Setting up WSO2 sample OAuth applications with WSO2 Identity Server

JSP Web app — Authorization code grant flow

In WSO2 we have set of samples web apps designed to demonstrate the SSO flow. You can use these in order to try out the scenarios like SSO, Federation and etc.

Pre-requisites

• Clone the samples repo from https://github.com/wso2/samples-is/tree/master/sso-samples/oidc-sso-sample
• Do a maven clean install from the root of cloned repo samples-is
• Download tomcat (version 8 or above)
• Deploy the built oidc-sso-sample web apps (pickup-dispatch.war and pickup-manager.war) in tomcat and run the tomcat server
• Download WSO2 Identity Server and run it.
• Change the /etc/host file of your machine so that it will map localhost.com(host name of tomcat where your apps run ) with 127.0.0.1

127.0.0.1 localhost.com

Configurations

• Open the management console https://localhost:9443/carbon and login with admin user credentials.
• Add a service provider eg: pickup-dispatch and click on register.

• Go to the Inbound Authentication Configuration -> OAuth/OpenID Connect Configuration -> Configure
• Put the call-back url of the application of the single page application which is http://localhost.com:8080/pickup-dispatch/oauth2client

• Copy the consumer_key and secret from the UI.

• Change the dispatch.properties file in deployed web app(pickup-dispatch/WEB-INF/classes) with the copied client_id and secret in the previous step as follows

consumerKey=TDEjcixUDRltSf_4QXXU4qjT2vMa

authzEndpoint=https://localhost:9443/oauth2/authorize

authzGrantType=code

scope=openid

callBackUrl=http://localhost.com:8080/pickup-dispatch/oauth2client

OIDC_LOGOUT_ENDPOINT=https://localhost:9443/oidc/logout

sessionIFrameEndpoint=https://localhost:9443/oidc/checksession?client_id=TDEjcixUDRltSf_4QXXU4qjT2vMa&redirect_uri=http://localhost.com:8080/pickup-dispatch/oauth2client

consumerSecret=7frb1pXn_pjXB1jj5Otmg_XH4TAa

tokenEndpoint=https://localhost:9443/oauth2/token

post_logout_redirect_uri=http://localhost.com:8080/pickup-dispatch/oauth2client

• Run the tomcat server again. Now you are able to try the pickup-dispatch app by accessing the http://localhost.com:8080/pickup-dispatch/

• You can do the same to the pickup-manager app as well by registering a different service provider by following the same steps. Then you can try single sign-on feature.

Single page app — Implicit grant flow

Pre-requisites

• Clone the single page app from https://github.com/GDRDABARERA/SampleSinglePageApp and install the nodejs and run the app based on the readme.md

Configurations

• Open the management console https://localhost:9443/carbon and login with admin user credentials.
• Add a service provider eg: SinglePageSampleApp and click on register.

• Go to the Inbound Authentication Configuration -> OAuth/OpenID Connect Configuration -> Configure

• Put the call-back url of the application of the single page application which is http://localhost:5000/oauth_callback.html (5000 is the default port of nodejs running) and Add.

• Now you will get the consumer_key and the secret, copy the consumer key.

• Change the app.js configuration file in the oauthSPA/js folder with the new consumer_key/client_id and host names as below

var IS_PORT = ‘9443’;

var IS_HOST_NAME = ‘localhost’;

var ANGULAR_PORT = ‘5000’;

var ANGUALR_HOST_NAME = ‘localhost’;

var CLIENT_ID = ‘J4VIU1Cgde2Vsv7Tj8dZTeeQ_GAa’;

• After successfully updated configs, you need to build the application and start the server. You can use the following commands.You must run these command from the root folder of SPA (In our case inside oauthSPA folder)

-> sudo npm install -g reload

-> npm install -g serve (To build the application)

-> serve (to start the server)

• Now you are good to try the SSO with WSO2 Identity Server by accessing http://localhost:5000