Options
All
  • Public
  • Public/Protected
  • All
Menu

Class AuthController

This controller implements the CAS 3.0 protocol, which is used to authenticate users with Harvard Key. The intended login flow is roughly as follows:

  1. The user visits the client application
  2. If the user is not logged in, the client redirects to the the /login endpoint on the server
  3. The server responds with a redirect to the Harvard Key login
  4. The user logs into Harvard Key
  5. Harvard Key redirects the client to the /validate endpoint, including a 'ticket' query parameter
  6. The server sends a request back to Harvard Key, including that ticket
  7. Harvard Key verifies the ticket, and responds to the server with the user data
  8. The server saves the user data in the session, and redirects the user back to the client application with the session key in the cookie
  9. On subsequent requests, the cookie is used to retrieve the user data from the session.

If the user has already logged in and their session cookie is still valid when they initially load the application, the user data stored in session will be used, bypassing this flow.

For more information, see: https://apereo.github.io/cas/4.2.x/protocol/CAS-Protocol-Specification.html#cas-protocol-30-specification

Hierarchy

  • AuthController

Index

Properties

Methods

Properties

config

config: ConfigService

Methods

logoutUserSession

  • logoutUserSession(req: Request): RedirectResponse

useHarvardKeyLogin

  • useHarvardKeyLogin(req: Request): RedirectResponse

  • This is the entrypoint to the authentication process. We will first save 'referer' header value in session so that we can later redirect back to the initiating page. Then we redirect the user to Harvard Key's login page

    Parameters

    • req: Request

    Returns RedirectResponse

validateHarvardKeyData

  • validateHarvardKeyData(req: Request, ticket: string): Promise<RedirectResponse>

  • After the user logs in with HarvardKey, this endpoint will submit their authentication ticket back to Harvard Key, which will return their user data. We simply parse the data in to a User object and store it in the session.

    Parameters

    • req: Request
    • ticket: string

    Returns Promise<RedirectResponse>

Generated using TypeDoc