These samples are heavily based on https://github.com/pivotal-cf/identity-sample-apps
Follow the details in this blog post to bring up an authorization server.
Use the uaac command line utility to interact with UAA to populate the details of some of the actors involved:
# Target local UAA
uaac target http://localhost:8080/uaa --skip-ssl-validation
# Login as a canned client
uaac token client get admin -s adminsecret
# Add a client credential with client_id of client1 and client_secret of client1
uaac client add client1 \
--name client1 \
--scope resource.read,resource.write \
-s client1 \
--authorized_grant_types authorization_code,refresh_token,client_credentials \
--authorities uaa.resource \
--redirect_uri http://localhost:8888/**
# Another client credential resource1/resource1
uaac client add resource1 \
--name resource1 \
-s resource1 \
--authorized_grant_types client_credentials \
--authorities uaa.resource
# Add a user called user1/user1
uaac user add user1 -p user1 --emails user1@user1.com
# Add two scopes resource.read, resource.write
uaac group add resource.read
uaac group add resource.write
# Assign user1 both resource.read, resource.write scopes..
uaac member add resource.read user1
uaac member add resource.write user1
Go to UI available at http://localhost:8888/ and click the UI to access a secure page. Login with user1/user1 when prompted.