have a look at core/cas-server-core-util/src/main/java/org/apereo/cas/util/EncodingUtils.java
2018-02-02 9:57 GMT-03:00 Devi Nair <[email protected]>: > Hi, > > With regards to below, it would be really great if anyone could help sort > out this issue or atleast confirm whether its feasible or not using the > current CAS version. > > I had managed to get the JWT claim data from Java CAS client and using the > 'EncodingUtils' class from the CAS codebase. However I am at loss while > trying to get the same data via javascript using some of the standard npm > packages. > > Has anyone attempted to consume the JWT ticket generated by CAS at the > client end using javascript and got success, > > Please let me know if any further details are required from my end to > address this issue. > > Thanks & Regards, > Devi Nair > > > On Thursday, January 25, 2018 at 3:24:06 PM UTC+5:30, DN wrote: >> >> Hi, >> >> We would like to use JWT service tickets for one of the client >> applications and while trying it out we face an issue while decrypting the >> JWT ticket; details as follows : >> >> We are currently using CAS official release 5.2.1. >> >> >> - As per the informative blog article ' https://apereo.github.io/2017/ >> 10/17/cas-jwt-authn-with-duo/ ' we managed to configure CAS to >> provide JWT tickets, so the url looks something like : >> >> https://testclient.abc.com:944 >> 4/sample/?ticket=eyJhbGciOiJIUzUxMiJ9.WlhsS05tRllRV2xQYVVwRl >> VsVlphVXhEU21oaVIyTnBUMmxLYTJGWVNXbE1RMHBzWW0xTmFVOXBTa0pOVk >> VrMFVUQktSRXhW....... >> >> >> - In the client (a nodejs based application), we manage to verify the >> signature of the jwt ticket with the signing secret as configured in CAS >> (cas.authn.token.crypto.signing.key=O9aIfNn-yHDP2BEN....). We used >> the npm 'jsonwebtoken' package for verification. >> - However, after verification we are unable to decrypt the payload >> using one of the standard npm package -> node-jose which expects a JWE >> kind >> of JWT token. >> - After having a look at the CAS code base, what I infer is that the >> JWT service ticket generated by CAS isn't a JWE but rather a JWS token; >> however the payload is encrypted. In such a case, how do we decrypt to >> get >> the payload claims data. OR is my approach not the right way to do it >> - Please let us know if there is any example of how to consume the >> CAS JWT service ticket at the client end OR any pointers to how do we go >> about the decryption of the payload would be of great help. >> >> >> Any help would be really appreciated as we have been struggling to >> resolve this issue since last 4-5 days. >> >> >> Thanks in advance, >> Best Regards, >> DN >> >> >> -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit https://groups.google.com/a/ > apereo.org/d/msgid/cas-user/a1e10cd6-b730-4194-b4eb- > 24f504cf959f%40apereo.org > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/a1e10cd6-b730-4194-b4eb-24f504cf959f%40apereo.org?utm_medium=email&utm_source=footer> > . > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAMY5mifkCb8dFSD%2BdK9f%2B_ZGgTjLwj9bEyTkkBxCmvMM58sOqQ%40mail.gmail.com.
