Hi, You have an example in the documentation: https://apereo.github.io/cas/6.2.x/installation/JWT-Authentication.html#overview Thanks. Best regards, Jérôme
Le mer. 11 nov. 2020 à 23:38, Colin Ryan <[email protected]> a écrit : > I did this, it wasn't easy, possibly due to my lack of knowledge. I combed > through the CAS source code to find the bits involved an simply emulated > them as they are all to spec. workings. > > I didn't see any directly exposed CAS API's for this they were all > internal. > > I made extensive use of the jose4j library to deal with the JWT tokens etc > etc. > > https://bitbucket.org/b_c/jose4j/wiki/Home > > Look around in the source for > > CipherExecutor > > EncodingUtils > > for hints. > > There are multiple layers (sorry can't remember the details). The JWT > component itself has signature and hashes and then the JWT itself is > additional encrypted before being stored in TOTP databases. Keep in mind > that there are secrets involved that once shared expose every token. > > Not sure if this was much help. > > > Colin > On 11/11/20 3:58 PM, Jeffrey Ramsay wrote: > > Hello - > > I am hoping someone can point me in the right direction regarding JWT used > with CAS and which api is used to decode/decrypt them. I want to be able to > decode the GAUTH secret for third-party access. > > Base64 decoding the string produces these headers. > > {"alg":"HS512","typ":"JWT"} > {"zip":"DEF","alg":"dir","enc":"A256GCM","cty":"JWT","typ":"JWT"} > > Thanks, > -Jeff > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOSO_RDcdt3OCezQ927d8VcDzfK0txvq9Oabc82Lj0tcFQ%40mail.gmail.com > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CA%2BTBYOSO_RDcdt3OCezQ927d8VcDzfK0txvq9Oabc82Lj0tcFQ%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/f5d265ea-389d-acd1-7451-c95e2b994139%40caveo.ca > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/f5d265ea-389d-acd1-7451-c95e2b994139%40caveo.ca?utm_medium=email&utm_source=footer> > . > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAP279Lxz6C9NQR9_oCroB6YqyGidbRyCQKnyK3fzA7kP_oAZkg%40mail.gmail.com.
