Search code examples
c#asp.net-core-webapicas

How integrating CAS Protocol with Microsoft .NET6 APIs c#

I have some APIs written with .NET6. I want that only some of my APIs are authorized with the CAS protocol.

I am looking for documentation or examples but I found only very old examples with old technologies and I cannot figure out which steps I need to perform in .NET6. Did some of your have the same problem? could you advice me on how to proceed?

Thank you in advance! Regards

Solution

  • Could you advice me on how to proceed?

    Not sure, which document you have found. Regarding central authentication service (CAS), which is least popular as compare to other authentication protocal. However, you can get the implementation details here.

    I found only very old examples with old technologies and I cannot figure out which steps I need to perform in .NET6.

    Sample Project:

    The key part of the CAS is within your builder.Services class you would require to include following code snippet:

    .AddCAS(options =>
    {
        options.CasServerUrlBase = builder.Configuration["Authentication:CAS:ServerUrlBase"];
        options.SaveTokens = builder.Configuration.GetValue("Authentication:CAS:SaveTokens", false);
        var protocolVersion = builder.Configuration.GetValue("Authentication:CAS:ProtocolVersion", 3);
        if (protocolVersion != 3)
        {
            options.ServiceTicketValidator = protocolVersion switch
            {
                1 => new Cas10ServiceTicketValidator(options),
                2 => new Cas20ServiceTicketValidator(options),
                _ => null
            };
        }

        options.Events.OnCreatingTicket = context =>
        {
            if (context.Identity == null)
                return Task.CompletedTask;
            // Map claims from assertion
            var assertion = context.Assertion;
            context.Identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, assertion.PrincipalName));
            if (assertion.Attributes.TryGetValue("display_name", out var displayName))
            {
                context.Identity.AddClaim(new Claim(ClaimTypes.Name, displayName));
            }

            if (assertion.Attributes.TryGetValue("email", out var email))
            {
                context.Identity.AddClaim(new Claim(ClaimTypes.Email, email));
            }

            return Task.CompletedTask;
        };

    You can get more details on asp.net core 6 complete example you could check here.

    Note: Please be informed that, this is not a official sample. Anything within the sample would be your responsibility and venture.