CAS Authentication?
Opened this issue ยท 7 comments
This question might be wrongheaded as I am brand new to Polis. A group of students at my university is considering bringing up an instance of Polis to help in student governance. The university provide a Central Authentication Service (CAS) service for single sign on. We were wondering if it was possible to have Polis use CAS for logging in? Has anyone tried anything like that before?
Hi @edsu. Thanks for posting this issue! Great to hear that your school is looking to do this.
We have been talking about setting up OpenAuth configuration for Polis. Would your CAS work with OpenAuth? If so that would seem to be the most straightforward path there.
Thanks again!
Maybe relevant? Though maybe very CAS-server-specific https://apereo.github.io/cas/5.1.x/protocol/OAuth-Protocol.html
Also, hi @edsu ๐
Thanks for these suggestions! I'm going to inquire if our CAS service (Shibboleth IdP v3.3.1) supports OAuth. But it looks like the answer at the moment is no if this is correct:
https://wiki.shibboleth.net/confluence/display/DEV/Supported+Protocols
If you look up "xid" in knowledge base, there should general context on how to create a generalized wrapper around polis embeds, which could use any login system one cares to write code for.
If it does support oauth, this is a project I've followed for awhile: Lightweight proxy to sit in front of random simple pages:
https://github.com/bitly/oauth2_proxy (current activity is now in forks, explained in readme)
Perhaps worth someone rigging up a generalized example and upstreaming it into https://github.com/pol-is/polis-examples :)
Related: https://github.com/compdemocracy/polis-examples/issues/2#issuecomment-907884261
tl;dr - not a fully integrated solution, but as a workaround, added example of how to use any arbitrary auth provider for gating polis convo access (via Auth0 SaaS provider) by using a simple HTML website functioning as a wrapper app around a polis embed :)
According to this support doc from auth0, CAS (assuming it's using SAML) might be supported through this Auth0 approach to authentication: https://community.auth0.com/t/how-to-connect-to-cas-identity-provider/6247 (I have no experience and can't offer any support except a link... sorry!)
There is no such repository as 'polis-examples' as of Dec 2023.