I would like to make a java application that make login and approve authorization using openId on wso2is as made playground2 (the sample released with wso2is) but i want to use apache httpclient.
I can make the login and the step until the approve, when I make approve the response is always "https://192.168.3.40:9443/carbon/../authenticationendpoint/oauth2_error.do?oauthErrorCode=invalid_request&oauthErrorMsg=Invalid+authorization+request"
this is my code:
httpget = new HttpGet( "https://" + host + ":9443/oauth2/authorize?scope=openid&response_type=code&redirect_uri=http%3A%2F%2F192.168.0.37%3A8080%2Fplayground2%2Foauth2client&client_id=IfhWIq5d9rHJXFDtyvICEga3AvUa" );
referer = "http://192.168.0.37:8080/playground2/oauth2.jsp?reset=true";
httpget.setHeader( HttpHeaders.REFERER, referer );
httpget.setHeader( HttpHeaders.USER_AGENT, "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.81 Safari/537.36" );
response = httpclient.execute( httpget, context );
entity = response.getEntity();
content = EntityUtils.toString( entity );
sessionDataKey = getSessionDataKey( content );
List<Cookie> cl = cookieStore.getCookies();
for (Cookie c: cl){
if (c.getName().equalsIgnoreCase( "jsessionid") && c.getPath().equals("/"))
jsessionid = c.getValue();
}
HttpPost httpostAuth = new HttpPost( "https://" + host + ":9443/commonauth" );
nvps.clear();
nvps.add( new BasicNameValuePair( "username", "ltosi" ) );
nvps.add( new BasicNameValuePair( "password", "ltosi" ) );
nvps.add( new BasicNameValuePair( "sessionDataKey", sessionDataKey ) );
nvps.add( new BasicNameValuePair( "Sign In", "Sign In" ) );
referer = "https://192.168.3.40:9443/authenticationendpoint/login.do;jsessionid="+jsessionid+"?sessionDataKey="+sessionDataKey+"&type=oidc&commonAuthCallerPath=/oauth2/authorize&forceAuthenticate=false&checkAuthentication=false&relyingParty=IfhWIq5d9rHJXFDtyvICEga3AvUa&tenantId=-1234&scope%3Dopenid%26response_type%3Dcode%26redirect_uri%3Dhttp%253A%252F%252F192.168.0.37%253A8080%252Fplayground2%252Foauth2client%26client_id%3DIfhWIq5d9rHJXFDtyvICEga3AvUa&authenticators=BasicAuthenticator:LOCAL";
httpostAuth.setHeader( HttpHeaders.REFERER, referer );
httpostAuth.setHeader( HttpHeaders.USER_AGENT, "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.81 Safari/537.36" );
httpostAuth.setEntity( new UrlEncodedFormEntity( nvps, HTTP.UTF_8 ) );
response = httpclient.execute( httpostAuth, context );
entity = response.getEntity();
content = EntityUtils.toString( entity );
httpget = new HttpGet( response.getLastHeader( "Location" ).getValue() );
httpget.setHeader( HttpHeaders.REFERER, referer );
httpget.setHeader( HttpHeaders.USER_AGENT, "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.81 Safari/537.36" );
response = httpclient.execute( httpget, context );
entity = response.getEntity();
content = EntityUtils.toString( entity );
httpost = new HttpPost( "https://" + host + ":9443/oauth2/authorize" );
referer = "https://192.168.3.40:9443/authenticationendpoint/oauth2_consent.do?loggedInUser=ltosi%40carbon.super&application=playground2&scope=openid&sessionDataKeyConsent="+sessionDataKey+"&spQueryParams=scope%3Dopenid%26response_type%3Dcode%26redirect_uri%3Dhttp%253A%252F%252F192.168.0.37%253A8080%252Fplayground2%252Foauth2client%26client_id%3DIfhWIq5d9rHJXFDtyvICEga3AvUa";
httpost.setHeader( HttpHeaders.REFERER, referer );
httpost.setHeader( HttpHeaders.USER_AGENT, "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.81 Safari/537.36" );
httpost.setHeader( "Origin", "https://192.168.3.40:9443" );
httpost.setHeader( "Host", "192.168.3.40:9443" );
httpost.setEntity( new UrlEncodedFormEntity( nvps, HTTP.UTF_8 ) );
nvps.clear();
nvps.add( new BasicNameValuePair( "sessionDataKeyConsent", sessionDataKey ) );
nvps.add( new BasicNameValuePair( "consent", "approve" ) );
httpost.setEntity( new UrlEncodedFormEntity( nvps, HTTP.UTF_8 ) );
response = httpclient.execute( httpost, context );
entity = response.getEntity();
This can be done, but have to put lot of effort if you use Apache HTTPClient only. There are some custom wrappers written by the wso2. You can use them to achieve your scenario. Please refer the following blog post from blog.facilelogin.com (managing users and roles with wso2).