connect-cas
Advanced tools
Connect cas is a connect-based middleware that allows you to authenticate through a CAS 2.0+ server. It supports the gateway auth, single sign-out, and proxying other CAS clients.
Adapted from https://github.com/jmarca/cas_validate
npm install connect-cas
Many of these options are borrowed from node's url documentation. You may set global options through the .configure() method or override them with any of the exposed middleware.
procotol The protocol to communicate with the CAS Server. Defaults to 'https'.host CAS server hostnameport CAS server port number. Defaults to 443.gateway Send all validation requests through the CAS gateway feature. Defaults to false.paths
serviceValidate Path to validate TGTproxyValidate Path to validate PGT (not implemented)proxy Path to obtain a proxy ticketlogin Path to the CAS loginvar cas = require('connect-cas');
var connect = require('connect');
connect()
.use(connect.cookieParser('hello world'))
.use(connect.cookieSession()) // or whatever session store
.use(cas.serviceValidate())
.use(cas.authenticate())
A more complete example of a simple Express app that uses CAS for login, displays the CAS username, and offers a logout link can be found in the example folder. You'll need to copy example/app.js to your own folder and install its dependencies:
npm install express
npm install connect-cas
Express is required only for the example app. It is not required for connect-cas.
To proxy services, you can configure the serviceValidate middleware like below:
connect()
...
.use(cas.serviceValidate({pgtUrl: '/pgtCallback'}))
.use(cas.proxyTicket({targetService: 'https://service-to-proxy/blah'});
...
The proxy granting ticket value will be available in req.session.pgt and a hash of proxy tickets are available in req.pt. You may then append that proxy ticket manually to the services you wish to proxy. To reuse the proxy tickets, see #25.
You may also pass in an absolute url if you wish for the pgtCallback to be in a separate app. If so, pass in an additional pgtFn:
connect()
.use(cas.serviceValidate({pgtUrl: 'https://some-server.com/pgtCallback', pgtFn:function(pgtIou, cb){
// given the pgtIou, retrieve the pgtId however you can. Then call ...
cb(err, 'PGT-thepgtid');
}));
X-Forwarded-Proto headers. Connect-cas uses it to infer its own location for redirection.MIT
FAQs
Connect middleware for a node CAS client
The npm package connect-cas receives a total of 65 weekly downloads. As such, connect-cas popularity was classified as not popular.
We found that connect-cas demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
ENISA’s 2024 report highlights the EU’s top cybersecurity threats, including rising DDoS attacks, ransomware, supply chain vulnerabilities, and weaponized AI.
Security News
NIST's new password guidelines remove periodic changes and special character requirements, focusing on longer, more secure passwords for better authentication practices.
Security News
A record 2,709 developers participated in the 2024 Ruby on Rails Community Survey, revealing key tools, practices, and trends shaping the Rails ecosystem.