Hi MIsagh Moayyaed, I have directly sent this to you and appologies if this has already been raised.
Your commit of enhancements to oidc delegated authn to better support OPs like keycloak <https://github.com/apereo/cas/commit/be6fdec3556c05d746def349e517c6edd1b3e970> has broken azure that I know of but may have broken others OIDC as well. The issue is with the addition code in added in the class BaseDelegatedClientFactory particular changes in the method getOidcConfigurationForClient The changes that have caused the issue is where you add the OidcOpMetadataResolver. In terms of Azure due to fact the tenantId is not added to after the getOidcConfigurationForClient has finished running, when the OidcOpMetadataResolver tries to get the metadata the tenantid is null. The discovery uri is not valid as the discovery uri for azure is dyanmic in nature as all calls go to microsoft the only difference is the tenantId is injected into the discovery uri. This should take you directly to the BaseDelegatedClientFactory Diff <https://github.com/apereo/cas/commit/be6fdec3556c05d746def349e517c6edd1b3e970#diff-5e05fa8ab312b15b99edb81fdc0b47d09eee40322777d981e6c0744c666c2b73> from the above commit. Due to there being many diferent ways to fix this issue for now I have only reported it as I am unsure on how you would want it fixed. Regards, Colin -- You received this message because you are subscribed to the Google Groups "CAS Developer" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-dev/c09427e0-5b04-4e35-b743-14df8b6b4888n%40apereo.org.
