Apereo CAS - SMS Notifications via Twilio


Collaborate
This blog is managed and hosted on GitHub. If you wish to update the contents of this post or if you have found an inaccuracy and wish to make corrections, we recommend that you please submit a pull request to this repository.

Overview

CAS has the ability to send notifications via SMS for a variety of functions such as one-time passwords for multifactor authentication, service expiration notifications, and more. In this tutorial, we are going to take a look at configuring CAS for SMS notifications via Twilio where we’ll be using notifications to notify relevant contacts when services in the service registry are considered expired.

Our starting position is based on:

Configuration

Registered Service Policy

Once we have CAS up and running, let’s start with the following sample service file as Sample-100.json in our JSON service registry:

{
  "@class" : "org.apereo.cas.services.RegexRegisteredService",
  "serviceId" : "^https://app.example.org",
  "name" : "Sample",
  "id" : 100,   
  "contacts": [
    "java.util.ArrayList", [{
        "@class": "org.apereo.cas.services.DefaultRegisteredServiceContact",
        "name": "Misagh Moayyed",
        "phone": "+11234567890"
      }
    ]
  ],
  "expirationPolicy": {
    "@class": "org.apereo.cas.services.DefaultRegisteredServiceExpirationPolicy",
    "notifyWhenExpired": true,   
    "deleteWhenExpired": true,
    "expirationDate": "2019-09-22"
  }
}

We have set up contacts for our service. These are the folks primarily in charge of this application who shall be notified once the service is considered expired. More importantly, we have set up an expiration policy for the service where it will be considered expired and removed from the registry on the specified expiration date, 2019-09-22.

SMS Configuration via Twilio

Once our overlay is prepped with the configuration module for Twilio, we’ll need to teach CAS about our Twilio subscription using the following settings:

# cas.smsProvider.twilio.accountId=...
# cas.smsProvider.twilio.token=...

So, at this point we have CAS set up with Twilio and all that is left to configure the system for notifications when services are deemed expired:

cas.serviceRegistry.sms.from=1234567890
cas.serviceRegistry.sms.text=The service %s is expired and removed from CAS.

Thou Shall Test

Once CAS is restarted, services in the registry will be reloaded and process to evaluate expiration dates. If an expired service is found, you might see something similar in the logs:

<Registered service ... has expired on [2019-08-22]>
<Contacts for registered service ... will be notified of service expiry>  
...
<Deleting expired registered service ... from registry.>

At this point, you should have received an SMS from CAS with the message The service Sample is expired and removed from CAS.

So…

I hope this review was of some help to you and I am sure that both this post as well as the functionality it attempts to explain can be improved in any number of ways. Please know that all other use cases, scenarios, features, and theories certainly are possible as well. Feel free to engage and contribute as best as you can.

Happy Coding,

Misagh Moayyed

Related Posts

CAS 6.2.0 RC1 Feature Release

...in which I present an overview of CAS 6.2.0 RC1 release.

Apereo CAS - Simple Multifactor Authentication

Learn to configure Apereo CAS to act as a simple multifactor provider itself.

Apereo CAS 2019 Survey Results

...in which I present a summarized view of the latest CAS community survey.

CAS 6.1.0 RC6 Feature Release

...in which I present an overview of CAS 6.1.0 RC6 release.

Apereo CAS - Managing Services via Git

Learn to configure Apereo CAS to fetch application policy files and service records for its service registry from remote git repositories.

Apereo CAS - Ticket Distribution with JMS

Learn to configure Apereo CAS to JMS and messages queues to broadcast tickets and tokens across a deployment cluster.

CAS Vulnerability Disclosure

Disclosure of a security issue with the CAS software.

CAS 6.1.0 RC5 Feature Release

...in which I present an overview of CAS 6.1.0 RC5 release.

Apereo CAS - Passwordless Authentication

Learn how to modify Apereo CAS to allow users to login without the need to remember a password.

Apereo CAS - Handling Authentication Webflow Errors with Grace

Learn how to modify Apereo CAS to customize exception handling and produce localized error messages for your deployment.