Hi, The OAuth support in CAS 3.5.2 was a first version and now, key and secret go into the key and secret properties and the "annoying" screen can be bypassed.
The DEBUG logs shows that you don't provide the secret when calling the access token endpoint ( https://github.com/Jasig/cas/blob/3.5.x/cas-server-support-oauth/src/main/java/org/jasig/cas/support/oauth/web/OAuth20AccessTokenController.java#L71), this is mandatory to respect the OAuth 2 protocol. Thus the error. Thanks. Best regards, Jérôme 2016-01-22 16:46 GMT+01:00 Steve Selaya <stevesel...@gmail.com>: > We are running CAS 3.5.2 and have gone through the configuration using > https://wiki.jasig.org/display/CASUM/Configuration+for+the+OAuth+server+support > to setup OAuth server support. From what we can tell, we have followed the > instructions correctly on both the CAS server and client application side > setting the key in the "name" field and the secret in the "description" > field on the CAS side. We get as far as logging into CAS and the > annoying "Do you want to grant access to your complete profile" page. Once > we click on the link to grant the access we get a 400 error on the client > side and the following appears in the CAS log (I have change the redirect > uri below so that it does not show the real client uri). Any help on this > would be appreciated. > > 2016-01-22 07:48:17,604 DEBUG > [org.jasig.cas.support.oauth.web.BaseOAuthWrapperController] - method : > accessToken > 2016-01-22 07:48:17,605 DEBUG > [org.jasig.cas.support.oauth.web.OAuth20AccessTokenController] - > redirect_uri : > https://client-t.bogus-domain.edu:8443/bogusapp/public/oauth > 2016-01-22 07:48:17,605 DEBUG > [org.jasig.cas.support.oauth.web.OAuth20AccessTokenController] - clientId : > supersecretkey > 2016-01-22 07:48:17,606 DEBUG > [org.jasig.cas.support.oauth.web.OAuth20AccessTokenController] - > clientSecret : null > 2016-01-22 07:48:17,606 DEBUG > [org.jasig.cas.support.oauth.web.OAuth20AccessTokenController] - code : null > 2016-01-22 07:48:17,606 ERROR > [org.jasig.cas.support.oauth.web.OAuth20AccessTokenController] - missing > clientSecret > > -- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to cas-user+unsubscr...@apereo.org. > Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/ > . > -- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
