Chilkat Online Tools

Foxpro / ForgeRock Identity Cloud Collection / Step 2: Introspect the Access Token

Back to Collection Items

LOCAL loHttp
LOCAL lnSuccess
LOCAL loReq
LOCAL loJsonParam1
LOCAL loJsonParam2
LOCAL loJsonParam3
LOCAL loResp
LOCAL loSbResponseBody
LOCAL loJResp
LOCAL lnRespStatusCode
LOCAL lnActive
LOCAL lcScope
LOCAL lcRealm
LOCAL lcClient_id
LOCAL lcUser_id
LOCAL lcToken_type
LOCAL lnExp
LOCAL lcV_sub
LOCAL lcIss
LOCAL lcAuthGrantId
LOCAL lcAuditTrackingId
LOCAL lnExpires_in

* This example assumes the Chilkat API to have been previously unlocked.
* See Global Unlock Sample for sample code.

* For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.Http')
loHttp = CreateObject('Chilkat.Http')

* For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.HttpRequest')
loReq = CreateObject('Chilkat.HttpRequest')

* For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.JsonObject')
loJsonParam1 = CreateObject('Chilkat.JsonObject')
loReq.AddParam("token",loJsonParam1.Emit())

* For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.JsonObject')
loJsonParam2 = CreateObject('Chilkat.JsonObject')
loReq.AddParam("client_id",loJsonParam2.Emit())

* For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.JsonObject')
loJsonParam3 = CreateObject('Chilkat.JsonObject')
loReq.AddParam("client_secret",loJsonParam3.Emit())

loReq.AddHeader("Authorization","Bearer <access_token>")

loResp = loHttp.PostUrlEncoded("https://<tenant-name>.forgeblocks.com/am/oauth2/realms/root/realms/alpha/introspect",loReq)
IF (loHttp.LastMethodSuccess = 0) THEN
    ? loHttp.LastErrorText
    RELEASE loHttp
    RELEASE loReq
    RELEASE loJsonParam1
    RELEASE loJsonParam2
    RELEASE loJsonParam3
    CANCEL
ENDIF

* For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.StringBuilder')
loSbResponseBody = CreateObject('Chilkat.StringBuilder')
loResp.GetBodySb(loSbResponseBody)

* For versions of Chilkat < 10.0.0, use CreateObject('Chilkat_9_5_0.JsonObject')
loJResp = CreateObject('Chilkat.JsonObject')
loJResp.LoadSb(loSbResponseBody)
loJResp.EmitCompact = 0

? "Response Body:"
? loJResp.Emit()

lnRespStatusCode = loResp.StatusCode
? "Response Status Code = " + STR(lnRespStatusCode)
IF (lnRespStatusCode >= 400) THEN
    ? "Response Header:"
    ? loResp.Header
    ? "Failed."
    RELEASE loResp
    RELEASE loHttp
    RELEASE loReq
    RELEASE loJsonParam1
    RELEASE loJsonParam2
    RELEASE loJsonParam3
    RELEASE loSbResponseBody
    RELEASE loJResp
    CANCEL
ENDIF

RELEASE loResp

* Sample JSON response:
* (Sample code for parsing the JSON response is shown below)

* {
*   "active": true,
*   "scope": "print",
*   "realm": "/",
*   "client_id": "forgerockDemoConfidentialClient",
*   "user_id": "forgerockDemoConfidentialClient",
*   "token_type": "Bearer",
*   "exp": 1597324633,
*   "sub": "forgerockDemoConfidentialClient",
*   "iss": "http://openam.example.com:8080/openam/oauth2",
*   "authGrantId": "5tq7oSZ62txPaK80X3Mdex4zzew",
*   "auditTrackingId": "037f02f9-d821-4f72-8563-c5050c40fdc3-52181",
*   "expires_in": 3600
* }

* Sample code for parsing the JSON response...
* Use this online tool to generate parsing code from sample JSON: Generate JSON Parsing Code

lnActive = loJResp.BoolOf("active")
lcScope = loJResp.StringOf("scope")
lcRealm = loJResp.StringOf("realm")
lcClient_id = loJResp.StringOf("client_id")
lcUser_id = loJResp.StringOf("user_id")
lcToken_type = loJResp.StringOf("token_type")
lnExp = loJResp.IntOf("exp")
lcV_sub = loJResp.StringOf("sub")
lcIss = loJResp.StringOf("iss")
lcAuthGrantId = loJResp.StringOf("authGrantId")
lcAuditTrackingId = loJResp.StringOf("auditTrackingId")
lnExpires_in = loJResp.IntOf("expires_in")

RELEASE loHttp
RELEASE loReq
RELEASE loJsonParam1
RELEASE loJsonParam2
RELEASE loJsonParam3
RELEASE loSbResponseBody
RELEASE loJResp

Curl Command

curl -X POST
	-H "Authorization: Bearer <access_token>"
	--data-urlencode 'token={{access_token}}'
	--data-urlencode 'client_id={{postmanConfidentialClientId}}'
	--data-urlencode 'client_secret={{postmanClientSecret}}'
https://<tenant-name>.forgeblocks.com/am/oauth2/realms/root/realms/alpha/introspect

Postman Collection Item JSON

{
  "name": "Step 2: Introspect the Access Token ",
  "event": [
    {
      "listen": "test",
      "script": {
        "exec": [
          "// Tests",
          "",
          "const jsonData = JSON.parse(responseBody);",
          "",
          "pm.test(\"Status code is 200\", () => {",
          "  pm.expect(pm.response.code).to.eql(200);",
          "});",
          "",
          "pm.test(\"Response contains correct `client_id`.\", function () {",
          "    pm.expect(jsonData.client_id).to.eql(pm.collectionVariables.get(\"postmanConfidentialClientId\"));",
          "});",
          "",
          "",
          ""
        ],
        "type": "text/javascript"
      }
    }
  ],
  "request": {
    "method": "POST",
    "header": [
    ],
    "body": {
      "mode": "urlencoded",
      "urlencoded": [
        {
          "key": "token",
          "value": "{{access_token}}",
          "description": "Access token you want to introspect.",
          "type": "text"
        },
        {
          "key": "client_id",
          "value": "{{postmanConfidentialClientId}}",
          "description": "The ID of the Confidential OAuth Client.",
          "type": "text"
        },
        {
          "key": "client_secret",
          "value": "{{postmanClientSecret}}",
          "description": "The secret of the Confidential OAuth Client.",
          "type": "text"
        }
      ]
    },
    "url": {
      "raw": "{{amUrl}}/oauth2{{realm}}/introspect",
      "host": [
        "{{amUrl}}"
      ],
      "path": [
        "oauth2{{realm}}",
        "introspect"
      ]
    },
    "description": "Retrieve metadata about the active access token, such as, approved scopes, the user that authorized the token, and the expiry time."
  },
  "response": [
    {
      "name": "Example",
      "originalRequest": {
        "method": "POST",
        "header": [
        ],
        "body": {
          "mode": "urlencoded",
          "urlencoded": [
            {
              "key": "token",
              "value": "{{access_token}}",
              "description": "Access token you want to introspect.",
              "type": "text"
            },
            {
              "key": "client_id",
              "value": "{{postmanConfidentialClientId}}",
              "description": "The ID of the Confidential OAuth Client.",
              "type": "text"
            },
            {
              "key": "client_secret",
              "value": "{{postmanClientSecret}}",
              "description": "The secret of the Confidential OAuth Client.",
              "type": "text"
            }
          ]
        },
        "url": {
          "raw": "{{amUrl}}/oauth2{{realm}}/introspect",
          "host": [
            "{{amUrl}}"
          ],
          "path": [
            "oauth2{{realm}}",
            "introspect"
          ]
        }
      },
      "status": "OK",
      "code": 200,
      "_postman_previewlanguage": "json",
      "header": [
        {
          "key": "X-Frame-Options",
          "value": "SAMEORIGIN"
        },
        {
          "key": "X-Content-Type-Options",
          "value": "nosniff"
        },
        {
          "key": "Content-Type",
          "value": "application/json;charset=UTF-8"
        },
        {
          "key": "Content-Length",
          "value": "390"
        },
        {
          "key": "Date",
          "value": "Thu, 13 Aug 2020 12:17:22 GMT"
        }
      ],
      "cookie": [
      ],
      "body": "{\n    \"active\": true,\n    \"scope\": \"print\",\n    \"realm\": \"/\",\n    \"client_id\": \"forgerockDemoConfidentialClient\",\n    \"user_id\": \"forgerockDemoConfidentialClient\",\n    \"token_type\": \"Bearer\",\n    \"exp\": 1597324633,\n    \"sub\": \"forgerockDemoConfidentialClient\",\n    \"iss\": \"http://openam.example.com:8080/openam/oauth2\",\n    \"authGrantId\": \"5tq7oSZ62txPaK80X3Mdex4zzew\",\n    \"auditTrackingId\": \"037f02f9-d821-4f72-8563-c5050c40fdc3-52181\",\n    \"expires_in\": 3600\n}"
    }
  ]
}