Version: CAS 6.3 (CAS 5.3 has no such issue)
OAuth2.0+GAuth
How to reproduce the issue:
1. Login to the app with Oatu2.0
2. passed login page, stay on MFA page for about 2 minutes. (No issue if
input it in a minute)
3. Inpute the Google Auth token
4. It got 500 internal error, with
org.apereo.cas.ticket.InvalidTicketException
It has no such issue if the app is not using Oauth2.0.
Here is the log
>
2021-09-30 08:51:09,094 DEBUG [
org.apereo.cas.ticket.expiration.MultiTimeUseOrTimeoutExpirationPolicy] -
<Ticket usage count [1] is greater than or equal to [1]. Ticket
[ST-1-xi-sY7iqar4RbUvxXbPfMncPnoo-xxxxxx-slicas] has expired>
2021-09-30 08:51:09,094 DEBUG
[org.apereo.cas.ticket.registry.MongoDbTicketRegistry] - <Locating ticket
ticketId [ST-1-xi-sY7iqar4RbUvxXbPfMncPnoo-xxxxxx-slicas]>
2021-09-30 08:51:09,094 DEBUG
[org.apereo.cas.ticket.registry.MongoDbTicketRegistry] - <Locating
collection name [serviceTicketsCollection] for ticket definition
[DefaultTicketDefinition(implementationClass=class
org.apereo.cas.ticket.ServiceTicketImpl, prefix=ST,
properties=DefaultTicketDefinitionProperties(cascadeRemovals=false,
storageName=serviceTicketsCollection, storageTimeout=300,
storagePassword=null, excludeFromCascade=false), order=-2147483648)]>
2021-09-30 08:51:09,095 DEBUG
[org.apereo.cas.ticket.registry.MongoDbTicketRegistry] - <Located MongoDb
collection instance [serviceTicketsCollection]>
2021-09-30 08:51:09,103 DEBUG
[org.apereo.cas.ticket.registry.AbstractTicketRegistry] - <Removing ticket
[ST-1-xi-sY7iqar4RbUvxXbPfMncPnoo-xxxxxx-slicas] from the registry.>
2021-09-30 08:51:09,103 DEBUG
[org.apereo.cas.ticket.registry.MongoDbTicketRegistry] - <Deleting ticket
[ST-1-xi-sY7iqar4RbUvxXbPfMncPnoo-xxxxxx-slicas]>
2021-09-30 08:51:09,104 DEBUG
[org.apereo.cas.ticket.registry.MongoDbTicketRegistry] - <Locating
collection name [serviceTicketsCollection] for ticket definition
[DefaultTicketDefinition(implementationClass=class
org.apereo.cas.ticket.ServiceTicketImpl, prefix=ST,
properties=DefaultTicketDefinitionProperties(cascadeRemovals=false,
storageName=serviceTicketsCollection, storageTimeout=300,
storagePassword=null, excludeFromCascade=false), order=-2147483648)]>
2021-09-30 08:51:09,104 DEBUG
[org.apereo.cas.ticket.registry.MongoDbTicketRegistry] - <Located MongoDb
collection instance [serviceTicketsCollection]>
2021-09-30 08:51:09,107 DEBUG
[org.apereo.cas.ticket.registry.MongoDbTicketRegistry] - <Deleted ticket
[ST-1-xi-sY7iqar4RbUvxXbPfMncPnoo-xxxxxx-slicas] with result
[AcknowledgedDeleteResult{deletedCount=1}]>
2021-09-30 08:51:09,108 INFO
[org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit
trail record BEGIN
=============================================================
WHO: [email protected]
WHAT: ST-1-xi-sY7iqar4RbUvxXbPfMncPnoo-xxxxxx-slicas for
https://login.mydomain.com/cas/oauth2.0/callbackAuthorize?client_id=alpha&redirect_uri=https%3A%2F%2Falpha-stage.mydomainglo...
ACTION: SERVICE_TICKET_VALIDATE_SUCCESS
APPLICATION: CAS
WHEN: Thu Sep 30 08:51:09 CST 2021
CLIENT IP ADDRESS: 10.16.14.77
SERVER IP ADDRESS: 10.13.23.92
=============================================================
>
2021-09-30 08:51:09,171 DEBUG
[org.apereo.cas.ticket.registry.MongoDbTicketRegistry] - <Locating ticket
ticketId [TGT-1-*****Jetbc5m7zU-xxxxxx-slicas]>
2021-09-30 08:51:09,172 DEBUG
[org.apereo.cas.ticket.registry.MongoDbTicketRegistry] - <Locating
collection name [ticketGrantingTicketsCollection] for ticket definition
[DefaultTicketDefinition(implementationClass=class
org.apereo.cas.ticket.TicketGrantingTicketImpl, prefix=TGT,
properties=DefaultTicketDefinitionProperties(cascadeRemovals=false,
storageName=ticketGrantingTicketsCollection, storageTimeout=28800,
storagePassword=null, excludeFromCascade=false), order=2147483647)]>
2021-09-30 08:51:09,172 DEBUG
[org.apereo.cas.ticket.registry.MongoDbTicketRegistry] - <Located MongoDb
collection instance [ticketGrantingTicketsCollection]>
2021-09-30 08:51:09,195 DEBUG
[org.apereo.cas.support.oauth.web.OAuth20CasCallbackUrlResolver] - <Final
resolved callback URL is
[https://login.mydomain.com/cas/oauth2.0/callbackAuthorize?client_id=alpha&redirect_uri=https%3A%2F%2Falpha-stage.mydomain.com%2Fwebsso%3Freturn_uri%3D+https%3A%2F%2Falpha-stage.mydomain.com&response_type=code]>
2021-09-30 08:51:09,197 DEBUG
[org.apereo.cas.ticket.registry.MongoDbTicketRegistry] - <Locating ticket
ticketId [ST-1-xi-sY7iqar4RbUvxXbPfMncPnoo-xxxxxx-slicas]>
2021-09-30 08:51:09,197 DEBUG
[org.apereo.cas.ticket.registry.MongoDbTicketRegistry] - <Locating
collection name [serviceTicketsCollection] for ticket definition
[DefaultTicketDefinition(implementationClass=class
org.apereo.cas.ticket.ServiceTicketImpl, prefix=ST,
properties=DefaultTicketDefinitionProperties(cascadeRemovals=false,
storageName=serviceTicketsCollection, storageTimeout=300,
storagePassword=null, excludeFromCascade=false), order=-2147483648)]>
2021-09-30 08:51:09,197 DEBUG
[org.apereo.cas.ticket.registry.MongoDbTicketRegistry] - <Located MongoDb
collection instance [serviceTicketsCollection]>
2021-09-30 08:51:09,200 WARN
[org.apereo.cas.DefaultCentralAuthenticationService] - <Service ticket
[ST-1-xi-sY7iqar4RbUvxXbPfMncPnoo-xxxxxx-slicas] does not exist.>
2021-09-30 08:51:09,201 INFO
[org.apereo.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - <Audit
trail record BEGIN
=============================================================
WHO: audit:unknown
WHAT: ST-1-xi-sY7iqar4RbUvxXbPfMncPnoo-xxxxxx-slicas for
https://login.mydomain.com/cas/oauth2.0/callbackAuthorize?client_id=alpha&redirect_uri=https%3A%2F%2Falpha-stage.mydomainglo...
ACTION: SERVICE_TICKET_VALIDATE_FAILED
APPLICATION: CAS
WHEN: Thu Sep 30 08:51:09 CST 2021
CLIENT IP ADDRESS: 10.16.14.77
SERVER IP ADDRESS: 10.13.23.92
=============================================================
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/bfe4f330-a04c-4c95-b7f2-6ffaa9155665n%40apereo.org.
