(Tcl) Azure Fetch OpenID Connect metadata document

See more OIDC Examples

Downloads the OpenID Connect self-discovery document for an Azure OIDC enabled app.

For more information, see https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-protocols-oidc

Chilkat Tcl Extension Downloads Chilkat Tcl Extension Downloads

load ./chilkat.dll

# This example requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.

set http [new_CkHttp]

CkHttp_put_Accept $http "application/json"

# See the Microsoft Azure OIDC documentation at https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-protocols-oidc
# The "tenant" can take one of four values described in the documentation at the link above.

set success [CkHttp_SetUrlVar $http "tenant" "6d8ddd66-68d1-44b0-af5c-e31b4b7ee5cd"]
# resp is a CkHttpResponse
set resp [CkHttp_QuickRequest $http "GET" "https://login.microsoftonline.com/{$tenant}/v2.0/.well-known/openid-configuration"]
if {[CkHttp_get_LastMethodSuccess $http] != 1} then {
    puts [CkHttp_lastErrorText $http]
    delete_CkHttp $http
    exit
}

puts "Response Status Code: [CkHttpResponse_get_StatusCode $resp]"

set json [new_CkJsonObject]

CkJsonObject_Load $json [CkHttpResponse_bodyStr $resp]
CkJsonObject_put_EmitCompact $json 0
puts [CkJsonObject_emit $json]

if {[CkHttpResponse_get_StatusCode $resp] != 200} then {
    puts "Failed."
    delete_CkHttpResponse $resp

    delete_CkHttp $http
    delete_CkJsonObject $json
    exit
}

delete_CkHttpResponse $resp

# Sample output...
# (See the parsing code below..)
# 
# Use the this online tool to generate parsing code from sample JSON: 
# Generate Parsing Code from JSON

# {
#   "token_endpoint": "https://login.microsoftonline.com/6d8ddd66-68d1-44b0-af5c-e31b4b7ee5cd/oauth2/v2.0/token",
#   "token_endpoint_auth_methods_supported": [
#     "client_secret_post",
#     "private_key_jwt",
#     "client_secret_basic"
#   ],
#   "jwks_uri": "https://login.microsoftonline.com/6d8ddd66-68d1-44b0-af5c-e31b4b7ee5cd/discovery/v2.0/keys",
#   "response_modes_supported": [
#     "query",
#     "fragment",
#     "form_post"
#   ],
#   "subject_types_supported": [
#     "pairwise"
#   ],
#   "id_token_signing_alg_values_supported": [
#     "RS256"
#   ],
#   "response_types_supported": [
#     "code",
#     "id_token",
#     "code id_token",
#     "id_token token"
#   ],
#   "scopes_supported": [
#     "openid",
#     "profile",
#     "email",
#     "offline_access"
#   ],
#   "issuer": "https://login.microsoftonline.com/6d8ddd66-68d1-44b0-af5c-e31b4b7ee5cd/v2.0",
#   "request_uri_parameter_supported": false,
#   "userinfo_endpoint": "https://graph.microsoft.com/oidc/userinfo",
#   "authorization_endpoint": "https://login.microsoftonline.com/6d8ddd66-68d1-44b0-af5c-e31b4b7ee5cd/oauth2/v2.0/authorize",
#   "device_authorization_endpoint": "https://login.microsoftonline.com/6d8ddd66-68d1-44b0-af5c-e31b4b7ee5cd/oauth2/v2.0/devicecode",
#   "http_logout_supported": true,
#   "frontchannel_logout_supported": true,
#   "end_session_endpoint": "https://login.microsoftonline.com/6d8ddd66-68d1-44b0-af5c-e31b4b7ee5cd/oauth2/v2.0/logout",
#   "claims_supported": [
#     "sub",
#     "iss",
#     "cloud_instance_name",
#     "cloud_instance_host_name",
#     "cloud_graph_host_name",
#     "msgraph_host",
#     "aud",
#     "exp",
#     "iat",
#     "auth_time",
#     "acr",
#     "nonce",
#     "preferred_username",
#     "name",
#     "tid",
#     "ver",
#     "at_hash",
#     "c_hash",
#     "email"
#   ],
#   "kerberos_endpoint": "https://login.microsoftonline.com/6d8ddd66-68d1-44b0-af5c-e31b4b7ee5cd/kerberos",
#   "tenant_region_scope": "NA",
#   "cloud_instance_name": "microsoftonline.com",
#   "cloud_graph_host_name": "graph.windows.net",
#   "msgraph_host": "graph.microsoft.com",
#   "rbac_url": "https://pas.windows.net"
# }

set token_endpoint [CkJsonObject_stringOf $json "token_endpoint"]
set jwks_uri [CkJsonObject_stringOf $json "jwks_uri"]
set issuer [CkJsonObject_stringOf $json "issuer"]
set request_uri_parameter_supported [CkJsonObject_BoolOf $json "request_uri_parameter_supported"]
set userinfo_endpoint [CkJsonObject_stringOf $json "userinfo_endpoint"]
set authorization_endpoint [CkJsonObject_stringOf $json "authorization_endpoint"]
set device_authorization_endpoint [CkJsonObject_stringOf $json "device_authorization_endpoint"]
set http_logout_supported [CkJsonObject_BoolOf $json "http_logout_supported"]
set frontchannel_logout_supported [CkJsonObject_BoolOf $json "frontchannel_logout_supported"]
set end_session_endpoint [CkJsonObject_stringOf $json "end_session_endpoint"]
set kerberos_endpoint [CkJsonObject_stringOf $json "kerberos_endpoint"]
set tenant_region_scope [CkJsonObject_stringOf $json "tenant_region_scope"]
set cloud_instance_name [CkJsonObject_stringOf $json "cloud_instance_name"]
set cloud_graph_host_name [CkJsonObject_stringOf $json "cloud_graph_host_name"]
set msgraph_host [CkJsonObject_stringOf $json "msgraph_host"]
set rbac_url [CkJsonObject_stringOf $json "rbac_url"]
set i 0
set count_i [CkJsonObject_SizeOfArray $json "token_endpoint_auth_methods_supported"]
while {$i < $count_i} {
    CkJsonObject_put_I $json $i
    set strVal [CkJsonObject_stringOf $json "token_endpoint_auth_methods_supported[i]"]
    set i [expr $i + 1]
}
set i 0
set count_i [CkJsonObject_SizeOfArray $json "response_modes_supported"]
while {$i < $count_i} {
    CkJsonObject_put_I $json $i
    set strVal [CkJsonObject_stringOf $json "response_modes_supported[i]"]
    set i [expr $i + 1]
}
set i 0
set count_i [CkJsonObject_SizeOfArray $json "subject_types_supported"]
while {$i < $count_i} {
    CkJsonObject_put_I $json $i
    set strVal [CkJsonObject_stringOf $json "subject_types_supported[i]"]
    set i [expr $i + 1]
}
set i 0
set count_i [CkJsonObject_SizeOfArray $json "id_token_signing_alg_values_supported"]
while {$i < $count_i} {
    CkJsonObject_put_I $json $i
    set strVal [CkJsonObject_stringOf $json "id_token_signing_alg_values_supported[i]"]
    set i [expr $i + 1]
}
set i 0
set count_i [CkJsonObject_SizeOfArray $json "response_types_supported"]
while {$i < $count_i} {
    CkJsonObject_put_I $json $i
    set strVal [CkJsonObject_stringOf $json "response_types_supported[i]"]
    set i [expr $i + 1]
}
set i 0
set count_i [CkJsonObject_SizeOfArray $json "scopes_supported"]
while {$i < $count_i} {
    CkJsonObject_put_I $json $i
    set strVal [CkJsonObject_stringOf $json "scopes_supported[i]"]
    set i [expr $i + 1]
}
set i 0
set count_i [CkJsonObject_SizeOfArray $json "claims_supported"]
while {$i < $count_i} {
    CkJsonObject_put_I $json $i
    set strVal [CkJsonObject_stringOf $json "claims_supported[i]"]
    set i [expr $i + 1]
}

delete_CkHttp $http
delete_CkJsonObject $json