Example included a basic CAS server and react client using alancting/react-cas-client
- Install Docker in your local machine
- Run the example containers
$ docker-compose build
$ docker-compose up
- Open browser, go to https://127.0.0.1/cas/login (Make sure the local CAS server is running, it might take a while)
- You might also facing error cert issue when you're using Chrome on Mac
- Open browser, go to http://127.0.0.1:15300 (cas-web-client),
- Click login, you will be redirect to CAS login page (cas-server)
- Login with follows account
- Username: casuser
- Password: Mellon
- You will be redirect back to the http://127.0.0.1:15300 (cas-web-client)
- You're now logged in with CAS ✔️
- Open browser, go to http://127.0.0.1:15301 (cas-web-client-proxy-auth)
- Click login, you will be redirect to CAS login page (cas-server) with the
pgtUrl
(proxy callback: cas-proxy-app) - Login with follows account
- Username: casuser
- Password: Mellon
- CAS server will make a GET request to the
pgtUrl
(proxy callback) with proxy grant data, the proxy application (cas-proxy-app) should record/handle the proxy grant data properly. - You will be redirect back to the http://127.0.0.1:15301 (cas-web-client-proxy-auth)
- You're now logged in with CAS ✔️
- cas-web-client-proxy-auth make call to cas-proxy-app with
pgtiou
to retrieve thept
(proxy ticket) for the target API application (cas-api) - cas-proxy-app should
- Cross-check the proxy data handled in step4 with the
pgtiou
, - Make calls to CAS sever (cas-server) to create a proxy ticket for API application (cas-api)
- Return the
pt
- Cross-check the proxy data handled in step4 with the
- cas-web-client-proxy-auth make call to cas-api with
pt
(from step 8) tologin/register
to cas-api with the givenpt
- cas-api should
- Validate the
pt
with CAS server (cas-server) - When the
pt
is valid, the api server should accept thispt
for current user and other api requests make with thispt
in future (or any custom auth logic) - Return a appropriate response.
- Validate the
- You're now able to make call to the API server (cas-api) with the
pt
(or any custom auth logic) ✔️
MIT license