Hi All,
I am using CAS 4.2.7 and the delegate authentication does not appear to be
working properly. I got the exact same results using the demo
https://github.com/casinthecloud/cas-pac4j-oauth-demo/tree/4.2.x. In both
cases twitter works and facebook does not. Clicking the facebook link properly
takes the user to Facebook, and the user can click approve and then it forwards
back to CAS and displays the server error page.
The relevant log entries are:
2017-08-10 15:07:19,943 DEBUG
[org.springframework.webflow.execution.ActionExecutor] - Executing
org.jasig.cas.support.pac4j.web.flow.ClientAction@6c59325f
2017-08-10 15:07:19,944 DEBUG [org.pac4j.oauth.client.BaseOAuth20Client] -
sessionState : yZkhX8vavT / stateParameter : yZkhX8vavT
2017-08-10 15:07:19,944 DEBUG [org.pac4j.oauth.client.BaseOAuth20Client] -
verifier :
AQCPv6onxJSaI812-O16CADAq5xYRUJwKdNwUAnbO0RTSkoRKsblQZJblwOgAhat9Hx5IaBqVeBUWdfWqWl6tWbjqnfqD2di7vBO7pWQSDK81MUkxPujexdqPjXYF1bk2l_76DgidMF1DA4_GBU-BgL6xZwmu8ul0kEDZF-RoNJdzl8-yFHp4NPceGLG8MN_N9QyIGZnNDiHX_Ea22O3Me8UJWN0Gv2v_07AncE6Dojs22pqKJ2h4eWp4MfEFjjl67jiTTBbvgV9Hrdvhnzy0RCdn-7rK1PP1orYSjjgyzByuu27gEdFKUfBNfCIycZrH68
2017-08-10 15:07:19,965 DEBUG [org.pac4j.oauth.client.FacebookClient] -
credentials : <OAuthCredentials> | requestToken: null | token: null | verifier:
AQCPv6onxJSaI812-O16CADAq5xYRUJwKdNwUAnbO0RTSkoRKsblQZJblwOgAhat9Hx5IaBqVeBUWdfWqWl6tWbjqnfqD2di7vBO7pWQSDK81MUkxPujexdqPjXYF1bk2l_76DgidMF1DA4_GBU-BgL6xZwmu8ul0kEDZF-RoNJdzl8-yFHp4NPceGLG8MN_N9QyIGZnNDiHX_Ea22O3Me8UJWN0Gv2v_07AncE6Dojs22pqKJ2h4eWp4MfEFjjl67jiTTBbvgV9Hrdvhnzy0RCdn-7rK1PP1orYSjjgyzByuu27gEdFKUfBNfCIycZrH68
| clientName: FacebookClient |
2017-08-10 15:07:19,966 DEBUG [org.pac4j.oauth.client.BaseOAuth20Client] -
verifier :
AQCPv6onxJSaI812-O16CADAq5xYRUJwKdNwUAnbO0RTSkoRKsblQZJblwOgAhat9Hx5IaBqVeBUWdfWqWl6tWbjqnfqD2di7vBO7pWQSDK81MUkxPujexdqPjXYF1bk2l_76DgidMF1DA4_GBU-BgL6xZwmu8ul0kEDZF-RoNJdzl8-yFHp4NPceGLG8MN_N9QyIGZnNDiHX_Ea22O3Me8UJWN0Gv2v_07AncE6Dojs22pqKJ2h4eWp4MfEFjjl67jiTTBbvgV9Hrdvhnzy0RCdn-7rK1PP1orYSjjgyzByuu27gEdFKUfBNfCIycZrH68
2017-08-10 15:07:20,900 INFO
[org.jasig.inspektr.audit.support.Slf4jLoggingAuditTrailManager] - Audit trail
record BEGIN
=============================================================
WHO: org.jasig.cas.authentication.principal.ClientCredential@62d12aca
WHAT: Supplied credentials:
[org.jasig.cas.authentication.principal.ClientCredential@62d12aca]
ACTION: AUTHENTICATION_FAILED
APPLICATION: CAS
WHEN: Thu Aug 10 15:07:20 CDT 2017
CLIENT IP ADDRESS: 0:0:0:0:0:0:0:1
SERVER IP ADDRESS: 0:0:0:0:0:0:0:1
=============================================================
2017-08-10 15:07:20,905 DEBUG
[org.springframework.webflow.engine.impl.FlowExecutionImpl] - Attempting to
handle [org.springframework.webflow.execution.ActionExecutionException:
Exception thrown executing
org.jasig.cas.support.pac4j.web.flow.ClientAction@6c59325f in state
'clientAction' of flow 'login' -- action execution attributes were
'map[[empty]]'] with root cause [org.scribe.exceptions.OAuthException: Response
body is incorrect. Can't extract a token from this:
'{"access_token":"EAAJuVu68W5sBAE8aNvzKSZCyZBACpRS3rMjIxw06KojA2AcOkt5ZAWY654nYjOXaAbOFciOX0XsaKf8RVTSlXaUn8iOUpJoZAWXGfmucqeets3OFWnmInjXQ4ZAsZBa5eSpkB6Hv9jKp4FfSXyX0JmORPnENj0eNgiBwUxBQnuEQZDZD","token_type":"bearer","expires_in":5183856}']
Does anyone have any suggestions?
Thanks,
Nancy
CONFIDENTIALITY NOTICE: This e-mail, including any attachments, may contain
confidential, privileged and/or proprietary information which is solely for the
use of the intended recipient(s). Any review, use, disclosure or retention by
others is strictly prohibited. If you are not an intended recipient, please
contact the sender and delete this e-mail, any attachments and all copies.
Permanent General Assurance Corporation | Permanent General Assurance
Corporation of Ohio | The General Automobile Insurance Company, Inc. | Home
Office: 2636 Elm Hill Pike, Nashville, TN 37214
--
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/ebe11493a6df4fe9aa8f79226c1c147a%40TGI-EX13MBX01.pgac.com.
