Which component of the system are you interested in having support for the RESTful API in?
I'm interested in ticket granting and service access in the server, which is the scope of the Jasig CAS RESTful API. Any tool or service that can speak HTTP can therefore authenticate to CAS given user credentials. I'll walk through a putative git/GitHub use case since it's specific and hopefully familiar to this audience:
1. User configures CAS user/pass credentials to be used by git (e.g. git-credential-cache)
3. GitHub CAS authentication backend posts user credentials to CAS RESTful API endpoint:
POST /cas/v1/tickets HTTP/1.0
username=marvin&password=wombats
4. CAS responds with TGT in Location header of response:
5. GitHub CAS authentication backend extracts the TGT and requests an ST for access to the repo URL:
POST /cas/v1/tickets/TGT-37-123456789-cas HTTP/1.0
|
6. GitHub CAS authentication backend extracts ST from body of response:
200 OK
ST-102-0987654321-cas
7. Ticket is validated as usual and on success the git client operation is authenticated by the backend and operation proceeds.
The only points of configuration here should be the root URI of the RESTful API endpoint, in this case "/cas/v1". Please let me know if you have questions or comments. I'd be happy to collaborate with you on implementation and/or test cases to ensure interoperability between products.
Best,
M