## Functions
objectProvides an authentication plugin for the Hapi framework that implements CAS authentication. Due to the nature of the CAS protocol, this plugin requires that a session manager plugin be registered with Hapi. This plugin does not provide a session manager on its own. The 'hapi-server-session' plugin is known to work. But any plugin that provides request.session will work.
This plugin is known to work with authentication modes 'required' and 'try'.
functionStandard Hapi plugin registration method. It registers casPlugin with the scheme name 'cas'.
objectDefines the possible options for the plugin.
object
Provides an authentication plugin for the Hapi framework that implements CAS authentication. Due to the nature of the CAS protocol, this plugin requires that a session manager plugin be registered with Hapi. This plugin does not provide a session manager on its own. The 'hapi-server-session' plugin is known to work. But any plugin that provides request.session will work.
This plugin is known to work with authentication modes 'required' and 'try'.
**Kind**: global function **Returns**:object - A Hapi authentication scheme object.
**Throws**:
- AssertionError When an invalid options object is provided or if
there isn't a session manager registered with the Hapi server.
| Param | Type | Description |
| --- | --- | --- |
| server | object | A Hapi server instance. |
| options | [PluginOptions](#PluginOptions) | The options for the CAS authentication plugin. |
## register(server, options, next) ⇒ function
Standard Hapi plugin registration method. It registers [casPlugin](#casPlugin)
with the scheme name 'cas'.
**Kind**: global function
**Returns**: function - The registration finished callback function.
| Param | Type | Description |
| --- | --- | --- |
| server | object | A Hapi server instance. |
| options | object | A Hapi plugin registration options object. |
| next | function | The Hapi registration finished callback function. |
## PluginOptions : object
Defines the possible options for the plugin.
**Kind**: global typedef **Properties** | Name | Type | Default | Description | | --- | --- | --- | --- | | casServerUrl |string | | The URL for the remote CAS server. It should be an HTTPS URL. But it can be HTTP if the remote server isn't fully protocol compliant. Example: https://example.com/cas/ |
| casProtocolVersion | number | 2.0 | The version of the CAS protocol that the remote server implements. |
| casRequestMethod | string | "GET" | The HTTP method that the remote CAS server should use to communicate with the local CAS handler end point. NOTE: only GET is currently supported. |
| casAsGateway | boolean | false | Indicates if the remote CAS server should use its gateway method of operation. |
| localAppUrl | string | | The base URL for your local applications. It should be an HTTPS URL. But it can be HTTP if the remote server isn't fully protocol compliant. Example: https://app.example.com/ |
| endPointPath | string | | The URI path where your application will listen for incoming CAS protocol messages. Example: /casHandler |
| defaultRedirectUrl | string | | If the user bookmarks the remote CAS server login URL, then a session will not exist to get a redirect path from. Set this to define a default redirect URL in these cases. Default: `localAppUrl` value |
| includeHeaders | array | ['cookie'] | The headers to include in redirections. This list must include the header your session manager uses for tracking session identifiers. |
| strictSSL | boolean | true | Determines if the client will require valid remote SSL certificates or not. |
| saveRawCAS | boolean | false | If true the CAS result will be saved into session.rawCas |
| sessionCredentialsMappings | Array | | An array of objects where the values of the attribute of request.session listed in object.sessionAttribute will be mapped to the attribute of request.auth.credentials listed in object.credentialsAttribute. For example, if sessionCredentialsMappings contains {sessionAttribute: 'foo.bar', credentialsAttribute: 'baz'} then request.auth.credentials.baz will contain the same data as request.session.foo.bar. NOTE: dot notation in the sessionAttribute and credentialsAttribute attributes is supported. |
| logger | object | | An instance of a logger that conforms to the Log4j interface. We recommend [https://npm.im/pino](https://npm.im/pino) |