This is a sample Python web application using Flask that is protected via an Apereo CAS server using the Flask CAS extension.
- Python
$ python --version
Python 2.7.10
- Pip
$ pip --version
pip 9.0.1 from /Library/Python/2.7/site-packages (python 2.7)
You may need to download/install the CAS Flask extension from source locally to obtain a bug fix that helps with CAS attribute parsing. The bug fix, as of this writing, is not yet released.
git clone git@github.com:cameronbwhite/Flask-CAS.git
cd Flask-CAS
sudo python setup.py install
If you wish to not install the plugin from source, simply execute:
sudo pip install Flask-CAS
$ python app.py
...
* Running on http://127.0.0.1:5000/ (Press CTRL+C to quit)
* Restarting with stat
* Debugger is active!
* Debugger PIN: 120-601-740
Navigate to http://localhost:5000
and click on the login button.
You will be redirected to a CAS server to authenticate and once you return,
you should see the authenticated user id plus any and all attributes that
the server may have authorized you to receive.
Remember that the application must be registered with the CAS server, and should be authorized to authenticate.
You can find valid username and password under cas.authn.accept.users
part of CAS configuration part of CAS server dashboard. It's casuser
:Mellon
for version 5.
CAS configuration may be specified in app.py
:
app.config['CAS_SERVER'] = 'https://jasigcas.herokuapp.com'
app.config['CAS_AFTER_LOGIN'] = 'secure'
For all other relevant settings, please refer to the Flask CAS extension project.