Hi Jérôme, Worked like a charm.
Regards, Colin On Tuesday, 21 February 2023 at 17:41:30 UTC+11 CAS Community wrote: > Hi, > > It should be fixed: > https://github.com/pac4j/pac4j/commit/f8a9450f794add3a65544c8586552305f9976b70 > Can you test with CAS 7.0.0-RC4 and pac4j v6.0.0-RC6-SNAPSHOT (pull > pac4j-core and pac4j-oidc in version 6.0.0-RC6-SNAPSHOT and exclude the > same dependencies in v6.0.0-RC5). > Thanks. > Best regards, > Jérôme > > > Le vendredi 17 février 2023 à 04:17:28 UTC+1, wilc...@gmail.com a écrit : > >> HI Jérôme, >> >> I happy to post the configuration if required, but I think you have a >> slight error in CAS causing the tenant id to get lost. >> >> In "BaseDelegatedClientFactory.java" you have the "getOidcClientFrom" >> method which has the following for azure >> >> if (clientProperties.getAzure().isEnabled() && >> StringUtils.isNotBlank(clientProperties.getAzure().getId())) { >> LOGGER.debug("Building OpenID Connect client for Azure >> AD..."); >> val azure = >> getOidcConfigurationForClient(clientProperties.getAzure(), >> AzureAd2OidcConfiguration.class); >> azure.setTenant(clientProperties.getAzure().getTenant()); >> * val cfg = new AzureAd2OidcConfiguration(azure);* >> val azureClient = new AzureAd2Client(cfg); >> configureClient(azureClient, clientProperties.getAzure(), >> casProperties); >> return azureClient; >> } >> >> Highlighted in bold is what I think the issue is as when I inspected the >> "AzureAd2OidcConfiguration" the constructor does set the tenant and this is >> causing the tenant to get lost. >> >> I have some custom changes to set the login_hint for azure when using the >> dynamic lookup. I added extra code to test if changing it to below worked >> and it proceed to microsoft but I got another error after it came back. I >> will post that error in another message. >> >> if (clientProperties.getAzure().isEnabled() && >> StringUtils.isNotBlank(clientProperties.getAzure().getId())) { >> LOGGER.debug("Building OpenID Connect client for Azure >> AD..."); >> val cfg= >> getOidcConfigurationForClient(clientProperties.getAzure(), >> AzureAd2OidcConfiguration.class); >> cfg.setTenant(clientProperties.getAzure().getTenant()); >> val azureClient = new AzureAd2Client(cfg); >> configureClient(azureClient, clientProperties.getAzure(), >> casProperties); >> return azureClient; >> } >> >> Thanks. >> Regards, >> Colin >> >> >> On Thursday, 16 February 2023 at 17:56:46 UTC+11 leleuj wrote: >> >>> Hi, >>> >>> What is your related CAS delegated authn configuration? >>> >>> Remove any sensitive information! >>> >>> Thanks. >>> Best regards, >>> Jérôme >>> >>> >>> Le mer. 15 févr. 2023 à 06:18, Colin Wilkinson <wilc...@gmail.com> a >>> écrit : >>> >>>> Hi, >>>> >>>> I am just testing out configuration against CAS 7.0.0-RC4. The >>>> configuration is currently deployed to our dev server against CAS 6.6.x >>>> this is working fine. >>>> >>>> But when I go to run against CAS 7.0.0.RC4 I get, >>>> >>>> Caused by: java.net.URISyntaxException: Illegal character in path at >>>> index 34: https://login.microsoftonline.com/{tenantid}/v2.0 >>>> >>>> I have attached the fully stack trace. >>>> >>>> -- >>>> - Website: https://apereo.github.io/cas >>>> - Gitter Chatroom: https://gitter.im/apereo/cas >>>> - List Guidelines: https://goo.gl/1VRrw7 >>>> - Contributions: https://goo.gl/mh7qDG >>>> --- >>>> You received this message because you are subscribed to the Google >>>> Groups "CAS Community" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to cas-user+u...@apereo.org. >>>> To view this discussion on the web visit >>>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/32c5e292-89cf-4968-99e9-dd82f31c55a3n%40apereo.org >>>> >>>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/32c5e292-89cf-4968-99e9-dd82f31c55a3n%40apereo.org?utm_medium=email&utm_source=footer> >>>> . >>>> >>> -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/31121a90-9d98-4e04-9f50-324c561d0a9bn%40apereo.org.
