Hi all,
Would like to know anybody got "Sign in with Apple" working in CAS natively?
I got it working my doing some customization (I will attach below) because
of some weird issue which I cannot understand.
While I would like to investigate on submiting a PR, but I am not sure if I
am the only one having issue with this or not so want to ask the group
first.
Cheers!
- Andy
Attached is my customization which makes Sign in with Apple work:
=========================================
*MyOrgAppleOidcAuthenticator.java*
/**
* Fix an issue which the secret cannot be refresh again during validation.
*
*/
@Slf4j
public class MyOrgAppleOidcAuthenticator extends OidcAuthenticator {
public MyOrgAppleOidcAuthenticator(OidcConfiguration configuration,
OidcClient client) {
super(configuration, client);
}
/**
* If client is secret post, set the client authentication again so the
secret can be get again
* <p>
* Also, set the user profile after validate, so it can validate the
userprofile
*
* @param cred
* @param context
*/
@Override
public void validate(final OidcCredentials cred, final WebContext
context) {
ClientAuthentication clientAuthentication =
getClientAuthentication();
if (clientAuthentication instanceof ClientSecretPost) {
LOGGER.debug("Get secret again from validate for Apple Login");
final ClientID clientId = new
ClientID(configuration.getClientId());
final Secret secret = new Secret(configuration.getSecret());
ClientSecretPost clientSecretPost = new
ClientSecretPost(clientId, secret);
setClientAuthentication(clientSecretPost);
}
super.validate(cred, context);
}
}
=================================================================================================
*MyOrgDefaultDelegatedClientFactory.java*
/**
* Set Apple Client
*
*/
@Slf4j
@Getter
public class MyOrgDefaultDelegatedClientFactory extends
DefaultDelegatedClientFactory {
private final CasConfigurationProperties casProperties;
public MyOrgDefaultDelegatedClientFactory(
CasConfigurationProperties casProperties,
Collection<DelegatedClientFactoryCustomizer> customizers) {
super(casProperties, customizers);
this.casProperties = casProperties;
}
@Override
protected void configureClient(final IndirectClient client, final
Pac4jBaseClientProperties props) {
if(client instanceof AppleClient){
client.setAuthenticator(
new MyOrgAppleOidcAuthenticator(((AppleClient)
client).getConfiguration(), (AppleClient) client)
);
}
super.configureClient(client, props);
}
}
=========================================
*cas.yml*
cas:
authn:
pac4j:
oidc:
- apple:
client-name: XXXX
private-key: file:/abd/def/myapplecert.p8
private-key-id: xxxx
team-id: xxxxx
id: xxx.yyy.zzz
response-mode: form_post
scope: openid name
response-type: code id_token
use-nonce: true
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/435d7384-b268-44c2-af0a-fc6cf0e258ccn%40apereo.org.
