Hi all, Would like to know anybody got "Sign in with Apple" working in CAS natively?
I got it working my doing some customization (I will attach below) because of some weird issue which I cannot understand. While I would like to investigate on submiting a PR, but I am not sure if I am the only one having issue with this or not so want to ask the group first. Cheers! - Andy Attached is my customization which makes Sign in with Apple work: ========================================= *MyOrgAppleOidcAuthenticator.java* /** * Fix an issue which the secret cannot be refresh again during validation. * */ @Slf4j public class MyOrgAppleOidcAuthenticator extends OidcAuthenticator { public MyOrgAppleOidcAuthenticator(OidcConfiguration configuration, OidcClient client) { super(configuration, client); } /** * If client is secret post, set the client authentication again so the secret can be get again * <p> * Also, set the user profile after validate, so it can validate the userprofile * * @param cred * @param context */ @Override public void validate(final OidcCredentials cred, final WebContext context) { ClientAuthentication clientAuthentication = getClientAuthentication(); if (clientAuthentication instanceof ClientSecretPost) { LOGGER.debug("Get secret again from validate for Apple Login"); final ClientID clientId = new ClientID(configuration.getClientId()); final Secret secret = new Secret(configuration.getSecret()); ClientSecretPost clientSecretPost = new ClientSecretPost(clientId, secret); setClientAuthentication(clientSecretPost); } super.validate(cred, context); } } ================================================================================================= *MyOrgDefaultDelegatedClientFactory.java* /** * Set Apple Client * */ @Slf4j @Getter public class MyOrgDefaultDelegatedClientFactory extends DefaultDelegatedClientFactory { private final CasConfigurationProperties casProperties; public MyOrgDefaultDelegatedClientFactory( CasConfigurationProperties casProperties, Collection<DelegatedClientFactoryCustomizer> customizers) { super(casProperties, customizers); this.casProperties = casProperties; } @Override protected void configureClient(final IndirectClient client, final Pac4jBaseClientProperties props) { if(client instanceof AppleClient){ client.setAuthenticator( new MyOrgAppleOidcAuthenticator(((AppleClient) client).getConfiguration(), (AppleClient) client) ); } super.configureClient(client, props); } } ========================================= *cas.yml* cas: authn: pac4j: oidc: - apple: client-name: XXXX private-key: file:/abd/def/myapplecert.p8 private-key-id: xxxx team-id: xxxxx id: xxx.yyy.zzz response-mode: form_post scope: openid name response-type: code id_token use-nonce: true -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/435d7384-b268-44c2-af0a-fc6cf0e258ccn%40apereo.org.