Have you worked around this? On Wednesday, August 9, 2023 at 6:52:17 PM UTC-5 [email protected] wrote:
> Hi MIsagh Moayyaed, > > I have directly sent this to you and appologies if this has already been > raised. > > Your commit of enhancements to oidc delegated authn to better support OPs > like keycloak > <https://github.com/apereo/cas/commit/be6fdec3556c05d746def349e517c6edd1b3e970> > has broken azure that I know of but may have broken others OIDC as well. > > The issue is with the addition code in added in the class > BaseDelegatedClientFactory particular changes in the > method getOidcConfigurationForClient > > The changes that have caused the issue is where you add > the OidcOpMetadataResolver. > > In terms of Azure due to fact the tenantId is not added to after the > getOidcConfigurationForClient has finished running, when the > OidcOpMetadataResolver tries to get the metadata the tenantid is null. > > The discovery uri is not valid as the discovery uri for azure is dyanmic > in nature as all calls go to microsoft the only difference is the tenantId > is injected into the discovery uri. > > This should take you directly to the BaseDelegatedClientFactory Diff > <https://github.com/apereo/cas/commit/be6fdec3556c05d746def349e517c6edd1b3e970#diff-5e05fa8ab312b15b99edb81fdc0b47d09eee40322777d981e6c0744c666c2b73> > from > the above commit. > > Due to there being many diferent ways to fix this issue for now I have > only reported it as I am unsure on how you would want it fixed. > > Regards, > Colin > -- You received this message because you are subscribed to the Google Groups "CAS Developer" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-dev/ef8c28d9-2df2-459b-9b6d-420a82295314n%40apereo.org.
