Hi Sneha, I know this. You must use https for Oauth2 Thank you Vào Th 5, 26 thg 3, 2020 vào lúc 01:52 Sneha Kashyap < [email protected]> đã viết:
> Hi napolean, > Do you have any idea if there is restriction by CAS oauth2 server to use > http urls instead of https urls in service id to be authenticated? > > Thanks sneha > > On Mon, 23 Mar, 2020, 10:37 pm Sneha, <[email protected]> > wrote: > >> Hello All, >> >> Replying on this post as it is the most recent post on OAuth >> authentication.I am back working on the project again. >> >> Having gotten the oauth2 with JWT sample code working on CAS 6.1 overlay >> I find that It works on service ids with https URLs but on configuring >> http URLs I am unable to obtain the JWT or access token with a successful >> authentication and code generated. I am getting the following output on >> debug logs on the server side: >> >> >> >> my json registration: >> >> { >> "@class" : >> "org.apereo.cas.support.oauth.services.OAuthRegisteredService", >> "clientId": "exampleOauthClient", >> "clientSecret": "test1", >> "serviceId": "^http://localhost:9999/.*";, >> "name": "oauth2test", >> "id": 6, >> "supportedGrantTypes": [ "java.util.HashSet", [ "authorization_code" ] >> ], >> "supportedResponseTypes": [ "java.util.HashSet", [ "code" ] ] >> "attributeReleasePolicy": { >> "@class": >> "org.apereo.cas.services.ReturnAllAttributeReleasePolicy", >> "principalAttributesRepository": { >> "@class": >> "org.apereo.cas.authentication.principal.DefaultPrincipalAttributesRepository" >> }, >> }, >> "jwtAccessToken": true, >> "usernameAttributeProvider": { >> "@class": >> "org.apereo.cas.services.PrincipalAttributeRegisteredServiceUsernameProvider", >> "usernameAttribute": "username" >> } >> } >> >> >> On the client side, i receive a 403 forbidden status or a 401 : >> >> Not sure what I am missing out.. Or does the CAS OAuth server allow only >> clients with https urls to participate in SSO? >> Any inputs regarding this will be of great help.. >> >> Thanks >> Sneha >> On Tuesday, March 10, 2020 at 3:01:34 PM UTC+5:30, Napoleon Ponaparte >> wrote: >>> >>> Hi Mr Gandhi, >>> You must use CAS version at least 6.1.x. >>> The key will generate in log of CAS, when you build it. >>> Please try again. >>> Thanks >>> >>> Vào Th 3, 10 thg 3, 2020 vào lúc 16:15 Gandhi <[email protected]> >>> đã viết: >>> >>>> I'm facing the same issue with 5.2.X version of CAS. i'm having trouble >>>> to enable JWT for OIDC related flows. >>>> >>>> Can you please post any findings here, in case if you have solved this? >>>> >>>> On Thursday, February 13, 2020 at 8:48:02 AM UTC+5:30, Napoleon >>>> Ponaparte wrote: >>>>> >>>>> Hi all, >>>>> I have trouble in enable Oauth JWT token on CAS overlay template >>>>> version 6.0. >>>>> >>>>> I will sponsor 10$, if anyone help me in this case. >>>>> >>>>> I tried two tutorial on two link: >>>>> >>>>> 1) Link 1 >>>>> JWT Of All Things With CAS >>>>> https://apereo.github.io/2017/10/17/cas-jwt-authn-with-duo/ >>>>> But I have a trouble with cas shell. >>>>> I have described it here ( >>>>> https://stackoverflow.com/questions/60186080/generate-jwt-on-cas-apereo-version-6-0-for-oauth-jwt-access-tokens >>>>> ) >>>>> 2) Link 2 >>>>> Apereo CAS - OAuth JWT Access Tokens But it uses for cas version >>>>> 6.2.x. >>>>> And this properties can't use >>>>> >>>>> cas.authn.oauth.access-token.crypto.encryption.key=cas.authn.oauth.access-token.crypto.signing.key= >>>>> cas.authn.oauth.access-token.crypto.enabled=falsecas.authn.oauth.access-token.crypto.signing-enabled=falsecas.authn.oauth.access-token.crypto.encryption-enabled=false >>>>> >>>>> Thank you. >>>>> >>>>> >>>>> >>>>> >>>>> >>>> *This mail contains confidential information intended only for the >>>> individual(s) named. If you’re not the named addressee, don’t disseminate, >>>> distribute or copy this e-mail. Please notify the sender immediately and >>>> delete it from your system.If you wish not to receive such e-mails you may >>>> reply with text “Unsubscribe”.* >>>> >>>> -- >>>> - Website: https://apereo.github.io/cas >>>> - Gitter Chatroom: https://gitter.im/apereo/cas >>>> - List Guidelines: https://goo.gl/1VRrw7 >>>> - Contributions: https://goo.gl/mh7qDG >>>> --- >>>> You received this message because you are subscribed to the Google >>>> Groups "CAS Community" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to [email protected]. >>>> To view this discussion on the web visit >>>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/162ff6a6-d2e2-4149-aade-e404de062f06%40apereo.org >>>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/162ff6a6-d2e2-4149-aade-e404de062f06%40apereo.org?utm_medium=email&utm_source=footer> >>>> . >>>> >>> -- >> - Website: https://apereo.github.io/cas >> - Gitter Chatroom: https://gitter.im/apereo/cas >> - List Guidelines: https://goo.gl/1VRrw7 >> - Contributions: https://goo.gl/mh7qDG >> --- >> You received this message because you are subscribed to the Google Groups >> "CAS Community" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To view this discussion on the web visit >> https://groups.google.com/a/apereo.org/d/msgid/cas-user/a0b3ad99-6a8c-4967-b8eb-0a4c30f6259c%40apereo.org >> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/a0b3ad99-6a8c-4967-b8eb-0a4c30f6259c%40apereo.org?utm_medium=email&utm_source=footer> >> . >> > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAE2k68nAZ8cKB1MYYtH1jek_ALgGoyD7UNMQozH0Qzzgzt%3DGGg%40mail.gmail.com > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAE2k68nAZ8cKB1MYYtH1jek_ALgGoyD7UNMQozH0Qzzgzt%3DGGg%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAEjUsAhJA3EpSBfHVR2pm31xHzO5ZhLAGiJppts3ZPxHAuSO6Q%40mail.gmail.com.
