...
Example
The following example shows a request for the Authorize endpoint at the BankID pilot in pre-production. The example is generated from Postman (which is configured as a client at the OIDC Provider). A minimum value for scope ({{scope=openid}}) is user in this example. The value for the access token in the authorization header (Authorization: Bearer 4497db915b5b479191c81a7854a2fa8) is taken from the corresponding example for the Token endpoint. The OIDC Provider responds with HTTP 302 to redirect the User-Agent to start IDP handling for BankID.
| Code Block |
|---|
| language | xml |
|---|
| theme | Confluence |
|---|
| title | Request |
|---|
|
GET /oidc/oauth/authorize?client_id=Postman&scope=openid&state=7908648&redirect_uri=https%3A%2F%2Fwww.getpostman.com%2Foauth2%2Fcallback&response_type=code HTTP/1.1
Host: preprod.bankidapis.no
Connection: close
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_5) AppleWebKit/537.36 (KHTML, like Gecko) Postman/4.10.7 Chrome/53.0.2785.143 Electron/1.4.12 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Language: en-GB
HTTP/1.1 302 Found
Content-Length: 0
Location: https://oidc-preprod.bankidnorge.no/bidview?sid=2b29ac70-800b-4eb5-bf3d-f0bd61a9e520&oidcAuthenticationUrl=https%3A%2F%2Fpreprod.bankidapis.no%2Foidc%2Fauthenticate%2F
Server: Microsoft-IIS/8.5
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Date: Thu, 25 May 2017 11:08:58 GMT
Connection: close |
The following intermediate request/response pair shows how the User-Agent returns to the OIDC Provder after IDP handling for BankID. The OIDC provider responds with HTTP 302 to redirect the User-Agent to the OIDC client that originated the Authorize request (Postman in this case).
| Code Block |
|---|
| language | xml |
|---|
| theme | Confluence |
|---|
| title | Intermediate |
|---|
|
POST /oidc/oauth/authorize?session_authentication_token=2b29ac70-800b-4eb5-bf3d-f0bd61a9e520 HTTP/1.1
Host: preprod.bankidapis.no
Connection: close
Content-Length: 0
Cache-Control: max-age=0
Origin: https://oidc-preprod.bankidnorge.no
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_5) AppleWebKit/537.36 (KHTML, like Gecko) Postman/4.10.7 Chrome/53.0.2785.143 Electron/1.4.12 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Referer: https://oidc-preprod.bankidnorge.no/bidview/webclient
Accept-Language: en-GB
HTTP/1.1 303 See Other
Content-Length: 0
Location: https://www.getpostman.com/oauth2/callback?state=7908648&code=b860604adbf40f6c53a797290916771
Server: Microsoft-IIS/8.5
X-Powered-By: ARR/3.0
X-Powered-By: ASP.NET
Date: Thu, 25 May 2017 11:09:36 GMT
Connection: close |
The following request/response pair shows how the originating OIDC Client (Postman in this case) resumes control in terms of a response from the Authorize endpoint.
| Code Block |
|---|
| language | xml |
|---|
| theme | Confluence |
|---|
| title | Response |
|---|
|
GET /oauth2/callback?state=7908648&code=b860604adbf40f6c53a797290916771 HTTP/1.1
Host: www.getpostman.com
Connection: close
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_5) AppleWebKit/537.36 (KHTML, like Gecko) Postman/4.10.7 Chrome/53.0.2785.143 Electron/1.4.12 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Referer: https://oidc-preprod.bankidnorge.no/bidview/webclient
Accept-Language: en-GB
Cookie: _ga=GA1.2.129047571.1494663652; _mkto_trk=id:067-UMD-991&token:_mch-getpostman.com-1494663658399-21327
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Content-Length: 193
Connection: close
Date: Thu, 25 May 2017 11:09:40 GMT
Location: https://app.getpostman.com/oauth2/callback?state=7908648&code=b860604adbf40f6c53a797290916771
Server: nginx/1.10.2
X-Cache: Miss from cloudfront
Via: 1.1 4a74a9a6128ae727659616d5fe9bf745.cloudfront.net (CloudFront)
X-Amz-Cf-Id: L4wexO63ms38xVYDEl42oDlfOIJSDq11yWZciLD3p-NUEt8yFGiVYw==
<html>
<head><title>301 Moved Permanently</title></head>
<body bgcolor="white">
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx/1.4.6 (Ubuntu)</center>
</body>
</html> |
