*******************************************************************

* OAuth: Try Now Scripts

*
*******************************************************************



Setup

========================================

1. Run addjq.sh to add the json parser library

2. Access Manager administrator should do some basic OAuth configuration:
   
a. Enable OAuth Protocol for the IDP cluster
   
b. Enable NAM_OAUTH2_DEVELOPER
 and NAM_OAUTH2_ADMIN Roles for Developer and Users
   c. Extend User store Schema and Add LDAP Attribute to store user's consent and refresh token information.
   
d. In OAuth -> Global Settings, configure:
      - Authorization Grant LDAP Attribute:
 set to the attribute added in previous step
      - CORS Domain: select Allow All
      - Grant Types: select all options
      - Token Types: select all options
      - Add Signing Certificate.

      - Enable "Require Logout Consent" option

   e. Update Server



Steps To run
=========================================

1. Edit sampleScripts/config.txt file. Update the section marked System Settings.
   username      : OAuth developer username
   password      : OAuth developer password
   user_email    : Oauth developer email
   userstore     : name of the userstore configured for the IDP cluster (check with NAM administrator)
   user_dn       : Full DN like cn=admin, o=novell. Change domain as needed
   idpurl        : Identity server host and port
   scope_username: Non-developer user. 
   scope_password: Password for the above user.
   scope_email   : Email of the above user

2. Execute pre-requisite.scr. Make sure all the test have passed to setup the required environment. To review, verify the result_summary.txt file inside pre-requisite folder.

3. Once the basic environment is setup, you may run each script or "sampleScripts.sh" to run as batch



Use cases covered
=========================================

1. Authorization Flow:
	
   a. Access token with Default server
        
   b. Access token with resource Server 
	
   c. Refresh Token Revocation 
	
   d. Refresh Token Revocation global

2. Implicit Flow:
	
   e. Access token with Default server
        
   f. Access token with resource Server

3. Client Credential Flow:
	
   g. Access token with Default server
        
   h. Access token with resource Server

4. Resource Owner Flow:
	
   i. Access token with Default server
        
   j. Access token with resource Server
	
   k. Refresh Token Revocation
        
   l. Refresh Token Revocation global

5. IDToken Flow:
	
   m. With authorization code flow 
	
   n. With Impliciat flow

6. Refresh Token Flow:
	
   o. access token using refresh token

7. Token Verification with tokenInfo and UserInfo Endpoint

8. Resource Server Creation

9. Scope Creation

10.Client registration
