Skip to content

Commit

Permalink
fix handling of xml on successful validation with CAS server and upda…
Browse files Browse the repository at this point in the history
…te cadet.exs.example to include example CAS strategy
  • Loading branch information
chownces committed Oct 30, 2022
1 parent 156fbb0 commit 9eef5f2
Show file tree
Hide file tree
Showing 2 changed files with 26 additions and 6 deletions.
5 changes: 5 additions & 0 deletions config/cadet.exs.example
Original file line number Diff line number Diff line change
Expand Up @@ -56,6 +56,11 @@ config :cadet,
# # You may need to write your own claim extractor for other providers
# claim_extractor: Cadet.Auth.Providers.CognitoClaimExtractor
# }},
# # To use authentication with CAS
# "cas" =>
# {Cadet.Auth.Providers.CAS,
# %{service_validate_endpoint: "https://{CAS_SERVER_ENDPOINT}/serviceValidate"}},

"test" =>
{Cadet.Auth.Providers.Config,
[
Expand Down
27 changes: 21 additions & 6 deletions lib/cadet/auth/providers/cas.ex
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,8 @@ defmodule Cadet.Auth.Providers.CAS do
https://apereo.github.io/cas/6.5.x/protocol/CAS-Protocol.html
"""

import SweetXml

alias Cadet.Auth.Provider

@behaviour Provider
Expand All @@ -20,24 +22,37 @@ defmodule Cadet.Auth.Providers.CAS do
}

with {:validate, {:ok, %{body: body, status_code: 200}}} <-
{:validate, HTTPoison.get(config.service_validate_endpoint, [], params: params)} do
# {:validation_response, data} <- {:validation_response, Jason.decode!(body)},
# {:extract_username, %{"name" => username}} <- {:extract_username, data} do
IO.inspect(body)
{:ok, %{token: body, username: "placeholder"}}
{:validate, HTTPoison.get(config.service_validate_endpoint, [], params: params)},
{:authentication_success, success_xml} when not is_nil(success_xml) <-
{:authentication_success, authentication_success(body)},
{:extract_username, username} <- {:extract_username, get_username(success_xml)} do
{:ok, %{token: success_xml, username: username}}
else
{:validate, {:ok, %{body: body, status_code: status}}} ->
{:error, :upstream, "Status code #{status} from CAS: #{body}"}

{:authentication_success, nil} ->
{:error, :upstream, "Authentication failure from CAS"}
end
end

@spec get_name(config(), Provider.token()) ::
{:ok, String.t()} | {:error, Provider.error(), String.t()}
def get_name(_config, token) do
%{"name" => name} = token
name = get_username(token)
{:ok, name}
rescue
_ ->
{:error, :invalid_credentials, "Failed to retrieve user's name"}
end

defp authentication_success(xml) do
xml
|> xpath(~x"//cas:serviceResponse/cas:authenticationSuccess"e)
end

defp get_username(xml) do
xml
|> xpath(~x"//cas:user/text()"s)
end
end

0 comments on commit 9eef5f2

Please sign in to comment.