Chilkat Online Tools

SQL Server / Commercetools / Token Introspection

Back to Collection Items

-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls.
--
CREATE PROCEDURE ChilkatSample
AS
BEGIN
    DECLARE @hr int
    DECLARE @iTmp0 int
    -- Important: Do not use nvarchar(max).  See the warning about using nvarchar(max).
    DECLARE @sTmp0 nvarchar(4000)
    -- This example assumes the Chilkat API to have been previously unlocked.
    -- See Global Unlock Sample for sample code.

    DECLARE @http int
    -- Use "Chilkat_9_5_0.Http" for versions of Chilkat < 10.0.0
    EXEC @hr = sp_OACreate 'Chilkat.Http', @http OUT
    IF @hr <> 0
    BEGIN
        PRINT 'Failed to create ActiveX component'
        RETURN
    END

    DECLARE @success int

    EXEC sp_OASetProperty @http, 'BasicAuth', 1
    EXEC sp_OASetProperty @http, 'Login', 'username'
    EXEC sp_OASetProperty @http, 'Password', 'password'

    EXEC sp_OAMethod @http, 'SetRequestHeader', NULL, 'Content-Type', 'application/json'

    DECLARE @resp int
    EXEC sp_OAMethod @http, 'QuickRequest', @resp OUT, 'POST', 'https://domain.com/oauth/introspect?token={{ctp_access_token}}'
    EXEC sp_OAGetProperty @http, 'LastMethodSuccess', @iTmp0 OUT
    IF @iTmp0 = 0
      BEGIN
        EXEC sp_OAGetProperty @http, 'LastErrorText', @sTmp0 OUT
        PRINT @sTmp0
        EXEC @hr = sp_OADestroy @http
        RETURN
      END

    EXEC sp_OAGetProperty @resp, 'StatusCode', @iTmp0 OUT
    PRINT @iTmp0
    EXEC sp_OAGetProperty @resp, 'BodyStr', @sTmp0 OUT
    PRINT @sTmp0
    EXEC @hr = sp_OADestroy @resp


    EXEC @hr = sp_OADestroy @http


END
GO

Curl Command

curl -X POST
	-u 'username:password'
	-H "Content-Type: application/json"
https://domain.com/oauth/introspect?token={{ctp_access_token}}

Postman Collection Item JSON

{
  "name": "Token Introspection",
  "event": [
    {
      "listen": "test",
      "script": {
        "type": "text/javascript",
        "exec": [
          "tests[\"Status code is 200\"] = responseCode.code === 200;"
        ]
      }
    }
  ],
  "request": {
    "auth": {
      "type": "basic",
      "basic": {
        "username": "{{client_id}}",
        "password": "{{client_secret}}"
      }
    },
    "method": "POST",
    "header": [
      {
        "key": "Content-Type",
        "value": "application/json"
      }
    ],
    "body": {
      "mode": "raw",
      "raw": ""
    },
    "url": {
      "raw": "{{auth_url}}/oauth/introspect?token={{ctp_access_token}}",
      "host": [
        "{{auth_url}}"
      ],
      "path": [
        "oauth",
        "introspect"
      ],
      "query": [
        {
          "key": "token",
          "value": "{{ctp_access_token}}",
          "equals": true
        }
      ]
    },
    "description": "Token introspection allows to determine the active state of an OAuth 2.0 access token and to determine meta-information about this accces token, such as the `scope`."
  },
  "response": [
  ]
}