An update on my issue: I found where there was a facebook update in March that is what makes the 4.2.7 facebook login not work anymore.
So I tried the latest version of the social sign on casa demo project https://github.com/casinthecloud/cas-pac4j-oauth-demo/tree/master and that does not work either. The twitter had an error after being redirected back to cas, and the redirect to facebook had facebook displaying an error. This version uses cas 5.0. Does anyone have social sign on working today in CAS and if so what version of CAS are you using? Thanks, Nancy From: [email protected] [mailto:[email protected]] On Behalf Of Nancy Snoke Sent: Thursday, August 10, 2017 3:15 PM To: [email protected] Subject: [cas-user] pac4j delegate authentication on cas 4.2.7 Hi All, I am using CAS 4.2.7 and the delegate authentication does not appear to be working properly. I got the exact same results using the demo https://github.com/casinthecloud/cas-pac4j-oauth-demo/tree/4.2.x<https://github.com/casinthecloud/cas-pac4j-oauth-demo/tree/4.2.x>. In both cases twitter works and facebook does not. Clicking the facebook link properly takes the user to Facebook, and the user can click approve and then it forwards back to CAS and displays the server error page. The relevant log entries are: 2017-08-10 15:07:19,943 DEBUG [org.springframework.webflow.execution.ActionExecutor] - Executing org.jasig.cas.support.pac4j.web.flow.ClientAction@6c59325f 2017-08-10 15:07:19,944 DEBUG [org.pac4j.oauth.client.BaseOAuth20Client] - sessionState : yZkhX8vavT / stateParameter : yZkhX8vavT 2017-08-10 15:07:19,944 DEBUG [org.pac4j.oauth.client.BaseOAuth20Client] - verifier : AQCPv6onxJSaI812-O16CADAq5xYRUJwKdNwUAnbO0RTSkoRKsblQZJblwOgAhat9Hx5IaBqVeBUWdfWqWl6tWbjqnfqD2di7vBO7pWQSDK81MUkxPujexdqPjXYF1bk2l_76DgidMF1DA4_GBU-BgL6xZwmu8ul0kEDZF-RoNJdzl8-yFHp4NPceGLG8MN_N9QyIGZnNDiHX_Ea22O3Me8UJWN0Gv2v_07AncE6Dojs22pqKJ2h4eWp4MfEFjjl67jiTTBbvgV9Hrdvhnzy0RCdn-7rK1PP1orYSjjgyzByuu27gEdFKUfBNfCIycZrH68 2017-08-10 15:07:19,965 DEBUG [org.pac4j.oauth.client.FacebookClient] - credentials : <OAuthCredentials> | requestToken: null | token: null | verifier: AQCPv6onxJSaI812-O16CADAq5xYRUJwKdNwUAnbO0RTSkoRKsblQZJblwOgAhat9Hx5IaBqVeBUWdfWqWl6tWbjqnfqD2di7vBO7pWQSDK81MUkxPujexdqPjXYF1bk2l_76DgidMF1DA4_GBU-BgL6xZwmu8ul0kEDZF-RoNJdzl8-yFHp4NPceGLG8MN_N9QyIGZnNDiHX_Ea22O3Me8UJWN0Gv2v_07AncE6Dojs22pqKJ2h4eWp4MfEFjjl67jiTTBbvgV9Hrdvhnzy0RCdn-7rK1PP1orYSjjgyzByuu27gEdFKUfBNfCIycZrH68 | clientName: FacebookClient | 2017-08-10 15:07:19,966 DEBUG [org.pac4j.oauth.client.BaseOAuth20Client] - verifier : AQCPv6onxJSaI812-O16CADAq5xYRUJwKdNwUAnbO0RTSkoRKsblQZJblwOgAhat9Hx5IaBqVeBUWdfWqWl6tWbjqnfqD2di7vBO7pWQSDK81MUkxPujexdqPjXYF1bk2l_76DgidMF1DA4_GBU-BgL6xZwmu8ul0kEDZF-RoNJdzl8-yFHp4NPceGLG8MN_N9QyIGZnNDiHX_Ea22O3Me8UJWN0Gv2v_07AncE6Dojs22pqKJ2h4eWp4MfEFjjl67jiTTBbvgV9Hrdvhnzy0RCdn-7rK1PP1orYSjjgyzByuu27gEdFKUfBNfCIycZrH68 2017-08-10 15:07:20,900 INFO [org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail record BEGIN ============================================================= WHO: org.jasig.cas.authentication.principal.ClientCredential@62d12aca WHAT: Supplied credentials: [org.jasig.cas.authentication.principal.ClientCredential@62d12aca] ACTION: AUTHENTICATION_FAILED APPLICATION: CAS WHEN: Thu Aug 10 15:07:20 CDT 2017 CLIENT IP ADDRESS: 0:0:0:0:0:0:0:1 SERVER IP ADDRESS: 0:0:0:0:0:0:0:1 ============================================================= 2017-08-10 15:07:20,905 DEBUG [org.springframework.webflow.engine.impl.FlowExecutionImpl] - Attempting to handle [org.springframework.webflow.execution.ActionExecutionException: Exception thrown executing org.jasig.cas.support.pac4j.web.flow.ClientAction@6c59325f in state 'clientAction' of flow 'login' -- action execution attributes were 'map[[empty]]'] with root cause [org.scribe.exceptions.OAuthException: Response body is incorrect. Can't extract a token from this: '{"access_token":"EAAJuVu68W5sBAE8aNvzKSZCyZBACpRS3rMjIxw06KojA2AcOkt5ZAWY654nYjOXaAbOFciOX0XsaKf8RVTSlXaUn8iOUpJoZAWXGfmucqeets3OFWnmInjXQ4ZAsZBa5eSpkB6Hv9jKp4FfSXyX0JmORPnENj0eNgiBwUxBQnuEQZDZD","token_type":"bearer","expires_in":5183856}'] Does anyone have any suggestions? Thanks, Nancy CONFIDENTIALITY NOTICE: This e-mail, including any attachments, may contain confidential, privileged and/or proprietary information which is solely for the use of the intended recipient(s). Any review, use, disclosure or retention by others is strictly prohibited. If you are not an intended recipient, please contact the sender and delete this e-mail, any attachments and all copies. Permanent General Assurance Corporation | Permanent General Assurance Corporation of Ohio | The General Automobile Insurance Company, Inc. | Home Office: 2636 Elm Hill Pike, Nashville, TN 37214 -- - CAS gitter chatroom: https://gitter.im/apereo/cas<https://gitter.im/apereo/cas> - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html<https://apereo.github.io/cas/Mailing-Lists.html> - CAS documentation website: https://apereo.github.io/cas<https://apereo.github.io/cas> - CAS project website: https://github.com/apereo/cas<https://github.com/apereo/cas> --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]<mailto:[email protected]>. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/ebe11493a6df4fe9aa8f79226c1c147a%40TGI-EX13MBX01.pgac.com<https://groups.google.com/a/apereo.org/d/msgid/cas-user/ebe11493a6df4fe9aa8f79226c1c147a%40TGI-EX13MBX01.pgac.com?utm_medium=email&utm_source=footer>. -- - CAS gitter chatroom: https://gitter.im/apereo/cas - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html - CAS documentation website: https://apereo.github.io/cas - CAS project website: https://github.com/apereo/cas --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/9b526f9809054da39be665f5a0f1b3df%40TGI-EX13MBX01.pgac.com.
