来自 SAML 响应的 oauth 访问令牌? [英] oauth access token from SAML response?

问题描述

我有一个演示应用程序，它使用 WSO2 身份服务器配置了 SAML2.0 SSO.而且它工作正常.现在我想从 SAML 响应中获取 oauth 令牌.是否可以从 SAML 响应中解析 oauth 令牌，任何建议?

I have one demo application ,it configured SAML2.0 SSO with the WSO2 Identity Server.and also its working fine.Now i want to get oauth token from the SAML response.Is it possible to parse oauth token from the SAML response ,any sugession ?

推荐答案

是的.它是支持的.您可以向/token 端点发送 SAML 断言并接收访问令牌.Identity Server 支持 SAML 2.0 Bearer Assertion Profiles 和 此 已实施.在这里，您要使用 Base64 url​​ 编码的 SAML 断言对/token 端点执行 POST.您可以从此处.POST 请求需要关注

Yes. it is supported. You can send a SAML Assertion to the /token endpoint and receive a access token. Identity Server supports for SAML 2.0 Bearer Assertion Profiles and This has been implemented. Here you want to do a POST to the /token end point with Base64 url encoded SAML assertion. You can find more details from here. POST request would like following

curl -X POST -u "QlthIzYUOK5DS0BXW8Cy8uFJjKAa:XFfgPmTbMaQ5eScc0rSnAW9ZIgwa" -H "Content-Type: application/x-www-form-urlencoded;charset=UTF-8" -d ":grant_type:paramsgrant-type:saml2-bearer&assertion=PHNhbWxwOl...[为简洁起见省略]...ZT4" https://{host}:{port}/oauth2/token

curl -X POST -u "QlthIzYUOK5DS0BXW8Cy8uFJjKAa:XFfgPmTbMaQ5eScc0rSnAW9ZIgwa" -H "Content-Type: application/x-www-form-urlencoded;charset=UTF-8" -d "grant_type=urn:ietf:params:oauth:grant-type:saml2-bearer&assertion=PHNhbWxwOl...[omitted for brevity]...ZT4" https://{host}:{port}/oauth2/token

这篇关于来自 SAML 响应的 oauth 访问令牌?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！