Uh oh!
There was an error while loading.Please reload this page.
- Notifications
You must be signed in to change notification settings - Fork9.6k
Enhancing CAS authentication handling by extracting user attributes#59951
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.
Already on GitHub?Sign in to your account
base:7.4
Are you sure you want to change the base?
Uh oh!
There was an error while loading.Please reload this page.
Conversation
carsonbot commentedMar 10, 2025
Hey! I see that this is your first PR. That is great! Welcome! Symfony has acontribution guide which I suggest you to read. In short:
Review the GitHub status checks of your pull request and try to solve the reported issues. If some tests are failing, try to see if they are failing because of this change. When two Symfony core team members approve this change, it will be merged and you will become an official Symfony contributor! I am going to sit back now and wait for the reviews. Cheers! Carsonbot |
This comment was marked as resolved.
This comment was marked as resolved.
@nacorp friendly ping 😉 |
src/Symfony/Component/Security/Http/AccessToken/Cas/Cas2Handler.php OutdatedShow resolvedHide resolved
Uh oh!
There was an error while loading.Please reload this page.
That's a cool update of the CAS authenticator@erseco ! 👏 |
OIDC handlers create a |
erseco commentedMar 18, 2025 • edited
Loading Uh oh!
There was an error while loading.Please reload this page.
edited
Uh oh!
There was an error while loading.Please reload this page.
@chalasr Thanks for your question! Regarding whether we need a specific user object like According to the [CAS protocol specification](https://apereo.github.io/cas/7.0.x/protocol/CAS-Protocol-Specification.html#257-example-response-with-custom-attributes), CAS attributes are included directly in the XML/JSON response: <cas:serviceResponsexmlns:cas="http://www.yale.edu/tp/cas"> <cas:authenticationSuccess> <cas:user>username</cas:user> <cas:attributes> <cas:firstname>John</cas:firstname> <cas:lastname>Doe</cas:lastname> <cas:email>jdoe@example.org</cas:email> <cas:affiliation>staff</cas:affiliation> <cas:affiliation>faculty</cas:affiliation> </cas:attributes> </cas:authenticationSuccess></cas:serviceResponse> The changes in this PR extract these attributes and pass them through the I've committed the necessary changes to align with the CAS documentation. All tests now pass after adding some additional cases. However, I'm still encountering issues inPHP 8.2 (low-deps). |
Uh oh!
There was an error while loading.Please reload this page.
Description
This pull request enhances the CAS authentication process by extracting user attributes from the CAS response and passing them to the
UserBadge. This ensures that additional information, such as email or roles, can be accessed within authentication workflows.Changes
src/Symfony/Component/Security/Http/AccessToken/Cas/Cas2Handler.phpgetUserBadgeFromto extract attributes from the CAS response.UserBadgeconstructor, making them available in authentication logic.Test Updates
src/Symfony/Component/Security/Http/Tests/AccessToken/Cas/Cas2HandlerTest.phptestWithValidTicketto include attributes in the CAS response.UserBadgecorrectly includes and retains these attributes.Why?
✅Tests updated and verified
✅No backward compatibility breaks
Let me know if any adjustments are needed! 🚀