Chilkat Online Tools

VB6 / ForgeRock Identity Cloud Collection / Step 2: Introspect the Access Token

Back to Collection Items

' This example assumes the Chilkat API to have been previously unlocked.
' See Global Unlock Sample for sample code.

Dim http As New ChilkatHttp
Dim success As Long

Dim req As New ChilkatHttpRequest

Dim jsonParam1 As New ChilkatJsonObject
req.AddParam "token",jsonParam1.Emit()

Dim jsonParam2 As New ChilkatJsonObject
req.AddParam "client_id",jsonParam2.Emit()

Dim jsonParam3 As New ChilkatJsonObject
req.AddParam "client_secret",jsonParam3.Emit()

req.AddHeader "Authorization","Bearer <access_token>"

Dim resp As ChilkatHttpResponse
Set resp = http.PostUrlEncoded("https://<tenant-name>.forgeblocks.com/am/oauth2/realms/root/realms/alpha/introspect",req)
If (http.LastMethodSuccess = 0) Then
    Debug.Print http.LastErrorText
    Exit Sub
End If

Dim sbResponseBody As New ChilkatStringBuilder
success = resp.GetBodySb(sbResponseBody)

Dim jResp As New ChilkatJsonObject
success = jResp.LoadSb(sbResponseBody)
jResp.EmitCompact = 0

Debug.Print "Response Body:"
Debug.Print jResp.Emit()

Dim respStatusCode As Long
respStatusCode = resp.StatusCode
Debug.Print "Response Status Code = " & respStatusCode
If (respStatusCode >= 400) Then
    Debug.Print "Response Header:"
    Debug.Print resp.Header
    Debug.Print "Failed."

    Exit Sub
End If

' Sample JSON response:
' (Sample code for parsing the JSON response is shown below)

' {
'   "active": true,
'   "scope": "write",
'   "realm": "/",
'   "client_id": "forgerockDemoConfidentialClient",
'   "user_id": "demo",
'   "token_type": "Bearer",
'   "exp": 1597324612,
'   "sub": "demo",
'   "iss": "http://openam.example.com:8080/openam/oauth2",
'   "auth_level": 0,
'   "authGrantId": "HAQs5GyHyZvbj_bOkdX9Ul03lh0",
'   "auditTrackingId": "037f02f9-d821-4f72-8563-c5050c40fdc3-52010",
'   "expires_in": 3600
' }

' Sample code for parsing the JSON response...
' Use this online tool to generate parsing code from sample JSON: Generate JSON Parsing Code

Dim active As Long
active = jResp.BoolOf("active")
Dim scope As String
scope = jResp.StringOf("scope")
Dim realm As String
realm = jResp.StringOf("realm")
Dim client_id As String
client_id = jResp.StringOf("client_id")
Dim user_id As String
user_id = jResp.StringOf("user_id")
Dim token_type As String
token_type = jResp.StringOf("token_type")
Dim exp As Long
exp = jResp.IntOf("exp")
Dim v_sub As String
v_sub = jResp.StringOf("sub")
Dim iss As String
iss = jResp.StringOf("iss")
Dim auth_level As Long
auth_level = jResp.IntOf("auth_level")
Dim authGrantId As String
authGrantId = jResp.StringOf("authGrantId")
Dim auditTrackingId As String
auditTrackingId = jResp.StringOf("auditTrackingId")
Dim expires_in As Long
expires_in = jResp.IntOf("expires_in")

Curl Command

curl -X POST
	-H "Authorization: Bearer <access_token>"
	--data-urlencode 'token={{access_token}}'
	--data-urlencode 'client_id={{postmanConfidentialClientId}}'
	--data-urlencode 'client_secret={{postmanClientSecret}}'
https://<tenant-name>.forgeblocks.com/am/oauth2/realms/root/realms/alpha/introspect

Postman Collection Item JSON

{
  "name": "Step 2: Introspect the Access Token ",
  "event": [
    {
      "listen": "test",
      "script": {
        "exec": [
          "",
          "// Tests",
          "",
          "const jsonData = JSON.parse(responseBody);",
          "",
          "pm.test(\"Status code is 200\", () => {",
          "  pm.expect(pm.response.code).to.eql(200);",
          "});",
          "",
          "pm.test(\"Response contains correct `client_id`.\", function () {",
          "    pm.expect(jsonData.client_id).to.eql(pm.collectionVariables.get(\"postmanConfidentialClientId\"));",
          "});",
          "",
          "",
          ""
        ],
        "type": "text/javascript"
      }
    }
  ],
  "request": {
    "method": "POST",
    "header": [
    ],
    "body": {
      "mode": "urlencoded",
      "urlencoded": [
        {
          "key": "token",
          "value": "{{access_token}}",
          "description": "Access token you want to introspect.",
          "type": "text"
        },
        {
          "key": "client_id",
          "value": "{{postmanConfidentialClientId}}",
          "description": "The ID of the Confidential OAuth Client.",
          "type": "text"
        },
        {
          "key": "client_secret",
          "value": "{{postmanClientSecret}}",
          "description": "The secret of the Confidential OAuth Client.",
          "type": "text"
        }
      ]
    },
    "url": {
      "raw": "{{amUrl}}/oauth2{{realm}}/introspect",
      "host": [
        "{{amUrl}}"
      ],
      "path": [
        "oauth2{{realm}}",
        "introspect"
      ]
    },
    "description": "Retrieve metadata about the active access token, such as, approved scopes, the user that authorized the token, and the expiry time."
  },
  "response": [
    {
      "name": "Example",
      "originalRequest": {
        "method": "POST",
        "header": [
        ],
        "body": {
          "mode": "urlencoded",
          "urlencoded": [
            {
              "key": "token",
              "value": "{{access_token}}",
              "description": "Access token you want to introspect.",
              "type": "text"
            },
            {
              "key": "client_id",
              "value": "{{postmanConfidentialClientId}}",
              "description": "The ID of the Confidential OAuth Client.",
              "type": "text"
            },
            {
              "key": "client_secret",
              "value": "{{postmanClientSecret}}",
              "description": "The secret of the Confidential OAuth Client.",
              "type": "text"
            }
          ]
        },
        "url": {
          "raw": "{{amUrl}}/oauth2{{realm}}/introspect",
          "host": [
            "{{amUrl}}"
          ],
          "path": [
            "oauth2{{realm}}",
            "introspect"
          ]
        }
      },
      "status": "OK",
      "code": 200,
      "_postman_previewlanguage": "json",
      "header": [
        {
          "key": "X-Frame-Options",
          "value": "SAMEORIGIN"
        },
        {
          "key": "X-Content-Type-Options",
          "value": "nosniff"
        },
        {
          "key": "Content-Type",
          "value": "application/json;charset=UTF-8"
        },
        {
          "key": "Content-Length",
          "value": "351"
        },
        {
          "key": "Date",
          "value": "Thu, 13 Aug 2020 12:17:03 GMT"
        }
      ],
      "cookie": [
      ],
      "body": "{\n    \"active\": true,\n    \"scope\": \"write\",\n    \"realm\": \"/\",\n    \"client_id\": \"forgerockDemoConfidentialClient\",\n    \"user_id\": \"demo\",\n    \"token_type\": \"Bearer\",\n    \"exp\": 1597324612,\n    \"sub\": \"demo\",\n    \"iss\": \"http://openam.example.com:8080/openam/oauth2\",\n    \"auth_level\": 0,\n    \"authGrantId\": \"HAQs5GyHyZvbj_bOkdX9Ul03lh0\",\n    \"auditTrackingId\": \"037f02f9-d821-4f72-8563-c5050c40fdc3-52010\",\n    \"expires_in\": 3600\n}"
    }
  ]
}