I'm trying to get an access_token. Was finally able to get something with following config:
cas.authn.pac4j.oidc[0].generic.enabled=true cas.authn.pac4j.oidc[0].generic.use-nonce=true cas.authn.pac4j.oidc[0].generic.include-access-token-claims=true cas.authn.pac4j.oidc[0].generic.response-type=code cas.authn.pac4j.oidc[0].generic.discovery-uri=https://xxxxx.b2clogin.com/yyyy/myuserflow/v2.0/.well-known/openid-configuration cas.authn.pac4j.oidc[0].generic.id=XXX cas.authn.pac4j.oidc[0].generic.secret=XXX cas.authn.pac4j.oidc[0].generic.auto-redirect-type=SERVER cas.authn.pac4j.oidc[0].generic.client-name=AzureClient cas.authn.pac4j.oidc[0].generic.scope=${cas.authn.pac4j.oidc[0].generic.id} openid I am able to hit localhost:8443/cas/login, it auto redirects me to azure b2c. I am able to login and get redirected back to CAS with a code=xxyyzz in the url. But I get a CAS unauthorized access error. Logs show: DEBUG [org.apereo.cas.pac4j.PrefixedSessionStore] - <Get value: [ff460b68b6] for key: [AuthnDelegationAzureClient$stateSessionParameter]> DEBUG [org.apereo.cas.pac4j.PrefixedSessionStore] - <Get value: [null] for key: [AuthnDelegationAzureClient$codeVerifierSessionParameter]> ERROR [org.apereo.cas.web.flow.actions.DelegatedClientAuthenticationAction] - <com.nimbusds.oauth2.sdk.ParseException: Missing JSON object member with key access_token> org.pac4j.core.exception.TechnicalException: com.nimbusds.oauth2.sdk.ParseException: Missing JSON object member with key access_token Now, if i take that code from the callback URL, and make an API call to token endpoint using the code with grant_type "authorization code' I do get another json with access_token in the value. How to make this work? Is CAS expecting access_token to be part of the authorization response? -- - Website: https://apereo.github.io/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/d81369a3-c586-4efe-b619-07ac2ddfb283n%40apereo.org.
