Use CURL to access /demo/mobile-demo/rba with the access token
Use CURL to run the following command in a shell terminal.
The command includes the previously obtained access token with the Authorization header. Use this command to access the protected application resource /demo/mobile-demo/rba.
curl k v H "Authorization: Bearer C57M09" H "ContentType: application/json"
H "Accept: application/json" https://<reverse proxy address>/demo/mobiledemo/rba
The response is the result of enforcement of the previously attached CBA policy. The policy requires completion of a TOTP authentication.
< HTTP/1.1 200 OK
<
{
"mechanism": "urn:ibm:security:authentication:asf:mechanism:totp",
"message": "",
"state": "9efd546c5a574d218a027a79110c2f19",
"location": "/mga/sps/apiauthsvc?StateId=9efd546c5a574d218a027a79110c2f19",
"execptionMsg": "NA"
}
The next request validates the TOTP for testuser1. The otp value is supplied by testuser1 by reading its Google Authenticator app.
curl k v X PUT H "ContentType: application/json" H "Accept: application/json" H
"Authorization: Bearer C57M09" data "{'otp': '842998'}" "https://<reverse proxy
address>/mgaapi/sps/apiauthsvc?StateId=9efd546c5a574d218a027a79110c2f19"
The resulting response is the actual protected resource from /demo/mobile-demo/rba. Its data format is HTML. However, the basic configuration and REST client experience is successfully deployed.
< HTTP/1.1 200 OK
< contentlanguage: enUS
< contenttype: text/html;charset=ISO88591
< date: Mon, 08 Feb 2016 04:06:34 GMT
< p3p: CP="NON CUR OTPi OUR NOR UNI"
< xoldcontentlength: 1554
< transferencoding: chunked
< cachecontrol: nocache="setcookie, setcookie2"
< expires: Thu, 01 Dec 1994 16:00:00 GMT
<HTML>
<BODY>
<div class="content">
<div class="contentHeader">
<h1 class="pageTitle">Riskbased access protected resource</h1>
<div class="instructions"></div>
</div>
<div class="pageContent" style="width: 600">
If you get the following page, then either you have a match for the device fingerprint or you were already authenticated at a high level (for example, one-time password).
</div>
</div>
</BODY>
</HTML>