kayleecodes1 / cas-authentication Goto Github PK
View Code? Open in Web Editor NEWA CAS authentication library designed to be used as middleware for an Express server.
License: MIT License
A CAS authentication library designed to be used as middleware for an Express server.
License: MIT License
When the parsed_cas_url.pathname is '/' (happens with https://mycas.com and https://mycas.com/ for example) an invalid request URL for the Ticket Validation Request is created ('//' in between). A Fix would be to check parsed_cas_url.pathname for '/' and set it to '' in this case.
In my application I need to provide a "service" parameter to my CAS server so he can redirect to my service after logout...
How can we do that with your lib ?
(Looking at the code, it do not looks like to be possible :(
How do I redirect the crendentials of cas to be used in a service call with axios?
Hello @kylepixel,
First, thanks for your library, it works like a charme, great job !
I use your library behind a corporate proxy but unfortunately, node.js http agent don't support corporate proxy and so, is unable to resolve my DNS to contact my CAS server :
Request error with CAS: { Error: getaddrinfo ENOTFOUND cas.mydns.com cas.mydns.com:443
at errnoException (dns.js:28:10)
at GetAddrInfoReqWrap.onlookup [as oncomplete] (dns.js:76:26)
code: 'ENOTFOUND',
errno: 'ENOTFOUND',
syscall: 'getaddrinfo',
hostname: 'cas.mydns.com',
host: 'cas.mydns.com',
port: 443 }
So, to workaround this problem, i'm using https://github.com/TooTallNate/node-https-proxy-agent which allows to define corporate proxy in http.request.agent property :
...
requestOptions.agent = new HttpsProxyAgent('http://proxy.mycompany.com:80');
It's a blocking issue for me, if i do a pull request to allow developpers passing additionals properties to http.request options; could you validate it ?
Thanks !
Hi,
After successfully login to cas and redirect back, getting below error again and again while accessing api.
[2] [TypeError: Cannot read property 'authenticationfailure' of undefined]
[2] [Error: CAS authentication failed.]
My service is pointing to localhost.
Is there a way to debug ?
A. CAS Server Port configuration
I suggest the following change at line 151
change: this.cas_port = parsed_cas_url.protocol === 'http:' ? 80 : 443;
to:
this.cas_port = (parsed_cas_url.port!=null)?parsed_cas_url.port:(parsed_cas_url.protocol === 'http:' ? 80 : 443);
B. REST API
I suggest to enhance this package to support also the REST API. How can we push code on github and npm?
Hi,
i have a trouble with this plugin. My application always redirect me to the cas authentication page (at the first connection) even if i already have a cas ticket.
My config :
var cas = new CASAuthentication({
cas_url : 'XXXX',
service_url : 'XXXX',
cas_version : '3.0',
renew : false,
is_dev_mode : false,
dev_mode_user : '',
dev_mode_info : {},
session_name : 'cas_user',
session_info : 'cas_userinfo',
destroy_session : false
});
app.get('/',cas.bounce_redirect, controllers.index);
Any ideas ?
After a successful log in on the cas website, I am redirected to mywebiste.com/undefined
A sample that produces this error :
const express = require("express");
const app = express();
const session = require("express-session");
app.use(session({
secret : "test",
resave : false,
saveUninitialized : true,
cookie : {
maxAge : 60 * 60 * 1000,
sameSite : "strict"
}
}));
const casAuthentication = require("cas-authentication");
const cas = new casAuthentication({
cas_url : "https://caswebsite.com",
service_url : "http://mywebsite.com",
});
app.get("/", cas.bounce, (req, res) => {
console.log(req.session);
res.send("Hello, world!");
});
app.listen(80);
even if I can log in on cas website no session data is stored on my website, everytime I request mywebsite.com
I get the cas login page.
By modifying the _handleTicket
function as such :
else {
req.session[ this.session_name ] = user;
if (this.session_info) {
req.session[ this.session_info ] = attributes || {};
}
res.send("connected");
}
The session data is stored and I can get the webpage after log in. No idea why the cas_return_to
is undefined.
We might need to preserve query parameters to provide context . This is being stripped off in both the methods and replaced with only path . Can we avoid that ?
hi.
thank your library for us to use cas anthentication. however, when i use this library like as your demo.
var session = require('express-session');
var CASAuthentication = require('cas-authentication');
var cas = new CASAuthentication({
cas_url: 'https://casdev.XXXXoffice.cn',
service_url: 'http://localhost:3000',
cas_version: '3.0',
renew: false,
is_dev_mode: false,
dev_mode_user: '',
dev_mode_info: {},
session_name: 'cas_user',
session_info: 'cas_userinfo',
destroy_session: false
});
router.use(cas.bounce);
when i enter password and username, unfortunely, the error ocurs as following:
TypeError: Cannot read property 'serviceresponse' of null
at /Users/zhengchunhua/xiaochengxu/node-cms/node_modules/cas-authentication/index.js:77:41
at Parser. (/Users/zhengchunhua/xiaochengxu/node-cms/node_modules/xml2js/lib/parser.js:303:18)
at emitOne (events.js:96:13)
at Parser.emit (events.js:188:7)
at Parser.exports.Parser.Parser.parseString (/Users/zhengchunhua/xiaochengxu/node-cms/node_modules/xml2js/lib/parser.js:313:16)
at Parser.parseString (/Users/zhengchunhua/xiaochengxu/node-cms/node_modules/xml2js/lib/parser.js:5:59)
at exports.parseString (/Users/zhengchunhua/xiaochengxu/node-cms/node_modules/xml2js/lib/parser.js:354:19)
at CASAuthentication._validate (/Users/zhengchunhua/xiaochengxu/node-cms/node_modules/cas-authentication/index.js:67:13)
at CASAuthentication. (/Users/zhengchunhua/xiaochengxu/node-cms/node_modules/cas-authentication/index.js:345:18)
at emitNone (events.js:91:20)
at IncomingMessage.emit (events.js:185:7)
at endReadableNT (_stream_readable.js:974:12)
at _combinedTickCallback (internal/process/next_tick.js:74:11)
at process._tickCallback (internal/process/next_tick.js:98:9)
Error: CAS authentication failed.
at /Users/zhengchunhua/xiaochengxu/node-cms/node_modules/cas-authentication/index.js:91:37
at Parser. (/Users/zhengchunhua/xiaochengxu/node-cms/node_modules/xml2js/lib/parser.js:303:18)
at emitOne (events.js:96:13)
at Parser.emit (events.js:188:7)
at Parser.exports.Parser.Parser.parseString (/Users/zhengchunhua/xiaochengxu/node-cms/node_modules/xml2js/lib/parser.js:313:16)
at Parser.parseString (/Users/zhengchunhua/xiaochengxu/node-cms/node_modules/xml2js/lib/parser.js:5:59)
at exports.parseString (/Users/zhengchunhua/xiaochengxu/node-cms/node_modules/xml2js/lib/parser.js:354:19)
at CASAuthentication._validate (/Users/zhengchunhua/xiaochengxu/node-cms/node_modules/cas-authentication/index.js:67:13)
at CASAuthentication. (/Users/zhengchunhua/xiaochengxu/node-cms/node_modules/cas-authentication/index.js:345:18)
at emitNone (events.js:91:20)
at IncomingMessage.emit (events.js:185:7)
at endReadableNT (_stream_readable.js:974:12)
at _combinedTickCallback (internal/process/next_tick.js:74:11)
at process._tickCallback (internal/process/next_tick.js:98:9)
GET /activity/api?ticket=ST-284434-93adTmSO0pB5UQdARISn-sso01 401 19.356 ms - 12
can you give me some advise ?
Good morning
Im receiving a null on index.js (on cas-authentication) on line 77 when bounce returns to service url, i can succesfully login into my cas server, but when the 'cas.bounce' method redirects to my service url, i receive this error.
[TypeError: Cannot read property 'serviceresponse' of null]
[Error: CAS authentication failed.]
i tracked down the cause and turns out 'result' variable on index.js line 77 is null. I think the problem is a misconfiguration on the CAS server side, thats why im asking for any required configuration.
Thanks in advance.
Additional details: Central Authentication System (CAS) 3.6.0, running on apache tomcat 7.0.57
When used in a node backend with hierarchical routers, the req.url will be stripped off of any "mount points".
For instance, if the node express server defines a sub-router like this:
app.use('/details', detailsRouter);
and in detailsRouter
, the following route is defined:
detailsRouter.get(/general, cas.bounce, ...)
then cas.bounce
and any other middleware function will see the following properties of req
:
req.url: /general
req.originalUrl: /details/general
So, the "mount point" /general
has been stripped off in the sub-router (see http://expressjs.com/de/api.html#req.originalUrl).
Now, when cas-authentication tries to assemble the target URL which it should redirect to once the authentication cycle has been successfully finished, it will request something like
http://SERVER.name/general?ticket...
which obvisouly cannot be resolved by the backend.
Solution: use req.originalUrl
instead. I didn't file a PR yet because I am not sure if there are any side effects. If there is no reasoning against it, req.originalUrl
should be used throughout.
Otherwise, cas-authentication
cannot be used for a clean node express server with hierarchical routers without change.
Is possible to make a login with user and pass, via code?
I need a example that allow to make login with a ticket or page that I own in a nodejs.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.