Back to Collection Items
<?php
// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
// For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.Http')
$http = new COM("Chilkat.Http");
// For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.HttpRequest')
$req = new COM("Chilkat.HttpRequest");
$req->AddParam('response_type','device_code');
// For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.JsonObject')
$jsonParam2 = new COM("Chilkat.JsonObject");
$req->AddParam('client_id',$jsonParam2->emit());
$req->AddParam('scope','manage');
$req->AddParam('code_challenge_method','S256');
// For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.JsonObject')
$jsonParam5 = new COM("Chilkat.JsonObject");
$req->AddParam('code_challenge',$jsonParam5->emit());
$req->AddHeader('Authorization','Bearer <access_token>');
// resp is a Chilkat.HttpResponse
$resp = $http->PostUrlEncoded('https://<tenant-name>.forgeblocks.com/am/oauth2/realms/root/realms/alpha/device/code',$req);
if ($http->LastMethodSuccess == 0) {
print $http->LastErrorText . "\n";
exit;
}
// For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.StringBuilder')
$sbResponseBody = new COM("Chilkat.StringBuilder");
$resp->GetBodySb($sbResponseBody);
// For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.JsonObject')
$jResp = new COM("Chilkat.JsonObject");
$jResp->LoadSb($sbResponseBody);
$jResp->EmitCompact = 0;
print 'Response Body:' . "\n";
print $jResp->emit() . "\n";
$respStatusCode = $resp->StatusCode;
print 'Response Status Code = ' . $respStatusCode . "\n";
if ($respStatusCode >= 400) {
print 'Response Header:' . "\n";
print $resp->Header . "\n";
print 'Failed.' . "\n";
exit;
}
// Sample JSON response:
// (Sample code for parsing the JSON response is shown below)
// {
// "user_code": "x3W2JEFJ",
// "device_code": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJhdWQiOiJodHRwOi8vb3BlbmFtLmV4YW1wbGUuY29tOjgwODAvb3BlbmFtL29hdXRoMiIsIm5iZiI6MTU5NzMyMTE0OCwidXNlcl9jb2RlIjoieDNXMkpFRkoiLCJpc3MiOiJodHRwOi8vb3BlbmFtLmV4YW1wbGUuY29tOjgwODAvb3BlbmFtL29hdXRoMiIsImV4cCI6MTU5NzMyMTQ0OCwiaWF0IjoxNTk3MzIxMTQ4LCJqdGkiOiIxYWI0MTE5Yy0yYjE4LTQxYWYtYjZjMC1iNTRmZTQxZWZhNjEifQ.gCoWICyPwJhD7LshgpfLpc9zEt6iUrsjmbGv6yk2kW0",
// "interval": 5,
// "verification_uri": "http://openam.example.com:8080/openam/oauth2/device/user",
// "expires_in": 300,
// "verification_url": "http://openam.example.com:8080/openam/oauth2/device/user"
// }
// Sample code for parsing the JSON response...
// Use this online tool to generate parsing code from sample JSON: Generate JSON Parsing Code
$user_code = $jResp->stringOf('user_code');
$device_code = $jResp->stringOf('device_code');
$interval = $jResp->IntOf('interval');
$verification_uri = $jResp->stringOf('verification_uri');
$expires_in = $jResp->IntOf('expires_in');
$verification_url = $jResp->stringOf('verification_url');
?>
Curl Command
curl -X POST
-H "Authorization: Bearer <access_token>"
--data-urlencode 'response_type=device_code'
--data-urlencode 'client_id={{postmanPublicClientId}}'
--data-urlencode 'scope=manage'
--data-urlencode 'code_challenge_method=S256'
--data-urlencode 'code_challenge={{code_challenge}}'
https://<tenant-name>.forgeblocks.com/am/oauth2/realms/root/realms/alpha/device/code
Postman Collection Item JSON
{
"name": "Step 2: Get User Code and Device Code",
"event": [
{
"listen": "test",
"script": {
"exec": [
"const jsonData = pm.response.json();",
"",
"if(pm.response.code == 200)",
"{",
" if(jsonData.user_code && jsonData.user_code != \"\") {",
" pm.globals.set(\"user_code\", jsonData.user_code);",
" }",
"",
" if(jsonData.device_code && jsonData.device_code != \"\") {",
" pm.globals.set(\"device_code\", jsonData.device_code);",
" }",
"}",
"",
"// Tests",
"",
"pm.test(\"Status code is 200\", () => {",
" pm.expect(pm.response.code).to.eql(200);",
"});",
"",
"pm.test(\"Response contains `user_code`.\", function () {",
" pm.expect(jsonData.user_code).to.be.a(\"string\");",
"});",
"",
"pm.test(\"Response contains `device_code`.\", function () {",
" pm.expect(jsonData.device_code).to.be.a(\"string\");",
"});"
],
"type": "text/javascript"
}
},
{
"listen": "prerequest",
"script": {
"exec": [
"function base64URLEncode(words) {",
" return CryptoJS.enc.Base64.stringify(words)",
" .replace(/\\+/g, '-')",
" .replace(/\\//g, '_')",
" .replace(/=/g, '');",
"}",
"const code_verifier = base64URLEncode(CryptoJS.lib.WordArray.random(50));",
"const code_challenge = base64URLEncode(CryptoJS.SHA256(code_verifier));",
"",
"pm.globals.set(\"code_challenge\", code_challenge);",
"pm.globals.set(\"code_verifier\", code_verifier);"
],
"type": "text/javascript"
}
}
],
"request": {
"method": "POST",
"header": [
],
"body": {
"mode": "urlencoded",
"urlencoded": [
{
"key": "response_type",
"value": "device_code",
"description": "Response types this client will support and use.",
"type": "text"
},
{
"key": "client_id",
"value": "{{postmanPublicClientId}}",
"description": "The ID of the Confidential OAuth Client.",
"type": "text"
},
{
"key": "scope",
"value": "manage",
"description": "Strings that are presented to the user for approval and included in tokens so that the protected resource may make decisions about what to give access to.",
"type": "text"
},
{
"key": "code_challenge_method",
"value": "S256",
"description": "The method used to generate the code challenge.",
"type": "text"
},
{
"key": "code_challenge",
"value": "{{code_challenge}}",
"description": "The generated code challenge.",
"type": "text"
}
]
},
"url": {
"raw": "{{amUrl}}/oauth2{{realm}}/device/code",
"host": [
"{{amUrl}}"
],
"path": [
"oauth2{{realm}}",
"device",
"code"
]
},
"description": "Receive a user code and a device code, which can be used to provide consent.\n\n\n\n"
},
"response": [
{
"name": "Example",
"originalRequest": {
"method": "POST",
"header": [
],
"body": {
"mode": "urlencoded",
"urlencoded": [
{
"key": "response_type",
"value": "device_code",
"description": "Response types this client will support and use.",
"type": "text"
},
{
"key": "client_id",
"value": "{{postmanPublicClientId}}",
"description": "The ID of the Confidential OAuth Client.",
"type": "text"
},
{
"key": "scope",
"value": "manage",
"description": "Strings that are presented to the user for approval and included in tokens so that the protected resource may make decisions about what to give access to.",
"type": "text"
},
{
"key": "code_challenge_method",
"value": "S256",
"description": "The method used to generate the code challenge.",
"type": "text"
},
{
"key": "code_challenge",
"value": "{{code_challenge}}",
"description": "The generated code challenge.",
"type": "text"
}
]
},
"url": {
"raw": "{{amUrl}}/oauth2{{realm}}/device/code",
"host": [
"{{amUrl}}"
],
"path": [
"oauth2{{realm}}",
"device",
"code"
]
}
},
"status": "OK",
"code": 200,
"_postman_previewlanguage": "json",
"header": [
{
"key": "X-Frame-Options",
"value": "SAMEORIGIN"
},
{
"key": "X-Content-Type-Options",
"value": "nosniff"
},
{
"key": "Content-Type",
"value": "application/json;charset=UTF-8"
},
{
"key": "Content-Length",
"value": "610"
},
{
"key": "Date",
"value": "Thu, 13 Aug 2020 12:19:08 GMT"
}
],
"cookie": [
],
"body": "{\n \"user_code\": \"x3W2JEFJ\",\n \"device_code\": \"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJhdWQiOiJodHRwOi8vb3BlbmFtLmV4YW1wbGUuY29tOjgwODAvb3BlbmFtL29hdXRoMiIsIm5iZiI6MTU5NzMyMTE0OCwidXNlcl9jb2RlIjoieDNXMkpFRkoiLCJpc3MiOiJodHRwOi8vb3BlbmFtLmV4YW1wbGUuY29tOjgwODAvb3BlbmFtL29hdXRoMiIsImV4cCI6MTU5NzMyMTQ0OCwiaWF0IjoxNTk3MzIxMTQ4LCJqdGkiOiIxYWI0MTE5Yy0yYjE4LTQxYWYtYjZjMC1iNTRmZTQxZWZhNjEifQ.gCoWICyPwJhD7LshgpfLpc9zEt6iUrsjmbGv6yk2kW0\",\n \"interval\": 5,\n \"verification_uri\": \"http://openam.example.com:8080/openam/oauth2/device/user\",\n \"expires_in\": 300,\n \"verification_url\": \"http://openam.example.com:8080/openam/oauth2/device/user\"\n}"
}
]
}