Bootstrap FreeKB - OpenShift - Obtain OAuth Bearer Token using REST API
OpenShift - Obtain OAuth Bearer Token using REST API

Updated:   |  OpenShift articles

If you are not familiar with OAuth, check out What is an OAuth token.

Assuming you are able to log into OpenShift using the oc login command, the oc get route command can be used to get the hostname of the OpenShift OAuth service.

~]$ oc get route oauth-openshift --namespace openshift-authentication --output jsonpath="{.spec.host}"
oauth-openshift.apps.openshift.example.com

 

The following curl command can be used to obtain an OAuth Bearer Token.

curl
--insecure
--request GET
--user john.doe:itsasecret
--header "X-CSRF-Token: xxx"
--url "https://oauth-openshift.apps.openshift.example.com/oauth/authorize?response_type=token&client_id=openshift-challenging-client"
-v

 

Something like this should be returned. In this example, the Bearer Token is sha256~0Rs__hPuXmBD3TJTXNDisC7wRBN-nrFnYTxgdBrFT-U.

< HTTP/1.1 302 Found
< Cache-Control: no-cache, no-store, max-age=0, must-revalidate
< Cache-Control: no-cache, no-store, max-age=0, must-revalidate
< Expires: 0
< Expires: Fri, 01 Jan 1990 00:00:00 GMT
< Location: https://oauth-openshift.apps.openshift.example.com/oauth/token/implicit#access_token=sha256~0Rs__hPuXmBD3TJTXNDisC7wRBN-nrFnYTxgdBrFT-U&expires_in=86400&scope=user%3Afull&token_type=Bearer
< Pragma: no-cache
< Pragma: no-cache
< Referrer-Policy: strict-origin-when-cross-origin
< Set-Cookie: ssn=MTYzMzY5MjEzMXxwRUMyUldnaExjWG04R2RTcnBiVXlKSUN3Ymc4MWlxTEg0WUFmZGg4UER0WWdHQ0o4dTRaTDBvRDY5dldPeEJZWW9JUWJ1ZU83QzdxRm1ZWXVJOVI3UEhXaGJ3czZDaTRDb050cUkyVU1Jc3hpeDR6MThrTkZFNTQtcElXdW5qa1hPbF9aRHlKZHk4cEp3UU5LUmxCUG92ZXMta0tCUHZkYUE9PXxHSStSq5LyFVySeQ3Dx8MoIGg-po4-FD71DfcMWuY0Cg==; Path=/; HttpOnly; Secure
< X-Content-Type-Options: nosniff
< X-Dns-Prefetch-Control: off
< X-Frame-Options: DENY
< X-Xss-Protection: 1; mode=block
< Date: Fri, 08 Oct 2021 11:22:11 GMT
< Content-Length: 0
< 

 

--head | grep Location can be included to only return the line containing the token.

curl
--insecure
--request GET
--user john.doe:itsasecret
--header "X-CSRF-Token: xxx"
--url "https://oauth-openshift.apps.opeshift.example.com/oauth/authorize?response_type=token&client_id=openshift-challenging-client"
--head | grep Location

 




Did you find this article helpful?

If so, consider buying me a coffee over at Buy Me A Coffee



Comments


Add a Comment


Please enter 3ad208 in the box below so that we can be sure you are a human.