cassette v1.3.1 Cassette
Library to generate and validate CAS TGTs/STs
Client usage
Generate a tgt and a st for some service:
iex> Cassette.tgt
{:ok, "TGT-example-abcd"}
iex> Cassette.st("http://some.authenticated/url")
{:ok, "ST-example-1234"}
Validation usage:
iex> st = FakeCas.valid_st
iex> Cassette.validate(st, "http://some.authenticated/url")
{:ok, Cassette.User.new("example", "customer", ["ACME_ADMIN"])}
Customization and multiple configurations
If you need multiple Cassette servers please refer to Cassette.Support for macros
that allow to build your own services.
Running on development without an actual CAS server
The FakeCas module we use for testing is available on :dev as well.
To set it up and configure the default Cassette, add to yor dependencies on mix.exs:
{:fake_cas, "~> 1.0"}
Then initialize it with:
iex> FakeCas.Support.initialize
:ok
With the configuration set, Cassette will always return the TGT in FakeCas.valid_tgt/0:
iex> tgt = FakeCas.valid_tgt
iex> {:ok, ^tgt} = Cassette.tgt
{:ok, "TGT-example-abcd"}
Using the stored valid TGT, Casette will always generate the same ST:
iex> st = FakeCas.valid_st
iex> {:ok, ^st} = Cassette.st("some-service")
{:ok, "ST-example-1234"}
Trying to validate the ST in FakeCas.valid_st/0 will always succeed for any service:
iex> st = FakeCas.valid_st
iex> {:ok, _} = Cassette.validate(st, "some-service")
{:ok, Cassette.User.new("example", "customer", ["ACME_ADMIN"])}
And trying to validate any other ST will always fail:
iex> Cassette.validate("any-other-st", "some-service")
{:error, "INVALID_SERVICE: ticket 'X' is invalid"}
Summary
Functions
Returns the configuration used by this Cassette server
Generates a Service Ticket for the given service
Called when an application is started
Generates a Ticket Granting Ticket
Validates a given ticket against the given service or the service set in the configuration
Functions
Returns the configuration used by this Cassette server
Will return the default configuration if not provided.
Please refer to Cassette.Config.t for details
Generates a Service Ticket for the given service
This function retries once when the TGT is expired on the server side.
Called when an application is started.
This function is called when an the application is started using
Application.start/2 (and functions on top of that, such as
Application.ensure_started/2). This function should start the top-level
process of the application (which should be the top supervisor of the
application’s supervision tree if the application follows the OTP design
principles around supervision).
start_type defines how the application is started:
:normal- used if the startup is a normal startup or if the application is distributed and is started on the current node because of a failover from another mode and the application specification key:start_phasesis:undefined.{:takeover, node}- used if the application is distributed and is started on the current node because of a failover on the nodenode.{:failover, node}- used if the application is distributed and is started on the current node because of a failover on nodenode, and the application specification key:start_phasesis not:undefined.
start_args are the arguments passed to the application in the :mod
specification key (e.g., mod: {MyApp, [:my_args]}).
This function should either return {:ok, pid} or {:ok, pid, state} if
startup is successful. pid should be the PID of the top supervisor. state
can be an arbitrary term, and if omitted will default to []; if the
application is later stopped, state is passed to the stop/1 callback (see
the documentation for the c:stop/1 callback for more information).
use Application provides no default implementation for the start/2
callback.
Callback implementation for Application.start/2.
Generates a Ticket Granting Ticket
validate(String.t, String.t) :: {:ok, Cassette.User.t} | {:error, term}
Validates a given ticket against the given service or the service set in the configuration