Closed wikkim closed 8 years ago
Release version of 1.2.0 has some breaking changes. Relevant upstream change for reference: https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server/commit/7df3597757f59b959c113978f9d3b5b5b21e034a
After updating our code to address the new PendingOIDCAuthenticationToken class, no more compile errors, but getting a runtime issue as follows:
After selecting an OpenID Provider, and logging into the OP, the WebfingerIssuer service gets a null identifier on the way back into the IdBS. This causes a redirect back to the login page with no authentication or actual log-in for our application.
@jricher any ideas on recent changes that might have affected this? I looked through the history of changes on the WebfingerIssuer, but nothing jumped out at me right away
No ideas without a log or trace.
Verified commit f4a1b27e2e53361aac69481d5ed61e825ba6db47 (1.2.0-SNAPSHOT) of mitreid-connect works with current IdBS code after setting the "forceHttps" flag to false. Need to find out what happened since then that breaks our login.
b4520c170ed0b080e75c926010f9a93e01cbc185 is last working commit with IdBS. Something in 7df3597757f59b959c113978f9d3b5b5b21e034a when PendingOIDCAuthenticationToken was introduced is the issue.
facepalm Needed to add the new PendingOIDCAuthenticationToken to the supported authentication types for our MultipleIdentityAuthenticationProvider. Example: public boolean supports(Class<?> authentication) { return MultipleIdentityAuthentication.class.isAssignableFrom(authentication) || OIDCAuthenticationToken.class.isAssignableFrom(authentication) || PendingOIDCAuthenticationToken.class.isAssignableFrom(authentication); }
addressed by eb4bf72da529a4a6803359c77518508bc7804156
Currently is 1.2.0-SNAPSHOT. We should be using a fixed version so we can get it from maven repository.