jscas-server icon indicating copy to clipboard operation
jscas-server copied to clipboard

Published 20 hours ago verified publisher icon jscas

[idea] use passportjs as auth plugin

Open sbechet opened this issue 8 years ago • 3 comments

It can be interesting to create a passportjs auth plugin for cas-server.

sbechet avatar May 03 '17 07:05 sbechet

I agree. In fact, I started writing one a few months ago. But I need to figure out a proper API for supporting alternate authentication mechanisms. My idea is that plugins will get an instance of https://github.com/jscas/cas-server/blob/master/lib/casInterface.js so that they can fully handle everything that is necessary (generate tickets, create user sessions, etc). I just haven't had time to solidify that idea and implement it.

Do you have any ideas?

jsumners avatar May 03 '17 12:05 jsumners

Hello James,

I tried my own implementation here with the following constraints:

  1. Use loopback framework to implement logic account (acl, role...)
  2. Same for Applications access
  3. Full share between loopback accessToken and TGT so we can use all framwork logic: CAS is a protocol among others
  4. Full separation between Visual Parts and CAS part.

Now we can use passport.js using loopback-component-passport

I implemented SAML 1.1 you can recover the necessary for your own implementation (templates here and here).

Thank you for your work.

sbechet avatar Dec 06 '17 08:12 sbechet

Awesome. SAML support is definitely something JSCAS is missing. I sort of have a need for it, but haven't been able to determine how to make it work as I need. Your example will certainly be a great help.

jsumners avatar Dec 06 '17 13:12 jsumners