kayleecodes1 / cas-authentication Goto Github PK

When the parsed_cas_url.pathname is '/' (happens with https://mycas.com and https://mycas.com/ for example) an invalid request URL for the Ticket Validation Request is created ('//' in between). A Fix would be to check parsed_cas_url.pathname for '/' and set it to '' in this case.

In my application I need to provide a "service" parameter to my CAS server so he can redirect to my service after logout...

How can we do that with your lib ?

(Looking at the code, it do not looks like to be possible :(

How do I redirect the crendentials of cas to be used in a service call with axios?

Hello @kylepixel,

First, thanks for your library, it works like a charme, great job !

I use your library behind a corporate proxy but unfortunately, node.js http agent don't support corporate proxy and so, is unable to resolve my DNS to contact my CAS server :

Request error with CAS:  { Error: getaddrinfo ENOTFOUND cas.mydns.com cas.mydns.com:443
    at errnoException (dns.js:28:10)
    at GetAddrInfoReqWrap.onlookup [as oncomplete] (dns.js:76:26)
  code: 'ENOTFOUND',
  errno: 'ENOTFOUND',
  syscall: 'getaddrinfo',
  hostname: 'cas.mydns.com',
  host: 'cas.mydns.com',
  port: 443 }

So, to workaround this problem, i'm using https://github.com/TooTallNate/node-https-proxy-agent which allows to define corporate proxy in http.request.agent property :

...
requestOptions.agent = new HttpsProxyAgent('http://proxy.mycompany.com:80');

It's a blocking issue for me, if i do a pull request to allow developpers passing additionals properties to http.request options; could you validate it ?

Thanks !

Hi,

After successfully login to cas and redirect back, getting below error again and again while accessing api.

[2] [TypeError: Cannot read property 'authenticationfailure' of undefined]
[2] [Error: CAS authentication failed.]
My service is pointing to localhost.
Is there a way to debug ?

A. CAS Server Port configuration
I suggest the following change at line 151

change: this.cas_port = parsed_cas_url.protocol === 'http:' ? 80 : 443;

to:

this.cas_port = (parsed_cas_url.port!=null)?parsed_cas_url.port:(parsed_cas_url.protocol === 'http:' ? 80 : 443);

B. REST API
I suggest to enhance this package to support also the REST API. How can we push code on github and npm?

Hi,
i have a trouble with this plugin. My application always redirect me to the cas authentication page (at the first connection) even if i already have a cas ticket.

My config :

var cas = new CASAuthentication({
cas_url : 'XXXX',
service_url : 'XXXX',
cas_version : '3.0',
renew : false,
is_dev_mode : false,
dev_mode_user : '',
dev_mode_info : {},
session_name : 'cas_user',
session_info : 'cas_userinfo',
destroy_session : false

});

app.get('/',cas.bounce_redirect, controllers.index);

Any ideas ?

After a successful log in on the cas website, I am redirected to mywebiste.com/undefined

A sample that produces this error :

const express = require("express");
const app = express();

const session = require("express-session");
app.use(session({
        secret : "test",
        resave : false,
        saveUninitialized : true,
        cookie : {
                maxAge : 60 * 60 * 1000,
                sameSite : "strict"
        }
}));

const casAuthentication = require("cas-authentication");
const cas = new casAuthentication({
        cas_url : "https://caswebsite.com",
        service_url : "http://mywebsite.com",
});

app.get("/", cas.bounce, (req, res) => {
        console.log(req.session);
        res.send("Hello, world!");
});

app.listen(80);

even if I can log in on cas website no session data is stored on my website, everytime I request mywebsite.com I get the cas login page.

By modifying the _handleTicket function as such :

else {
    req.session[ this.session_name ] = user;
    if (this.session_info) {
        req.session[ this.session_info ] = attributes || {};
    }
    res.send("connected");
}

The session data is stored and I can get the webpage after log in. No idea why the cas_return_to is undefined.

We might need to preserve query parameters to provide context . This is being stripped off in both the methods and replaced with only path . Can we avoid that ?

hi.
thank your library for us to use cas anthentication. however, when i use this library like as your demo.

var session = require('express-session');
var CASAuthentication = require('cas-authentication');
var cas = new CASAuthentication({
cas_url: 'https://casdev.XXXXoffice.cn',
service_url: 'http://localhost:3000',
cas_version: '3.0',
renew: false,
is_dev_mode: false,
dev_mode_user: '',
dev_mode_info: {},
session_name: 'cas_user',
session_info: 'cas_userinfo',
destroy_session: false
});
router.use(cas.bounce);

when i enter password and username, unfortunely, the error ocurs as following:

TypeError: Cannot read property 'serviceresponse' of null
at /Users/zhengchunhua/xiaochengxu/node-cms/node_modules/cas-authentication/index.js:77:41
at Parser. (/Users/zhengchunhua/xiaochengxu/node-cms/node_modules/xml2js/lib/parser.js:303:18)
at emitOne (events.js:96:13)
at Parser.emit (events.js:188:7)
at Parser.exports.Parser.Parser.parseString (/Users/zhengchunhua/xiaochengxu/node-cms/node_modules/xml2js/lib/parser.js:313:16)
at Parser.parseString (/Users/zhengchunhua/xiaochengxu/node-cms/node_modules/xml2js/lib/parser.js:5:59)
at exports.parseString (/Users/zhengchunhua/xiaochengxu/node-cms/node_modules/xml2js/lib/parser.js:354:19)
at CASAuthentication._validate (/Users/zhengchunhua/xiaochengxu/node-cms/node_modules/cas-authentication/index.js:67:13)
at CASAuthentication. (/Users/zhengchunhua/xiaochengxu/node-cms/node_modules/cas-authentication/index.js:345:18)
at emitNone (events.js:91:20)
at IncomingMessage.emit (events.js:185:7)
at endReadableNT (_stream_readable.js:974:12)
at _combinedTickCallback (internal/process/next_tick.js:74:11)
at process._tickCallback (internal/process/next_tick.js:98:9)
Error: CAS authentication failed.
at /Users/zhengchunhua/xiaochengxu/node-cms/node_modules/cas-authentication/index.js:91:37
at Parser. (/Users/zhengchunhua/xiaochengxu/node-cms/node_modules/xml2js/lib/parser.js:303:18)
at emitOne (events.js:96:13)
at Parser.emit (events.js:188:7)
at Parser.exports.Parser.Parser.parseString (/Users/zhengchunhua/xiaochengxu/node-cms/node_modules/xml2js/lib/parser.js:313:16)
at Parser.parseString (/Users/zhengchunhua/xiaochengxu/node-cms/node_modules/xml2js/lib/parser.js:5:59)
at exports.parseString (/Users/zhengchunhua/xiaochengxu/node-cms/node_modules/xml2js/lib/parser.js:354:19)
at CASAuthentication._validate (/Users/zhengchunhua/xiaochengxu/node-cms/node_modules/cas-authentication/index.js:67:13)
at CASAuthentication. (/Users/zhengchunhua/xiaochengxu/node-cms/node_modules/cas-authentication/index.js:345:18)
at emitNone (events.js:91:20)
at IncomingMessage.emit (events.js:185:7)
at endReadableNT (_stream_readable.js:974:12)
at _combinedTickCallback (internal/process/next_tick.js:74:11)
at process._tickCallback (internal/process/next_tick.js:98:9)
GET /activity/api?ticket=ST-284434-93adTmSO0pB5UQdARISn-sso01 401 19.356 ms - 12

can you give me some advise ?

Good morning

Im receiving a null on index.js (on cas-authentication) on line 77 when bounce returns to service url, i can succesfully login into my cas server, but when the 'cas.bounce' method redirects to my service url, i receive this error.

[TypeError: Cannot read property 'serviceresponse' of null]
[Error: CAS authentication failed.]

i tracked down the cause and turns out 'result' variable on index.js line 77 is null. I think the problem is a misconfiguration on the CAS server side, thats why im asking for any required configuration.

Thanks in advance.

Additional details: Central Authentication System (CAS) 3.6.0, running on apache tomcat 7.0.57

When used in a node backend with hierarchical routers, the req.url will be stripped off of any "mount points".

For instance, if the node express server defines a sub-router like this:

app.use('/details', detailsRouter);

and in detailsRouter, the following route is defined:

detailsRouter.get(/general, cas.bounce, ...)

then cas.bounce and any other middleware function will see the following properties of req:

req.url: /general
req.originalUrl: /details/general

So, the "mount point" /general has been stripped off in the sub-router (see http://expressjs.com/de/api.html#req.originalUrl).

Now, when cas-authentication tries to assemble the target URL which it should redirect to once the authentication cycle has been successfully finished, it will request something like

http://SERVER.name/general?ticket...

which obvisouly cannot be resolved by the backend.

Solution: use req.originalUrl instead. I didn't file a PR yet because I am not sure if there are any side effects. If there is no reasoning against it, req.originalUrl should be used throughout.

Otherwise, cas-authentication cannot be used for a clean node express server with hierarchical routers without change.

Is possible to make a login with user and pass, via code?

I need a example that allow to make login with a ticket or page that I own in a nodejs.