delegation generic oidc with response-type=code

[Pablo Vidaurri]

I'm trying to get an access_token. Was finally able to get something with following config:

cas.authn.pac4j.oidc[0].generic.enabled=true
cas.authn.pac4j.oidc[0].generic.use-nonce=true
cas.authn.pac4j.oidc[0].generic.include-access-token-claims=true

cas.authn.pac4j.oidc[0].generic.response-type=code

cas.authn.pac4j.oidc[0].generic.discovery-uri=https://xxxxx.b2clogin.com/yyyy/myuserflow/v2.0/.well-known/openid-configuration

cas.authn.pac4j.oidc[0].generic.id=XXX
cas.authn.pac4j.oidc[0].generic.secret=XXX
cas.authn.pac4j.oidc[0].generic.auto-redirect-type=SERVER

cas.authn.pac4j.oidc[0].generic.client-name=AzureClient

cas.authn.pac4j.oidc[0].generic.scope=${cas.authn.pac4j.oidc[0].generic.id} openid

I am able to hit localhost:8443/cas/login, it auto redirects me to azure b2c. I am able to login and get redirected back to CAS with a code=xxyyzz in the url. But I get a CAS unauthorized access error. 

Logs show:

DEBUG [org.apereo.cas.pac4j.PrefixedSessionStore] - <Get value: [ff460b68b6] for key: [AuthnDelegationAzureClient$stateSessionParameter]>
DEBUG [org.apereo.cas.pac4j.PrefixedSessionStore] - <Get value: [null] for key: [AuthnDelegationAzureClient$codeVerifierSessionParameter]>
ERROR [org.apereo.cas.web.flow.actions.DelegatedClientAuthenticationAction] - <com.nimbusds.oauth2.sdk.ParseException: Missing JSON object member with key access_token>
org.pac4j.core.exception.TechnicalException: com.nimbusds.oauth2.sdk.ParseException: Missing JSON object member with key access_token

Now, if i take that code from the callback URL, and make an API call to token endpoint using the code with grant_type "authorization code' I do get another json with access_token in the value.

How to make this work? Is CAS expecting access_token to be part of the authorization response?