This documentation is for WSO2 Identity Server 5.1.0. View documentation for the latest release.
Page Comparison - Writing a Custom OAuth 2.0 Grant Type (v.21 vs v.22) - Identity Server 5.1.0 - WSO2 Documentation

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

This section provides instructions on how to Do the following steps to customize the existing grant type.

  1. Copy the .jar file into the <IS_HOME>/repository/component/lib directory. You can also modify the project and build it using Apache Maven 3.
  2. Configure the following in the <IS_HOME>/repository/conf/identity/identity.xml file under the <OAuth><SupportedGrantTypes> element.

    Code Block
    languagexml
    <SupportedGrantType>
    	<GrantTypeName>password</GrantTypeName>
    	<GrantTypeHandlerImplClass>org.wso2.sample.identity.oauth2.grant.password.ModifiedAccessTokenPasswordGrant</GrantTypeHandlerImplClass>
    </SupportedGrantType>
  3. Restart the server.

  4. Configure the OAuth grant type you customized.
    1. Sign in to the WSO2 Identity Server. Enter your username and password to log on to the Management Console
    2. Navigate to the Main menu to access the Identity menu. Click Add under Service Providers.
    3. Fill in the Service Provider Name and provide a brief Description of the service provider. See Adding a Service Provider for more information.
    4. Expand the OAuth/OpenID Connect Configuration and click Configure.
    5. Enter a callback url for example http://localhost:8080/playground2/oauth2client and click Add.
    6. The OAuth Client Key and OAuth Client Secret will now be visible.
  5. Send the password grant request to the /token API using a cURL command.

    1. Replace clientid:clientsecret with the OAuth Client Key and OAuth Client Secret respectively and run the following sample cURL command in a new terminal window. 

      Code Block
      curl --user clientid:clientsecret -k -d "grant_type=password&username=admin&password=admin" -H "Content-Type: application/x-www-form-urlencoded" https://localhost:9443/oauth2/token
    2. You will see the following json response and the modified access token with an email address.

      Code Block
      {"token_type":"bearer","expires_in":2955,"refresh_token":"6865c8d67b42c0c23e634a8fc5aa81f","access_token":"982f40d4-0bb6-41ce-ac5a-1da06a83e475asela@soasecurity.org"}

...