cas-to-openid-adapter

command module

v0.0.0-...-cc91d47 Latest Latest Go to latest Published: Jul 11, 2023 License: MIT Imports: 9 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/axel7083/cas-to-openid-adapter

Links

Open Source Insights

README ¶

cas-to-openid-adapter

This project has been made to create an adapter between a cas Authentication service and a OpenID client.

The code is mainly from zitadel/oidc as they provide a service example implementation for OpenID protocol.

Usage

The docker image docker.io/axel7083/cas-to-oidc-adapter:v0.4.2

Setup

Generate RSA keys

You need a public and private keys

openssl genrsa -out rsa.private 2048
openssl rsa -in rsa.private -out rsa.public -pubout -outform PEM

Copy those files inside a key folder.

Build the docker image

docker build -f Dockerfile .

Start the docker image

You can configure the adapter with environement variable:

env	default	description
HOST	localhost	The host address to listen to
PORT	9998	The host port to listen to
PREFIX_URL		The prefix url to use for request routing/callback
ISSUER	http://localhost:9998/	The issuer for the JWT token
CAS_ADDRESS	❌	The CAS address to use
CAS_LOGIN_ENDPOINT	/login	The CAS endpoint to use for login
CAS_LOGOUT_ENDPOINT	/logout	The CAS endpoint to use for logout
CAS_VALIDATE_ENDPOINT	/serviceValidate	The CAS endpoint to use for validate the ticket
CLIENT_ID	web	The Client id to use for the OpenID protocol.
CLIENT_SECRET	❌	Client secret to use by the OpenID client
CLIENT_REDIRECT_URIs	http://localhost:9999/auth/callback	redirect URIs allowed for the OpenID client (separated by comma)
OPENID_KEY_PHRASE	❌	will be sha256-sum and used for encryption
SIGNING_PRIVATE_KEY	❌	The path to the private signing key.
SIGNING_PUBLIC_KEY	❌	The path to the public singing key.
SIGNING_KEY_ID	682a39b4-cf9f-40de-9fdd-b5c78ff07fe4	The key ID
INJECT_GROUPS	❌	the groups to inject to every user that logged in.

External Groups Provider

This is just a simple optional system to allow to fetch user's groups from an external sources. The cas protocols does not have a concept of groups, therefore we can provide the following arguments:

env	default	description
EXTERNAL_GROUPS_PROVIDER	❌	The address to fetch the groups from
EXTERNAL_GROUPS_PROVIDER_HEADER	"user-id"	The header key for the user's email address to inject

The external groups provider must respond with a json array of strings, thus will be interpreted as its groups.

Status

This project has only been used a demonstration, and is not maintained.

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

main.go

Directories ¶

Path	Synopsis
exampleop
storage

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL