Hi,
you'll find enclosed the log file produced with Finest.
I see that just before the exception, there's a refresh_token with no value.
I don't know what is this token & if my problem is related to it.
Thanks for your help.
Regards,
Alexandre
2013/3/20 A Clarke <cla...@gmail.com>
> Hi Alexandre,
>
> You should try tracing with FINEST, at least for
> org.apache.shindig.gadgets.oauth2.* and
> org.apache.shindig.gadgets.servlet.OAuth2CallbackServlet
>
> Your exception is strange to me ...
> org.apache.shindig.social.core.oauth2.OAuth2Exception , that's coming from
> the OAuth2 provider.
>
> If it's in the provider I'd suggest tracing FINEST on
> org.apache.shindig.social.core.oauth2.* as well.
>
>
> On Wed, Mar 20, 2013 at 2:36 PM, alexandre kettaneh <
> alexandre.ketta...@phloeme.com> wrote:
>
> > Hello,
> > I'm trying to make OAuth working between Shindig 2.5.0 beta 5 and a CAS
> > Jasig Server 3.5.2 with OAuth Server support.
> > The Oauth samples work great out of the box, using Shindig OAuth provider
> > or Google's.
> >
> > But when I use my Cas Server everything seems to work until the last part
> > of the oauth flow where I get an error on SHINDIG:
> >
> > "
> > INFO: The security token or credential is malformed and cannot be parsed.
> > org.apache.shindig.social.core.oauth2.OAuth2Exception: Access token is
> > invalid.
> > "
> > Shindig & Cas are deployed on 2 differents servers & I stored CAS
> > Certificate into Shindig's server Java Keystore.
> >
> > When opening the session on the CAS Server, I can see in the console:
> > "
> > =============================================================
> > WHO: [username: john.doe]
> > WHAT:
> >
> TGT-20-zRf9RNnl7VFf7qAa3nQRm6p1rI6LxGKufN6OaF5mATI4N7c7if-cas.phloeme.com
> > ACTION: TICKET_GRANTING_TICKET_CREATED
> > APPLICATION: CAS
> > WHEN: Wed Mar 20 18:11:28 CET 2013
> > CLIENT IP ADDRESS: XXXXXXXXXXx
> > SERVER IP ADDRESS: YYYYYYYYYY
> > =============================================================
> > "
> > The Service Ticket is found when AccessToken is called & CAS returns the
> > TGT back to Shindig.
> > This is where I get the Shindig Error with "The security
> > token.....malformed and cannot be passed"
> >
> >
> > I tried to log everything using FINE log level but I just can see only
> this
> > INFO message related to the token problem.
> > I don't know if the ticket provided by CAS is good (
> >
> TGT-20-zRf9RNnl7VFf7qAa3nQRm6p1rI6LxGKufN6OaF5mATI4N7c7if-cas.phloeme.com)
> > or if I have a credential problem.
> > I defined also a shindig.signing.state-key :is there a link?
> > My Oauth client config in oauth2.json is:
> > "providerName" : "shindigOAuth2Provider",
> > "redirect_uri" :
> "%origin%%contextRoot%/gadgets/oauth2callback",
> > "type" : "confidential",
> > "grant_type" : "code",
> > "client_id" : "shindigClient",
> > "client_secret" : "phloemesecret"
> > The OAuth provider config in oauth2.json is:
> > "client_authentication" : "STANDARD",
> > "usesAuthorizationHeader" : "false",
> > "usesUrlParameter" : "true",
> > "endpoints" : {
> > "authorizationUrl" : "
> > https://xxxxxxxxx/cas/oauth2.0/authorize
> > ",
> > "tokenUrl" : "
> > https://xxxxxxxxx/cas/oauth2.0/accessToken";
> >
> > I'm stuck... any idea?
> > Thanks for your answers
> >
> > Regards,
> >
> > Alexandre
> >
>
--
PHLOEME
Alexandre Kettaneh
Architecte d'Entreprise, associé
Tél: +33 1 75 00 18 18
Mob: +33 6 63 79 82 85
