auth with cas

gui/app/authenticators/cas.js

@@ -9,10 +9,13 @@
 //
 // https://documize.com
 
+import { isPresent } from '@ember/utils';
+
 import { reject, resolve } from 'rsvp';
 import { inject as service } from '@ember/service';
 
 import Base from 'ember-simple-auth/authenticators/base';
+import netUtil from "../utils/net";
 
 export default Base.extend({
 	ajax: service(),
@@ -28,8 +31,16 @@ export default Base.extend({
 		return reject();
 	},
 
-	authenticate(){
-		return this.get('ajax').request('public/authenticate/cas' );
+	authenticate(data){
+		data.domain = netUtil.getSubdomain();
+
+		if (!isPresent(data.ticket)) {
+			return reject("data.ticket is empty");
+		}
+		return this.get('ajax').post('public/authenticate/cas', {
+			data: JSON.stringify(data),
+			contentType: 'json'
+		});
 	},
 
 	invalidate() {

gui/app/pods/auth/cas/controller.js

@@ -0,0 +1,14 @@
+// Copyright 2016 Documize Inc. <legal@documize.com>. All rights reserved.
+//
+// This software (Documize Community Edition) is licensed under 
+// GNU AGPL v3 http://www.gnu.org/licenses/agpl-3.0.en.html
+//
+// You can operate outside the AGPL restrictions by purchasing
+// Documize Enterprise Edition and obtaining a commercial license
+// by contacting <sales@documize.com>. 
+//
+// https://documize.com
+
+import Controller from '@ember/controller';
+
+export default Controller.extend({});

gui/app/pods/auth/cas/route.js

@@ -0,0 +1,66 @@
+// Copyright 2016 Documize Inc. <legal@documize.com>. All rights reserved.
+//
+// This software (Documize Community Edition) is licensed under
+// GNU AGPL v3 http://www.gnu.org/licenses/agpl-3.0.en.html
+//
+// You can operate outside the AGPL restrictions by purchasing
+// Documize Enterprise Edition and obtaining a commercial license
+// by contacting <sales@documize.com>.
+//
+// https://documize.com
+
+import { Promise as EmberPromise } from 'rsvp';
+import { inject as service } from '@ember/service';
+import Route from '@ember/routing/route';
+
+export default Route.extend({
+	ajax: service(),
+	session: service(),
+	appMeta: service(),
+	localStorage: service(),
+	queryParams: {
+		mode: {
+			refreshModel: true
+		},
+		ticket   : {
+			refreshModel: true,
+			replace     : true,
+		}
+	},
+	message: '',
+
+	afterModel(model) {
+		return new EmberPromise((resolve) => {
+			let constants = this.get('constants');
+
+			if (this.get('appMeta.authProvider') !== constants.AuthProvider.CAS) {
+				resolve();
+			}
+			let ticket = model.ticket;
+			if (ticket === '') {
+				resolve();
+			}
+			let data = {ticket: ticket};
+			this.get("session").authenticate('authenticator:cas', data).then(() => {
+				this.transitionTo('folders');
+			}, (reject) => {
+				if (!_.isUndefined(reject.Error)) {
+					this.set('message', reject.Error);
+				} else {
+					this.set('message', reject);
+				}
+				this.set('mode', 'reject');
+				resolve();
+			});
+
+		})
+	},
+
+	model(params) {
+		return {
+			mode: this.get('mode'),
+			message: this.get('message'),
+			ticket: params.ticket
+		}
+	}
+});

gui/app/pods/auth/cas/template.hbs

@@ -0,0 +1,13 @@
+{{#if (is-equal model.mode "login")}}
+    <div class="sso-box">
+        <p>Authenticating with CAS...</p>
+        <img src="/assets/img/busy-gray.gif">
+    </div>
+{{/if}}
+
+{{#if (is-equal model.mode "reject")}}
+    <div class="sso-box">
+        <p>CAS authentication failure</p>
+        <p>{{model.message}}</p>
+    </div>
+{{/if}}

gui/app/pods/auth/login/controller.js

@@ -12,7 +12,6 @@
 import { inject as service } from '@ember/service';
 import AuthProvider from '../../../mixins/auth';
 import Controller from '@ember/controller';
-import {Promise as EmberPromise} from "rsvp";
 
 export default Controller.extend(AuthProvider, {
 	appMeta: service('app-meta'),
@@ -73,14 +72,6 @@ export default Controller.extend(AuthProvider, {
 			// 		this.set('invalidCredentials', true);
 			// 	});
 			// }
-		},
-		loginWithCAS(){
-			// let config = this.get('config');
-			let url = 'https://sso.bangdao-tech.com/sso/login?service=' + encodeURIComponent('https://duty.bangdao-tech.com/');
-			window.location.replace(url);
-
-
-
 		}
 	}
 

gui/app/pods/auth/login/route.js

@@ -41,6 +41,13 @@ export default Route.extend({
 					});
 
 					break;
+				case constants.AuthProvider.CAS: {
+					let config = JSON.parse(this.get('appMeta.authConfig'));
+					let url = config.url + '/login?service=' + encodeURIComponent(config.redirectUrl);
+					window.location.replace(url);
+					resolve();
+					break;
+				}
 
 				default:
 					this.set('showLogin', true);

gui/app/pods/auth/login/template.hbs

@@ -27,11 +27,7 @@
 						{{input type="password" value=password id="authPassword" class="form-control" autocomplete="current-password"}}
 					{{/if}}
 				</div>
-        {{#if isAuthProviderCAS}}
-            {{ui/ui-button color=constants.Color.Green light=true label=constants.Label.SignIn onClick=(action "loginWithCAS")}}
-        {{else}}
-            {{ui/ui-button color=constants.Color.Green light=true label=constants.Label.SignIn onClick=(action "login")}}
-        {{/if}}
+                {{ui/ui-button color=constants.Color.Green light=true label=constants.Label.SignIn onClick=(action "login")}}
 
 
 				<div class="{{unless invalidCredentials "invisible"}} color-red-600 mt-3">Invalid credentials</div>

gui/app/pods/customize/auth/route.js

@@ -44,6 +44,7 @@ export default Route.extend(AuthenticatedRouteMixin, {
 						break;
 					case constants.AuthProvider.CAS:
 						data.authConfig = config;
+						break;
 					case constants.AuthProvider.Documize:
 						data.authConfig = '';
 						break;

gui/app/router.js

@@ -160,6 +160,9 @@ export default Router.map(function () {
 			this.route('share', {
 				path: 'share/:id/:slug/:serial'
 			});
+			this.route('cas', {
+				path: 'cas'
+			});
 		}
 	);