I confess that CAS authentication is not a topic I personally understand well, but here goes:
I believe that when you use the CAS module in AtoM, no local authentication happens at all, so I don't think you need to map local authentication parameters like username and email to AtoM's.
Instead, you configure your CAS server location details in an AtoM configuration file, and when users try to log in, they are redirected to your CAS authentication service.The configuration file also includes AtoM default user groups and a group_id value - this is what you need to map. You edit the configuration file in AtoM so the user group you want has the proper group_id key from CAS.
In terms of mapping other parameters - I believe the team tried to make this module flexible for different setups during development, so: it's really going to check 1 user parameter for mapping, and then use the group_id values from there. So you should have some freedom in defining what attribute is mapped to your CAS server? See:
So I believe this means that if your users are using emails for authentication, then you would set the attribute_key in the config file to match the name of the CAS email parameter. And if you're using usernames instead, then configure the key for that.
Hopefully the documentation links help? If not, let me know and I will see if one of our system administrators can answer any further questions you have.
Cheers,