I) Add support for OAuth in CAS server



Similar documents
Axway API Gateway. Version 7.4.1

Oracle Fusion Middleware Oracle API Gateway OAuth User Guide 11g Release 2 ( )

OAuth 2.0 Developers Guide. Ping Identity, Inc th Street, Suite 100, Denver, CO

Social Application Guide

ACR Connect Authentication Service Developers Guide

Security and ArcGIS Web Development. Heather Gonzago and Jeremy Bartley

Fairsail REST API: Guide for Developers

Login with other services to ASP.NET websites with TMS Cloud Pack for.net

Authenticate and authorize API with Apigility. by Enrico Zimuel Software Engineer Apigility and ZF2 Team

Developing Applications with Salesforce Chatter

Securing RESTful Web Services Using Spring and OAuth 2.0

A detailed walk through a CAS authentication

OAuth 2.0. Weina Ma

Cloud Elements ecommerce Hub Provisioning Guide API Version 2.0 BETA

Using ArcGIS with OAuth 2.0. Aaron CTO, Esri R&D Center Portland

OAuth: Where are we going?

Dell One Identity Cloud Access Manager How to Develop OpenID Connect Apps

From Delphi to the cloud

Single Sign On. SSO & ID Management for Web and Mobile Applications

Contents. 2 Alfresco API Version 1.0

Spring Security 3. rpafktl Pen source. intruders with this easy to follow practical guide. Secure your web applications against malicious

IBM WebSphere Application Server

Synology SSO Server. Development Guide

Table of Contents. Open-Xchange Authentication & Session Handling. 1.Introduction...3

WebNow Single Sign-On Solutions

Traitware Authentication Service Integration Document

Web 2.0 Lecture 9: OAuth and OpenID

Pierce County IT Department GIS Division Xuejin Ruan Dan King

Manual. Netumo NETUMO HELP MANUAL Copyright Netumo 2014 All Rights Reserved

Login with Amazon. Developer Guide for Websites

Salesforce Integration User Guide Version 1.1

INTEGRATION GUIDE. DIGIPASS Authentication for Google Apps using IDENTIKEY Federation Server

Salesforce Opportunities Portlet Documentation v2

Module - Facebook PS Connect

SETTING UP YOUR JAVA DEVELOPER ENVIRONMENT

Force.com REST API Developer's Guide

Administering Jive Mobile Apps

Login with Amazon. Getting Started Guide for Websites. Version 1.0

USING FEDERATED AUTHENTICATION WITH M-FILES

How To Use Kiteworks On A Microsoft Webmail Account On A Pc Or Macbook Or Ipad (For A Webmail Password) On A Webcomposer (For An Ipad) On An Ipa Or Ipa (For

Configuration Guide - OneDesk to SalesForce Connector

SAML and OAUTH comparison

Copyright: WhosOnLocation Limited

OAuth. Network Security. Online Services and Private Data. A real-life example. Material and Credits. OAuth. OAuth

OAuth 2.0: Theory and Practice. Daniel Correia Pedro Félix

Talend Component tgoogleanalyticsmanagement

Building Secure Applications. James Tedrick

Authentication Methods

OAuth2lib. implementation

itds OAuth Integration Paterva itds OAuth Integration Building and re-using OAuth providers within Maltego 2014/09/22

Identity Management with Spring Security. Dave Syer, VMware, SpringOne 2011

JVA-122. Secure Java Web Development

EHR OAuth 2.0 Security

Device Token Protocol for Persistent Authentication Shared Across Applications

Spring Security SAML module

Implementing CAS. Adam Rybicki Jasig Conference, San Diego, CA March 7, 2010

Getting Started Guide for Developing tibbr Apps

Facebook - Twitter - Google +1 all in one plugin for Joomla enable "Twitter button", "Google +1

Forumbee Single Sign- On

Safewhere*Identify 3.4. Release Notes

Table of contents. Jasig CAS support for the Spring Security plugin.

WildFly in Oracle okolje

Integrating Multi-Factor Authentication into Your Campus Identity Management System

Creating federated authorisation

Integration Overview. Web Services and Single Sign On

Securing WebFOCUS A Primer. Bob Hoffman Information Builders

OpenID Single Sign On and OAuth Data Access for Google Apps. Ryan Dave Primmer May 2010

MYOB EXO BUSINESS WHITE PAPER

vcommander will use SSL and session-based authentication to secure REST web services.

SAP HANA Cloud Platform Security Tutorial Securing your Web API with OAuth 2.0

Office365Mon Developer API

Qlik REST Connector Installation and User Guide

Cloud to Cloud Integrations with Force.com. Sandeep Bhanot Developer

Administering Jive for Outlook

Add Microsoft Azure as the Federated Authenticator in WSO2 Identity Server

Spring Security CAS Plugin - Reference Documentation. Burt Beckwith. Version M1

A Standards-based Mobile Application IdM Architecture

Cloud Help for Community Managers...3. About Jive Anywhere...4. Jive Anywhere System Requirements...5. Managing Jive Anywhere...6

Lecture Notes for Advanced Web Security 2015

McAfee One Time Password

ios Cloud Development FOR Neal Goldstein WILEY John Wiley & Sons, Inc.

Single Sign-On Research and Expansion Based On CAS

CA Nimsoft Service Desk

After many years we are happy to create a new social plugin with a great potential.

Exam Name: Test284,IBM WbS.DataPower SOA

INTEGRATION GUIDE. DIGIPASS Authentication for SimpleSAMLphp using IDENTIKEY Federation Server

Unlocking the Secrets of Alfresco Authentication. Mehdi BELMEKKI,! Consultancy Team! Alfresco!

Enterprise Access Control Patterns For REST and Web APIs

Document Digital Signature

Owner of the content within this article is Written by Marc Grote

INTEGRATION GUIDE. DIGIPASS Authentication for Salesforce using IDENTIKEY Federation Server

Analysis and Implementation of a SSO Solution for Several Web Portal

White Paper March 1, Integrating AR System with Single Sign-On (SSO) authentication systems

Transcription:

Table of contents I)Add support for OAuth in CAS server...2 II)How to add OAuth client support in CAS server?...3 A)Add dependency...3 B)Add the identity providers needed...3 C)Add the OAuth action in webflow...4 D)Add the principal resolver and the handler for OAuth authentication...5 E)Add links on the login page to authenticate on identity providers...5 III)Technical presentation of the OAuth client mode...6 A)Dependencies...6 1)Scribe 1.2.2...6 2)Jettison 1.3...6 B)Classes & interfaces...6 1)OAuthAuthenticationHandler (org.jasig.cas.support.oauth.authentication.handler.support)...6 2)OAuthCredentials (org.jasig.cas.support.oauth.authentication.principal)...6 3)OAuthCredentialsToPrincipalResolver (org.jasig.cas.support.oauth.authentication.principal)...6 4)OAuthProvider (org.jasig.cas.support.oauth.provider)...7 5)BaseOAuthProvider (org.jasig.cas.support.oauth.provider)...7 6)BaseOAuth10Provider (org.jasig.cas.support.oauth.provider)...7 7)BaseOAuth20Provider (org.jasig.cas.support.oauth.provider)...7 8)CasWrapperProvider20 (org.jasig.cas.support.oauth.provider.impl)...7 9)FacebookProvider (org.jasig.cas.support.oauth.provider.impl)...7 10)GitHubProvider (org.jasig.cas.support.oauth.provider.impl)...7 11)GoogleProvider (org.jasig.cas.support.oauth.provider.impl)...7 12)LinkedInProvider (org.jasig.cas.support.oauth.provider.impl)...8 13)TwitterProvider (org.jasig.cas.support.oauth.provider.impl)...8 14)YahooProvider (org.jasig.cas.support.oauth.provider.impl)...8 15)OAuthAction (org.jasig.cas.support.oauth.web.flow)...8 16)CasWrapperApi20 (org.scribe.builder.api)...8 17)GitHubApi (org.scribe.builder.api)...8 IV)How to add OAuth server support in CAS server?...9 A)Add dependency...9 B)Add the OAuth20WrapperController...9 C)Add the needed CAS services...9 V)Technical presentation of the OAuth server mode...10 A)General...10 B)Classes & interfaces...11 1)OAuthConstants (org.jasig.cas.support.oauth)...11 2)OAuthUtils (org.jasig.cas.support.oauth)...11 3)BaseOAuthWrapperController (org.jasig.cas.support.oauth.web)...11 4)OAuth20WrapperController (org.jasig.cas.support.oauth.web)...11 5)OAuth20AuthorizeController (org.jasig.cas.support.oauth.web)...11 6)OAuth20CallbackAuthorizeController (org.jasig.cas.support.oauth.web)...11 7)OAuth20AccessTokenController (org.jasig.cas.support.oauth.web)...12 8)OAuth20ProfileController (org.jasig.cas.support.oauth.web)...12

I) Add support for OAuth in CAS server The cas-server-support-oauth module is made to add support for OAuth in CAS server. It allows two modes : CAS server can support OAuth protocol as an OAuth client : in this case, CAS authentication can be delegated to an identity provider like Facebook, GitHub, Google, LinkedIn, Twitter, Yahoo or even an another CAS server using OAuth wrapper CAS server can support OAuth protocol as an OAuth server : in this case, CAS uses the OAuth wrapper and acts as an OAuth server, communicating through OAuth protocol version 2.0 with OAuth clients.

II) How to add OAuth client support in CAS server? A) Add dependency First step is to add the dependency to the OAuth cas support module in the CAS server webapp pom.xml : <dependency> <groupid>org.jasig.cas</groupid> <artifactid>cas-server-support-oauth</artifactid> <version>${project.version}</version> </dependency> B) Add the identity providers needed An identity provider is an OAuth server which can authenticate user (like Google, Yahoo...) instead of CAS server. If you want to delegate the CAS authentication to Twitter for example, you have to add an identy provider for Twitter. All the identity providers must be declared in applicationcontext.xml : <bean id="facebook1" class="org.jasig.cas.support.oauth.provider.impl.facebookprovider"> <property name="name" value="facebook1" /> <property name="key" value="the_key_for_facebook1" /> <property name="secret" value="the_secret_for_facebook1" /> <bean id="twitter1" class="org.jasig.cas.support.oauth.provider.impl.twitterprovider"> <property name="name" value="twitter1" /> <property name="key" value="the_key_for_twitter1" /> <property name="secret" value="the_secret_for_twitter1" /> <bean id="google1" class="org.jasig.cas.support.oauth.provider.impl.googleprovider"> <property name="name" value="google1" /> <property name="key" value="anonymous" /> <property name="secret" value="anonymous" /> <bean id="yahoo1" class="org.jasig.cas.support.oauth.provider.impl.yahooprovider"> <property name="name" value="yahoo1" /> <property name="key" value="the_key_for_yahoo1" /> <property name="secret" value="the_secret_for_yahoo1" /> <bean id="linkedin1" class="org.jasig.cas.support.oauth.provider.impl.linkedinprovider">

<property name="name" value="linkedin1" /> <property name="key" value="the_key_for_linkedin1" /> <property name="secret" value="the_secret_for_linkedin1" /> <bean id="github1" class="org.jasig.cas.support.oauth.provider.impl.githubprovider"> <property name="name" value="github1" /> <property name="key" value="the_key_for_github1" /> <property name="secret" value="the_secret_for_github1" /> <bean id="caswrapper1" class="org.jasig.cas.support.oauth.provider.impl.caswrapperprovider20"> <property name="name" value="caswrapper1" /> <property name="key" value="the_key_for_caswrapper1" /> <property name="secret" value="the_secret_for_caswrapper1" /> <property name="serverurl" value="http://mycasserverwithoauthwrapper/oauth2.0" /> For each identity provider, the CAS server is considered an OAuth client and therefore should be declared to the identity provider. After declaration, a key and a secret is given by the identity provider which has to be defined in the beans (the_key_for_xxx and the_secret_for_xxx values for key and secret properties). The loginurl property must be set to the login url of the CAS server. For the CAS OAuth wrapping, the serverurl property must be set to the OAuth wrapping url of the other CAS server which is using OAuth wrapping. C) Add the OAuth action in webflow In the login-webflow.xml file, the OAuthAction must be added at the beginning of the webflow. Its role is to intercept callback calls from identity providers (like Facebook, Twitter...) after OAuth authentication : <action-state id="oauthaction"> <evaluate expression="oauthaction" /> <transition on="success" to="sendticketgrantingticket" /> <transition on="error" to="ticketgrantingticketexistscheck" /> </action-state> This OAuthAction has to be defined in cas-servlet.xml with all the identity providers needed : <bean id="oauthaction" class="org.jasig.cas.support.oauth.web.flow.oauthaction"> <property name="centralauthenticationservice" ref="centralauthenticationservice" /> <property name="providers"> <list> <ref bean="facebook1" /> <ref bean="twitter1" /> <ref bean="google1" /> <ref bean="yahoo1" /> <ref bean="linkedin1" /> <ref bean="github1" /> <ref bean="caswrapper1" /> </list>

</property> This OAuthAction uses the centralauthenticationservice bean to play the CAS authentication and references all the identity providers. D) Add the principal resolver and the handler for OAuth authentication To be able to authenticate user in CAS server after OAuth authentication by the identity provider, you have to add an OAuthAuthenticationHandler in the list of authenticationhandlers in deployerconfigcontext.xml : <property name="authenticationhandlers"> <list> <bean class="org.jasig.cas.support.oauth.authentication.handler.support.oauthauthenti cationhandler"> <property name="providers"> <list> <ref bean="facebook1" /> <ref bean="twitter1" /> <ref bean="google1" /> <ref bean="yahoo1" /> <ref bean="linkedin1" /> <ref bean="github1" /> <ref bean="caswrapper1" /> </list> </property> </list> </property> And also add an OAuthCredentialsToPrincipalResolver in the list of credentialstoprincipalresolvers in the deployerconfigcontext.xml : <property name="credentialstoprincipalresolvers"> <list> <bean class="org.jasig.cas.support.oauth.authentication.principal.oauthcredentialstop rincipalresolver" /> </list> </property> E) Add links on the login page to authenticate on identity providers To start authentication on identity providers, links must be added on the login page casloginview.jsp (providername_authorizationurl are automatically created by the OAuthAction) : <a href="${facebook1_authorizationurl}">authenticate with Facebook</a> <br /> <br /> <a href="${twitter1_authorizationurl}">authenticate with Twitter</a><br /> <br /> <a href="${google1_authorizationurl}">authenticate with Google</a><br /> <br /> <a href="${yahoo1_authorizationurl}">authenticate with Yahoo</a><br /> <br /> <a href="${linkedin1_authorizationurl}">authenticate with LinkedIn</a><br />

<br /> <a href="${github1_authorizationurl}">authenticate with GitHub</a><br /> <br /> <a href="${caswrapper1_authorizationurl}">authenticate with another CAS server using OAuth v2.0 protocol wrapper</a><br /> <br /> III) Technical presentation of the OAuth client mode A) Dependencies 1) Scribe 1.2.2 The Scribe library is used to communicate in OAuth protocol with identity providers (like Facebook...) 2) Jettison 1.3 The jettison library can parse JSON messages : it is used in some identity providers to read JSON profile and extract the identity of the user. B) Classes & interfaces 1) OAuthAuthenticationHandler (org.jasig.cas.support.oauth.authentication.handler.support) The OAuthAuthenticationHandler is in charge of authenticating a user based on OAuthCredentials credentials. The token and verifier from the credentials are used to get an access token in the OAuth protocol way and then the user identifier is retrieved with this access token. 2) OAuthCredentials (org.jasig.cas.support.oauth.authentication.principal) The OAuthCredentials stores the OAuth token, the OAuth verifier, the provider type, the provider name and the user identifier (after authentication). 3) OAuthCredentialsToPrincipalResolver (org.jasig.cas.support.oauth.authentication.principal) The OAuthCredentialsToPrincipalResolver creates a CAS identity for the OAuthCredentials which

is «the type of the provider # the user identifier». 4) OAuthProvider (org.jasig.cas.support.oauth.provider) The OAuthProvider interface defines the common contract, identity provider using OAuth protocol have to follow : get the name, get the authorization url, get the access token and get the user identifier. It's more or less the OAuth contract (provided by the Scribe library) and the an additionnal method to retrieve the user identifier (from a profile given by the identity provider). 5) BaseOAuthProvider (org.jasig.cas.support.oauth.provider) The BaseOAuthProvider is the base implementation for an identity provider using OAuth protocol. 6) BaseOAuth10Provider (org.jasig.cas.support.oauth.provider) The BaseOAuth10Provider is the common implementation for identity provider using OAuth protocol version 1.0. 7) BaseOAuth20Provider (org.jasig.cas.support.oauth.provider) The BaseOAuth20Provider is the common implementation for identity provider using OAuth protocol version 2.0. 8) CasWrapperProvider20 (org.jasig.cas.support.oauth.provider.impl) The CasWrapperProvider20 is the implementation for authenticating in a CAS server using the OAuth wrapper (extends BaseOAuth20Provider). 9) FacebookProvider (org.jasig.cas.support.oauth.provider.impl) The FacebookProvider is the implementation for authenticating with Facebook (extends BaseOAuth20Provider). 10)GitHubProvider (org.jasig.cas.support.oauth.provider.impl) The GitHubProvider is the implementation for authenticating with GitHub (extends BaseOAuth20Provider). 11)GoogleProvider (org.jasig.cas.support.oauth.provider.impl) The GoogleProvider is the implementation for authenticating with Google (extends BaseOAuth10Provider).

12)LinkedInProvider (org.jasig.cas.support.oauth.provider.impl) The LinkedInProvider is the implementation for authenticating with LinkedIn (extends BaseOAuth10Provider). 13)TwitterProvider (org.jasig.cas.support.oauth.provider.impl) The TwitterProvider is the implementation for authenticating with Twitter (extends BaseOAuth10Provider). 14)YahooProvider (org.jasig.cas.support.oauth.provider.impl) The YahooProvider is the implementation for authenticating with Yahoo (extends BaseOAuth10Provider). 15)OAuthAction (org.jasig.cas.support.oauth.web.flow) The OAuthAction is an action to add into the webflow, it's the first action to be declared. The webflow url (/login) is also the callback url after authentication in the identity provider. The OAuthAction plays two roles : if the login url is not callbacked by an identity provider, the action creates the authorization urls for the different providers and adds them to the request (to be used on the login page) if the login url is callbacked by an identity provider (meaning after authentication), the token and verifier are retrieved from request to create and OAuthCredentials and CAS authentication is done with this credentials. The CAS service is stored and retrieved from web session. 16)CasWrapperApi20 (org.scribe.builder.api) The CasWrapperApi20 is a Scribe implementation of an OAuth client using OAuth procotol v2.0 to authenticate in a CAS server using the OAuth wrapper. 17)GitHubApi (org.scribe.builder.api) The GitHubApi is a Scribe implementation of an OAuth client using OAuth procotol v2.0 to authenticate in GitHub. It should be integrated in a future release of Scribe.

IV)How to add OAuth server support in CAS server? A) Add dependency First step is to add the dependency to the OAuth cas support module in the CAS server webapp pom.xml : <dependency> <groupid>org.jasig.cas</groupid> <artifactid>cas-server-support-oauth</artifactid> <version>${project.version}</version> </dependency> B) Add the OAuth20WrapperController To add the OAuth20WrapperController, you need to add the mapping between the /oauth2.0/* url and the CAS servlet in the web.xml : <servlet-mapping> <servlet-name>cas</servlet-name> <url-pattern>/oauth2.0/*</url-pattern> </servlet-mapping> You have to create the controller itself in cas-servlet.xml : <bean id="oauth20wrappercontroller" class="org.jasig.cas.support.oauth.web.oauth20wrappercontroller" p:loginurl="http://mycasserverwithoauthwrapper/login" p:servicesmanager-ref="servicesmanager" p:ticketregistry-ref="ticketregistry" p:timeout="7200" /> The loginurl is the login url of the CAS server. The timeout is the lifetime of a CAS granting ticket (in seconds, not in millisecondes!) with its mapping in the handlermappingc bean (cas-servlet.xml) : <bean id="handlermappingc" class="org.springframework.web.servlet.handler.simpleurlhandlermapping"> <property name="mappings"> <props> <prop key="/logout">logoutcontroller</prop>... <prop key="/403.html">passthroughcontroller</prop> <prop key="/oauth2.0/*">oauth20wrappercontroller</prop> </props> </property> <property name="alwaysusefullpath" value="true" />

C) Add the needed CAS services One service is need to make the OAuth wrapper works in CAS. It defines the callback url after CAS authentication to return to the OAuth wrapper as a CAS service. A second service is necessary to register an OAuth client : the name and the description of the CAS service are the key and secret of the OAuth client. For each OAuth client, a CAS service needs to be added in configuration. For the in memory service registry, you add the two services in the deployerconfigcontext.xml : <bean id="serviceregistrydao" class="org.jasig.cas.services.inmemoryserviceregistrydaoimpl"> <property name="registeredservices"> <list> <bean class="org.jasig.cas.services.registeredserviceimpl"> <property name="id" value="0" /> <property name="name" value="http" /> <property name="description" value="oauth wrapper callback url" /> <property name="serviceid" value="http://mycasserverwithoauthwrapper/oauth2.0/callbackauthorize" /> <bean class="org.jasig.cas.services.registeredserviceimpl"> <property name="id" value="1" /> <property name="name" value="the_key_for_caswrapper1" /> <property name="description" value="the_secret_for_caswrapper1" /> <property name="serviceid" value="http://mycasserver/login" /> If you have one CAS server configured with the CasWrapperProvider20 (the client) to communicate with a CAS server wrapping OAuth 2.0 protocol (the server), you have the name and description of the service in CAS «server» matching the key and secret of the identity provider defined in the CAS «client» : <bean class="org.jasig.cas.services.registeredserviceimpl"> <property name="id" value="1" /> <property name="name" value="the_key_for_caswrapper1" /> <property name="description" value="the_secret_for_caswrapper1" /> <property name="serviceid" value="http://mycasserver/login" /> <bean id="caswrapper1" class="org.jasig.cas.support.oauth.provider.impl.caswrapperprovider20"> <property name="name" value="caswrapper1" /> <property name="key" value="the_key_for_caswrapper1" /> <property name="secret" value="the_secret_for_caswrapper1" /> <property name="serverurl" value="http://mycasserverwithoauthwrapper/oauth2.0" /> V) Technical presentation of the OAuth server mode A) General

To reply to OAuth calls, the CAS server has a specific controller (OAuth20WrapperController), listening on a specific url (for example : /oauth2.0/*). This wrapper delegates the authentication to the standard CAS authentication process (the callback is done by using a specific CAS service which is the callback url). It means that after being authenticated by the OAuth wrapped CAS server, the user is also authenticated in CAS. The OAuth codes generated on the «authorize» OAuth calls are in fact CAS service tickets and the OAuth access tokens generated on the «access token» OAuth calls are in fact granting tickets. OAuth client configurations are defined with CAS services : the key and secret of the OAuth clients have to be defined by the name and description of a CAS service to make OAuth client be «authorized» to use OAuth CAS server. B) Classes & interfaces 1) OAuthConstants (org.jasig.cas.support.oauth) The OAuthConstants interface defines all the constants needed by the OAuth protocol. 2) OAuthUtils (org.jasig.cas.support.oauth) The OAuthUtils gathers some usefull methods to output data in plain text or XML, add parameter in url... 3) BaseOAuthWrapperController (org.jasig.cas.support.oauth.web) The BaseOAuthWrapperController is the base controller for wrapping OAuth protocol in CAS. It finds the «method» to call according to the url. 4) OAuth20WrapperController (org.jasig.cas.support.oauth.web) The OAuth20WrapperController extends the BaseOAuthWrapperController : according to the «method» called, the request is delegated to the right sub controller or an error is responded. It's the main component for the wrapping of the OAuth protocol in CAS server. 5) OAuth20AuthorizeController (org.jasig.cas.support.oauth.web) The OAuth20AuthorizeController handles the «authorize» call in the OAuth protocol. It checks that the OAuth client_id is the name of a certain CAS service. It also checks that the OAuth redirect_uri parameter starts with the serviceid defined for this CAS service. It stores the redirect_uri in session and redirects the user to the CAS login page (the service is the callback url).

6) OAuth20CallbackAuthorizeController (org.jasig.cas.support.oauth.web) The OAuth20CallbackAuthorizeController is called after CAS authentication : its redirects the user to the originally redirect_uri with a code which is the CAS service ticket. 7) OAuth20AccessTokenController (org.jasig.cas.support.oauth.web) The OAuth20AccessTokenController handles the «access token» call in the OAuth protocol. It checks that the OAuth client_id is the name of a certain CAS service. It also checks that the OAuth redirect_uri parameter starts with the serviceid defined for this CAS service. It retrieves the description of this CAS service to validate that it matches the OAuth secret given. With the OAuth code which is a service ticket, it retrieves the granting tiket and replies with the granting ticket identifier as an OAuth access token. 8) OAuth20ProfileController (org.jasig.cas.support.oauth.web) The OAuth20ProfileController retrieves the identity of the user according to the access_token given (which is a granting ticket).

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information