Hi Anders!
We made the configuration you told us and we got the next msg error [org.apereo.cas.support.oauth.web.endpoints.OAuth20AccessTokenEndpointController] (default task-10) Grant type: [password] [org.apereo.cas.support.oauth.web.endpoints.OAuth20AccessTokenEndpointController] (default task-10) Received grant type [password] with client id [app_prueba] [org.apereo.cas.support.oauth.web.endpoints.OAuth20AccessTokenEndpointController] (default task-10) Access token request verification failed Executing the command "curl -X POST -k -i 'https://XXXXX/cas/oauth2.0/accessToken?grant_type=password&client_id=app_prueba&client_secret=clientSecret&username=XXXXX&password=XXXX&service=https://XXXXXXX'". CAS version 5.1.X not support client credencials grand type. Tks! Leo El miércoles, 7 de febrero de 2018, 6:21:02 (UTC-3), Anders Olsen escribió: > > Hi Leo, > > When you're working with the OAuth2 module and password grants, you need > to specify a client ID and a client secret. > The service ID is not needed as it is implicit that the clients are > authorized because they know the ID and secret associated with the service. > > Make sure that the service definition file is in the format > <string>-<id>.json > Mine is "dofbasen_oauth2_android-201801311512.json" > > Here's my definition: > > { > "@class" : > "org.apereo.cas.support.oauth.services.OAuthRegisteredService", > "clientId": "dofbasen_oauth2_android", > "clientSecret": "XXX", > "generateRefreshToken" : true, > "jsonFormat" : true, > "supported_grants" : ["password", "refresh_token"], > "name" : "OAuth2 (Android)", > "id" : 201801311512 > } > > When you send your request, you need to include both client_id AND > client_secret, you are missing the client_secret from your request > > I will however warn you, I have a bug at the moment which I've posted here: > https://groups.google.com/a/apereo.org/forum/#!topic/cas-user/ADjMnVevlJ0 > > Where the OAuth2 module gives you access tokens even if you dont specify > the username and password, despite using grant_type = password > (It thinks you're using client_credentials) > > > Regards, > Anders Olsen > > Den tirsdag den 6. februar 2018 kl. 14.48.50 UTC+1 skrev Leo Pintos: >> >> Hi Guys! >> >> I' ve working with curl command: >> curl -X POST -k -i ' >> https://DOMAIN/cas/oauth2.0/accessToken?grant_type=password&client_id=app_prueba&username=USER&password=PASS&service=URLREDIRECTION >> ' >> >> >> JSON: >> { >> "@class" : >> "org.apereo.cas.support.oauth.services.OAuthRegisteredService", >> "clientId": "app_prueba", >> "clientSecret": "clientSecret", >> "bypassApprovalPrompt": true, >> "generateRefreshToken": false, >> "serviceId" : "^(https?)://.*", >> "name" : "MyOAuthservice", >> "id" : 10000002 >> } >> >> Log; >> 2018-01-24 16:19:59,135 ERROR >> [org.apereo.cas.support.oauth.web.endpoints.OAuth20AccessTokenEndpointController] >> >> (default task-15) Could not identify and extract access token request: >> org.apereo.cas.services.UnauthorizedServiceException: Unauthorized Service >> Access. Service [app_prueba] is not found in service registry. >> at >> org.apereo.cas.services.RegisteredServiceAccessStrategyUtils.ensureServiceAccessIsAllowed(RegisteredServiceAccessStrategyUtils.java:53) >> at >> org.apereo.cas.services.RegisteredServiceAccessStrategyUtils.ensureServiceAccessIsAllowed(RegisteredServiceAccessStrategyUtils.java:69) >> at >> org.apereo.cas.services.RegisteredServiceAccessStrategyUtils.ensurePrincipalAccessIsAllowedForService(RegisteredServiceAccessStrategyUtils.java:85) >> at >> org.apereo.cas.DefaultCentralAuthenticationService.createTicketGrantingTicket(DefaultCentralAuthenticationService.java:362) >> at >> org.apereo.cas.DefaultCentralAuthenticationService$$FastClassBySpringCGLIB$$b02e48f2.invoke(<generated>) >> at >> org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204) >> at >> org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:738) >> at >> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157) >> at >> org.springframework.aop.aspectj.MethodInvocationProceedingJoinPoint.proceed(MethodInvocationProceedingJoinPoint.java:85) >> at >> org.apereo.inspektr.audit.AuditTrailManagementAspect.handleAuditTrail(AuditTrailManagementAspect.java:134) >> at sun.reflect.GeneratedMethodAccessor156.invoke(Unknown Source) >> at >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) >> at java.lang.reflect.Method.invoke(Method.java:498) >> at >> org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethodWithGivenArgs(AbstractAspectJAdvice.java:629) >> at >> org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethod(AbstractAspectJAdvice.java:618) >> at >> org.springframework.aop.aspectj.AspectJAroundAdvice.invoke(AspectJAroundAdvice.java:70) >> at >> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:168) >> at >> org.springframework.transaction.interceptor.TransactionInterceptor$1.proceedWithInvocation(TransactionInterceptor.java:99) >> at >> org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:282) >> at >> org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:96) >> at >> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) >> at >> org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:92) >> at >> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) >> at >> org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:673) >> at >> org.apereo.cas.DefaultCentralAuthenticationService$$EnhancerBySpringCGLIB$$e00035a3.createTicketGrantingTicket(<generated>) >> at sun.reflect.GeneratedMethodAccessor218.invoke(Unknown Source) >> at >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) >> at java.lang.reflect.Method.invoke(Method.java:498) >> at >> org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:333) >> at >> org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:190) >> at >> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157) >> at >> org.springframework.transaction.interceptor.TransactionInterceptor$1.proceedWithInvocation(TransactionInterceptor.java:99) >> at >> org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:282) >> at >> org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:96) >> at >> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) >> at >> org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:213) >> at com.sun.proxy.$Proxy164.createTicketGrantingTicket(Unknown >> Source) >> at >> org.apereo.cas.support.oauth.web.response.accesstoken.ext.AccessTokenPasswordGrantRequestExtractor.extract(AccessTokenPasswordGrantRequestExtractor.java:79) >> at >> org.apereo.cas.support.oauth.web.endpoints.OAuth20AccessTokenEndpointController.examineAndExtractAccessTokenGrantRequest(OAuth20AccessTokenEndpointController.java:189) >> at >> org.apereo.cas.support.oauth.web.endpoints.OAuth20AccessTokenEndpointController.handleRequest(OAuth20AccessTokenEndpointController.java:111) >> at >> org.apereo.cas.support.oauth.web.endpoints.OAuth20AccessTokenEndpointController$$FastClassBySpringCGLIB$$db180f28.invoke(<generated>) >> at >> org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204) >> at >> org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:738) >> at >> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157) >> at >> org.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:133) >> at >> org.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:121) >> at >> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) >> at >> org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:673) >> at >> org.apereo.cas.support.oauth.web.endpoints.OAuth20AccessTokenEndpointController$$EnhancerBySpringCGLIB$$c3f88027.handleRequest(<generated>) >> at sun.reflect.GeneratedMethodAccessor219.invoke(Unknown Source) >> at >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) >> at java.lang.reflect.Method.invoke(Method.java:498) >> at >> org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:205) >> at >> org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:133) >> at >> org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:97) >> at >> org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:827) >> at >> org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:738) >> at >> org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:85) >> at >> org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:967) >> at >> org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:901) >> at >> org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:970) >> at >> org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:872) >> at javax.servlet.http.HttpServlet.service(HttpServlet.java:707) >> at >> org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:846) >> at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) >> at >> io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85) >> at >> io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129) >> at >> org.apache.logging.log4j.web.Log4jServletFilter.doFilter(Log4jServletFilter.java:71) >> at >> io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61) >> at >> io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) >> at >> org.springframework.boot.web.filter.ApplicationContextHeaderFilter.doFilterInternal(ApplicationContextHeaderFilter.java:55) >> at >> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) >> at >> io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61) >> at >> io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) >> at >> org.apereo.cas.web.support.AuthenticationCredentialsLocalBinderClearingFilter.doFilter(AuthenticationCredentialsLocalBinderClearingFilter.java:28) >> at >> io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61) >> at >> io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) >> at >> org.apereo.cas.security.RequestParameterPolicyEnforcementFilter.doFilter(RequestParameterPolicyEnforcementFilter.java:261) >> at >> io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61) >> at >> io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) >> at >> org.apereo.cas.security.ResponseHeadersEnforcementFilter.doFilter(ResponseHeadersEnforcementFilter.java:238) >> at >> io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61) >> at >> io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) >> at >> org.springframework.boot.actuate.trace.WebRequestTraceFilter.doFilterInternal(WebRequestTraceFilter.java:110) >> at >> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) >> at >> io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61) >> at >> io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) >> at >> org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:99) >> at >> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) >> at >> io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61) >> at >> io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) >> at >> org.springframework.web.filter.HttpPutFormContentFilter.doFilterInternal(HttpPutFormContentFilter.java:108) >> at >> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) >> at >> io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61) >> at >> io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) >> at >> org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:81) >> at >> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) >> at >> io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61) >> at >> io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) >> at >> org.apereo.cas.logging.web.ThreadContextMDCServletFilter.doFilter(ThreadContextMDCServletFilter.java:90) >> at >> io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61) >> at >> io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) >> at >> org.springframework.boot.actuate.autoconfigure.MetricsFilter.doFilterInternal(MetricsFilter.java:106) >> at >> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) >> at >> io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61) >> at >> io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) >> at >> org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:197) >> at >> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) >> at >> io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61) >> at >> io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) >> at >> org.springframework.boot.web.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:115) >> at >> org.springframework.boot.web.support.ErrorPageFilter.access$000(ErrorPageFilter.java:59) >> at >> org.springframework.boot.web.support.ErrorPageFilter$1.doFilterInternal(ErrorPageFilter.java:90) >> at >> org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) >> at >> org.springframework.boot.web.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:108) >> at >> io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61) >> at >> io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) >> at >> org.apereo.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:64) >> at >> io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61) >> at >> io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) >> at >> io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84) >> at >> io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) >> at >> io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) >> at >> org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) >> at >> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) >> at >> io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) >> at >> io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) >> at >> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) >> at >> io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) >> at >> io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) >> at >> io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60) >> at >> io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77) >> at >> io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50) >> at >> io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) >> at >> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) >> at >> org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) >> at >> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) >> at >> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) >> at >> io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:292) >> at >> io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:81) >> at >> io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:138) >> at >> io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:135) >> at >> io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48) >> at >> io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43) >> at >> io.undertow.servlet.api.LegacyThreadSetupActionWrapper$1.call(LegacyThreadSetupActionWrapper.java:44) >> at >> io.undertow.servlet.api.LegacyThreadSetupActionWrapper$1.call(LegacyThreadSetupActionWrapper.java:44) >> at >> io.undertow.servlet.api.LegacyThreadSetupActionWrapper$1.call(LegacyThreadSetupActionWrapper.java:44) >> at >> io.undertow.servlet.api.LegacyThreadSetupActionWrapper$1.call(LegacyThreadSetupActionWrapper.java:44) >> at >> io.undertow.servlet.api.LegacyThreadSetupActionWrapper$1.call(LegacyThreadSetupActionWrapper.java:44) >> at >> io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:272) >> at >> io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) >> at >> io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:104) >> at >> io.undertow.server.Connectors.executeRootHandler(Connectors.java:202) >> at >> io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:805) >> at >> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) >> at >> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) >> at java.lang.Thread.run(Thread.java:745) >> >> Any help? >> Thank in advance. >> >> -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/4e1bede6-3f5f-4eb4-a37e-af6e86af8165%40apereo.org.
