about summary refs log tree commit diff
diff options
context:
space:
mode:
authorLuke Granger-Brown <git@lukegb.com>2020-07-05T19·09+0000
committerlukegb <lukegb@tvl.fyi>2020-07-06T22·13+0000
commit310302637bf1e6f53117b8a400ffa02567d41cb1 (patch)
tree8983bd084ae106ad2b2dbc82dc88b74c2cdedf4f
parent4dca44ac722fee72c05b753bc51ea5bcd2bb3b7c (diff)
feat(3p/apereo-cas): add TVL-specific configuration to overlay r/1229
Change-Id: I5193cb7695d37c1770257741e600d7029b6596a0
Reviewed-on: https://cl.tvl.fyi/c/depot/+/934
Reviewed-by: tazjin <mail@tazj.in>
Tested-by: BuildkiteCI
-rw-r--r--third_party/apereo-cas/default.nix2
-rw-r--r--third_party/apereo-cas/overlay/build.gradle5
-rw-r--r--third_party/apereo-cas/overlay/etc/cas/config/cas.properties28
-rw-r--r--third_party/apereo-cas/overlay/etc/cas/services/samltest-1.json8
4 files changed, 37 insertions, 6 deletions
diff --git a/third_party/apereo-cas/default.nix b/third_party/apereo-cas/default.nix
index 5f628ce8e7..7fa3b0fa92 100644
--- a/third_party/apereo-cas/default.nix
+++ b/third_party/apereo-cas/default.nix
@@ -37,7 +37,7 @@ let
 
     outputHashAlgo = "sha256";
     outputHashMode = "recursive";
-    outputHash = "0lggx83g0nl5xwxgadgjrz62ch5qkwcyxwrd1zq8y1r7fir3m8pq";
+    outputHash = "1mjk7nh0sr4xb8v5mqb8kzjk1xk9rsx8g069lhpvdkyrc5bq1w8j";
   };
 in
 pkgs.stdenvNoCC.mkDerivation {
diff --git a/third_party/apereo-cas/overlay/build.gradle b/third_party/apereo-cas/overlay/build.gradle
index 2b04bbc5f0..464fce48d1 100644
--- a/third_party/apereo-cas/overlay/build.gradle
+++ b/third_party/apereo-cas/overlay/build.gradle
@@ -81,7 +81,10 @@ apply from: rootProject.file("gradle/dockerjib.gradle")
 
 dependencies {
     // Other CAS dependencies/modules may be listed here...
-    // implementation "org.apereo.cas:cas-server-support-json-service-registry:${casServerVersion}"
+    implementation "org.apereo.cas:cas-server-support-ldap:${project.'cas.version'}"
+    implementation "org.apereo.cas:cas-server-support-json-service-registry:${project.'cas.version'}"
+    implementation "org.apereo.cas:cas-server-support-saml-idp:${project.'cas.version'}"
+    implementation "org.apereo.cas:cas-server-support-oidc:${project.'cas.version'}"
 }
 
 tasks.findByName("jibDockerBuild")
diff --git a/third_party/apereo-cas/overlay/etc/cas/config/cas.properties b/third_party/apereo-cas/overlay/etc/cas/config/cas.properties
index 40cd89bbe9..9ef983b174 100644
--- a/third_party/apereo-cas/overlay/etc/cas/config/cas.properties
+++ b/third_party/apereo-cas/overlay/etc/cas/config/cas.properties
@@ -1,6 +1,26 @@
-cas.server.name=https://cas.example.org:8443
-cas.server.prefix=${cas.server.name}/cas
+cas.server.name=https://login.tvl.fyi
+cas.server.prefix=${cas.server.name}
+cas.server.scope=tvl.fyi
 
-logging.config=file:/etc/cas/config/log4j2.xml
+cas.service-registry.json.location=file:/etc/cas/services
+
+server.port=8443
+server.address=127.0.0.1
+server.ssl.enabled=false
+
+cas.authn.saml-idp.entity-id=https://login.tvl.fyi
+
+cas.authn.accept.users=
+
+cas.authn.attribute-repository.default-attributes-to-release=uid,mail,displayName
+
+cas.authn.ldap[0].pool-passivator=NONE
+cas.authn.ldap[0].principal-attribute-list=cn:uid,mail,displayName
+cas.authn.ldap[0].ldap-url=ldap://localhost
+cas.authn.ldap[0].use-start-tls=false
+cas.authn.ldap[0].validator.base-dn=dc=tvl,dc=fyi
+cas.authn.ldap[0].base-dn=dc=tvl,dc=fyi
+cas.authn.ldap[0].search-filter=cn={user}
+cas.authn.ldap[0].dn-format=cn=%s,ou=users,dc=tvl,dc=fyi
+cas.authn.ldap[0].type=DIRECT
 
-# cas.authn.accept.users=
diff --git a/third_party/apereo-cas/overlay/etc/cas/services/samltest-1.json b/third_party/apereo-cas/overlay/etc/cas/services/samltest-1.json
new file mode 100644
index 0000000000..37ea1be981
--- /dev/null
+++ b/third_party/apereo-cas/overlay/etc/cas/services/samltest-1.json
@@ -0,0 +1,8 @@
+{
+  "@class" : "org.apereo.cas.support.saml.services.SamlRegisteredService",
+  "serviceId" : "https://samltest.id/saml/sp",
+  "name" : "SAMLTest SP",
+  "id" : 1,
+  "evaluationOrder" : 10,
+  "metadataLocation" : "https://samltest.id/saml/sp"
+}