### Install and Setup OAuth Assistant Example App (Bash) Source: https://curity.io/resources/learn/test-using-oauth-assistant This snippet demonstrates the commands to clone the OAuth Assistant example application repository from GitHub and install its dependencies using npm. It's the initial setup step for using the library. ```bash git clone git@github.com:curityio/oauth-assistant-example.git cd oauth-assistant-example npm install ``` -------------------------------- ### Install and Run OAuth Assistant Example (Bash) Source: https://curity.io/resources/learn/oauth-assistant Commands to clone the OAuth assistant example repository, install its dependencies, and start the example application. This sets up a local environment for testing the assistant. ```bash git clone git@github.com:curityio/oauth-assistant-example.git cd oauth-assistant-example npm install npm start ``` -------------------------------- ### Run OAuth Assistant Example App (Bash) Source: https://curity.io/resources/learn/test-using-oauth-assistant This command starts the OAuth Assistant example application after all configurations and installations are complete. It typically opens the application in a web browser, allowing users to test OAuth and OIDC flows. ```bash npm start ``` -------------------------------- ### Run SPA in Development Mode Source: https://curity.io/resources/learn/token-handler-deployment-example These commands navigate to the SPA directory and start the development server using npm. This setup allows for rapid development feedback by serving static content via webpack and enabling live code changes in the browser. ```bash cd spa npm start ``` -------------------------------- ### Install Dependencies and Start Server (Bash) Source: https://curity.io/resources/learn/serverless-zero-trust-api These bash commands are used to manage the Node.js project. `npm install` downloads and installs all the necessary project dependencies, while `npm start` typically runs a script defined in the `package.json` file, often used here to initiate the local serverless environment. ```bash npm install npm start ``` -------------------------------- ### Simple Authentication Action Example Source: https://curity.io/resources/tutorials Provides a basic example of an authentication action plugin for the Curity Identity Server. This serves as a starting point for creating custom authentication steps. ```java import se.curity.identityserver.sdk.authentication.AuthenticationAction; import se.curity.identityserver.sdk.authentication.AuthenticationActionContext; public class SimpleAuthAction implements AuthenticationAction { @Override public void run(AuthenticationActionContext context) { // Perform authentication steps context.getSubject().addClaim("authenticated_by", "SimpleAuthAction"); } } ``` -------------------------------- ### Install and Start Console Client (Bash) Source: https://curity.io/resources/learn/securing-api-events-using-jwts Commands to navigate to the console client directory, install dependencies using npm, and start the client application. This client initiates the event flow by requesting scopes and listening for a login response. ```bash cd console-client npm install npm start ``` -------------------------------- ### Install and Run UI Kit Locally Source: https://curity.io/resources/learn/customize-look-and-feel Instructions to set up and run the Curity Identity Server UI Kit locally. Requires Node.js. Installs dependencies and starts a local development server. ```bash npm install npm start ``` -------------------------------- ### OAuth Agent Login Start Response Example Source: https://curity.io/resources/learn/token-handler-first-configuration Example JSON response from the OAuth Agent's login start endpoint, containing the authorization request URL that the SPA uses to initiate the login process. ```json { "authorization_url": "https://login.example.com/oauth/v2/authorization?client_id=myclient&response_type=code ..." } ``` -------------------------------- ### Run Curity AWS CDK Deployment Example (Bash) Source: https://curity.io/resources/learn/install-using-aws-cdk This command executes the TypeScript entry point for the Curity Identity Server AWS CDK deployment. It uses `npx` and `ts-node` to compile and run the application, initiating the infrastructure setup. ```bash npx ts-node --prefer-ts-exts bin/idsvr-aws-cdk.ts ``` -------------------------------- ### Run Kotlin Example API with Maven Source: https://curity.io/resources/learn/integration-kong-open-source These commands package and run the Kotlin API using Maven. This process requires Maven and Java 8+ to be installed on your system. ```bash cd kotlin-api-jwt-validation mvn package java -jar target/secureapi-1.0-SNAPSHOT.jar ``` -------------------------------- ### Android Client Setup for Hypermedia Authentication API Source: https://curity.io/resources/tutorials Guides on setting up an Android client to use the Curity Identity Server's HAAPI. This includes integrating the necessary SDKs and handling authentication flows. ```java import com.curity.android.sdk.CurityAuthClient; public class MainActivity extends AppCompatActivity { private CurityAuthClient authClient; @Override protected void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); authClient = new CurityAuthClient.Builder(this) .setAuthority("YOUR_AUTHORITY_URL") .setClientId("YOUR_CLIENT_ID") .build(); // ... authentication logic } } ``` -------------------------------- ### Query 'accounts' Table in HSQLDB Source: https://curity.io/resources/learn/get-started-identity-data Executes a SQL query to retrieve all records from the 'accounts' table. This is a basic example of querying identity data stored in the database. ```bash SELECT * FROM "accounts"; ``` -------------------------------- ### Example Templatized Client Registration Request (HTTP) Source: https://curity.io/resources/learn/using-dynamic-client-registration An example HTTP POST request for dynamic client registration using a template client. This request only requires the `software_id` parameter, which specifies the template client to instantiate. ```http POST /dcr HTTP/1.1 { "software_id": "webapp-client" } ``` -------------------------------- ### Example GET Request to Echo API Source: https://curity.io/resources/learn/integration-azure-api-management This is an example of a GET request to the Echo API hosted on Azure. It demonstrates how to include query parameters and the expected HTTP version. This request is intended to be tested with and without an Authorization header. ```http GET https://curity-pme-api.azure-api.net/echo/resource-cached?param1=sample HTTP/1.1 ``` -------------------------------- ### Bash: Deploy Curity Identity Server Example Source: https://curity.io/resources/learn/authentication-actions-example These bash commands are used to deploy the Curity Identity Server example workflow. It involves running a deployment script and optionally setting an environment variable to use ngrok for external access. ```bash ./deploy.sh ``` ```bash export USE_NGROK=true ./deploy.sh ``` -------------------------------- ### Start the Application using Gradle (Bash) Source: https://curity.io/resources/learn/oidc-java-undertow-pac4j This command initiates the Java application using Gradle. It's the standard way to run the application during development or for testing purposes. Ensure you have Gradle installed or are using the Gradle wrapper. ```bash gradle run ``` -------------------------------- ### Example Client Registration Request (HTTP) Source: https://curity.io/resources/learn/using-dynamic-client-registration An example HTTP POST request to the client registration endpoint. It includes parameters like scope, redirect URIs, grant types, response types, and client metadata. ```http POST /dcr HTTP/1.1 { "scope": "openid read foo test_scope_1", "redirect_uris": [ "https://localhost:9000/cb" ], "grant_types": [ "authorization_code" ], "response_types": "code", "client_name": "monkey", "client_uri": "https://localhost:9000/", "tos_uri": "https://localhost:9000/tos", "default_max_age": 44 } ``` -------------------------------- ### Search Users by Username (HTTP GET) Source: https://curity.io/resources/learn/managing-users-with-scim Performs a search for users using a GET request with a filter parameter. The example filters by 'userName' using the 'eq' (equals) operator. ```http GET /um/admin/Users?filter=userName+eq+"bob" HTTP/1.1 ``` -------------------------------- ### GET /oauth/v2/oauth-authorize with response_mode=post_form.jwt Source: https://curity.io/resources/learn/jwt-secured-authorization-response-mode Example GET request to the authorization endpoint using response_mode=post_form.jwt for a hybrid flow with response_type=code id_token. This includes PKCE parameters. ```APIDOC ## GET /oauth/v2/oauth-authorize ### Description Initiates an OAuth 2.0 authorization flow, requesting an authorization code and an ID token, with the response to be sent via a POST form containing a JWT. ### Method GET ### Endpoint /oauth/v2/oauth-authorize ### Query Parameters - **client_id** (string) - Required - The client identifier. - **response_type** (string) - Required - Specifies the desired grant type, e.g., `code id_token`. - **redirect_uri** (string) - Required - The URI to redirect the user agent back to after authorization. - **state** (string) - Recommended - An opaque value used to maintain state between the request and callback. - **scope** (string) - Required - The scope of the access request, e.g., `openid read`. - **code_challenge** (string) - Required (when using PKCE) - The challenge code generated for PKCE. - **code_challenge_method** (string) - Required (when using PKCE) - The method used to generate the code challenge (e.g., `S256`). - **nonce** (string) - Recommended - A string value used to associate a client session with an ID Token, and to mitigate replay attacks. - **response_mode** (string) - Required - Specifies how the authorization response should be delivered, e.g., `post_form.jwt`. ### Request Example ```http GET /oauth/v2/oauth-authorize?client_id=web-client&response_type=code%20id_token&redirect_uri=https://www.example.com/callback/hybrid&state=1599045202487-sVG&scope=openid%20%20read&code_challenge=y2upJc5ieYeoQaU0c25iG87qxEXXC7h_0LvIYgQ6ufk&code_challenge_method=S256&nonce=1657220314981-cBR&response_mode=post_form.jwt HTTP/1.1 Host: your-authorization-server.com ``` ### Response #### Success Response (200) Upon successful authorization, the user agent is redirected to the `redirect_uri` with an HTML form that automatically submits a POST request containing the `response` parameter (a JWT) to the client. #### Response Example ```html