have a look at
core/cas-server-core-util/src/main/java/org/apereo/cas/util/EncodingUtils.java

2018-02-02 9:57 GMT-03:00 Devi Nair <testusergoa...@gmail.com>:

> Hi,
>
> With regards to below, it would be really great if anyone could help sort
> out this issue or atleast confirm whether its feasible or not using the
> current CAS version.
>
> I had managed to get the JWT claim data from Java CAS client and using the
> 'EncodingUtils' class from the CAS codebase.  However I am at loss while
> trying to get the same data via javascript using some of the standard npm
> packages.
>
> Has anyone attempted to consume the JWT ticket generated by CAS at the
> client end  using javascript and got success,
>
> Please let me know if any further details are required from my end to
> address this issue.
>
> Thanks & Regards,
> Devi Nair
>
>
> On Thursday, January 25, 2018 at 3:24:06 PM UTC+5:30, DN wrote:
>>
>> Hi,
>>
>> We would like to use JWT service tickets for one of the client
>> applications and while trying it out we face an issue while decrypting the
>> JWT ticket; details as follows :
>>
>> We are currently using CAS official release 5.2.1.
>>
>>
>>    - As per the informative blog article ' https://apereo.github.io/2017/
>>    10/17/cas-jwt-authn-with-duo/ '  we managed to configure CAS to
>>    provide JWT tickets, so the url looks something like :
>>
>>                   https://testclient.abc.com:944
>> 4/sample/?ticket=eyJhbGciOiJIUzUxMiJ9.WlhsS05tRllRV2xQYVVwRl
>> VsVlphVXhEU21oaVIyTnBUMmxLYTJGWVNXbE1RMHBzWW0xTmFVOXBTa0pOVk
>> VrMFVUQktSRXhW.......
>>
>>
>>    - In the client (a nodejs based application), we manage to verify the
>>    signature of the  jwt ticket with the signing secret as configured in CAS
>>    (cas.authn.token.crypto.signing.key=O9aIfNn-yHDP2BEN....). We used
>>    the  npm 'jsonwebtoken' package for verification.
>>    -  However, after verification we are unable to decrypt the payload
>>    using one of the standard npm package -> node-jose which expects a JWE 
>> kind
>>    of JWT token.
>>    - After having a look at the CAS code base, what I infer is that the
>>    JWT service ticket generated by CAS isn't a JWE but rather a JWS token;
>>    however the payload is encrypted.  In such a case, how do we decrypt to 
>> get
>>    the payload claims data. OR is my approach not the right way to do it
>>    - Please let us know if there is any example of how to consume the
>>    CAS JWT service ticket at the client end OR any pointers to how do we go
>>    about the decryption of the payload would be of great help.
>>
>>
>> Any help would be really appreciated as we have been struggling to
>> resolve this issue since last 4-5 days.
>>
>>
>> Thanks in advance,
>> Best Regards,
>> DN
>>
>>
>> --
> - Website: https://apereo.github.io/cas
> - Gitter Chatroom: https://gitter.im/apereo/cas
> - List Guidelines: https://goo.gl/1VRrw7
> - Contributions: https://goo.gl/mh7qDG
> ---
> You received this message because you are subscribed to the Google Groups
> "CAS Community" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to cas-user+unsubscr...@apereo.org.
> To view this discussion on the web visit https://groups.google.com/a/
> apereo.org/d/msgid/cas-user/a1e10cd6-b730-4194-b4eb-
> 24f504cf959f%40apereo.org
> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/a1e10cd6-b730-4194-b4eb-24f504cf959f%40apereo.org?utm_medium=email&utm_source=footer>
> .
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAMY5mifkCb8dFSD%2BdK9f%2B_ZGgTjLwj9bEyTkkBxCmvMM58sOqQ%40mail.gmail.com.

Reply via email to