I've got my OIDC Client finally connecting to CAS 5.3.2 (yay!).  I've 
ensured the clientId and clientSecret match properly between CAS and the 
OIDC Client.

Initially it was failing due to not finding a matching service in the 
services registry, the OIDC Client was putting :443 in the service url, so 
adding a (:443)? progressed us past that error.

Next it just throws a NullPointerException in 
OAuth20AuthorizationCodeResponseTypeAuthorizationRequestValidator.java:54.  

Which would be this line:

final WebApplicationService service = webApplicationServiceServiceFactory.
createService(registeredService.getServiceId());

Given the line, either the webApplicationServiceServiceFactory or 
registeredService is null.

I've got no clue how to proceed without trying to hookup a remote debugger 
and step through the process, which i've had poor luck at being successful 
for.  I searched all of our cas-user group history... any suggestions?


P.S. the logfile with stacktrace

2018-08-09 22:12:37,579 DEBUG 
[org.pac4j.core.client.finder.DefaultSecurityClientFinder] - <Provided 
clientNames: CasOAuthClient>
2018-08-09 22:12:37,579 DEBUG 
[org.pac4j.core.client.finder.DefaultSecurityClientFinder] - 
<clientNameOnRequest: null>
2018-08-09 22:12:37,579 DEBUG 
[org.pac4j.core.client.finder.DefaultSecurityClientFinder] - <result: 
[CasOAuthClient]>
2018-08-09 22:12:37,579 DEBUG [org.pac4j.core.engine.DefaultSecurityLogic] 
- <currentClients: [#CasClient# | name: CasOAuthClient | callbackUrl: 
https://example.com/cas/oauth2.0/callbackAuthorize | callbackUrlResolver: 
org.pac4j.core.http.callback.QueryParameterCallbackUrlResolver@1176af5f | 
ajaxRequestResolver: 
org.pac4j.core.http.ajax.DefaultAjaxRequestResolver@21afe905 | 
redirectActionBuilder: 
org.apereo.cas.config.CasOAuthConfiguration$$Lambda$106/1682524142@ae1ac74 
| credentialsExtractor: 
org.pac4j.cas.credentials.extractor.TicketAndLogoutRequestExtractor@3f878077 
| authenticator: 
org.pac4j.cas.credentials.authenticator.CasAuthenticator@721d7c08 | 
profileCreator: 
org.pac4j.core.profile.creator.AuthenticatorProfileCreator@62e41b87 | 
logoutActionBuilder: #CasLogoutActionBuilder# | serverLogoutUrl: nulllogout 
| postLogoutUrlParameter: service | | authorizationGenerators: 
[org.pac4j.cas.authorization.DefaultCasAuthorizationGenerator@56352943] | 
configuration: #CasConfiguration# | loginUrl: https://example.com/cas/login 
| prefixUrl: https://example.com/cas/ | restUrl: 
https://example.com/cas/v1/tickets | protocol: CAS30 | renew: false | 
gateway: false | encoding: UTF-8 | logoutHandler: #DefaultCasLogoutHandler# 
| store: #GuavaStore# | size: 10000 | timeout: 30 | timeUnit: MINUTES | | 
destroySession: false | | acceptAnyProxy: false | allowedProxyChains: [] | 
proxyReceptor: null | timeTolerance: 1000 | postLogoutUrlParameter: service 
| defaultTicketValidator: null | urlResolver: 
org.apereo.cas.support.oauth.web.OAuth20CasCallbackUrlResolver@404009df | | 
urlResolver: 
org.apereo.cas.support.oauth.web.OAuth20CasCallbackUrlResolver@404009df |]>
2018-08-09 22:12:37,579 DEBUG [org.pac4j.core.engine.DefaultSecurityLogic] 
- <loadProfilesFromSession: true>
2018-08-09 22:12:37,579 DEBUG [org.pac4j.core.engine.DefaultSecurityLogic] 
- <profiles: [#CasProfile# | id: cruck.da | attributes: {lastName=Ruck, 
commonName=Ruck, Curtis, auth_type=PKI, role=[admin, user], 
isFromNewLogin=false, 
authenticationDate=2018-08-09T22:06:34.565-04:00[America/New_York], 
sAMAccountName=cruck.da, givenName=Curtis, 
successfulAuthenticationHandlers=example.com domain, groups=[example users, 
example workstation admins, example server admins, userindirect], cn=Ruck, 
Curtis, credentialType=X509CertificateCredential, 
samlAuthenticationStatementAuthMethod=urn:oasis:names:tc:SAML:1.0:am:X509-PKI, 
uid=curtisruck, role_admin=true, role_user=true, 
authenticationMethod=example.com domain, primaryGroupID=513, 
longTermAuthenticationRequestTokenUsed=false, sn=Ruck, 
userPrincipalName=curtisr...@example.com} | roles: [] | permissions: [] | 
isRemembered: false | clientName: CasOAuthClient | linkedId: null |]>
2018-08-09 22:12:37,579 DEBUG [org.pac4j.core.engine.DefaultSecurityLogic] 
- <authorizers: null>
2018-08-09 22:12:37,579 DEBUG [org.pac4j.core.engine.DefaultSecurityLogic] 
- <authenticated and authorized -> grant access>
2018-08-09 22:12:37,580 DEBUG [org.apereo.cas.util.HttpRequestUtils] - 
<Found provided request parameter [client_id]>
2018-08-09 22:12:37,580 DEBUG [org.apereo.cas.util.HttpRequestUtils] - 
<Found provided request parameter [redirect_uri]>
2018-08-09 22:12:37,580 DEBUG [org.apereo.cas.util.HttpRequestUtils] - 
<Found provided request parameter [response_type]>
java.lang.NullPointerException: null
        at org.apereo.cas.support.oauth.validator.authorization.
OAuth20AuthorizationCodeResponseTypeAuthorizationRequestValidator.validate(
OAuth20AuthorizationCodeResponseTypeAuthorizationRequestValidator.java:54) 
~[cas-server-support-oauth-5.3.2.jar!/:5.3.2]
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:
1.8.0_181]
        at sun.reflect.NativeMethodAccessorImpl.invoke(
NativeMethodAccessorImpl.java:62) ~[?:1.8.0_181]
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(
DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_181]
        at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_181]
        at org.springframework.util.ReflectionUtils.invokeMethod(
ReflectionUtils.java:216) ~[spring-core-4.3.18.RELEASE.jar!/:4.3.18.RELEASE]
        at org.springframework.cloud.context.scope.
GenericScope$LockedScopedProxyFactoryBean.invoke(GenericScope.java:470) ~[
spring-cloud-context-1.3.0.RELEASE.jar!/:1.3.0.RELEASE]
        at org.springframework.aop.framework.ReflectiveMethodInvocation.
proceed(ReflectiveMethodInvocation.java:179) ~[spring-aop-4.3.18.RELEASE.jar
!/:4.3.18.RELEASE]
        at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(
JdkDynamicAopProxy.java:213) ~[spring-aop-4.3.18.RELEASE.jar!/:4.3.
18.RELEASE]
        at com.sun.proxy.$Proxy182.validate(Unknown Source) ~[?:?]
        at org.apereo.cas.support.oauth.web.endpoints.
OAuth20AuthorizeEndpointController.verifyAuthorizeRequest(
OAuth20AuthorizeEndpointController.java:274) ~[cas-server-support-oauth-5.3.
2.jar!/:5.3.2]
        at org.apereo.cas.support.oauth.web.endpoints.
OAuth20AuthorizeEndpointController.handleRequest(
OAuth20AuthorizeEndpointController.java:127) ~[cas-server-support-oauth-5.3.
2.jar!/:5.3.2]
        at org.apereo.cas.oidc.web.controllers.
OidcAuthorizeEndpointController.handleRequest(
OidcAuthorizeEndpointController.java:76) ~[cas-server-support-oidc-5.3.2.jar
!/:5.3.2]
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:
1.8.0_181]
        at sun.reflect.NativeMethodAccessorImpl.invoke(
NativeMethodAccessorImpl.java:62) ~[?:1.8.0_181]
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(
DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_181]
        at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_181]

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/85a6e0cd-3d65-4a10-8978-0f551ba172ed%40apereo.org.

Reply via email to