Hi, The way you receive the access token depends on the OpenID Connect flow you choose. I recommend reading: https://connect2id.com/learn/openid-connect
In your case, "implicit: true" means the Javascript flow where the access token is passed in the URL after the # Thanks. Best regards, Jérôme On Wed, Aug 16, 2017 at 1:25 PM, Kais Elouragini <[email protected]> wrote: > Dear CAS Community, > > > I have CAS with OIDC installed and I have added a service as follows and > it's working fine : > > { > "implicit": true, > "logoutType": "BACK_CHANNEL", > "@class": "org.apereo.cas.services.OidcRegisteredService", > "evaluationOrder": 1, > "clientId": "TEST", > "bypassApprovalPrompt": true, > "jsonFormat": true, > "jwks": "file:\/etc\/cas\/jwks\/\/enc-test-42.pub.jwks", > "signIdToken": true, > "description": "Test", > "generateRefreshToken": true, > "idTokenEncryptionEncoding": "A128GCM", > "name": "Test client", > "clientSecret": "TEST", > "id": 42, > "idTokenEncryptionAlg": "RSA-OAEP-256", > "scopes": ["java.util.HashSet", ["openid", "profile", "email", > "address", "phone"]], > "serviceId": "https:\/\/redirect-host/callback", > "encryptIdToken": true > } > > In order to login using CAS, I'm calling this URL : > > http://cas-server/oidc/authorize?response_type=id_token+token&client_id=TEST&redirect_uri=https:\/\/redirect-host/callback&scope=openid+profile+email+phone+address > > Login works fine but after being redirected from CAS to callback url, the > accessToken is being appended to callback url with "#" not "?". > > https://redirect-host/callback#accessToken=..... > > Can I change "#" to "?" ? I need to have parameters with ? so that I can > read them in the callback server. (using $_GET in PHP for example) > > > In CAS source code, I found that Redirect URL is being built in " > OAuth20TokenAuthorizationResponseBuilder.java > <https://github.com/apereo/cas/blob/master/support/cas-server-support-oauth/src/main/java/org/apereo/cas/support/oauth/web/response/callback/OAuth20TokenAuthorizationResponseBuilder.java> > ". > > > Kindly advise. > > > Thank you. > > -- > - CAS gitter chatroom: https://gitter.im/apereo/cas > - CAS mailing list guidelines: https://apereo.github.io/cas/ > Mailing-Lists.html > - CAS documentation website: https://apereo.github.io/cas > - CAS project website: https://github.com/apereo/cas > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit https://groups.google.com/a/ > apereo.org/d/msgid/cas-user/213722c3-5308-46a6-9678- > 7d9acc671678%40apereo.org > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/213722c3-5308-46a6-9678-7d9acc671678%40apereo.org?utm_medium=email&utm_source=footer> > . > -- - CAS gitter chatroom: https://gitter.im/apereo/cas - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html - CAS documentation website: https://apereo.github.io/cas - CAS project website: https://github.com/apereo/cas --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAP279LzdnHqGHo7QOJMvDFHHVB%3DaNUXAz9jg6rj_474MKQRAbw%40mail.gmail.com.
