cas 7.1.1 with openid connect

148 views

Skip to first unread message

Mathieu HETRU

unread,

Nov 19, 2024, 7:58:32 AM11/19/24

to cas-...@apereo.org

Hello,

with my cas 7.1.1 and plugin openid connect

i got this error in the logs :

[2024-11-19 13:30:24] [info] #033[36m2024-11-19 13:30:24,430 DEBUG [org.apereo.cas.oidc.jwks.generator.OidcDefaultJsonWebKeystoreGeneratorService] - <Given resource [file:/etc/cas/config/keystore.jwks] cannot be parsed as a raw JSON web keystore>#033[m

is it normal ?

how can i fix it ?

Best Regards,

Pierre Driutti

unread,

Nov 29, 2024, 8:58:51 AM11/29/24

to CAS Community, Mathieu HETRU

Hello,

I am also encountering this issue with CAS 7.1.1.

I do not know why, it appeared at a certain point of time, without me doing anything else then rebuilding the docker image hosting my CAS server. Maybe the version of the jose4j library changed ?

Anyway, this looks like a defect. In the code of the OidcDefaultJsonWebKeystoreGeneratorService class one can see:

protected AbstractResource determineJsonWebKeystoreResource() throws Exception {
        val file = SpringExpressionLanguageValueResolver.getInstance()
            .resolve(oidcProperties.getJwks().getFileSystem().getJwksFile());
        try {
            val jsonKeys = new JsonWebKeySet(file).toJson(JsonWebKey.OutputControlLevel.INCLUDE_PRIVATE);
           ...

but in JsonWebKeySet class constructor, one can see:

 public JsonWebKeySet(String json) throws JoseException
    {
        Map<String,Object> parsed = JsonUtil.parseJson(json);

which therefore generate the error...

Hope this helps

Best Regards,

Pierre

Reply all

Reply to author

Forward

0 new messages