cas

package module
v1.0.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 25, 2018 License: MIT Imports: 11 Imported by: 2

README

Packet Guardian CAS Auth

This library performs simple authentication against a CAS server without having to redirect the user. The library will scrape a login token from the server's login page and perform a request on behalf of the user. The client application will receive an object that contains the attributes of the user as received by the server.

Note: This library does NOT support single sign on or single log off. It's an isolated request. The client application is responsible for managing logged in and logged out status.

This library was written to accommodate a need in one of my applications namely I wanted a system of successive authentication methods trying each one in turn. Doing CAS the normal way would make this difficult as one of two solutions would need to be used. 1) Have a separate login for non-cas logins. This however would be confusing. 2) Redirect to CAS after a failed login where the user would have to enter their credentials again. This however is likewise confusing and user unfriendly.

I make no guarantees that this library will work for you. However, if an issue is found please let me know.

This library assumes the CAS login page has an HTML input field with the name "lt" as per the specification. If it does not, this library will not work.

Documentation

Index

Constants

View Source
const (
	INVALID_REQUEST            = "INVALID_REQUEST"
	INVALID_TICKET_SPEC        = "INVALID_TICKET_SPEC"
	UNAUTHORIZED_SERVICE       = "UNAUTHORIZED_SERVICE"
	UNAUTHORIZED_SERVICE_PROXY = "UNAUTHORIZED_SERVICE_PROXY"
	INVALID_PROXY_CALLBACK     = "INVALID_PROXY_CALLBACK"
	INVALID_TICKET             = "INVALID_TICKET"
	INVALID_SERVICE            = "INVALID_SERVICE"
	INTERNAL_ERROR             = "INTERNAL_ERROR"
)

AuthenticationError Code values

Variables

View Source
var (
	InvalidCredentials = errors.New("Bad username or password")
)

Functions

This section is empty.

Types

type AuthenticationError

type AuthenticationError struct {
	Code    string
	Message string
}

AuthenticationError represents a CAS AuthenticationFailure response

func (AuthenticationError) AuthenticationError

func (e AuthenticationError) AuthenticationError() bool

AuthenticationError provides a differentiator for casting.

func (AuthenticationError) Error

func (e AuthenticationError) Error() string

Error returns the AuthenticationError as a string

type AuthenticationResponse

type AuthenticationResponse struct {
	User                string         // Users login name
	ProxyGrantingTicket string         // Proxy Granting Ticket
	Proxies             []string       // List of proxies
	AuthenticationDate  time.Time      // Time at which authentication was performed
	IsNewLogin          bool           // Whether new authentication was used to grant the service ticket
	IsRememberedLogin   bool           // Whether a long term token was used to grant the service ticket
	MemberOf            []string       // List of groups which the user is a member of
	Attributes          UserAttributes // Additional information about the user
}

AuthenticationResponse captures authenticated user information

func ParseServiceResponse

func ParseServiceResponse(data []byte) (*AuthenticationResponse, error)

ParseServiceResponse returns a successful response or an error

type Client

type Client struct {
	URL        *url.URL
	ServiceURL *url.URL
}

func (*Client) AuthenticateUser

func (c *Client) AuthenticateUser(username, password string, r *http.Request) (*AuthenticationResponse, error)

type UserAttributes

type UserAttributes map[string][]string

UserAttributes represents additional data about the user

func (UserAttributes) Add

func (a UserAttributes) Add(name, value string)

Add appends a new attribute.

func (UserAttributes) Get

func (a UserAttributes) Get(name string) string

Get retrieves an attribute by name.

Attributes are stored in arrays. Get will only return the first element.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL