Looking further, do we think this maybe an issue? when I go for ID-token directly (as oppose to get authorization code first, then token second), I am getting "Application Not Authorized to use CAS" error, but the URL is clearly in the JSON service file.
2019-03-12 15:23:26,171 DEBUG [org.apereo.cas.services.AbstractServicesManager] - <Adding registered service [^(https|imaps)://localhost:8543/cas5/.*]> 2019-03-12 15:23:26,172 DEBUG [org.apereo.cas.services.AbstractServicesManager] - <Adding registered service [^https://oidcdebugger.com/debug]> 2019-03-12 15:23:26,172 DEBUG [org.apereo.cas.services.AbstractServicesManager] - <Adding registered service [https://localhost:8543/cas5/oauth2.0/callbackAuthorize.*]> here is my POST https://localhost:8543/cas5/oidc/authorize?client_id=demoOIDC&redirect_uri=https%3A%2F%2Foidcdebugger.com%2Fdebug&scope=openid&response_type=code%20id_token&response_mode=form_post&nonce=gb63gw2hmqk Thanks! On Tuesday, March 12, 2019 at 2:38:35 PM UTC-4, Yan Zhou wrote: > > hello, > > I set up CAS 5.3.x overlay for OpenId Connect for authorization code flow. > > When I do POST, CAS login page comes up, I enter credential and authorize > access, I successfully got the authorization code, but when I call POST or > GET to get access token or Id token, I keep getting 401, "No message > available" error. > > What am I missing? > > Someone said I am missing Authorization header. What should goes in this > header? I tried putting Basic Auth with my user credentials, not working. > > Thanks! > Yan > > My request looks like this, content-type is: > application/x-www-form-urlencoded > > https://localhost:8543/cas5/oidc/token > > grant_type=authorization_code& code=OC-5-G5bbL-TKNHW-0xd9KWGUFeEcsycinjqI& > client_id=demoOIDC& client_secret=password& > redirect_uri=https%3A%2F%2Foidcdebugger.com%2Fdebug > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/13107190-be42-413a-b5f2-3ac955c35f7d%40apereo.org.
