[CAS 6.0.8] mfa-custom: getService(...) in web flow action

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[CAS 6.0.8] mfa-custom: getService(...) in web flow action

Nathan Wilken
I'm hoping to externalredirect:#{requestScope.redirectUrl} in mfa-custom-webflow.xml and include the encoded original service url in the redirect query string, but can't figure out how to get a reference to the service so I can build the url in my action.  WebUtils.getService(requestContext) returns null.

All of the other mfa providers evaluate initialFlowSetupAction on start, setting the service key value in the flow scope to null, thereby removing whatever may have been there.  My brain is fried from miles-deep tracing through code, and I admit I don't fully understand whether the mfa web flow is fully independent of the login flow.

It appears any action state code in the Duo provider would also receive a null return value from WebUtils.getService(requestContext):

2020-03-07 13:38:45,756 DEBUG [org.apereo.cas.web.flow.resolver.impl.SelectiveMultifactorAuthenticationProviderWebflowEventEventResolver] - <Finalized set of resolved events are [[mfa-duo]]>
2020-03-07 13:38:45,756 DEBUG [org.apereo.cas.web.flow.resolver.impl.AbstractCasWebflowEventResolver] - <Resolved single event [mfa-duo] via [java.lang.String] for this context>
2020-03-07 13:38:45,756 DEBUG [org.apereo.cas.web.flow.resolver.impl.DefaultCasDelegatingWebflowEventResolver] - <The final authentication event resolved for [AbstractWebApplicationService(id=https://www.asu.edu/footest, originalUrl=https://www.asu.edu/footest, artifactId=null, principal=null, source=service, loggedOutAlready=false, format=XML, attributes={})] is [mfa-duo]>
2020-03-07 13:38:45,756 DEBUG [org.apereo.cas.web.flow.resolver.impl.AbstractCasWebflowEventResolver] - <Resolved single event [mfa-duo] via [java.lang.String] for this context>
2020-03-07 13:38:45,758 TRACE [org.apereo.cas.web.flow.login.InitialFlowSetupAction] - <Warning cookie path is set to [null] and path [/cas/]>
2020-03-07 13:38:45,758 TRACE [org.apereo.cas.web.flow.login.InitialFlowSetupAction] - <TGC cookie path is set to [null] and path [/cas/]>
2020-03-07 13:38:45,759 TRACE [org.apereo.cas.authentication.principal.WebApplicationServiceFactory] - <No service is specified in the request. Skipping service creation>
2020-03-07 13:38:45,759 TRACE [org.apereo.cas.web.support.DefaultArgumentExtractor] - <No service could be extracted based on the given request>
2020-03-07 13:38:45,759 TRACE [org.apereo.cas.web.support.AbstractArgumentExtractor] - <Extractor did not generate service.>

(https://github.com/apereo/cas/blob/d17798a08cbfef59623e0966becacc4d564d476e/support/cas-server-support-actions/src/main/java/org/apereo/cas/web/flow/login/InitialFlowSetupAction.java#L59)

Any pointers?

--
You received this message because you are subscribed to the Google Groups "CAS Developer" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-dev/9b8f594c-56f3-4667-9c76-5726965da1de%40apereo.org.