Hi all,
Would like to know anybody got "Sign in with Apple" working in CAS natively?
I got it working my doing some customization (I will attach below) because
of some weird issue which I cannot understand.
While I would like to investigate on submiting a PR, but I am not sure if I
am the only one having issue with this or not so want to ask the group
first.
Cheers!
- Andy
Attached is my customization which makes Sign in with Apple work:
=========================================
*MyOrgAppleOidcAuthenticator.java*
/**
* Fix an issue which the secret cannot be refresh again during validation.
*
*/
@Slf4j
public class MyOrgAppleOidcAuthenticator extends OidcAuthenticator {
public MyOrgAppleOidcAuthenticator(OidcConfiguration configuration,
OidcClient client) {
super(configuration, client);
}
/**
* If client is secret post, set the client authentication again so the
secret can be get again
* <p>
* Also, set the user profile after validate, so it can validate the
userprofile
*
* @param cred
* @param context
*/
@Override
public void validate(final OidcCredentials cred, final WebContext
context) {
ClientAuthentication clientAuthentication =
getClientAuthentication();
if (clientAuthentication instanceof ClientSecretPost) {
LOGGER.debug("Get secret again from validate for Apple Login");
final ClientID clientId = new
ClientID(configuration.getClientId());
final Secret secret = new Secret(configuration.getSecret());
ClientSecretPost clientSecretPost = new
ClientSecretPost(clientId, secret);
setClientAuthentication(clientSecretPost);
}
super.validate(cred, context);
}
}
=================================================================================================
*MyOrgDefaultDelegatedClientFactory.java*
/**
* Set Apple Client
*
*/
@Slf4j
@Getter
public class MyOrgDefaultDelegatedClientFactory extends
DefaultDelegatedClientFactory {
private final CasConfigurationProperties casProperties;
public MyOrgDefaultDelegatedClientFactory(
CasConfigurationProperties casProperties,
Collection<DelegatedClientFactoryCustomizer> customizers) {
super(casProperties, customizers);
this.casProperties = casProperties;
}
@Override
protected void configureClient(final IndirectClient client, final
Pac4jBaseClientProperties props) {
if(client instanceof AppleClient){
client.setAuthenticator(
new MyOrgAppleOidcAuthenticator(((AppleClient)
client).getConfiguration(), (AppleClient) client)
);
}
super.configureClient(client, props);
}
}
=========================================
*cas.yml*
cas:
authn:
pac4j:
oidc:
- apple:
client-name: XXXX
private-key: file:/abd/def/myapplecert.p8
private-key-id: xxxx
team-id: xxxxx
id: xxx.yyy.zzz
response-mode: form_post
scope: openid name
response-type: code id_token
use-nonce: true
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/435d7384-b268-44c2-af0a-fc6cf0e258ccn%40apereo.org.
