Mattermost with CAS/oauth

131 views
Skip to first unread message

sayed amin Hosseini

unread,
Aug 16, 2017, 5:29:37 AM8/16/17
to CAS Community
hi
this is an issue that has been posted on github and i paste it here
(original link)
please share your knowledge
thank u all

Hello
I'm trying to connect mattermost to cas. mattermost does support oauth protocol for gitlab. I think it should work with CAS/OAuth too. It's protocol! right? so I config mattermost with CAS/OAuth urls. It redirects to login page properly. But when redirects back to mattermost it shows error "Invalid state token".
I checked packets by wireshark. the "state" parameter that mattermost sends to cas is diffrerent than the "state" parameter that cas returns. like this:

https://mycas.com/cas/oauth2.0/authorize?response_type=code&client_id=c9f5a8547daba21a1ec0321aa4aacf41afdf19111b8d8c563ba6c2b20676446f&redirect_uri=http%3A%2F%2Fmymat.com%3A8065%2Fsignup%2Fgitlab%2Fcomplete&state=eyJhY3Rpb24iOiJsb2dpbiIsInRva2VuIjoiNzRtZHB5ZWl

http://mymat.com:8065/signup/gitlab/complete?code=OC-2-4iNj4Seu9YocjAYwPcoVh4gvkhfNmgA3tpx&state=eyJhY3Rpb24iOiJsb2dpbiIsInRva2VuIjoiNzRtZHB5ZWlvYnd3cTM3dGdpYzZyNmJ5YWhxYmIxYnd5cm5jODlnajhnY29uOWtmOGNmOXNza3lmbWlkMWJoOSJ9

As you see the second one is longer than the first. Is this a bug?
Thanks



Stewart

unread,
Jan 28, 2020, 12:30:20 PM1/28/20
to CAS Community, capta...@gmail.com
Hi Sayed,

Did you ever find a resolution to this?  I've currently tried and seen the same...

Regards,

Stewart
Reply all
Reply to author
Forward
0 new messages