Apereo CAS Swag with Swagger


Collaborate
The blog is managed and hosted on GitHub. If you wish to update the contents of this post or if you have found an inaccuracy and wish to make corrections, we recommend that you please submit a pull request to this repository.

For some time now, CAS has had the ability to take advantages of Swagger natively to produce API documentation automatically. The generated documentation supports all CAS endpoints and REST APIs provided they are made available to the runtime application context. This means that any and all modules that declare API endpoints will automatically be recognized by the CAS Swagger integration, provided of course the module is activated and included in your CAS configuration.

If you wish to learn more about Swagger, please visit this link and the reference documentation for CAS 5.3.x as of this writing is available here.

Our starting position is based on the following:

Configuration

The setup is in fact super simple; as the documentation describes you simply need to add the required dependency in your overlay:

<dependency>
  <groupId>org.apereo.cas</groupId>
  <artifactId>cas-server-documentation-swagger</artifactId>
  <version>${cas.version}</version>
</dependency>

…and just to keep things more interesting, I also chose to include support for CAS REST Protocol:

<dependency>
    <groupId>org.apereo.cas</groupId>
    <artifactId>cas-server-support-rest</artifactId>
    <version>${cas.version}</version>
</dependency>

That’s it. Package and run the overlay as usual. Once the server is up and running, simply navigate to https://<your-cas-server-address>/cas/swagger-ui.html and examine the APIs presented to you via Swagger. For instance, this is what I see:

image

Notice how certain entries are surrounded in a blue square. This is not a Swagger feature; rather this is me trying to outline that the endpoints and APIs that are presented as part of the CAS protocol are also automatically picked up by Swagger and presented to you beautifully via this user interface. This behavior, as a reminder, applies to any module that presents APIs.

Finale

I hope this review was of some help to you and I am sure that both this post as well as the functionality it attempts to explain can be improved in any number of ways. Please feel free to engage and contribute as best as you can.

Misagh Moayyed

Related Posts

CAS 6.0.0 RC3 Feature Release

...in which I present an overview of CAS 6.0.0 RC3 release.

Apereo CAS - Multifactor Authentication with RADIUS

Learn how Apereo CAS may be configured to trigger multifactor authentication using a RADIUS server and its support for the Access-Challenge response type.

CAS Vulnerability Disclosure

Disclosure of a security issue with the MFA features.

CAS 6.0.0 RC2 Feature Release

...in which I present an overview of CAS 6.0.0 RC2 release.

Apereo CAS - dotCMS SAML2 Integration

Learn how to integrate dotCMS, a Content Management System and Headless CMS, with Apereo CAS running as a SAML2 identity provider.

Effective Software Troubleshooting Tactics

A collection of what hopefully are obvious troubleshooting tactics when it comes to diagnosing software deployment issues and configuration problems.

Apereo CAS - MaxMind Geo2IP ISP Integration

Learn how you may determine the Internet Service Provider, organization name, and autonomous system organization and number associated with the user's IP address in CAS using MaxMind services and present warnings in the authentication flow for the end-user if an IP address is matched.

Notes from Better by Design 2018

Be interested in humans and human success.

Apereo CAS - Authentication Lifecycle Phases

Tap into the Apereo CAS authentication engine from outside, and design extensions that prevent an unsuccessful authentication attempt or warn the user after-the-fact based on specific policies of your choosing.

CAS 6.0.0 RC1 Feature Release

...in which I present an overview of CAS 6.0.0 RC1 release.