This plugin is no longer maintained. Please, feel free to fork and update :)
This plugin is used to authenticate Redmine users using CAS OAuth2 provider ("Authorization Code" grant type). It is primarily intended to work with ITMO university ISU system https://isu.ifmo.ru.
Version of CAS: 5.0
Version of Redmine: 3.2.3 (as of publish date, other versions should work as well), 3.3, 3.3.2
- login
- logout
- automatic user creation
- Download the plugin and install required gems:
cd /path/to/redmine/plugins
git clone https://github.com/pbelikov/redmine-omniauth-oauth-cas.git
mv redmine-omniauth-oauth-cas redmine_omniauth_isu
cd /path/to/redmine
bundle install-
IMPORTANT! Plugin is used to work without proxy and to override issues with SSL-certificate. So, if you use proxy, please go to
app/controllers/redmine_oauth_controller.rband comment line 7 (which disables proxy). And if your SSL is OK, go to the same file and comment code in line 5 and part of code in line 39. Yes, I know that this is BAD codestyle, but it'll work for sure. -
Restart the app
touch /path/to/redmine/tmp/restart.txt- Login as a user with administrative privileges.
- In top menu select "Administration".
- Click "Plugins"
- In plugins list, click "Configure" in the row for "Redmine Omniauth ISU plugin"
- Enter CAS URL
- Enter the Сlient ID & Client Secret, which you entered for your CAS Service (see more here).
- Check the box near "Oauth authentication"
- Click Apply.
Users can now use their CASified Account to log in to your instance of Redmine.
- An unauthenticated user requests the URL to your Redmine instance.
- User clicks the "Login via ..." buton.
- The plugin redirects them to a CAS sign in page if they are not already signed in to their CAS account.
- CAS redirects user back to Redmine, where the CAS OAuth plugin's controller takes over.
User information in CAS /cas/oauth2.0/profile for successful login or creation of user has following format:
{
"attributes": {
"redmine_login":"ivan",
"redmine_attrs":"Ivan|Ivanov|ivan@example.com"
},
"id": 123456789
}
This plugin overrides Redmine's autoregistration feature so user is created automatically if all required fields are provided (login, firstname, lastname, email). Uniqueness of user is checked against login.
Unfortunately, this plugin somehow conflicts with another plugin, called "Redmine Wiki Extensions Plugin" by r-labs.
This plugin is inspired by twinslash plugin Redmine omniauth google.
Please do not hesitatate to contribute to this project. As I know, there is still no official CAS OAuth2 (as client) support in Redmine, so maybe this plugin could help many people. Also I know that code of this plugin is far from good, maybe you could use your Ruby skills to make it better.