1. 技术文章
  2. CAS OAuth Authentication Using Google OAuth 2.0 and Using Yahoo OAuth 1.0

CAS OAuth Authentication Using Google OAuth 2.0 and Using Yahoo OAuth 1.0

血红的双手。 提交于 2020-01-17 04:06:06

问题


I've successfully configured my CAS v. 3.5.2 to delegate authentication to Yahoo using OAuth 1.0 by following the instruction Jasig CAS Wiki at https://wiki.jasig.org/display/CASUM/Configuration+for+the+OAuth+client+support+in+CAS+server+version+%3E%3D+3.5.1 Now, I am trying to add the authentication with Google using OAuth 2.0. For that, I am using Google2Provider by updating the dependency on scribe-up to 1.3.1. But the following error is thrown upon accessing CAS login page:

SEVERE: Servlet.service() for servlet [cas] in context with path [/cas] threw exception [Request processing failed; nested exception is org.springframework.webflow.execution.ActionExecutionException: Exception thrown executing org.jasig.cas.support.oauth.web.flow.OAuthAction@4d88f286 in state 'oauthAction' of flow 'login' -- action execution attributes were 'map[[empty]]'] with root cause
java.lang.IllegalArgumentException: Cannot encode null object
at org.scribe.utils.Preconditions.check(Preconditions.java:82)
at org.scribe.utils.Preconditions.checkNotNull(Preconditions.java:29)
at org.scribe.utils.OAuthEncoder.encode(OAuthEncoder.java:28)
at org.scribe.up.addon_to_scribe.GoogleApi20.getAuthorizationUrl(GoogleApi20.java:36)
at org.scribe.oauth.OAuth20ServiceImpl.getAuthorizationUrl(OAuth20ServiceImpl.java:69)
at org.scribe.up.provider.BaseOAuth20Provider.getAuthorizationUrl(BaseOAuth20Provider.java:43)
at org.jasig.cas.support.oauth.web.flow.OAuthAction.doExecute(OAuthAction.java:128)

...

It appears the exception is caused by a null "scope" of the config parameter in GoogleApi20.getAuthorizationUrl(final OAuthConfig config) where config.getScope() returns null:

public String getAuthorizationUrl(final OAuthConfig config) {
    return String.format(AUTHORIZATION_URL, config.getApiKey(), OAuthEncoder.encode(config.getCallback()),
                         OAuthEncoder.encode(config.getScope()));
}

So is it possible to get this to work by authenticating with Yahoo using OAuth 1.0 and with Google using OAuth 2.0 at the same time in CAS? Is there an example that shows how this is done?

Thank you in advance.


回答1:


I'm the creator of the OAuth client support in CAS. In fact, there was a bug in the Google2Provider : the default scope is null. Set a real scope using the appropriate setter : setScope(final Google2Scope scope) to fix the problem...



来源:https://stackoverflow.com/questions/17494412/cas-oauth-authentication-using-google-oauth-2-0-and-using-yahoo-oauth-1-0

标签
oauth
google-oauth
CAS
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!