Probably the cleanest way of doing this is to create RunAsManagers. One to convert an OAuth2Authentication to a CasAuthenticationToken and one to do the opposite.
Does anyone think that this is the correct method? On Tuesday, 15 November 2016 16:11:02 UTC, Dmitriy Kopylenko wrote: > > That would probably be a question for Jérôme > > D. > > > From: Lewis Henderson <[email protected]> <javascript:> > Reply: [email protected] <javascript:> <[email protected]> <javascript:> > Date: November 15, 2016 at 10:04:13 AM > To: CAS Community <[email protected]> <javascript:> > Cc: [email protected] <javascript:> <[email protected]> > <javascript:>, [email protected] <javascript:> <[email protected]> > <javascript:> > Subject: Re: [cas-user] Re: CAS and OAuth interoperability > > Hi Dimitriy, > > I'm not sure how that will help me. > > I'm in an application that has currently authenticated and the > SecurityContextHolder contains a CasAuthenticationToken. > > The application is also 'wired' for OAuth. > > I would like to forward the current request on to an OAuth2 resource > service. I assume that I need to remove the ticket parameter and add a > Bearer authorization header. It is the value of this header that I need to > retrieve. > > It would be nice if I could do it in a similar way to the > CasAuthenticationToken.getAssertion().getPrincipal().getProxyTicketFor("xxxxxxx") > > does for cas proxy tickets... > > > Cheers > > On Tuesday, 15 November 2016 14:23:50 UTC, Dmitriy Kopylenko wrote: >> >> There’s this factory API you could try: >> https://github.com/apereo/cas/blob/master/support/cas-server-support-oauth/src/main/java/org/apereo/cas/ticket/accesstoken/AccessTokenFactory.java >> >> D. >> >> >> From: Lewis Henderson <[email protected]> >> Reply: [email protected] <[email protected]> >> Date: November 15, 2016 at 9:11:06 AM >> To: CAS Community <[email protected]> >> Subject: [cas-user] Re: CAS and OAuth interoperability >> >> Ok, >> >> So after trying with a new proxyTicket, it fails with >> >> 2016-11-15T13:54:11.561707727Z java.lang.ClassCastException: Ticket >> [PT-74-1LaIaLLzAZaJBte9SXzU-f63a5c259f31 is of type class >> org.apereo.cas.ticket.ProxyTicketImpl when we were expecting interface >> org.apereo.cas.ticket.accesstoken.AccessToken >> >> understandably! >> >> So, now the question is, how do I swap a CAS ticket for a OAuth token? >> >> >> Cheers >> >> >> >> On Tuesday, 15 November 2016 12:31:45 UTC, Lewis Henderson wrote: >>> >>> Everything is Spring Cloud based. >>> >>> I have a CAS 5.0.0 service sitting behind a Zuul Gateway. >>> >>> All the OAuth secured applications work properly! >>> >>> >>> I have an external CAS client that needs to talk to an OAuth resource >>> server behind Zuul via a proxyTicket. >>> >>> The CAS client successfully authenticates against the Gateway and >>> receives it's proxyTicket and needs to now get a Bearer token to talk to >>> the resource server. >>> >>> How do I go about this? Is the proxyTicket equivalent to the Bearer >>> token, can I just pass that on? >>> >>> I'm so close!!!! >>> >>> >>> >>> Cheers >>> >> -- >> - CAS gitter chatroom: https://gitter.im/apereo/cas >> - CAS mailing list guidelines: >> https://apereo.github.io/cas/Mailing-Lists.html >> - CAS documentation website: https://apereo.github.io/cas >> - CAS project website: https://github.com/apereo/cas >> --- >> You received this message because you are subscribed to the Google Groups >> "CAS Community" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To view this discussion on the web visit >> https://groups.google.com/a/apereo.org/d/msgid/cas-user/d1b7a656-07e7-41f4-8088-098b4815b245%40apereo.org >> >> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/d1b7a656-07e7-41f4-8088-098b4815b245%40apereo.org?utm_medium=email&utm_source=footer> >> . >> >> -- > - CAS gitter chatroom: https://gitter.im/apereo/cas > - CAS mailing list guidelines: > https://apereo.github.io/cas/Mailing-Lists.html > - CAS documentation website: https://apereo.github.io/cas > - CAS project website: https://github.com/apereo/cas > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected] <javascript:>. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/e3ee8599-61ad-4bbf-8cb3-3b7d47d90e38%40apereo.org > > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/e3ee8599-61ad-4bbf-8cb3-3b7d47d90e38%40apereo.org?utm_medium=email&utm_source=footer> > . > > -- - CAS gitter chatroom: https://gitter.im/apereo/cas - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html - CAS documentation website: https://apereo.github.io/cas - CAS project website: https://github.com/apereo/cas --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/423b55fe-bcb1-4010-bcc5-3fbfe1fec361%40apereo.org.
