | grep Set-Cookie | cut -d" " -f2 | cut -d";" -f1)
ret=$(curl -i $next -H "Cookie: $oauth2_csrf" 2>/dev/null)
next=$(echo "$next" | cut -d"?" -f1)
csrf=$(echo "$ret" | grep set-cookie | cut -d" " -f2 | cut -d";" -f1)
form_csrf=$(echo "$ret" | grep DOCTYPE | xmllint --html - | grep _csrf | cut -d" " -f4 | cut -d'"' -f2)
form_challenge=$(echo "$ret" | grep DOCTYPE | xmllint --html - | grep challenge | cut -d" " -f7 | cut -d'"' -f2)
form_email="foo@bar.com"
form_password="foobar"
ret=$(curl -i -X POST $next \
-d "_csrf=$form_csrf" \
-d "challenge=$form_challenge" \
-d "email=$form_email" \
-d "password=$form_password" \
-H "Cookie: $oauth2_csrf; $csrf" \
2>/dev/null
)
next=$(echo "$ret" | grep Location | cut -d" " -f2 | tr -d '\r\n')
ret=$(curl -i $next -H "Cookie: $oauth2_csrf; $csrf" 2>/dev/null)
next=$(echo "$ret" | grep Location | cut -d" " -f2 | tr -d '\r\n')
oauth2_consent_csrf=$(echo "$ret" | grep "Set-Cookie: oauth2_consent_csrf" | cut -d" " -f2 | cut -d";" -f1)
ret=$(curl -i $next -H "Cookie: $oauth2_csrf; $oauth2_consent_csrf; $csrf" 2>/dev/null)
form_challenge=$(echo "$ret" | grep DOCTYPE | xmllint --html - | grep challenge | cut -d" " -f4 | cut -d'"' -f2)
form_csrf=$(echo "$ret" | grep DOCTYPE | xmllint --html - | grep challenge | cut -d" " -f7 | cut -d'"' -f2)
ret=$(curl -i -X POST $next \
-d "_csrf=$form_csrf" \
-d "challenge=$form_challenge" \
-d "submit=Allow access" \
-H "Cookie: $oauth2_csrf; $oauth2_consent_csrf; $csrf" \
2>/dev/null
)
next=$(echo "$ret" | grep Location | cut -d" " -f2 | tr -d '\r\n')
curl -i $next -H "Cookie: $oauth2_csrf; $oauth2_consent_csrf; $csrf" 2>/dev/null
Raw
random.js
const uuid4 = require("uuid/v4");
console.log(uuid4().replace(/-/g, ''));
Raw
run.sh
mkdir -p hydra-oidc-test && cd $_
wget https://raw.githubusercontent.com/ory/hydra/master/quickstart.yml -O docker-compose.yml
docker-compose up -d
docker-compose exec hydra \
hydra clients create \
--endpoint http://127.0.0.1:4445 \
--name my-client \
--id my-client \
--secret secret \
--callbacks http://127.0.0.1:5555/callback \
--response-types "token,id_token,token id_token" \
--scope openid \
--grant-types "implicit,authorization_code,refresh_token"
docker-compose exec hydra \
hydra clients get my-client \
--endpoint http://127.0.0.1:4445
wget https://gist.githubusercontent.com/rsp9u/d6b0c3a108d1dfdfbba29c4315ebd0cb/raw/5fecaea7eb6762095f73a9bf1c28b1a7421595ca/curl-client.sh
wget https://gist.githubusercontent.com/rsp9u/d6b0c3a108d1dfdfbba29c4315ebd0cb/raw/5fecaea7eb6762095f73a9bf1c28b1a7421595ca/random.js
chmod +x curl-client.sh
access_token=$(./curl-client.sh | grep Location | cut -d"#" -f2 | cut -d"&" -f1 | cut -d"=" -f2)
curl -H "Authorization: Bearer $access_token" http://arch-mng.vmware.net:4444/userinfo 2>/dev/null | jq
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment