Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

@jcu/passport-cas

Package Overview
Dependencies
Maintainers
1
Versions
1
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@jcu/passport-cas

Cas authentication strategies for Passport.

latest
Source
npmnpm
Version
0.1.2
Version published
Maintainers
1
Created
Source

passport-cas

CAS authentication strategies for Passport.

Originally developed at https://github.com/sadne/passport-cas. This fork replaces deprecated Express syntax and upgrades depedencies.

Install

$ npm install passport-cas

Configure Strategy

passport.use(new (require('passport-cas').Strategy)({
  ssoBaseURL: 'http://www.example.com/',
  serverBaseURL: 'http://localhost:3000'
}, function(login, done) {
  User.findOne({login: login}, function (err, user) {
    if (err) {
      return done(err);
    }
    if (!user) {
      return done(null, false, {message: 'Unknown user'});
    }
    return done(null, user);
  });
}));

Authenticate Requests

passport.authenticate('cas', function (err, user, info) {
  if (err) {
    return next(err);
  }

  if (!user) {
    req.session.messages = info.message;
    return res.redirect('/');
  }

  req.logIn(user, function (err) {
    if (err) {
      return next(err);
    }

    req.session.messages = '';
    return res.redirect('/');
  });
})

For example:

// GET: '/cas_login'
exports.casLogin = function(req, res, next) {
  passport.authenticate('cas', function (err, user, info) {
    if (err) {
      return next(err);
    }

    if (!user) {
      req.session.messages = info.message;
      return res.redirect('/');
    }

    req.logIn(user, function (err) {
      if (err) {
        return next(err);
      }

      req.session.messages = '';
      return res.redirect('/');
    });
  })(req, res, next);
};

CAS versions

CAS 3.0 configuration

Since CAS3.0, the validation service returns a list of attributes for the authenticated user. Here is how you can use them:

passport.use(new (require('passport-cas').Strategy)({
  version: 'CAS3.0',
  ssoBaseURL: 'http://www.example.com/',
  serverBaseURL: 'http://localhost:3000'
}, function(profile, done) {
  var login = profile.user;

  User.findOne({login: login}, function (err, user) {
    if (err) {
      return done(err);
    }
    if (!user) {
      return done(null, false, {message: 'Unknown user'});
    }
    user.attributes = profile.attributes;
    return done(null, user);
  });
}));

CAS 2.0 configuration

CAS 2.0 will work with the CAS 3.0 configuration, but you need to set the validation endpoint.

passport.use(new (require('passport-cas').Strategy)({
  version: 'CAS3.0',
  ssoBaseURL: 'http://www.example.com/',
  serverBaseURL: 'http://localhost:3000/cas',
  validateURL: '/serviceValidate'
}, function(profile, done) {
  var login = profile.user;

  User.findOne({login: login}, function (err, user) {
    if (err) {
      return done(err);
    }
    if (!user) {
      return done(null, false, {message: 'Unknown user'});
    }
    return done(null, user);
  });
}));

License

The MIT License

Keywords

passport
auth
cas

FAQs

Package last updated on 23 Feb 2018

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Two Malicious Rust Crates Impersonate Popular Logger to Steal Wallet Keys

Research

Two Malicious Rust Crates Impersonate Popular Logger to Steal Wallet Keys

Socket uncovers malicious Rust crates impersonating fast_log to steal Solana and Ethereum wallet keys from source code.

By Kirill Boychenko  -  Sep 24, 2025