TechQA.

Accessing Rails API using a single access token via RubyCAS

1k views Asked by At

I'm currently designing and prototyping the architecture for a web application that comprises of three parts, a Restful API (JSON, XML) interface served from a Rails app, a Backbone.js application being supported by a second Rails app, and an Android application that accesses data via the API.

Whereas the usual process of authenticating the user (redirecting to the login page) will work for the Backbone.js application, I want to use a single access token from the Android application to authenticate the user. I can see how upon first use the Android app would require a username and password, passing back from the CAS server additional information that would contain the pre-generated single access token. What I can't work out is how I would pass the single access token along with a request from the client and have that authenticated against CAS without redirecting to a login page etc.

What I need to know is whether this possible with CAS or is there a method that is more the "CAS way" that I can use to achieve the same result?

I've experimented with Devise and the CAS plugin devise_cas_authenticatable but this appears to be broken with the latest version of Devise. Ideally I want to use sorcery with my own implementation of single access token generation, all hooked up to CAS. I'm very new to CAS and what it can do so I'm trying to sound out what's possible first and then I'll contribute back to rubycas-client and sorcery if any new development is required that I'm able to code up.

Thanks in advance

android ruby-on-rails cas rubycas sorcery
Original Q&A
1

There are 1 answers

0
Brad On

I believe you are looking for Proxy Granting Tokens (Section 3.3). This allows one application to proxy a valid authentication to another application. The RubyCAS client supports this via:

class ApplicationController < ActionController::Base
  before_filter :authenticate!

protected

  def authenticate!
    # This triggers RubyCAS client to request a proxy granting ticket
    CASClient::Frameworks::Rails::Filter.client.proxy_callback_url = "myservice.com" 
    CASClient::Frameworks::Rails::Filter.filter(self)

    if session[:cas_pgt]
      # You will want to pass this as a URL param to your remote service
      # whenever you call it. We store it on our base ActiveResource model
      # and automatically append to the url params of all requests.
    end


    # Username is available in session[:cas_user]
  end
end

This solution does not use devise.

Related Questions in ANDROID

Related Questions in RUBY-ON-RAILS

Related Questions in CAS

Related Questions in RUBYCAS

Related Questions in SORCERY

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions