[cas-user] Re: can't get jdbc attribute query after facebook delegated authentication
Ho yes, I did not understood. This is what I have in mind. I'm to young to cas. I'll try to make this on version 5 I've to understand the structure of it and of pac4j Thanks a lot Le mardi 23 mai 2017 09:46:53 UTC+2, Martin Bohun a écrit : > > Hi Sandy, > > I am not entirely sure what you mean by "BTW I still wonder if CAS 5 can > do it by chaining something somewhere.", one place in our code where one > can kinda "chain" something is currently hardcoded "null" (taken/followed > from pac4j examples) in: > > https://github.com/AtlasOfLivingAustralia/ala-cas-2.0/blob/master/src/main/webapp/WEB-INF/deployerConfigContext.xml#L65 > > Clean/flexible approach is to create a proper "secondaryPrincipalResolver" > (class and bean, instead of the hardcoded null :-) obviously) - i have > already a refactoring task/branch for that - but that is one nice "chaining > point" right there. > > regards, > > martin > > On Tuesday, May 23, 2017 at 5:17:49 PM UTC+10, Sandy Lelarge wrote: >> >> Thank you for your response Martin. >> >> I will take a look into your code. >> >> BTW I still wonder if CAS 5 can do it by chaining something somewhere. >> >> It can already do everthing but not the way I want to. >> >> Perhaps I can make something similar to what you've done by chaining >> social networks auth with cas.authn.attributeRepository.jdbc on CAS 5 >> >> cheers >> >> Le mardi 23 mai 2017 02:16:51 UTC+2, Martin Bohun a écrit : >>> >>> This is very similar to what we (ALA) are doing in our cas-4.0.x: >>> previously user could SignUp/SignIn with username/password stored in sql DB >>> (mysql); I added/extended the project with "one click" SignUp/SignIn via >>> "social media" (Facebook/Google/Twitter/LinkedIn/WindozeLive/GitHub): >>> https://github.com/AtlasOfLivingAustralia/ala-cas-2.0 >>> >>> You can have look at our: >>> >>> https://github.com/AtlasOfLivingAustralia/ala-cas-2.0/blob/master/src/main/webapp/WEB-INF/deployerConfigContext.xml >>> (I intentionally try to keep it clean and "intuitively" ordered) >>> >>> First we do the Delegated Authentication exactly as you mentioned; that >>> does verify the user via (Facebook/Google/Twitter), and each of these sends >>> back some profile info (email, firstName, lastName); I wrote a custom >>> cas/pac4j Authenticator: >>> >>> https://github.com/AtlasOfLivingAustralia/ala-cas-2.0/blob/master/src/main/webapp/WEB-INF/deployerConfigContext.xml#L139-L144 >>> >>> https://github.com/AtlasOfLivingAustralia/ala-cas-2.0/blob/master/src/main/webapp/WEB-INF/deployerConfigContext.xml#L146-L158 >>> >>> https://github.com/AtlasOfLivingAustralia/ala-cas-2.0/blob/master/src/main/java/org/jasig/cas/support/pac4j/authentication/handler/support/ALAClientAuthenticationHandler.java#L97 >>> That takes the email address returned by the social media, and (reusing >>> the old sql username/password code/components) tries to retrieve the user >>> from the DB: >>> >>> https://github.com/AtlasOfLivingAustralia/ala-cas-2.0/blob/master/src/main/java/org/jasig/cas/support/pac4j/authentication/handler/support/ALAClientAuthenticationHandler.java#L130-L139 >>> >>> if an user with such email address does not exist, it will use a create >>> new user sql query to create the user in the DB first and then resume the >>> login process: >>> >>> https://github.com/AtlasOfLivingAustralia/ala-cas-2.0/blob/master/src/main/java/org/jasig/cas/support/pac4j/authentication/handler/support/ALAClientAuthenticationHandler.java#L142-L154 >>> >>> >>> regards, >>> >>> martin >>> >>> On Tuesday, May 23, 2017 at 2:39:48 AM UTC+10, Sandy Lelarge wrote: >>>> >>>> Hi all, >>>> >>>> and firstly, thanks for your great job on cas. >>>> >>>> I'm pretty new to it and I'm working with cas 5.0.3.1 >>>> >>>> I can succesfully logon with login/password via a rest service and once >>>> logged succesfully get attribute form an other database via jdbc. >>>> >>>> Now, I'm trying to get authenticate by facebook. I successfully get >>>> logged it. >>>> >>>> >>>> The problem is that I'm trying to make a request on my sql server where >>>> I'm looking for the 'email' field that facebook gave me. >>>> (the same email get as username on login form and th
[cas-user] Re: can't get jdbc attribute query after facebook delegated authentication
Thank you for your response Martin. I will take a look into your code. BTW I still wonder if CAS 5 can do it by chaining something somewhere. It can already do everthing but not the way I want to. Perhaps I can make something similar to what you've done by chaining social networks auth with cas.authn.attributeRepository.jdbc on CAS 5 cheers Le mardi 23 mai 2017 02:16:51 UTC+2, Martin Bohun a écrit : > > This is very similar to what we (ALA) are doing in our cas-4.0.x: > previously user could SignUp/SignIn with username/password stored in sql DB > (mysql); I added/extended the project with "one click" SignUp/SignIn via > "social media" (Facebook/Google/Twitter/LinkedIn/WindozeLive/GitHub): > https://github.com/AtlasOfLivingAustralia/ala-cas-2.0 > > You can have look at our: > > https://github.com/AtlasOfLivingAustralia/ala-cas-2.0/blob/master/src/main/webapp/WEB-INF/deployerConfigContext.xml > (I intentionally try to keep it clean and "intuitively" ordered) > > First we do the Delegated Authentication exactly as you mentioned; that > does verify the user via (Facebook/Google/Twitter), and each of these sends > back some profile info (email, firstName, lastName); I wrote a custom > cas/pac4j Authenticator: > > https://github.com/AtlasOfLivingAustralia/ala-cas-2.0/blob/master/src/main/webapp/WEB-INF/deployerConfigContext.xml#L139-L144 > > https://github.com/AtlasOfLivingAustralia/ala-cas-2.0/blob/master/src/main/webapp/WEB-INF/deployerConfigContext.xml#L146-L158 > > https://github.com/AtlasOfLivingAustralia/ala-cas-2.0/blob/master/src/main/java/org/jasig/cas/support/pac4j/authentication/handler/support/ALAClientAuthenticationHandler.java#L97 > That takes the email address returned by the social media, and (reusing > the old sql username/password code/components) tries to retrieve the user > from the DB: > > https://github.com/AtlasOfLivingAustralia/ala-cas-2.0/blob/master/src/main/java/org/jasig/cas/support/pac4j/authentication/handler/support/ALAClientAuthenticationHandler.java#L130-L139 > > if an user with such email address does not exist, it will use a create > new user sql query to create the user in the DB first and then resume the > login process: > > https://github.com/AtlasOfLivingAustralia/ala-cas-2.0/blob/master/src/main/java/org/jasig/cas/support/pac4j/authentication/handler/support/ALAClientAuthenticationHandler.java#L142-L154 > > > regards, > > martin > > On Tuesday, May 23, 2017 at 2:39:48 AM UTC+10, Sandy Lelarge wrote: >> >> Hi all, >> >> and firstly, thanks for your great job on cas. >> >> I'm pretty new to it and I'm working with cas 5.0.3.1 >> >> I can succesfully logon with login/password via a rest service and once >> logged succesfully get attribute form an other database via jdbc. >> >> Now, I'm trying to get authenticate by facebook. I successfully get >> logged it. >> >> >> The problem is that I'm trying to make a request on my sql server where >> I'm looking for the 'email' field that facebook gave me. >> (the same email get as username on login form and that gave me result. >> >> I can event get a request to the sqlsever. >> No error, simply no request. >> >> Is it possible with a delegate authentication ? >> I hopped to like some authentification mecanism by email address... >> >> Thanks for your help >> >> facebook throw this list of attribute : >> access_token [masked] >> email [masked] >> first_name [masked] >> gender MALE >> last_name [masked] >> link [masked] >> locale fr_FR >> name [masked] >> third_party_id [masked] >> timezone 2 >> updated_time 1409185943000 >> verified false >> >> >> -- - CAS gitter chatroom: https://gitter.im/apereo/cas - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html - CAS documentation website: https://apereo.github.io/cas - CAS project website: https://github.com/apereo/cas --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/6ed021c4-af35-4c20-859c-5ddae757dd8f%40apereo.org.
[cas-user] can't get jdbc attribute query after facebook delegated authentication
Hi all, and firstly, thanks for your great job on cas. I'm pretty new to it and I'm working with cas 5.0.3.1 I can succesfully logon with login/password via a rest service and once logged succesfully get attribute form an other database via jdbc. Now, I'm trying to get authenticate by facebook. I successfully get logged it. The problem is that I'm trying to make a request on my sql server where I'm looking for the 'email' field that facebook gave me. (the same email get as username on login form and that gave me result. I can event get a request to the sqlsever. No error, simply no request. Is it possible with a delegate authentication ? I hopped to like some authentification mecanism by email address... Thanks for your help facebook throw this list of attribute : access_token [masked] email [masked] first_name [masked] gender MALE last_name [masked] link [masked] locale fr_FR name [masked] third_party_id [masked] timezone 2 updated_time 1409185943000 verified false -- - CAS gitter chatroom: https://gitter.im/apereo/cas - CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html - CAS documentation website: https://apereo.github.io/cas - CAS project website: https://github.com/apereo/cas --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/12a648ef-13dc-49e1-b5b4-38a648664fed%40apereo.org.
