Skip to content

DEPRECATED Connect middleware for node CAS client

License

Notifications You must be signed in to change notification settings

AceMetrix/connect-cas

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Build Status

Connect CAS

Connect cas is a connect-based middleware that allows you to authenticate through a CAS 2.0+ server. It supports the gateway auth, single sign-out, and proxying other CAS clients.

Adapted from https://github.com/jmarca/cas_validate

Installation

npm install connect-cas

Options

Many of these options are borrowed from node's url documentation. You may set global options through the .configure() method or override them with any of the exposed middleware.

  • procotol The protocol to communicate with the CAS Server. Defaults to 'https'.
  • host CAS server hostname
  • port CAS server port number. Defaults to 443.
  • gateway Send all validation requests through the CAS gateway feature. Defaults to false.
  • paths
    • serviceValidate Path to validate TGT
    • proxyValidate Path to validate PGT (not implemented)
    • proxy Path to obtain a proxy ticket
    • login Path to the CAS login

Usage

var cas = require('connect-cas');
var connect = require('connect');

connect()
  .use(connect.cookieParser('hello world'))
  .use(connect.cookieSession()) // or whatever session store
  .use(cas.serviceValidate())
  .use(cas.authenticate())

Complete Example

A more complete example of a simple Express app that uses CAS for login, displays the CAS username, and offers a logout link can be found in the example folder. You'll need to copy example/app.js to your own folder and install its dependencies:

npm install express
npm install connect-cas

Express is required only for the example app. It is not required for connect-cas.

Proxy Tickets

To proxy services, you can configure the serviceValidate middleware like below:

connect()
  ...
  .use(cas.serviceValidate({pgtUrl: '/pgtCallback'}))
  .use(cas.proxyTicket({targetService: 'https://service-to-proxy/blah'});
  ...

The proxy granting ticket value will be available in req.session.pgt and a hash of proxy tickets are available in req.pt. You may then append that proxy ticket manually to the services you wish to proxy. To reuse the proxy tickets, see #25.

You may also pass in an absolute url if you wish for the pgtCallback to be in a separate app. If so, pass in an additional pgtFn:

connect()
.use(cas.serviceValidate({pgtUrl: 'https://some-server.com/pgtCallback', pgtFn:function(pgtIou, cb){
  // given the pgtIou, retrieve the pgtId however you can.  Then call ...
  cb(err, 'PGT-thepgtid');
}));

Notes

  • If you are behind an https proxy, be sure to set X-Forwarded-Proto headers. Connect-cas uses it to infer its own location for redirection.

License

MIT

NPM

About

DEPRECATED Connect middleware for node CAS client

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published