Hi,

With regards to below, it would be really great if anyone could help sort 
out this issue or atleast confirm whether its feasible or not using the 
current CAS version. 

I had managed to get the JWT claim data from Java CAS client and using the 
'EncodingUtils' class from the CAS codebase.  However I am at loss while 
trying to get the same data via javascript using some of the standard npm 
packages.

Has anyone attempted to consume the JWT ticket generated by CAS at the 
client end  using javascript and got success, 

Please let me know if any further details are required from my end to 
address this issue.

Thanks & Regards,
Devi Nair


On Thursday, January 25, 2018 at 3:24:06 PM UTC+5:30, DN wrote:
>
> Hi,
>
> We would like to use JWT service tickets for one of the client 
> applications and while trying it out we face an issue while decrypting the 
> JWT ticket; details as follows :
>
> We are currently using CAS official release 5.2.1.
>
>
>    - As per the informative blog article ' 
>    https://apereo.github.io/2017/10/17/cas-jwt-authn-with-duo/ '  we 
>    managed to configure CAS to provide JWT tickets, so the url looks 
> something 
>    like :
>    
>                   
> https://testclient.abc.com:9444/sample/?ticket=eyJhbGciOiJIUzUxMiJ9.WlhsS05tRllRV2xQYVVwRlVsVlphVXhEU21oaVIyTnBUMmxLYTJGWVNXbE1RMHBzWW0xTmFVOXBTa0pOVkVrMFVUQktSRXhW.....
> ..
>
>
>    - In the client (a nodejs based application), we manage to verify the 
>    signature of the  jwt ticket with the signing secret as configured in CAS 
>    (cas.authn.token.crypto.signing.key=O9aIfNn-yHDP2BEN....). We used the  
> npm 
>    'jsonwebtoken' package for verification. 
>    -  However, after verification we are unable to decrypt the payload 
>    using one of the standard npm package -> node-jose which expects a JWE 
> kind 
>    of JWT token.
>    - After having a look at the CAS code base, what I infer is that the 
>    JWT service ticket generated by CAS isn't a JWE but rather a JWS token; 
>    however the payload is encrypted.  In such a case, how do we decrypt to 
> get 
>    the payload claims data. OR is my approach not the right way to do it
>    - Please let us know if there is any example of how to consume the CAS 
>    JWT service ticket at the client end OR any pointers to how do we go about 
>    the decryption of the payload would be of great help.
>
>
> Any help would be really appreciated as we have been struggling to resolve 
> this issue since last 4-5 days.
>
>
> Thanks in advance,
> Best Regards,
> DN
>
>
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/a1e10cd6-b730-4194-b4eb-24f504cf959f%40apereo.org.

Reply via email to