Probably the cleanest way of doing this is to create RunAsManagers. One to
convert an OAuth2Authentication to a CasAuthenticationToken and one to do
the opposite.
Does anyone think that this is the correct method?
On Tuesday, 15 November 2016 16:11:02 UTC, Dmitriy Kopylenko wrote:
>
> That would probably be a question for Jérôme
>
> D.
>
>
> From: Lewis Henderson <lewis.h...@cobraflow.com> <javascript:>
> Reply: cas-...@apereo.org <javascript:> <cas...@apereo.org> <javascript:>
> Date: November 15, 2016 at 10:04:13 AM
> To: CAS Community <cas...@apereo.org> <javascript:>
> Cc: lewis.h...@cobraflow.com <javascript:> <lewis.h...@cobraflow.com>
> <javascript:>, dkopy...@unicon.net <javascript:> <dkop...@unicon.net>
> <javascript:>
> Subject: Re: [cas-user] Re: CAS and OAuth interoperability
>
> Hi Dimitriy,
>
> I'm not sure how that will help me.
>
> I'm in an application that has currently authenticated and the
> SecurityContextHolder contains a CasAuthenticationToken.
>
> The application is also 'wired' for OAuth.
>
> I would like to forward the current request on to an OAuth2 resource
> service. I assume that I need to remove the ticket parameter and add a
> Bearer authorization header. It is the value of this header that I need to
> retrieve.
>
> It would be nice if I could do it in a similar way to the
> CasAuthenticationToken.getAssertion().getPrincipal().getProxyTicketFor("xxxxxxx")
>
> does for cas proxy tickets...
>
>
> Cheers
>
> On Tuesday, 15 November 2016 14:23:50 UTC, Dmitriy Kopylenko wrote:
>>
>> There’s this factory API you could try:
>> https://github.com/apereo/cas/blob/master/support/cas-server-support-oauth/src/main/java/org/apereo/cas/ticket/accesstoken/AccessTokenFactory.java
>>
>> D.
>>
>>
>> From: Lewis Henderson <lewis.h...@cobraflow.com>
>> Reply: cas-...@apereo.org <cas...@apereo.org>
>> Date: November 15, 2016 at 9:11:06 AM
>> To: CAS Community <cas...@apereo.org>
>> Subject: [cas-user] Re: CAS and OAuth interoperability
>>
>> Ok,
>>
>> So after trying with a new proxyTicket, it fails with
>>
>> 2016-11-15T13:54:11.561707727Z java.lang.ClassCastException: Ticket
>> [PT-74-1LaIaLLzAZaJBte9SXzU-f63a5c259f31 is of type class
>> org.apereo.cas.ticket.ProxyTicketImpl when we were expecting interface
>> org.apereo.cas.ticket.accesstoken.AccessToken
>>
>> understandably!
>>
>> So, now the question is, how do I swap a CAS ticket for a OAuth token?
>>
>>
>> Cheers
>>
>>
>>
>> On Tuesday, 15 November 2016 12:31:45 UTC, Lewis Henderson wrote:
>>>
>>> Everything is Spring Cloud based.
>>>
>>> I have a CAS 5.0.0 service sitting behind a Zuul Gateway.
>>>
>>> All the OAuth secured applications work properly!
>>>
>>>
>>> I have an external CAS client that needs to talk to an OAuth resource
>>> server behind Zuul via a proxyTicket.
>>>
>>> The CAS client successfully authenticates against the Gateway and
>>> receives it's proxyTicket and needs to now get a Bearer token to talk to
>>> the resource server.
>>>
>>> How do I go about this? Is the proxyTicket equivalent to the Bearer
>>> token, can I just pass that on?
>>>
>>> I'm so close!!!!
>>>
>>>
>>>
>>> Cheers
>>>
>> --
>> - CAS gitter chatroom: https://gitter.im/apereo/cas
>> - CAS mailing list guidelines:
>> https://apereo.github.io/cas/Mailing-Lists.html
>> - CAS documentation website: https://apereo.github.io/cas
>> - CAS project website: https://github.com/apereo/cas
>> ---
>> You received this message because you are subscribed to the Google Groups
>> "CAS Community" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to cas-user+u...@apereo.org.
>> To view this discussion on the web visit
>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/d1b7a656-07e7-41f4-8088-098b4815b245%40apereo.org
>>
>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/d1b7a656-07e7-41f4-8088-098b4815b245%40apereo.org?utm_medium=email&utm_source=footer>
>> .
>>
>> --
> - CAS gitter chatroom: https://gitter.im/apereo/cas
> - CAS mailing list guidelines:
> https://apereo.github.io/cas/Mailing-Lists.html
> - CAS documentation website: https://apereo.github.io/cas
> - CAS project website: https://github.com/apereo/cas
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+u...@apereo.org <javascript:>.
> To view this discussion on the web visit
> https://groups.google.com/a/apereo.org/d/msgid/cas-user/e3ee8599-61ad-4bbf-8cb3-3b7d47d90e38%40apereo.org
>
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/e3ee8599-61ad-4bbf-8cb3-3b7d47d90e38%40apereo.org?utm_medium=email&utm_source=footer>
> .
>
>
--
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/423b55fe-bcb1-4010-bcc5-3fbfe1fec361%40apereo.org.
