[cas-user] can't get jdbc attribute query after facebook delegated authentication
4 views
Skip to first unread message
Sandy Lelarge
May 22, 2017, 12:39:49 PM5/22/17
to CAS Community
Hi all,
and firstly, thanks for your great job on cas.
I'm pretty new to it and I'm working with cas 5.0.3.1
I can succesfully logon with login/password via a rest service and once logged succesfully get attribute form an other database via jdbc.
Now, I'm trying to get authenticate by facebook. I successfully get logged it.
The problem is that I'm trying to make a request on my sql server where I'm looking for the 'email' field that facebook gave me.
(the same email get as username on login form and that gave me result.
I can event get a request to the sqlsever.
No error, simply no request.
Is it possible with a delegate authentication ?
I hopped to like some authentification mecanism by email address...
Thanks for your help
facebook throw this list of attribute :
-- and firstly, thanks for your great job on cas.
I'm pretty new to it and I'm working with cas 5.0.3.1
I can succesfully logon with login/password via a rest service and once logged succesfully get attribute form an other database via jdbc.
Now, I'm trying to get authenticate by facebook. I successfully get logged it.
The problem is that I'm trying to make a request on my sql server where I'm looking for the 'email' field that facebook gave me.
(the same email get as username on login form and that gave me result.
I can event get a request to the sqlsever.
No error, simply no request.
Is it possible with a delegate authentication ?
I hopped to like some authentification mecanism by email address...
Thanks for your help
facebook throw this list of attribute :
| access_token | [masked] |
| [masked] | |
| first_name | [masked] |
| gender | MALE |
| last_name | [masked] |
| link | [masked] |
| locale | fr_FR |
| name | [masked] |
| third_party_id | [masked] |
| timezone | 2 |
| updated_time | 1409185943000 |
| verified | false |
- CAS gitter chatroom: https://gitter.im/apereo/cas
- CAS mailing list guidelines: https://apereo.github.io/cas/Mailing-Lists.html
- CAS documentation website: https://apereo.github.io/cas
- CAS project website: https://github.com/apereo/cas
---
You received this message because you are subscribed to the Google Groups "CAS Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+u...@apereo.org.
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/12a648ef-13dc-49e1-b5b4-38a648664fed%40apereo.org.
Martin Bohun
May 22, 2017, 8:16:52 PM5/22/17
to CAS Community
This is very similar to what we (ALA) are doing in our cas-4.0.x: previously user could SignUp/SignIn with username/password stored in sql DB (mysql); I added/extended the project with "one click" SignUp/SignIn via "social media" (Facebook/Google/Twitter/LinkedIn/WindozeLive/GitHub):
You can have look at our:
(I intentionally try to keep it clean and "intuitively" ordered)
First we do the Delegated Authentication exactly as you mentioned; that does verify the user via (Facebook/Google/Twitter), and each of these sends back some profile info (email, firstName, lastName); I wrote a custom cas/pac4j Authenticator:
That takes the email address returned by the social media, and (reusing the old sql username/password code/components) tries to retrieve the user from the DB:
if an user with such email address does not exist, it will use a create new user sql query to create the user in the DB first and then resume the login process:
regards,
martin
Sandy Lelarge
May 23, 2017, 3:17:51 AM5/23/17
to CAS Community
Thank you for your response Martin.
I will take a look into your code.
BTW I still wonder if CAS 5 can do it by chaining something somewhere.
It can already do everthing but not the way I want to.
Perhaps I can make something similar to what you've done by chaining social networks auth with cas.authn.attributeRepository.jdbc on CAS 5
cheers
I will take a look into your code.
BTW I still wonder if CAS 5 can do it by chaining something somewhere.
It can already do everthing but not the way I want to.
Perhaps I can make something similar to what you've done by chaining social networks auth with cas.authn.attributeRepository.jdbc on CAS 5
cheers
Martin Bohun
May 23, 2017, 3:46:55 AM5/23/17
to CAS Community
Hi Sandy,
I am not entirely sure what you mean by "BTW I still wonder if CAS 5 can do it by chaining something somewhere.", one place in our code where one can kinda "chain" something is currently hardcoded "null" (taken/followed from pac4j examples) in:
Clean/flexible approach is to create a proper "secondaryPrincipalResolver" (class and bean, instead of the hardcoded null :-) obviously) - i have already a refactoring task/branch for that - but that is one nice "chaining point" right there.
regards,
martin
Sandy Lelarge
May 23, 2017, 3:54:28 AM5/23/17
to CAS Community
Ho yes, I did not understood.
This is what I have in mind.
I'm to young to cas. I'll try to make this on version 5
I've to understand the structure of it and of pac4j
Thanks a lot
This is what I have in mind.
I'm to young to cas. I'll try to make this on version 5
I've to understand the structure of it and of pac4j
Thanks a lot
Reply all
Reply to author
Forward
0 new messages