{
"info": {
"name": "OAuth 2.1 Authorization Server",
"description": "Collection for testing OAuth 2.1 flows",
"schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json"
},
"variable": [
{
"key": "base_url",
"value": "http://localhost:9000"
},
{
"key": "client_id",
"value": "public-client"
},
{
"key": "confidential_client_id",
"value": "confidential-client"
},
{
"key": "confidential_client_secret",
"value": "secret"
},
{
"key": "redirect_uri",
"value": "http://127.0.0.1:8080/authorized"
},
{
"key": "authorization_code",
"value": ""
},
{
"key": "access_token",
"value": ""
},
{
"key": "refresh_token",
"value": ""
},
{
"key": "code_verifier",
"value": ""
}
],
"item": [
{
"name": "Well-Known Configuration",
"request": {
"method": "GET",
"header": [],
"url": {
"raw": "{{base_url}}/.well-known/oauth-authorization-server",
"host": ["{{base_url}}"],
"path": [".well-known", "oauth-authorization-server"]
}
}
},
{
"name": "JWK Set",
"request": {
"method": "GET",
"header": [],
"url": {
"raw": "{{base_url}}/oauth2/jwks",
"host": ["{{base_url}}"],
"path": ["oauth2", "jwks"]
}
}
},
{
"name": "Token - Authorization Code (Public Client)",
"event": [
{
"listen": "test",
"script": {
"exec": [
"if (pm.response.code === 200) {",
" const response = pm.response.json();",
" pm.collectionVariables.set('access_token', response.access_token);",
" pm.collectionVariables.set('refresh_token', response.refresh_token);",
"}"
]
}
}
],
"request": {
"method": "POST",
"header": [
{
"key": "Content-Type",
"value": "application/x-www-form-urlencoded"
}
],
"body": {
"mode": "urlencoded",
"urlencoded": [
{
"key": "grant_type",
"value": "authorization_code"
},
{
"key": "code",
"value": "{{authorization_code}}"
},
{
"key": "redirect_uri",
"value": "{{redirect_uri}}"
},
{
"key": "client_id",
"value": "{{client_id}}"
},
{
"key": "code_verifier",
"value": "{{code_verifier}}"
}
]
},
"url": {
"raw": "{{base_url}}/oauth2/token",
"host": ["{{base_url}}"],
"path": ["oauth2", "token"]
}
}
},
{
"name": "Token - Client Credentials",
"event": [
{
"listen": "test",
"script": {
"exec": [
"if (pm.response.code === 200) {",
" const response = pm.response.json();",
" pm.collectionVariables.set('access_token', response.access_token);",
"}"
]
}
}
],
"request": {
"auth": {
"type": "basic",
"basic": [
{
"key": "username",
"value": "{{confidential_client_id}}"
},
{
"key": "password",
"value": "{{confidential_client_secret}}"
}
]
},
"method": "POST",
"header": [
{
"key": "Content-Type",
"value": "application/x-www-form-urlencoded"
}
],
"body": {
"mode": "urlencoded",
"urlencoded": [
{
"key": "grant_type",
"value": "client_credentials"
},
{
"key": "scope",
"value": "read write"
}
]
},
"url": {
"raw": "{{base_url}}/oauth2/token",
"host": ["{{base_url}}"],
"path": ["oauth2", "token"]
}
}
},
{
"name": "Token - Refresh Token",
"event": [
{
"listen": "test",
"script": {
"exec": [
"if (pm.response.code === 200) {",
" const response = pm.response.json();",
" pm.collectionVariables.set('access_token', response.access_token);",
" pm.collectionVariables.set('refresh_token', response.refresh_token);",
"}"
]
}
}
],
"request": {
"method": "POST",
"header": [
{
"key": "Content-Type",
"value": "application/x-www-form-urlencoded"
}
],
"body": {
"mode": "urlencoded",
"urlencoded": [
{
"key": "grant_type",
"value": "refresh_token"
},
{
"key": "refresh_token",
"value": "{{refresh_token}}"
},
{
"key": "client_id",
"value": "{{client_id}}"
}
]
},
"url": {
"raw": "{{base_url}}/oauth2/token",
"host": ["{{base_url}}"],
"path": ["oauth2", "token"]
}
}
},
{
"name": "UserInfo",
"request": {
"auth": {
"type": "bearer",
"bearer": [
{
"key": "token",
"value": "{{access_token}}"
}
]
},
"method": "GET",
"header": [],
"url": {
"raw": "{{base_url}}/userinfo",
"host": ["{{base_url}}"],
"path": ["userinfo"]
}
}
},
{
"name": "Token Introspection",
"request": {
"auth": {
"type": "basic",
"basic": [
{
"key": "username",
"value": "{{confidential_client_id}}"
},
{
"key": "password",
"value": "{{confidential_client_secret}}"
}
]
},
"method": "POST",
"header": [
{
"key": "Content-Type",
"value": "application/x-www-form-urlencoded"
}
],
"body": {
"mode": "urlencoded",
"urlencoded": [
{
"key": "token",
"value": "{{access_token}}"
}
]
},
"url": {
"raw": "{{base_url}}/oauth2/introspect",
"host": ["{{base_url}}"],
"path": ["oauth2", "introspect"]
}
}
},
{
"name": "Token Revocation",
"request": {
"auth": {
"type": "basic",
"basic": [
{
"key": "username",
"value": "{{confidential_client_id}}"
},
{
"key": "password",
"value": "{{confidential_client_secret}}"
}
]
},
"method": "POST",
"header": [
{
"key": "Content-Type",
"value": "application/x-www-form-urlencoded"
}
],
"body": {
"mode": "urlencoded",
"urlencoded": [
{
"key": "token",
"value": "{{access_token}}"
}
]
},
"url": {
"raw": "{{base_url}}/oauth2/revoke",
"host": ["{{base_url}}"],
"path": ["oauth2", "revoke"]
}
}
},
{
"name": "Home",
"request": {
"method": "GET",
"header": [],
"url": {
"raw": "{{base_url}}/",
"host": ["{{base_url}}"],
"path": [""]
}
}
}
]
}
