Hi, We would like to use JWT service tickets for one of the client applications and while trying it out we face an issue while decrypting the JWT ticket; details as follows :
We are currently using CAS official release 5.2.1. - As per the informative blog article ' https://apereo.github.io/2017/10/17/cas-jwt-authn-with-duo/ ' we managed to configure CAS to provide JWT tickets, so the url looks something like : https://testclient.abc.com:9444/sample/?ticket=eyJhbGciOiJIUzUxMiJ9.WlhsS05tRllRV2xQYVVwRlVsVlphVXhEU21oaVIyTnBUMmxLYTJGWVNXbE1RMHBzWW0xTmFVOXBTa0pOVkVrMFVUQktSRXhW....... - In the client (a nodejs based application), we manage to verify the signature of the jwt ticket with the signing secret as configured in CAS (cas.authn.token.crypto.signing.key=O9aIfNn-yHDP2BEN....). We used the npm 'jsonwebtoken' package for verification. - However, after verification we are unable to decrypt the payload using one of the standard npm package -> node-jose which expects a JWE kind of JWT token. - After having a look at the CAS code base, what I infer is that the JWT service ticket generated by CAS isn't a JWE but rather a JWS token; however the payload is encrypted. In such a case, how do we decrypt to get the payload claims data. OR is my approach not the right way to do it - Please let us know if there is any example of how to consume the CAS JWT service ticket at the client end OR any pointers to how do we go about the decryption of the payload would be of great help. Any help would be really appreciated as we have been struggling to resolve this issue since last 4-5 days. Thanks in advance, Best Regards, DN -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/b69eb0e8-debb-4812-9d22-b8be1f5beeaa%40apereo.org.
