JWT token OAuth

[Lorenzo Di Cola]

Hi all,

I'm working with CAS 5.3.7 and I enabled the OAuth/OpenID Authentication [1]. I'm calling the endpoint /oauth2.0/accessToken with the Resource Owner Credentials [2]. I would like to have an access token in JWT format after this call.

Is it possible to have the JWT token during the OAuth flow?

Thank you very much in advance.

Best regards,

Lorenzo

[1] https://apereo.github.io/cas/5.3.x/installation/OAuth-OpenId-Authentication.html

[2] https://apereo.github.io/cas/5.3.x/installation/OAuth-OpenId-Authentication.html#resource-owner-credentials

[Andy Ng]

Hello,

Pretty sure it is not possible without modifying CAS code, The logic for generating OAuth/OpenID Authentication is here:
1. https://github.com/apereo/cas/blob/v6.0.1/support/cas-server-support-oauth-core/src/main/java/org/apereo/cas/ticket/accesstoken/DefaultAccessTokenFactory.java#L43
2. https://github.com/apereo/cas/blob/v6.0.1/core/cas-server-core-tickets-api/src/main/java/org/apereo/cas/util/DefaultUniqueTicketIdGenerator.java#L104

As seen above, the logic behind the access token is just random string of 24 length.

I think your real option here is to either customize CAS yourself, or see if the use of the JWT work flow suits you (https://apereo.github.io/cas/6.0.x/installation/Configure-ServiceTicket-JWT.html).

Cheers!

- Andy

[Lorenzo Di Cola]

Hi Andy,
First of all thank you very much for you fast reply.
Unfortunately I can confirm that generate the JWT token after the OAuth authentication is not possible.
I tried with your suggested configuration too but without none results.

I already customized my CAS instance in order to let CAS able to generate the JWT token and return it to the client application.

Thanks again!
Best regards,
Lorenzo