Hi,
It should be
fixed:
https://github.com/pac4j/pac4j/commit/f8a9450f794add3a65544c8586552305f9976b70
Can you test with CAS 7.0.0-RC4 and pac4j v6.0.0-RC6-SNAPSHOT (pull
pac4j-core and pac4j-oidc in version 6.0.0-RC6-SNAPSHOT and exclude the
same dependencies in v6.0.0-RC5).
Thanks.
Best regards,
Jérôme
Le vendredi 17 février 2023 à 04:17:28 UTC+1, wilc...@gmail.com a écrit :
> HI Jérôme,
>
> I happy to post the configuration if required, but I think you have a
> slight error in CAS causing the tenant id to get lost.
>
> In "BaseDelegatedClientFactory.java" you have the "getOidcClientFrom"
> method which has the following for azure
>
> if (clientProperties.getAzure().isEnabled() &&
> StringUtils.isNotBlank(clientProperties.getAzure().getId())) {
> LOGGER.debug("Building OpenID Connect client for Azure AD...");
> val azure =
> getOidcConfigurationForClient(clientProperties.getAzure(),
> AzureAd2OidcConfiguration.class);
> azure.setTenant(clientProperties.getAzure().getTenant());
> * val cfg = new AzureAd2OidcConfiguration(azure);*
> val azureClient = new AzureAd2Client(cfg);
> configureClient(azureClient, clientProperties.getAzure(),
> casProperties);
> return azureClient;
> }
>
> Highlighted in bold is what I think the issue is as when I inspected the
> "AzureAd2OidcConfiguration" the constructor does set the tenant and this is
> causing the tenant to get lost.
>
> I have some custom changes to set the login_hint for azure when using the
> dynamic lookup. I added extra code to test if changing it to below worked
> and it proceed to microsoft but I got another error after it came back. I
> will post that error in another message.
>
> if (clientProperties.getAzure().isEnabled() &&
> StringUtils.isNotBlank(clientProperties.getAzure().getId())) {
> LOGGER.debug("Building OpenID Connect client for Azure AD...");
> val cfg=
> getOidcConfigurationForClient(clientProperties.getAzure(),
> AzureAd2OidcConfiguration.class);
> cfg.setTenant(clientProperties.getAzure().getTenant());
> val azureClient = new AzureAd2Client(cfg);
> configureClient(azureClient, clientProperties.getAzure(),
> casProperties);
> return azureClient;
> }
>
> Thanks.
> Regards,
> Colin
>
>
> On Thursday, 16 February 2023 at 17:56:46 UTC+11 leleuj wrote:
>
>> Hi,
>>
>> What is your related CAS delegated authn configuration?
>>
>> Remove any sensitive information!
>>
>> Thanks.
>> Best regards,
>> Jérôme
>>
>>
>> Le mer. 15 févr. 2023 à 06:18, Colin Wilkinson <wilc...@gmail.com> a
>> écrit :
>>
>>> Hi,
>>>
>>> I am just testing out configuration against CAS 7.0.0-RC4. The
>>> configuration is currently deployed to our dev server against CAS 6.6.x
>>> this is working fine.
>>>
>>> But when I go to run against CAS 7.0.0.RC4 I get,
>>>
>>> Caused by: java.net.URISyntaxException: Illegal character in path at
>>> index 34: https://login.microsoftonline.com/{tenantid}/v2.0
>>>
>>> I have attached the fully stack trace.
>>>
>>> --
>>> - Website: https://apereo.github.io/cas
>>> - Gitter Chatroom: https://gitter.im/apereo/cas
>>> - List Guidelines: https://goo.gl/1VRrw7
>>> - Contributions: https://goo.gl/mh7qDG
>>> ---
>>> You received this message because you are subscribed to the Google
>>> Groups "CAS Community" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to cas-user+u...@apereo.org.
>>> To view this discussion on the web visit
>>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/32c5e292-89cf-4968-99e9-dd82f31c55a3n%40apereo.org
>>>
>>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/32c5e292-89cf-4968-99e9-dd82f31c55a3n%40apereo.org?utm_medium=email&utm_source=footer>
>>> .
>>>
>>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/c8c44575-7644-4ec6-b903-bd677430fce3n%40apereo.org.
