forked from NUBIC/castanet
-
Notifications
You must be signed in to change notification settings - Fork 0
/
README
120 lines (80 loc) · 3.19 KB
/
README
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
Castanet
========
Castanet is a client library for applications that use Jasig's Central
Authentication Service. It fully implements version 2.0 of the CAS protocol.
Castanet was built at the Northwestern University Health and Biomedical
Informatics Center as a replacement for RubyCAS-Client in internal software.
License
=======
Castanet is MIT-licensed. See LICENSE for more information.
Installation and setup
======================
To install:
$ gem install castanet
The Castanet::Client module is the top-level interface for all of Castanet's
functions. Mix it into the classes that will do CAS interaction:
class Authenticator
include Castanet::Client
##
# The base URL of the CAS server. Required.
def cas_url
'https://cas.example.edu'
end
##
# The URL to a service that will be used by the CAS server to deposit
# proxy-granting tickets. Required if you're using CAS proxying.
def proxy_callback_url
'https://cas.example.edu/callback/receive_pgt'
end
##
# The URL to a service that will be used to retrieve deposited PGTs.
# Required if you're doing CAS proxying.
def proxy_retrieval_url
'https://cas.example.edu/callback/receive_pgt'
end
end
Using Castanet
==============
Validating a service ticket presented by a user
-----------------------------------------------
# First parameter is the ticket, second is the service URL
st = service_ticket('ST-1foo', 'https://service.example.edu')
st.present!
st.ok? # true or false
Retrieving a proxy-granting ticket from a service ticket
--------------------------------------------------------
st = service_ticket('ST-1foo', 'https://service.example.edu')
st.present!
st.retrieve_pgt! if st.ok?
pgt = st.pgt
Retrieving a proxy-granting ticket from a proxy ticket
------------------------------------------------------
pt = proxy_ticket('PT-1foo', 'https://service.example.edu')
pt.present!
pt.retrieve_pgt! if pt.ok?
pgt = pt.pgt
Validating a proxy ticket received from an incoming request
-----------------------------------------------------------
# First parameter is the ticket, second is the service URL
pt = proxy_ticket('PT-1foo', 'https://service.example.edu')
pt.present!
pt.ok? # true or false
Requesting a proxy ticket for a service
---------------------------------------
begin
# First parameter is a PGT, second is the URL of the service to contact
pt = issue_proxy_ticket('PGT-1foo', 'https://proxied.example.edu')
# string representation of the ticket can now be retrieved using pt.ticket
# or pt.to_s for use in e.g. URLs
service = "https://proxied.example.edu/endpoint?PT=#{pt.to_s}"
# more code here...
rescue Castanet::ProxyTicketError
# code to rescue from a PT issuance error
end
More usage examples can be found in Castanet's tests and NUBIC's Aker library
at https://github.com/NUBIC/aker.git.
Acknowledgments
===============
Castanet's test harness was originally based on code written by Rhett Sutphin.
Query string building code was taken from Rack.
vim:ts=2:sw=2:et:tw=80