Internal Error when signing in with external Keycloak provider with OIDC

[Alcides Moraes]

Hello list,

We're trying to integrate our CAS server with an external Keycloak server. The external Keycloak server is accepting the initial CAS redirect and signing in.

However, when we hit our CAS server back after the login, CAS is throwing HTTP 500 Internal Error.

Our CAS version is 6.3.7

We're not overriding neither minidev.json-smart nor nimbus-jose-jwt dependencies.

This is the Exception (first few stack trace entries, the full stack is here https://pastebin.com/xTkvW4Bc)

[ERROR] Servlet.service() for servlet [dispatcherServlet] in context with path [/cas-server] threw exception [Handler dispatch failed; nested exception is java.lang.NoSuchMethodError: 'net.minidev.json.JSONObject com.nimbusds.jwt.JWTClaimsSet.getJSONObjectClaim(java.lang.String)'] with root cause java.lang.NoSuchMethodError: 'net.minidev.json.JSONObject com.nimbusds.jwt.JWTClaimsSet.getJSONObjectClaim(java.lang.String)' at org.pac4j.oidc.authorization.generator.KeycloakRolesAuthorizationGenerator.generate(KeycloakRolesAuthorizationGenerator.java:44) ~[pac4j-oidc-4.5.0.jar!/:?] at org.pac4j.core.client.BaseClient.getUserProfile(BaseClient.java:104) ~[pac4j-core-4.5.0.jar!/:?] at org.apereo.cas.support.pac4j.authentication.handler.support.DelegatedClientAuthenticationHandler.doAuthentication(DelegatedClientAuthenticationHandler.java:81) ~[cas-server-support-pac4j-core-clients-6.3.7.4.jar!/:6.3.7.4] at org.apereo.cas.authentication.handler.support.AbstractPreAndPostProcessingAuthenticationHandler.authenticate(AbstractPreAndPostProcessingAuthenticationHandler.java:43) ~[cas-server-core-authentication-api-6.3.7.4.jar!/:6.3.7.4] at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:?]

[Alcides Moraes]

Updating from 6.3.7.4 to 6.5.3 resolved the issue.