4 * Copyright © 2003-2010, The ESUP-Portail consortium & the JA-SIG Collaborative.
\r
5 * All rights reserved.
\r
7 * Redistribution and use in source and binary forms, with or without
\r
8 * modification, are permitted provided that the following conditions are met:
\r
10 * * Redistributions of source code must retain the above copyright notice,
\r
11 * this list of conditions and the following disclaimer.
\r
12 * * Redistributions in binary form must reproduce the above copyright notice,
\r
13 * this list of conditions and the following disclaimer in the documentation
\r
14 * and/or other materials provided with the distribution.
\r
15 * * Neither the name of the ESUP-Portail consortium & the JA-SIG
\r
16 * Collaborative nor the names of its contributors may be used to endorse or
\r
17 * promote products derived from this software without specific prior
\r
18 * written permission.
\r
20 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
\r
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
\r
22 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
\r
23 * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
\r
24 * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
\r
25 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
\r
26 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
\r
27 * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
\r
28 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
\r
29 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
\r
33 // hack by Vangelis Haniotakis to handle the absence of $_SERVER['REQUEST_URI'] in IIS
\r
35 if (!$_SERVER['REQUEST_URI']) {
\r
36 $_SERVER['REQUEST_URI'] = $_SERVER['SCRIPT_NAME'] . '?' . $_SERVER['QUERY_STRING'];
\r
40 // another one by Vangelis Haniotakis also to make phpCAS work with PHP5
\r
42 if (version_compare(PHP_VERSION, '5', '>=') && !(function_exists('domxml_new_doc'))) {
\r
43 require_once (dirname(__FILE__) . '/CAS/domxml-php4-to-php5.php');
\r
48 * Interface class of the phpCAS library
\r
53 // ########################################################################
\r
55 // ########################################################################
\r
57 // ------------------------------------------------------------------------
\r
59 // ------------------------------------------------------------------------
\r
62 * phpCAS version. accessible for the user by phpCAS::getVersion().
\r
64 define('PHPCAS_VERSION', '1.1.2');
\r
66 // ------------------------------------------------------------------------
\r
68 // ------------------------------------------------------------------------
\r
70 * @addtogroup public
\r
77 define("CAS_VERSION_1_0", '1.0');
\r
81 define("CAS_VERSION_2_0", '2.0');
\r
83 // ------------------------------------------------------------------------
\r
85 // ------------------------------------------------------------------------
\r
90 define("SAML_VERSION_1_1", 'S1');
\r
93 * XML header for SAML POST
\r
95 define("SAML_XML_HEADER", '<?xml version="1.0" encoding="UTF-8"?>');
\r
98 * SOAP envelope for SAML POST
\r
100 define("SAML_SOAP_ENV", '<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"><SOAP-ENV:Header/>');
\r
103 * SOAP body for SAML POST
\r
105 define("SAML_SOAP_BODY", '<SOAP-ENV:Body>');
\r
110 define("SAMLP_REQUEST", '<samlp:Request xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" MajorVersion="1" MinorVersion="1" RequestID="_192.168.16.51.1024506224022" IssueInstant="2002-06-19T17:03:44.022Z">');
\r
111 define("SAMLP_REQUEST_CLOSE", '</samlp:Request>');
\r
114 * SAMLP artifact tag (for the ticket)
\r
116 define("SAML_ASSERTION_ARTIFACT", '<samlp:AssertionArtifact>');
\r
121 define("SAML_ASSERTION_ARTIFACT_CLOSE", '</samlp:AssertionArtifact>');
\r
126 define("SAML_SOAP_BODY_CLOSE", '</SOAP-ENV:Body>');
\r
129 * SOAP envelope close
\r
131 define("SAML_SOAP_ENV_CLOSE", '</SOAP-ENV:Envelope>');
\r
136 define("SAML_ATTRIBUTES", 'SAMLATTRIBS');
\r
140 * @addtogroup publicPGTStorage
\r
143 // ------------------------------------------------------------------------
\r
144 // FILE PGT STORAGE
\r
145 // ------------------------------------------------------------------------
\r
147 * Default path used when storing PGT's to file
\r
149 define("CAS_PGT_STORAGE_FILE_DEFAULT_PATH", '/tmp');
\r
151 * phpCAS::setPGTStorageFile()'s 2nd parameter to write plain text files
\r
153 define("CAS_PGT_STORAGE_FILE_FORMAT_PLAIN", 'plain');
\r
155 * phpCAS::setPGTStorageFile()'s 2nd parameter to write xml files
\r
157 define("CAS_PGT_STORAGE_FILE_FORMAT_XML", 'xml');
\r
159 * Default format used when storing PGT's to file
\r
161 define("CAS_PGT_STORAGE_FILE_DEFAULT_FORMAT", CAS_PGT_STORAGE_FILE_FORMAT_PLAIN);
\r
162 // ------------------------------------------------------------------------
\r
163 // DATABASE PGT STORAGE
\r
164 // ------------------------------------------------------------------------
\r
166 * default database type when storing PGT's to database
\r
168 define("CAS_PGT_STORAGE_DB_DEFAULT_DATABASE_TYPE", 'mysql');
\r
170 * default host when storing PGT's to database
\r
172 define("CAS_PGT_STORAGE_DB_DEFAULT_HOSTNAME", 'localhost');
\r
174 * default port when storing PGT's to database
\r
176 define("CAS_PGT_STORAGE_DB_DEFAULT_PORT", '');
\r
178 * default database when storing PGT's to database
\r
180 define("CAS_PGT_STORAGE_DB_DEFAULT_DATABASE", 'phpCAS');
\r
182 * default table when storing PGT's to database
\r
184 define("CAS_PGT_STORAGE_DB_DEFAULT_TABLE", 'pgt');
\r
187 // ------------------------------------------------------------------------
\r
188 // SERVICE ACCESS ERRORS
\r
189 // ------------------------------------------------------------------------
\r
191 * @addtogroup publicServices
\r
196 * phpCAS::service() error code on success
\r
198 define("PHPCAS_SERVICE_OK", 0);
\r
200 * phpCAS::service() error code when the PT could not retrieve because
\r
201 * the CAS server did not respond.
\r
203 define("PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE", 1);
\r
205 * phpCAS::service() error code when the PT could not retrieve because
\r
206 * the response of the CAS server was ill-formed.
\r
208 define("PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE", 2);
\r
210 * phpCAS::service() error code when the PT could not retrieve because
\r
211 * the CAS server did not want to.
\r
213 define("PHPCAS_SERVICE_PT_FAILURE", 3);
\r
215 * phpCAS::service() error code when the service was not available.
\r
217 define("PHPCAS_SERVICE_NOT AVAILABLE", 4);
\r
220 // ------------------------------------------------------------------------
\r
222 // ------------------------------------------------------------------------
\r
224 * @addtogroup publicLang
\r
228 define("PHPCAS_LANG_ENGLISH", 'english');
\r
229 define("PHPCAS_LANG_FRENCH", 'french');
\r
230 define("PHPCAS_LANG_GREEK", 'greek');
\r
231 define("PHPCAS_LANG_GERMAN", 'german');
\r
232 define("PHPCAS_LANG_JAPANESE", 'japanese');
\r
233 define("PHPCAS_LANG_SPANISH", 'spanish');
\r
234 define("PHPCAS_LANG_CATALAN", 'catalan');
\r
239 * @addtogroup internalLang
\r
244 * phpCAS default language (when phpCAS::setLang() is not used)
\r
246 define("PHPCAS_LANG_DEFAULT", PHPCAS_LANG_ENGLISH);
\r
249 // ------------------------------------------------------------------------
\r
251 // ------------------------------------------------------------------------
\r
253 * @addtogroup publicDebug
\r
258 * The default directory for the debug file under Unix.
\r
260 define('DEFAULT_DEBUG_DIR', '/tmp/');
\r
263 // ------------------------------------------------------------------------
\r
265 // ------------------------------------------------------------------------
\r
267 * @addtogroup internalMisc
\r
272 * This global variable is used by the interface class phpCAS.
\r
276 $GLOBALS['PHPCAS_CLIENT'] = null;
\r
279 * This global variable is used to store where the initializer is called from
\r
280 * (to print a comprehensive error in case of multiple calls).
\r
284 $GLOBALS['PHPCAS_INIT_CALL'] = array (
\r
292 * This global variable is used to store where the method checking
\r
293 * the authentication is called from (to print comprehensive errors)
\r
297 $GLOBALS['PHPCAS_AUTH_CHECK_CALL'] = array (
\r
306 * This global variable is used to store phpCAS debug mode.
\r
310 $GLOBALS['PHPCAS_DEBUG'] = array (
\r
311 'filename' => FALSE,
\r
318 // ########################################################################
\r
320 // ########################################################################
\r
322 // include client class
\r
323 include_once (dirname(__FILE__) . '/CAS/client.php');
\r
325 // ########################################################################
\r
327 // ########################################################################
\r
331 * The phpCAS class is a simple container for the phpCAS library. It provides CAS
\r
332 * authentication for web applications written in PHP.
\r
335 * @author Pascal Aubry <pascal.aubry at univ-rennes1.fr>
\r
337 * \internal All its methods access the same object ($PHPCAS_CLIENT, declared
\r
338 * at the end of CAS/client.php).
\r
343 // ########################################################################
\r
345 // ########################################################################
\r
348 * @addtogroup publicInit
\r
353 * phpCAS client initializer.
\r
354 * @note Only one of the phpCAS::client() and phpCAS::proxy functions should be
\r
355 * called, only once, and before all other methods (except phpCAS::getVersion()
\r
356 * and phpCAS::setDebug()).
\r
358 * @param $server_version the version of the CAS server
\r
359 * @param $server_hostname the hostname of the CAS server
\r
360 * @param $server_port the port the CAS server is running on
\r
361 * @param $server_uri the URI the CAS server is responding on
\r
362 * @param $start_session Have phpCAS start PHP sessions (default true)
\r
364 * @return a newly created CASClient object
\r
366 function client($server_version, $server_hostname, $server_port, $server_uri, $start_session = true) {
\r
367 global $PHPCAS_CLIENT, $PHPCAS_INIT_CALL;
\r
369 phpCAS :: traceBegin();
\r
370 if (is_object($PHPCAS_CLIENT)) {
\r
371 phpCAS :: error($PHPCAS_INIT_CALL['method'] . '() has already been called (at ' . $PHPCAS_INIT_CALL['file'] . ':' . $PHPCAS_INIT_CALL['line'] . ')');
\r
373 if (gettype($server_version) != 'string') {
\r
374 phpCAS :: error('type mismatched for parameter $server_version (should be `string\')');
\r
376 if (gettype($server_hostname) != 'string') {
\r
377 phpCAS :: error('type mismatched for parameter $server_hostname (should be `string\')');
\r
379 if (gettype($server_port) != 'integer') {
\r
380 phpCAS :: error('type mismatched for parameter $server_port (should be `integer\')');
\r
382 if (gettype($server_uri) != 'string') {
\r
383 phpCAS :: error('type mismatched for parameter $server_uri (should be `string\')');
\r
386 // store where the initializer is called from
\r
387 $dbg = phpCAS :: backtrace();
\r
388 $PHPCAS_INIT_CALL = array (
\r
390 'file' => $dbg[0]['file'],
\r
391 'line' => $dbg[0]['line'],
\r
392 'method' => __CLASS__ . '::' . __FUNCTION__
\r
395 // initialize the global object $PHPCAS_CLIENT
\r
396 $PHPCAS_CLIENT = new CASClient($server_version, FALSE /*proxy*/
\r
397 , $server_hostname, $server_port, $server_uri, $start_session);
\r
398 phpCAS :: traceEnd();
\r
402 * phpCAS proxy initializer.
\r
403 * @note Only one of the phpCAS::client() and phpCAS::proxy functions should be
\r
404 * called, only once, and before all other methods (except phpCAS::getVersion()
\r
405 * and phpCAS::setDebug()).
\r
407 * @param $server_version the version of the CAS server
\r
408 * @param $server_hostname the hostname of the CAS server
\r
409 * @param $server_port the port the CAS server is running on
\r
410 * @param $server_uri the URI the CAS server is responding on
\r
411 * @param $start_session Have phpCAS start PHP sessions (default true)
\r
413 * @return a newly created CASClient object
\r
415 function proxy($server_version, $server_hostname, $server_port, $server_uri, $start_session = true) {
\r
416 global $PHPCAS_CLIENT, $PHPCAS_INIT_CALL;
\r
418 phpCAS :: traceBegin();
\r
419 if (is_object($PHPCAS_CLIENT)) {
\r
420 phpCAS :: error($PHPCAS_INIT_CALL['method'] . '() has already been called (at ' . $PHPCAS_INIT_CALL['file'] . ':' . $PHPCAS_INIT_CALL['line'] . ')');
\r
422 if (gettype($server_version) != 'string') {
\r
423 phpCAS :: error('type mismatched for parameter $server_version (should be `string\')');
\r
425 if (gettype($server_hostname) != 'string') {
\r
426 phpCAS :: error('type mismatched for parameter $server_hostname (should be `string\')');
\r
428 if (gettype($server_port) != 'integer') {
\r
429 phpCAS :: error('type mismatched for parameter $server_port (should be `integer\')');
\r
431 if (gettype($server_uri) != 'string') {
\r
432 phpCAS :: error('type mismatched for parameter $server_uri (should be `string\')');
\r
435 // store where the initialzer is called from
\r
436 $dbg = phpCAS :: backtrace();
\r
437 $PHPCAS_INIT_CALL = array (
\r
439 'file' => $dbg[0]['file'],
\r
440 'line' => $dbg[0]['line'],
\r
441 'method' => __CLASS__ . '::' . __FUNCTION__
\r
444 // initialize the global object $PHPCAS_CLIENT
\r
445 $PHPCAS_CLIENT = new CASClient($server_version, TRUE /*proxy*/
\r
446 , $server_hostname, $server_port, $server_uri, $start_session);
\r
447 phpCAS :: traceEnd();
\r
451 // ########################################################################
\r
453 // ########################################################################
\r
456 * @addtogroup publicDebug
\r
461 * Set/unset debug mode
\r
463 * @param $filename the name of the file used for logging, or FALSE to stop debugging.
\r
465 function setDebug($filename = '') {
\r
466 global $PHPCAS_DEBUG;
\r
468 if ($filename != FALSE && gettype($filename) != 'string') {
\r
469 phpCAS :: error('type mismatched for parameter $dbg (should be FALSE or the name of the log file)');
\r
472 if (empty ($filename)) {
\r
473 if (preg_match('/^Win.*/', getenv('OS'))) {
\r
474 if (isset ($_ENV['TMP'])) {
\r
475 $debugDir = $_ENV['TMP'] . '/';
\r
477 if (isset ($_ENV['TEMP'])) {
\r
478 $debugDir = $_ENV['TEMP'] . '/';
\r
483 $debugDir = DEFAULT_DEBUG_DIR;
\r
485 $filename = $debugDir . 'phpCAS.log';
\r
488 if (empty ($PHPCAS_DEBUG['unique_id'])) {
\r
489 $PHPCAS_DEBUG['unique_id'] = substr(strtoupper(md5(uniqid(''))), 0, 4);
\r
492 $PHPCAS_DEBUG['filename'] = $filename;
\r
494 phpCAS :: trace('START phpCAS-' . PHPCAS_VERSION . ' ******************');
\r
499 * @addtogroup internalDebug
\r
504 * This method is a wrapper for debug_backtrace() that is not available
\r
505 * in all PHP versions (>= 4.3.0 only)
\r
507 function backtrace() {
\r
508 if (function_exists('debug_backtrace')) {
\r
509 return debug_backtrace();
\r
511 // poor man's hack ... but it does work ...
\r
517 * Logs a string in debug mode.
\r
519 * @param $str the string to write
\r
523 function log($str) {
\r
525 global $PHPCAS_DEBUG;
\r
527 if ($PHPCAS_DEBUG['filename']) {
\r
528 for ($i = 0; $i < $PHPCAS_DEBUG['indent']; $i++) {
\r
529 $indent_str .= '| ';
\r
531 error_log($PHPCAS_DEBUG['unique_id'] . ' ' . $indent_str . $str . "\n", 3, $PHPCAS_DEBUG['filename']);
\r
537 * This method is used by interface methods to print an error and where the function
\r
538 * was originally called from.
\r
540 * @param $msg the message to print
\r
544 function error($msg) {
\r
545 $dbg = phpCAS :: backtrace();
\r
549 if (is_array($dbg)) {
\r
550 for ($i = 1; $i < sizeof($dbg); $i++) {
\r
551 if (is_array($dbg[$i])) {
\r
552 if ($dbg[$i]['class'] == __CLASS__) {
\r
553 $function = $dbg[$i]['function'];
\r
554 $file = $dbg[$i]['file'];
\r
555 $line = $dbg[$i]['line'];
\r
560 echo "<br />\n<b>phpCAS error</b>: <font color=\"FF0000\"><b>" . __CLASS__ . "::" . $function . '(): ' . htmlentities($msg) . "</b></font> in <b>" . $file . "</b> on line <b>" . $line . "</b><br />\n";
\r
561 phpCAS :: trace($msg);
\r
562 phpCAS :: traceExit();
\r
567 * This method is used to log something in debug mode.
\r
569 function trace($str) {
\r
570 $dbg = phpCAS :: backtrace();
\r
571 phpCAS :: log($str . ' [' . basename($dbg[1]['file']) . ':' . $dbg[1]['line'] . ']');
\r
575 * This method is used to indicate the start of the execution of a function in debug mode.
\r
577 function traceBegin() {
\r
578 global $PHPCAS_DEBUG;
\r
580 $dbg = phpCAS :: backtrace();
\r
582 if (!empty ($dbg[2]['class'])) {
\r
583 $str .= $dbg[2]['class'] . '::';
\r
585 $str .= $dbg[2]['function'] . '(';
\r
586 if (is_array($dbg[2]['args'])) {
\r
587 foreach ($dbg[2]['args'] as $index => $arg) {
\r
591 $str .= str_replace("\n", "", var_export($arg, TRUE));
\r
594 $str .= ') [' . basename($dbg[2]['file']) . ':' . $dbg[2]['line'] . ']';
\r
595 phpCAS :: log($str);
\r
596 $PHPCAS_DEBUG['indent']++;
\r
600 * This method is used to indicate the end of the execution of a function in debug mode.
\r
602 * @param $res the result of the function
\r
604 function traceEnd($res = '') {
\r
605 global $PHPCAS_DEBUG;
\r
607 $PHPCAS_DEBUG['indent']--;
\r
608 $dbg = phpCAS :: backtrace();
\r
610 $str .= '<= ' . str_replace("\n", "", var_export($res, TRUE));
\r
611 phpCAS :: log($str);
\r
615 * This method is used to indicate the end of the execution of the program
\r
617 function traceExit() {
\r
618 global $PHPCAS_DEBUG;
\r
620 phpCAS :: log('exit()');
\r
621 while ($PHPCAS_DEBUG['indent'] > 0) {
\r
622 phpCAS :: log('-');
\r
623 $PHPCAS_DEBUG['indent']--;
\r
628 // ########################################################################
\r
629 // INTERNATIONALIZATION
\r
630 // ########################################################################
\r
632 * @addtogroup publicLang
\r
637 * This method is used to set the language used by phpCAS.
\r
638 * @note Can be called only once.
\r
640 * @param $lang a string representing the language.
\r
642 * @sa PHPCAS_LANG_FRENCH, PHPCAS_LANG_ENGLISH
\r
644 function setLang($lang) {
\r
645 global $PHPCAS_CLIENT;
\r
646 if (!is_object($PHPCAS_CLIENT)) {
\r
647 phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
\r
649 if (gettype($lang) != 'string') {
\r
650 phpCAS :: error('type mismatched for parameter $lang (should be `string\')');
\r
652 $PHPCAS_CLIENT->setLang($lang);
\r
656 // ########################################################################
\r
658 // ########################################################################
\r
660 * @addtogroup public
\r
665 * This method returns the phpCAS version.
\r
667 * @return the phpCAS version.
\r
669 function getVersion() {
\r
670 return PHPCAS_VERSION;
\r
674 // ########################################################################
\r
676 // ########################################################################
\r
678 * @addtogroup publicOutput
\r
683 * This method sets the HTML header used for all outputs.
\r
685 * @param $header the HTML header.
\r
687 function setHTMLHeader($header) {
\r
688 global $PHPCAS_CLIENT;
\r
689 if (!is_object($PHPCAS_CLIENT)) {
\r
690 phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
\r
692 if (gettype($header) != 'string') {
\r
693 phpCAS :: error('type mismatched for parameter $header (should be `string\')');
\r
695 $PHPCAS_CLIENT->setHTMLHeader($header);
\r
699 * This method sets the HTML footer used for all outputs.
\r
701 * @param $footer the HTML footer.
\r
703 function setHTMLFooter($footer) {
\r
704 global $PHPCAS_CLIENT;
\r
705 if (!is_object($PHPCAS_CLIENT)) {
\r
706 phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
\r
708 if (gettype($footer) != 'string') {
\r
709 phpCAS :: error('type mismatched for parameter $footer (should be `string\')');
\r
711 $PHPCAS_CLIENT->setHTMLFooter($footer);
\r
715 // ########################################################################
\r
717 // ########################################################################
\r
719 * @addtogroup publicPGTStorage
\r
724 * This method is used to tell phpCAS to store the response of the
\r
725 * CAS server to PGT requests onto the filesystem.
\r
727 * @param $format the format used to store the PGT's (`plain' and `xml' allowed)
\r
728 * @param $path the path where the PGT's should be stored
\r
730 function setPGTStorageFile($format = '', $path = '') {
\r
731 global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;
\r
733 phpCAS :: traceBegin();
\r
734 if (!is_object($PHPCAS_CLIENT)) {
\r
735 phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');
\r
737 if (!$PHPCAS_CLIENT->isProxy()) {
\r
738 phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');
\r
740 if ($PHPCAS_AUTH_CHECK_CALL['done']) {
\r
741 phpCAS :: error('this method should only be called before ' . $PHPCAS_AUTH_CHECK_CALL['method'] . '() (called at ' . $PHPCAS_AUTH_CHECK_CALL['file'] . ':' . $PHPCAS_AUTH_CHECK_CALL['line'] . ')');
\r
743 if (gettype($format) != 'string') {
\r
744 phpCAS :: error('type mismatched for parameter $format (should be `string\')');
\r
746 if (gettype($path) != 'string') {
\r
747 phpCAS :: error('type mismatched for parameter $format (should be `string\')');
\r
749 $PHPCAS_CLIENT->setPGTStorageFile($format, $path);
\r
750 phpCAS :: traceEnd();
\r
754 * This method is used to tell phpCAS to store the response of the
\r
755 * CAS server to PGT requests into a database.
\r
756 * @note The connection to the database is done only when needed.
\r
757 * As a consequence, bad parameters are detected only when
\r
758 * initializing PGT storage, except in debug mode.
\r
760 * @param $user the user to access the data with
\r
761 * @param $password the user's password
\r
762 * @param $database_type the type of the database hosting the data
\r
763 * @param $hostname the server hosting the database
\r
764 * @param $port the port the server is listening on
\r
765 * @param $database the name of the database
\r
766 * @param $table the name of the table storing the data
\r
768 function setPGTStorageDB($user, $password, $database_type = '', $hostname = '', $port = 0, $database = '', $table = '') {
\r
769 global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;
\r
771 phpCAS :: traceBegin();
\r
772 if (!is_object($PHPCAS_CLIENT)) {
\r
773 phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');
\r
775 if (!$PHPCAS_CLIENT->isProxy()) {
\r
776 phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');
\r
778 if ($PHPCAS_AUTH_CHECK_CALL['done']) {
\r
779 phpCAS :: error('this method should only be called before ' . $PHPCAS_AUTH_CHECK_CALL['method'] . '() (called at ' . $PHPCAS_AUTH_CHECK_CALL['file'] . ':' . $PHPCAS_AUTH_CHECK_CALL['line'] . ')');
\r
781 if (gettype($user) != 'string') {
\r
782 phpCAS :: error('type mismatched for parameter $user (should be `string\')');
\r
784 if (gettype($password) != 'string') {
\r
785 phpCAS :: error('type mismatched for parameter $password (should be `string\')');
\r
787 if (gettype($database_type) != 'string') {
\r
788 phpCAS :: error('type mismatched for parameter $database_type (should be `string\')');
\r
790 if (gettype($hostname) != 'string') {
\r
791 phpCAS :: error('type mismatched for parameter $hostname (should be `string\')');
\r
793 if (gettype($port) != 'integer') {
\r
794 phpCAS :: error('type mismatched for parameter $port (should be `integer\')');
\r
796 if (gettype($database) != 'string') {
\r
797 phpCAS :: error('type mismatched for parameter $database (should be `string\')');
\r
799 if (gettype($table) != 'string') {
\r
800 phpCAS :: error('type mismatched for parameter $table (should be `string\')');
\r
802 $PHPCAS_CLIENT->setPGTStorageDB($user, $password, $database_type, $hostname, $port, $database, $table);
\r
803 phpCAS :: traceEnd();
\r
807 // ########################################################################
\r
808 // ACCESS TO EXTERNAL SERVICES
\r
809 // ########################################################################
\r
811 * @addtogroup publicServices
\r
816 * This method is used to access an HTTP[S] service.
\r
818 * @param $url the service to access.
\r
819 * @param $err_code an error code Possible values are PHPCAS_SERVICE_OK (on
\r
820 * success), PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE, PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE,
\r
821 * PHPCAS_SERVICE_PT_FAILURE, PHPCAS_SERVICE_NOT AVAILABLE.
\r
822 * @param $output the output of the service (also used to give an error
\r
823 * message on failure).
\r
825 * @return TRUE on success, FALSE otherwise (in this later case, $err_code
\r
826 * gives the reason why it failed and $output contains an error message).
\r
828 function serviceWeb($url, & $err_code, & $output) {
\r
829 global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;
\r
831 phpCAS :: traceBegin();
\r
832 if (!is_object($PHPCAS_CLIENT)) {
\r
833 phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');
\r
835 if (!$PHPCAS_CLIENT->isProxy()) {
\r
836 phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');
\r
838 if (!$PHPCAS_AUTH_CHECK_CALL['done']) {
\r
839 phpCAS :: error('this method should only be called after the programmer is sure the user has been authenticated (by calling ' . __CLASS__ . '::checkAuthentication() or ' . __CLASS__ . '::forceAuthentication()');
\r
841 if (!$PHPCAS_AUTH_CHECK_CALL['result']) {
\r
842 phpCAS :: error('authentication was checked (by ' . $PHPCAS_AUTH_CHECK_CALL['method'] . '() at ' . $PHPCAS_AUTH_CHECK_CALL['file'] . ':' . $PHPCAS_AUTH_CHECK_CALL['line'] . ') but the method returned FALSE');
\r
844 if (gettype($url) != 'string') {
\r
845 phpCAS :: error('type mismatched for parameter $url (should be `string\')');
\r
848 $res = $PHPCAS_CLIENT->serviceWeb($url, $err_code, $output);
\r
850 phpCAS :: traceEnd($res);
\r
855 * This method is used to access an IMAP/POP3/NNTP service.
\r
857 * @param $url a string giving the URL of the service, including the mailing box
\r
858 * for IMAP URLs, as accepted by imap_open().
\r
859 * @param $service a string giving for CAS retrieve Proxy ticket
\r
860 * @param $flags options given to imap_open().
\r
861 * @param $err_code an error code Possible values are PHPCAS_SERVICE_OK (on
\r
862 * success), PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE, PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE,
\r
863 * PHPCAS_SERVICE_PT_FAILURE, PHPCAS_SERVICE_NOT AVAILABLE.
\r
864 * @param $err_msg an error message on failure
\r
865 * @param $pt the Proxy Ticket (PT) retrieved from the CAS server to access the URL
\r
866 * on success, FALSE on error).
\r
868 * @return an IMAP stream on success, FALSE otherwise (in this later case, $err_code
\r
869 * gives the reason why it failed and $err_msg contains an error message).
\r
871 function serviceMail($url, $service, $flags, & $err_code, & $err_msg, & $pt) {
\r
872 global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;
\r
874 phpCAS :: traceBegin();
\r
875 if (!is_object($PHPCAS_CLIENT)) {
\r
876 phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');
\r
878 if (!$PHPCAS_CLIENT->isProxy()) {
\r
879 phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');
\r
881 if (!$PHPCAS_AUTH_CHECK_CALL['done']) {
\r
882 phpCAS :: error('this method should only be called after the programmer is sure the user has been authenticated (by calling ' . __CLASS__ . '::checkAuthentication() or ' . __CLASS__ . '::forceAuthentication()');
\r
884 if (!$PHPCAS_AUTH_CHECK_CALL['result']) {
\r
885 phpCAS :: error('authentication was checked (by ' . $PHPCAS_AUTH_CHECK_CALL['method'] . '() at ' . $PHPCAS_AUTH_CHECK_CALL['file'] . ':' . $PHPCAS_AUTH_CHECK_CALL['line'] . ') but the method returned FALSE');
\r
887 if (gettype($url) != 'string') {
\r
888 phpCAS :: error('type mismatched for parameter $url (should be `string\')');
\r
891 if (gettype($flags) != 'integer') {
\r
892 phpCAS :: error('type mismatched for parameter $flags (should be `integer\')');
\r
895 $res = $PHPCAS_CLIENT->serviceMail($url, $service, $flags, $err_code, $err_msg, $pt);
\r
897 phpCAS :: traceEnd($res);
\r
902 // ########################################################################
\r
904 // ########################################################################
\r
906 * @addtogroup publicAuth
\r
911 * Set the times authentication will be cached before really accessing the CAS server in gateway mode:
\r
912 * - -1: check only once, and then never again (until you pree login)
\r
913 * - 0: always check
\r
914 * - n: check every "n" time
\r
916 * @param $n an integer.
\r
918 function setCacheTimesForAuthRecheck($n) {
\r
919 global $PHPCAS_CLIENT;
\r
920 if (!is_object($PHPCAS_CLIENT)) {
\r
921 phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
\r
923 if (gettype($n) != 'integer') {
\r
924 phpCAS :: error('type mismatched for parameter $header (should be `string\')');
\r
926 $PHPCAS_CLIENT->setCacheTimesForAuthRecheck($n);
\r
930 * This method is called to check if the user is authenticated (use the gateway feature).
\r
931 * @return TRUE when the user is authenticated; otherwise FALSE.
\r
933 function checkAuthentication() {
\r
934 global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;
\r
936 phpCAS :: traceBegin();
\r
937 if (!is_object($PHPCAS_CLIENT)) {
\r
938 phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
\r
941 $auth = $PHPCAS_CLIENT->checkAuthentication();
\r
943 // store where the authentication has been checked and the result
\r
944 $dbg = phpCAS :: backtrace();
\r
945 $PHPCAS_AUTH_CHECK_CALL = array (
\r
947 'file' => $dbg[0]['file'],
\r
948 'line' => $dbg[0]['line'],
\r
949 'method' => __CLASS__ . '::' . __FUNCTION__,
\r
952 phpCAS :: traceEnd($auth);
\r
957 * This method is called to force authentication if the user was not already
\r
958 * authenticated. If the user is not authenticated, halt by redirecting to
\r
961 function forceAuthentication() {
\r
962 global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;
\r
964 phpCAS :: traceBegin();
\r
965 if (!is_object($PHPCAS_CLIENT)) {
\r
966 phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
\r
969 $auth = $PHPCAS_CLIENT->forceAuthentication();
\r
971 // store where the authentication has been checked and the result
\r
972 $dbg = phpCAS :: backtrace();
\r
973 $PHPCAS_AUTH_CHECK_CALL = array (
\r
975 'file' => $dbg[0]['file'],
\r
976 'line' => $dbg[0]['line'],
\r
977 'method' => __CLASS__ . '::' . __FUNCTION__,
\r
982 phpCAS :: trace('user is not authenticated, redirecting to the CAS server');
\r
983 $PHPCAS_CLIENT->forceAuthentication();
\r
985 phpCAS :: trace('no need to authenticate (user `' . phpCAS :: getUser() . '\' is already authenticated)');
\r
988 phpCAS :: traceEnd();
\r
993 * This method is called to renew the authentication.
\r
995 function renewAuthentication() {
\r
996 global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;
\r
998 phpCAS :: traceBegin();
\r
999 if (!is_object($PHPCAS_CLIENT)) {
\r
1000 phpCAS :: error('this method should not be called before' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
\r
1003 // store where the authentication has been checked and the result
\r
1004 $dbg = phpCAS :: backtrace();
\r
1005 $PHPCAS_AUTH_CHECK_CALL = array (
\r
1007 'file' => $dbg[0]['file'],
\r
1008 'line' => $dbg[0]['line'],
\r
1009 'method' => __CLASS__ . '::' . __FUNCTION__,
\r
1013 $PHPCAS_CLIENT->renewAuthentication();
\r
1014 phpCAS :: traceEnd();
\r
1018 * This method has been left from version 0.4.1 for compatibility reasons.
\r
1020 function authenticate() {
\r
1021 phpCAS :: error('this method is deprecated. You should use ' . __CLASS__ . '::forceAuthentication() instead');
\r
1025 * This method is called to check if the user is authenticated (previously or by
\r
1026 * tickets given in the URL).
\r
1028 * @return TRUE when the user is authenticated.
\r
1030 function isAuthenticated() {
\r
1031 global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;
\r
1033 phpCAS :: traceBegin();
\r
1034 if (!is_object($PHPCAS_CLIENT)) {
\r
1035 phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
\r
1038 // call the isAuthenticated method of the global $PHPCAS_CLIENT object
\r
1039 $auth = $PHPCAS_CLIENT->isAuthenticated();
\r
1041 // store where the authentication has been checked and the result
\r
1042 $dbg = phpCAS :: backtrace();
\r
1043 $PHPCAS_AUTH_CHECK_CALL = array (
\r
1045 'file' => $dbg[0]['file'],
\r
1046 'line' => $dbg[0]['line'],
\r
1047 'method' => __CLASS__ . '::' . __FUNCTION__,
\r
1050 phpCAS :: traceEnd($auth);
\r
1055 * Checks whether authenticated based on $_SESSION. Useful to avoid
\r
1057 * @return true if authenticated, false otherwise.
\r
1058 * @since 0.4.22 by Brendan Arnold
\r
1060 function isSessionAuthenticated() {
\r
1061 global $PHPCAS_CLIENT;
\r
1062 if (!is_object($PHPCAS_CLIENT)) {
\r
1063 phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
\r
1065 return ($PHPCAS_CLIENT->isSessionAuthenticated());
\r
1069 * This method returns the CAS user's login name.
\r
1070 * @warning should not be called only after phpCAS::forceAuthentication()
\r
1071 * or phpCAS::checkAuthentication().
\r
1073 * @return the login name of the authenticated user
\r
1075 function getUser() {
\r
1076 global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;
\r
1077 if (!is_object($PHPCAS_CLIENT)) {
\r
1078 phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
\r
1080 if (!$PHPCAS_AUTH_CHECK_CALL['done']) {
\r
1081 phpCAS :: error('this method should only be called after ' . __CLASS__ . '::forceAuthentication() or ' . __CLASS__ . '::isAuthenticated()');
\r
1083 if (!$PHPCAS_AUTH_CHECK_CALL['result']) {
\r
1084 phpCAS :: error('authentication was checked (by ' . $PHPCAS_AUTH_CHECK_CALL['method'] . '() at ' . $PHPCAS_AUTH_CHECK_CALL['file'] . ':' . $PHPCAS_AUTH_CHECK_CALL['line'] . ') but the method returned FALSE');
\r
1086 return $PHPCAS_CLIENT->getUser();
\r
1090 * This method returns the CAS user's login name.
\r
1091 * @warning should not be called only after phpCAS::forceAuthentication()
\r
1092 * or phpCAS::checkAuthentication().
\r
1094 * @return the login name of the authenticated user
\r
1096 function getAttributes() {
\r
1097 global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;
\r
1098 if (!is_object($PHPCAS_CLIENT)) {
\r
1099 phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
\r
1101 if (!$PHPCAS_AUTH_CHECK_CALL['done']) {
\r
1102 phpCAS :: error('this method should only be called after ' . __CLASS__ . '::forceAuthentication() or ' . __CLASS__ . '::isAuthenticated()');
\r
1104 if (!$PHPCAS_AUTH_CHECK_CALL['result']) {
\r
1105 phpCAS :: error('authentication was checked (by ' . $PHPCAS_AUTH_CHECK_CALL['method'] . '() at ' . $PHPCAS_AUTH_CHECK_CALL['file'] . ':' . $PHPCAS_AUTH_CHECK_CALL['line'] . ') but the method returned FALSE');
\r
1107 return $PHPCAS_CLIENT->getAttributes();
\r
1110 * Handle logout requests.
\r
1112 function handleLogoutRequests($check_client = true, $allowed_clients = false) {
\r
1113 global $PHPCAS_CLIENT;
\r
1114 if (!is_object($PHPCAS_CLIENT)) {
\r
1115 phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
\r
1117 return ($PHPCAS_CLIENT->handleLogoutRequests($check_client, $allowed_clients));
\r
1121 * This method returns the URL to be used to login.
\r
1122 * or phpCAS::isAuthenticated().
\r
1124 * @return the login name of the authenticated user
\r
1126 function getServerLoginURL() {
\r
1127 global $PHPCAS_CLIENT;
\r
1128 if (!is_object($PHPCAS_CLIENT)) {
\r
1129 phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
\r
1131 return $PHPCAS_CLIENT->getServerLoginURL();
\r
1135 * Set the login URL of the CAS server.
\r
1136 * @param $url the login URL
\r
1137 * @since 0.4.21 by Wyman Chan
\r
1139 function setServerLoginURL($url = '') {
\r
1140 global $PHPCAS_CLIENT;
\r
1141 phpCAS :: traceBegin();
\r
1142 if (!is_object($PHPCAS_CLIENT)) {
\r
1143 phpCAS :: error('this method should only be called after
\r
1144 ' . __CLASS__ . '::client()');
\r
1146 if (gettype($url) != 'string') {
\r
1147 phpCAS :: error('type mismatched for parameter $url (should be
\r
1150 $PHPCAS_CLIENT->setServerLoginURL($url);
\r
1151 phpCAS :: traceEnd();
\r
1155 * Set the serviceValidate URL of the CAS server.
\r
1156 * Used only in CAS 1.0 validations
\r
1157 * @param $url the serviceValidate URL
\r
1158 * @since 1.1.0 by Joachim Fritschi
\r
1160 function setServerServiceValidateURL($url = '') {
\r
1161 global $PHPCAS_CLIENT;
\r
1162 phpCAS :: traceBegin();
\r
1163 if (!is_object($PHPCAS_CLIENT)) {
\r
1164 phpCAS :: error('this method should only be called after
\r
1165 ' . __CLASS__ . '::client()');
\r
1167 if (gettype($url) != 'string') {
\r
1168 phpCAS :: error('type mismatched for parameter $url (should be
\r
1171 $PHPCAS_CLIENT->setServerServiceValidateURL($url);
\r
1172 phpCAS :: traceEnd();
\r
1176 * Set the proxyValidate URL of the CAS server.
\r
1177 * Used for all CAS 2.0 validations
\r
1178 * @param $url the proxyValidate URL
\r
1179 * @since 1.1.0 by Joachim Fritschi
\r
1181 function setServerProxyValidateURL($url = '') {
\r
1182 global $PHPCAS_CLIENT;
\r
1183 phpCAS :: traceBegin();
\r
1184 if (!is_object($PHPCAS_CLIENT)) {
\r
1185 phpCAS :: error('this method should only be called after
\r
1186 ' . __CLASS__ . '::client()');
\r
1188 if (gettype($url) != 'string') {
\r
1189 phpCAS :: error('type mismatched for parameter $url (should be
\r
1192 $PHPCAS_CLIENT->setServerProxyValidateURL($url);
\r
1193 phpCAS :: traceEnd();
\r
1197 * Set the samlValidate URL of the CAS server.
\r
1198 * @param $url the samlValidate URL
\r
1199 * @since 1.1.0 by Joachim Fritschi
\r
1201 function setServerSamlValidateURL($url = '') {
\r
1202 global $PHPCAS_CLIENT;
\r
1203 phpCAS :: traceBegin();
\r
1204 if (!is_object($PHPCAS_CLIENT)) {
\r
1205 phpCAS :: error('this method should only be called after
\r
1206 ' . __CLASS__ . '::client()');
\r
1208 if (gettype($url) != 'string') {
\r
1209 phpCAS :: error('type mismatched for parameter $url (should be
\r
1212 $PHPCAS_CLIENT->setServerSamlValidateURL($url);
\r
1213 phpCAS :: traceEnd();
\r
1217 * This method returns the URL to be used to login.
\r
1218 * or phpCAS::isAuthenticated().
\r
1220 * @return the login name of the authenticated user
\r
1222 function getServerLogoutURL() {
\r
1223 global $PHPCAS_CLIENT;
\r
1224 if (!is_object($PHPCAS_CLIENT)) {
\r
1225 phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
\r
1227 return $PHPCAS_CLIENT->getServerLogoutURL();
\r
1231 * Set the logout URL of the CAS server.
\r
1232 * @param $url the logout URL
\r
1233 * @since 0.4.21 by Wyman Chan
\r
1235 function setServerLogoutURL($url = '') {
\r
1236 global $PHPCAS_CLIENT;
\r
1237 phpCAS :: traceBegin();
\r
1238 if (!is_object($PHPCAS_CLIENT)) {
\r
1239 phpCAS :: error('this method should only be called after
\r
1240 ' . __CLASS__ . '::client()');
\r
1242 if (gettype($url) != 'string') {
\r
1243 phpCAS :: error('type mismatched for parameter $url (should be
\r
1246 $PHPCAS_CLIENT->setServerLogoutURL($url);
\r
1247 phpCAS :: traceEnd();
\r
1251 * This method is used to logout from CAS.
\r
1252 * @params $params an array that contains the optional url and service parameters that will be passed to the CAS server
\r
1255 function logout($params = "") {
\r
1256 global $PHPCAS_CLIENT;
\r
1257 phpCAS :: traceBegin();
\r
1258 if (!is_object($PHPCAS_CLIENT)) {
\r
1259 phpCAS :: error('this method should only be called after ' . __CLASS__ . '::client() or' . __CLASS__ . '::proxy()');
\r
1261 $parsedParams = array ();
\r
1262 if ($params != "") {
\r
1263 if (is_string($params)) {
\r
1264 phpCAS :: error('method `phpCAS::logout($url)\' is now deprecated, use `phpCAS::logoutWithUrl($url)\' instead');
\r
1266 if (!is_array($params)) {
\r
1267 phpCAS :: error('type mismatched for parameter $params (should be `array\')');
\r
1269 foreach ($params as $key => $value) {
\r
1270 if ($key != "service" && $key != "url") {
\r
1271 phpCAS :: error('only `url\' and `service\' parameters are allowed for method `phpCAS::logout($params)\'');
\r
1273 $parsedParams[$key] = $value;
\r
1276 $PHPCAS_CLIENT->logout($parsedParams);
\r
1278 phpCAS :: traceEnd();
\r
1282 * This method is used to logout from CAS. Halts by redirecting to the CAS server.
\r
1283 * @param $service a URL that will be transmitted to the CAS server
\r
1285 function logoutWithRedirectService($service) {
\r
1286 global $PHPCAS_CLIENT;
\r
1287 phpCAS :: traceBegin();
\r
1288 if (!is_object($PHPCAS_CLIENT)) {
\r
1289 phpCAS :: error('this method should only be called after ' . __CLASS__ . '::client() or' . __CLASS__ . '::proxy()');
\r
1291 if (!is_string($service)) {
\r
1292 phpCAS :: error('type mismatched for parameter $service (should be `string\')');
\r
1294 $PHPCAS_CLIENT->logout(array (
\r
1295 "service" => $service
\r
1298 phpCAS :: traceEnd();
\r
1302 * This method is used to logout from CAS. Halts by redirecting to the CAS server.
\r
1303 * @param $url a URL that will be transmitted to the CAS server
\r
1305 function logoutWithUrl($url) {
\r
1306 global $PHPCAS_CLIENT;
\r
1307 phpCAS :: traceBegin();
\r
1308 if (!is_object($PHPCAS_CLIENT)) {
\r
1309 phpCAS :: error('this method should only be called after ' . __CLASS__ . '::client() or' . __CLASS__ . '::proxy()');
\r
1311 if (!is_string($url)) {
\r
1312 phpCAS :: error('type mismatched for parameter $url (should be `string\')');
\r
1314 $PHPCAS_CLIENT->logout(array (
\r
1318 phpCAS :: traceEnd();
\r
1322 * This method is used to logout from CAS. Halts by redirecting to the CAS server.
\r
1323 * @param $service a URL that will be transmitted to the CAS server
\r
1324 * @param $url a URL that will be transmitted to the CAS server
\r
1326 function logoutWithRedirectServiceAndUrl($service, $url) {
\r
1327 global $PHPCAS_CLIENT;
\r
1328 phpCAS :: traceBegin();
\r
1329 if (!is_object($PHPCAS_CLIENT)) {
\r
1330 phpCAS :: error('this method should only be called after ' . __CLASS__ . '::client() or' . __CLASS__ . '::proxy()');
\r
1332 if (!is_string($service)) {
\r
1333 phpCAS :: error('type mismatched for parameter $service (should be `string\')');
\r
1335 if (!is_string($url)) {
\r
1336 phpCAS :: error('type mismatched for parameter $url (should be `string\')');
\r
1338 $PHPCAS_CLIENT->logout(array (
\r
1339 "service" => $service,
\r
1343 phpCAS :: traceEnd();
\r
1347 * Set the fixed URL that will be used by the CAS server to transmit the PGT.
\r
1348 * When this method is not called, a phpCAS script uses its own URL for the callback.
\r
1350 * @param $url the URL
\r
1352 function setFixedCallbackURL($url = '') {
\r
1353 global $PHPCAS_CLIENT;
\r
1354 phpCAS :: traceBegin();
\r
1355 if (!is_object($PHPCAS_CLIENT)) {
\r
1356 phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');
\r
1358 if (!$PHPCAS_CLIENT->isProxy()) {
\r
1359 phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');
\r
1361 if (gettype($url) != 'string') {
\r
1362 phpCAS :: error('type mismatched for parameter $url (should be `string\')');
\r
1364 $PHPCAS_CLIENT->setCallbackURL($url);
\r
1365 phpCAS :: traceEnd();
\r
1369 * Set the fixed URL that will be set as the CAS service parameter. When this
\r
1370 * method is not called, a phpCAS script uses its own URL.
\r
1372 * @param $url the URL
\r
1374 function setFixedServiceURL($url) {
\r
1375 global $PHPCAS_CLIENT;
\r
1376 phpCAS :: traceBegin();
\r
1377 if (!is_object($PHPCAS_CLIENT)) {
\r
1378 phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');
\r
1380 if (gettype($url) != 'string') {
\r
1381 phpCAS :: error('type mismatched for parameter $url (should be `string\')');
\r
1383 $PHPCAS_CLIENT->setURL($url);
\r
1384 phpCAS :: traceEnd();
\r
1388 * Get the URL that is set as the CAS service parameter.
\r
1390 function getServiceURL() {
\r
1391 global $PHPCAS_CLIENT;
\r
1392 if (!is_object($PHPCAS_CLIENT)) {
\r
1393 phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');
\r
1395 return ($PHPCAS_CLIENT->getURL());
\r
1399 * Retrieve a Proxy Ticket from the CAS server.
\r
1401 function retrievePT($target_service, & $err_code, & $err_msg) {
\r
1402 global $PHPCAS_CLIENT;
\r
1403 if (!is_object($PHPCAS_CLIENT)) {
\r
1404 phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');
\r
1406 if (gettype($target_service) != 'string') {
\r
1407 phpCAS :: error('type mismatched for parameter $target_service(should be `string\')');
\r
1409 return ($PHPCAS_CLIENT->retrievePT($target_service, $err_code, $err_msg));
\r
1413 * Set the certificate of the CAS server.
\r
1415 * @param $cert the PEM certificate
\r
1417 function setCasServerCert($cert) {
\r
1418 global $PHPCAS_CLIENT;
\r
1419 phpCAS :: traceBegin();
\r
1420 if (!is_object($PHPCAS_CLIENT)) {
\r
1421 phpCAS :: error('this method should only be called after ' . __CLASS__ . '::client() or' . __CLASS__ . '::proxy()');
\r
1423 if (gettype($cert) != 'string') {
\r
1424 phpCAS :: error('type mismatched for parameter $cert (should be `string\')');
\r
1426 $PHPCAS_CLIENT->setCasServerCert($cert);
\r
1427 phpCAS :: traceEnd();
\r
1431 * Set the certificate of the CAS server CA.
\r
1433 * @param $cert the CA certificate
\r
1435 function setCasServerCACert($cert) {
\r
1436 global $PHPCAS_CLIENT;
\r
1437 phpCAS :: traceBegin();
\r
1438 if (!is_object($PHPCAS_CLIENT)) {
\r
1439 phpCAS :: error('this method should only be called after ' . __CLASS__ . '::client() or' . __CLASS__ . '::proxy()');
\r
1441 if (gettype($cert) != 'string') {
\r
1442 phpCAS :: error('type mismatched for parameter $cert (should be `string\')');
\r
1444 $PHPCAS_CLIENT->setCasServerCACert($cert);
\r
1445 phpCAS :: traceEnd();
\r
1449 * Set no SSL validation for the CAS server.
\r
1451 function setNoCasServerValidation() {
\r
1452 global $PHPCAS_CLIENT;
\r
1453 phpCAS :: traceBegin();
\r
1454 if (!is_object($PHPCAS_CLIENT)) {
\r
1455 phpCAS :: error('this method should only be called after ' . __CLASS__ . '::client() or' . __CLASS__ . '::proxy()');
\r
1457 $PHPCAS_CLIENT->setNoCasServerValidation();
\r
1458 phpCAS :: traceEnd();
\r
1464 * Change CURL options.
\r
1465 * CURL is used to connect through HTTPS to CAS server
\r
1466 * @param $key the option key
\r
1467 * @param $value the value to set
\r
1469 function setExtraCurlOption($key, $value) {
\r
1470 global $PHPCAS_CLIENT;
\r
1471 phpCAS :: traceBegin();
\r
1472 if (!is_object($PHPCAS_CLIENT)) {
\r
1473 phpCAS :: error('this method should only be called after ' . __CLASS__ . '::client() or' . __CLASS__ . '::proxy()');
\r
1475 $PHPCAS_CLIENT->setExtraCurlOption($key, $value);
\r
1476 phpCAS :: traceEnd();
\r
1481 // ########################################################################
\r
1483 // ########################################################################
\r
1485 // ########################################################################
\r
1491 * The following pages only show the source documentation.
\r
1495 // ########################################################################
\r
1496 // MODULES DEFINITION
\r
1498 /** @defgroup public User interface */
\r
1500 /** @defgroup publicInit Initialization
\r
1501 * @ingroup public */
\r
1503 /** @defgroup publicAuth Authentication
\r
1504 * @ingroup public */
\r
1506 /** @defgroup publicServices Access to external services
\r
1507 * @ingroup public */
\r
1509 /** @defgroup publicConfig Configuration
\r
1510 * @ingroup public */
\r
1512 /** @defgroup publicLang Internationalization
\r
1513 * @ingroup publicConfig */
\r
1515 /** @defgroup publicOutput HTML output
\r
1516 * @ingroup publicConfig */
\r
1518 /** @defgroup publicPGTStorage PGT storage
\r
1519 * @ingroup publicConfig */
\r
1521 /** @defgroup publicDebug Debugging
\r
1522 * @ingroup public */
\r
1524 /** @defgroup internal Implementation */
\r
1526 /** @defgroup internalAuthentication Authentication
\r
1527 * @ingroup internal */
\r
1529 /** @defgroup internalBasic CAS Basic client features (CAS 1.0, Service Tickets)
\r
1530 * @ingroup internal */
\r
1532 /** @defgroup internalProxy CAS Proxy features (CAS 2.0, Proxy Granting Tickets)
\r
1533 * @ingroup internal */
\r
1535 /** @defgroup internalPGTStorage PGT storage
\r
1536 * @ingroup internalProxy */
\r
1538 /** @defgroup internalPGTStorageDB PGT storage in a database
\r
1539 * @ingroup internalPGTStorage */
\r
1541 /** @defgroup internalPGTStorageFile PGT storage on the filesystem
\r
1542 * @ingroup internalPGTStorage */
\r
1544 /** @defgroup internalCallback Callback from the CAS server
\r
1545 * @ingroup internalProxy */
\r
1547 /** @defgroup internalProxied CAS proxied client features (CAS 2.0, Proxy Tickets)
\r
1548 * @ingroup internal */
\r
1550 /** @defgroup internalConfig Configuration
\r
1551 * @ingroup internal */
\r
1553 /** @defgroup internalOutput HTML output
\r
1554 * @ingroup internalConfig */
\r
1556 /** @defgroup internalLang Internationalization
\r
1557 * @ingroup internalConfig
\r
1559 * To add a new language:
\r
1560 * - 1. define a new constant PHPCAS_LANG_XXXXXX in CAS/CAS.php
\r
1561 * - 2. copy any file from CAS/languages to CAS/languages/XXXXXX.php
\r
1562 * - 3. Make the translations
\r
1565 /** @defgroup internalDebug Debugging
\r
1566 * @ingroup internal */
\r
1568 /** @defgroup internalMisc Miscellaneous
\r
1569 * @ingroup internal */
\r
1571 // ########################################################################
\r
1575 * @example example_simple.php
\r
1578 * @example example_proxy.php
\r
1581 * @example example_proxy2.php
\r
1584 * @example example_lang.php
\r
1587 * @example example_html.php
\r
1590 * @example example_file.php
\r
1593 * @example example_db.php
\r
1596 * @example example_service.php
\r
1599 * @example example_session_proxy.php
\r
1602 * @example example_session_service.php
\r
1605 * @example example_gateway.php
\r
1608 * @example example_custom_urls.php
\r