I've got my OIDC Client finally connecting to CAS 5.3.2 (yay!). I've ensured the clientId and clientSecret match properly between CAS and the OIDC Client.
Initially it was failing due to not finding a matching service in the services registry, the OIDC Client was putting :443 in the service url, so adding a (:443)? progressed us past that error. Next it just throws a NullPointerException in OAuth20AuthorizationCodeResponseTypeAuthorizationRequestValidator.java:54. Which would be this line: final WebApplicationService service = webApplicationServiceServiceFactory. createService(registeredService.getServiceId()); Given the line, either the webApplicationServiceServiceFactory or registeredService is null. I've got no clue how to proceed without trying to hookup a remote debugger and step through the process, which i've had poor luck at being successful for. I searched all of our cas-user group history... any suggestions? P.S. the logfile with stacktrace 2018-08-09 22:12:37,579 DEBUG [org.pac4j.core.client.finder.DefaultSecurityClientFinder] - <Provided clientNames: CasOAuthClient> 2018-08-09 22:12:37,579 DEBUG [org.pac4j.core.client.finder.DefaultSecurityClientFinder] - <clientNameOnRequest: null> 2018-08-09 22:12:37,579 DEBUG [org.pac4j.core.client.finder.DefaultSecurityClientFinder] - <result: [CasOAuthClient]> 2018-08-09 22:12:37,579 DEBUG [org.pac4j.core.engine.DefaultSecurityLogic] - <currentClients: [#CasClient# | name: CasOAuthClient | callbackUrl: https://example.com/cas/oauth2.0/callbackAuthorize | callbackUrlResolver: org.pac4j.core.http.callback.QueryParameterCallbackUrlResolver@1176af5f | ajaxRequestResolver: org.pac4j.core.http.ajax.DefaultAjaxRequestResolver@21afe905 | redirectActionBuilder: org.apereo.cas.config.CasOAuthConfiguration$$Lambda$106/1682524142@ae1ac74 | credentialsExtractor: org.pac4j.cas.credentials.extractor.TicketAndLogoutRequestExtractor@3f878077 | authenticator: org.pac4j.cas.credentials.authenticator.CasAuthenticator@721d7c08 | profileCreator: org.pac4j.core.profile.creator.AuthenticatorProfileCreator@62e41b87 | logoutActionBuilder: #CasLogoutActionBuilder# | serverLogoutUrl: nulllogout | postLogoutUrlParameter: service | | authorizationGenerators: [org.pac4j.cas.authorization.DefaultCasAuthorizationGenerator@56352943] | configuration: #CasConfiguration# | loginUrl: https://example.com/cas/login | prefixUrl: https://example.com/cas/ | restUrl: https://example.com/cas/v1/tickets | protocol: CAS30 | renew: false | gateway: false | encoding: UTF-8 | logoutHandler: #DefaultCasLogoutHandler# | store: #GuavaStore# | size: 10000 | timeout: 30 | timeUnit: MINUTES | | destroySession: false | | acceptAnyProxy: false | allowedProxyChains: [] | proxyReceptor: null | timeTolerance: 1000 | postLogoutUrlParameter: service | defaultTicketValidator: null | urlResolver: org.apereo.cas.support.oauth.web.OAuth20CasCallbackUrlResolver@404009df | | urlResolver: org.apereo.cas.support.oauth.web.OAuth20CasCallbackUrlResolver@404009df |]> 2018-08-09 22:12:37,579 DEBUG [org.pac4j.core.engine.DefaultSecurityLogic] - <loadProfilesFromSession: true> 2018-08-09 22:12:37,579 DEBUG [org.pac4j.core.engine.DefaultSecurityLogic] - <profiles: [#CasProfile# | id: cruck.da | attributes: {lastName=Ruck, commonName=Ruck, Curtis, auth_type=PKI, role=[admin, user], isFromNewLogin=false, authenticationDate=2018-08-09T22:06:34.565-04:00[America/New_York], sAMAccountName=cruck.da, givenName=Curtis, successfulAuthenticationHandlers=example.com domain, groups=[example users, example workstation admins, example server admins, userindirect], cn=Ruck, Curtis, credentialType=X509CertificateCredential, samlAuthenticationStatementAuthMethod=urn:oasis:names:tc:SAML:1.0:am:X509-PKI, uid=curtisruck, role_admin=true, role_user=true, authenticationMethod=example.com domain, primaryGroupID=513, longTermAuthenticationRequestTokenUsed=false, sn=Ruck, [email protected]} | roles: [] | permissions: [] | isRemembered: false | clientName: CasOAuthClient | linkedId: null |]> 2018-08-09 22:12:37,579 DEBUG [org.pac4j.core.engine.DefaultSecurityLogic] - <authorizers: null> 2018-08-09 22:12:37,579 DEBUG [org.pac4j.core.engine.DefaultSecurityLogic] - <authenticated and authorized -> grant access> 2018-08-09 22:12:37,580 DEBUG [org.apereo.cas.util.HttpRequestUtils] - <Found provided request parameter [client_id]> 2018-08-09 22:12:37,580 DEBUG [org.apereo.cas.util.HttpRequestUtils] - <Found provided request parameter [redirect_uri]> 2018-08-09 22:12:37,580 DEBUG [org.apereo.cas.util.HttpRequestUtils] - <Found provided request parameter [response_type]> java.lang.NullPointerException: null at org.apereo.cas.support.oauth.validator.authorization. OAuth20AuthorizationCodeResponseTypeAuthorizationRequestValidator.validate( OAuth20AuthorizationCodeResponseTypeAuthorizationRequestValidator.java:54) ~[cas-server-support-oauth-5.3.2.jar!/:5.3.2] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?: 1.8.0_181] at sun.reflect.NativeMethodAccessorImpl.invoke( NativeMethodAccessorImpl.java:62) ~[?:1.8.0_181] at sun.reflect.DelegatingMethodAccessorImpl.invoke( DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_181] at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_181] at org.springframework.util.ReflectionUtils.invokeMethod( ReflectionUtils.java:216) ~[spring-core-4.3.18.RELEASE.jar!/:4.3.18.RELEASE] at org.springframework.cloud.context.scope. GenericScope$LockedScopedProxyFactoryBean.invoke(GenericScope.java:470) ~[ spring-cloud-context-1.3.0.RELEASE.jar!/:1.3.0.RELEASE] at org.springframework.aop.framework.ReflectiveMethodInvocation. proceed(ReflectiveMethodInvocation.java:179) ~[spring-aop-4.3.18.RELEASE.jar !/:4.3.18.RELEASE] at org.springframework.aop.framework.JdkDynamicAopProxy.invoke( JdkDynamicAopProxy.java:213) ~[spring-aop-4.3.18.RELEASE.jar!/:4.3. 18.RELEASE] at com.sun.proxy.$Proxy182.validate(Unknown Source) ~[?:?] at org.apereo.cas.support.oauth.web.endpoints. OAuth20AuthorizeEndpointController.verifyAuthorizeRequest( OAuth20AuthorizeEndpointController.java:274) ~[cas-server-support-oauth-5.3. 2.jar!/:5.3.2] at org.apereo.cas.support.oauth.web.endpoints. OAuth20AuthorizeEndpointController.handleRequest( OAuth20AuthorizeEndpointController.java:127) ~[cas-server-support-oauth-5.3. 2.jar!/:5.3.2] at org.apereo.cas.oidc.web.controllers. OidcAuthorizeEndpointController.handleRequest( OidcAuthorizeEndpointController.java:76) ~[cas-server-support-oidc-5.3.2.jar !/:5.3.2] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?: 1.8.0_181] at sun.reflect.NativeMethodAccessorImpl.invoke( NativeMethodAccessorImpl.java:62) ~[?:1.8.0_181] at sun.reflect.DelegatingMethodAccessorImpl.invoke( DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_181] at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_181] -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/85a6e0cd-3d65-4a10-8978-0f551ba172ed%40apereo.org.
