Hello All,
Replying on this post as it is the most recent post on OAuth authentication.I am back working on the project again.
Having gotten the oauth2 with JWT sample code working on CAS 6.1 overlay I find that It works on service ids with https URLs but on configuring http URLs I am unable to obtain the JWT or access token with a successful authentication and code generated. I am getting the following output on debug logs on the server side:
my json registration:
{
"@class" : "org.apereo.cas.support.oauth.services.OAuthRegisteredService",
"clientId": "exampleOauthClient",
"clientSecret": "test1",
"serviceId": "^
http://localhost:9999/.*",
"name": "oauth2test",
"id": 6,
"supportedGrantTypes": [ "java.util.HashSet", [ "authorization_code" ] ],
"supportedResponseTypes": [ "java.util.HashSet", [ "code" ] ]
"attributeReleasePolicy": {
"@class": "org.apereo.cas.services.ReturnAllAttributeReleasePolicy",
"principalAttributesRepository": {
"@class": "org.apereo.cas.authentication.principal.DefaultPrincipalAttributesRepository"
},
},
"jwtAccessToken": true,
"usernameAttributeProvider": {
"@class": "org.apereo.cas.services.PrincipalAttributeRegisteredServiceUsernameProvider",
"usernameAttribute": "username"
}
}
On the client side, i receive a 403 forbidden status or a 401 :
Not sure what I am missing out.. Or does the CAS OAuth server allow only clients with https urls to participate in SSO?
Any inputs regarding this will be of great help..
Thanks
Sneha
On Tuesday, March 10, 2020 at 3:01:34 PM UTC+5:30, Napoleon Ponaparte wrote: