--- /dev/null
+<?php
+/**
+ * StatusNet, the distributed open-source microblogging tool
+ *
+ * Plugin to enable Single Sign On via CAS (Central Authentication Service)
+ *
+ * PHP version 5
+ *
+ * LICENCE: This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ * @category Plugin
+ * @package StatusNet
+ * @author Craig Andrews <candrews@integralblue.com>
+ * @copyright 2009 Craig Andrews http://candrews.integralblue.com
+ * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
+ * @link http://status.net/
+ */
+
+if (!defined('STATUSNET') && !defined('LACONICA')) {
+ exit(1);
+}
+
+// We bundle the phpCAS library...
+set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . '/extlib/CAS');
+
+class CasAuthenticationPlugin extends AuthenticationPlugin
+{
+ public $server;
+ public $port = 443;
+ public $path = '';
+
+ function checkPassword($username, $password)
+ {
+ global $casTempPassword;
+ return ($casTempPassword == $password);
+ }
+
+ function onAutoload($cls)
+ {
+ switch ($cls)
+ {
+ case 'phpCAS':
+ require_once(INSTALLDIR.'/plugins/CasAuthentication/extlib/CAS.php');
+ return false;
+ case 'CasloginAction':
+ require_once(INSTALLDIR.'/plugins/CasAuthentication/' . strtolower(mb_substr($cls, 0, -6)) . '.php');
+ return false;
+ default:
+ return parent::onAutoload($cls);
+ }
+ }
+
+ function onStartInitializeRouter($m)
+ {
+ $m->connect('main/cas', array('action' => 'caslogin'));
+ return true;
+ }
+
+ function onEndLoginGroupNav(&$action)
+ {
+ $action_name = $action->trimmed('action');
+
+ $action->menuItem(common_local_url('caslogin'),
+ _m('CAS'),
+ _m('Login or register with CAS'),
+ $action_name === 'caslogin');
+
+ return true;
+ }
+
+ function onEndShowPageNotice($action)
+ {
+ $name = $action->trimmed('action');
+
+ switch ($name)
+ {
+ case 'login':
+ $instr = '(Have an account with CAS? ' .
+ 'Try our [CAS login]'.
+ '(%%action.caslogin%%)!)';
+ break;
+ default:
+ return true;
+ }
+
+ $output = common_markup_to_html($instr);
+ $action->raw($output);
+ return true;
+ }
+
+ function onLoginAction($action, &$login)
+ {
+ switch ($action)
+ {
+ case 'caslogin':
+ $login = true;
+ return false;
+ default:
+ return true;
+ }
+ }
+
+ function onInitializePlugin(){
+ parent::onInitializePlugin();
+ if(!isset($this->server)){
+ throw new Exception("must specify a server");
+ }
+ if(!isset($this->port)){
+ throw new Exception("must specify a port");
+ }
+ if(!isset($this->path)){
+ throw new Exception("must specify a path");
+ }
+ //These values need to be accessible to a action object
+ //I can't think of any other way than global variables
+ //to allow the action instance to be able to see values :-(
+ global $casSettings;
+ $casSettings = array();
+ $casSettings['server']=$this->server;
+ $casSettings['port']=$this->port;
+ $casSettings['path']=$this->path;
+ }
+}
--- /dev/null
+The CAS Authentication plugin allows for StatusNet to handle authentication
+through CAS (Central Authentication Service).
+
+Installation
+============
+add "addPlugin('casAuthentication',
+ array('setting'=>'value', 'setting2'=>'value2', ...);"
+to the bottom of your config.php
+
+Settings
+========
+provider_name*: a unique name for this authentication provider.
+authoritative (false): Set to true if CAS's responses are authoritative
+ (if authorative and CAS fails, no other password checking will be done).
+autoregistration (false): Set to true if users should be automatically created
+ when they attempt to login.
+email_changeable (true): Are users allowed to change their email address?
+ (true or false)
+password_changeable*: must be set to false. This plugin does not support changing passwords.
+
+server*: CAS server to authentication against
+port (443): Port the CAS server listens on. Almost always 443
+path (): Path on the server to CAS. Usually blank.
+
+* required
+default values are in (parenthesis)
+
+Example
+=======
+addPlugin('casAuthentication', array(
+ 'provider_name'=>'Example',
+ 'authoritative'=>true,
+ 'autoregistration'=>true,
+ 'server'=>'sso-cas.univ-rennes1.fr',
+ 'port'=>443,
+ 'path'=>''
+));
+
--- /dev/null
+<?php
+/*
+ * StatusNet - the distributed open-source microblogging tool
+ * Copyright (C) 2008, 2009, StatusNet, Inc.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+if (!defined('STATUSNET') && !defined('LACONICA')) { exit(1); }
+
+class CasloginAction extends Action
+{
+ function handle($args)
+ {
+ parent::handle($args);
+ if (common_is_real_login()) {
+ $this->clientError(_m('Already logged in.'));
+ } else {
+ global $casSettings;
+ phpCAS::client(CAS_VERSION_2_0,$casSettings['server'],$casSettings['port'],$casSettings['path']);
+ phpCAS::setNoCasServerValidation();
+ phpCAS::handleLogoutRequests();
+ phpCAS::forceAuthentication();
+ global $casTempPassword;
+ $casTempPassword = common_good_rand(16);
+ $user = common_check_user(phpCAS::getUser(), $casTempPassword);
+ if (!$user) {
+ $this->serverError(_('Incorrect username or password.'));
+ return;
+ }
+
+ // success!
+ if (!common_set_user($user)) {
+ $this->serverError(_('Error setting user. You are probably not authorized.'));
+ return;
+ }
+
+ common_real_login(true);
+
+ $url = common_get_returnto();
+
+ if ($url) {
+ // We don't have to return to it again
+ common_set_returnto(null);
+ } else {
+ $url = common_local_url('all',
+ array('nickname' =>
+ $user->nickname));
+ }
+
+ common_redirect($url, 303);
+
+ }
+ }
+}
--- /dev/null
+<?php\r
+\r
+// commented in 0.4.22-RC2 for Sylvain Derosiaux\r
+// error_reporting(E_ALL ^ E_NOTICE);\r
+\r
+//\r
+// hack by Vangelis Haniotakis to handle the absence of $_SERVER['REQUEST_URI'] in IIS\r
+//\r
+if (!$_SERVER['REQUEST_URI']) {\r
+ $_SERVER['REQUEST_URI'] = $_SERVER['SCRIPT_NAME'].'?'.$_SERVER['QUERY_STRING'];\r
+}\r
+\r
+//\r
+// another one by Vangelis Haniotakis also to make phpCAS work with PHP5\r
+//\r
+if (version_compare(PHP_VERSION,'5','>=')) {\r
+ require_once(dirname(__FILE__).'/CAS/domxml-php4-php5.php');\r
+}\r
+\r
+/**\r
+ * @file CAS/CAS.php\r
+ * Interface class of the phpCAS library\r
+ *\r
+ * @ingroup public\r
+ */\r
+\r
+// ########################################################################\r
+// CONSTANTS\r
+// ########################################################################\r
+\r
+// ------------------------------------------------------------------------\r
+// CAS VERSIONS\r
+// ------------------------------------------------------------------------\r
+\r
+/**\r
+ * phpCAS version. accessible for the user by phpCAS::getVersion().\r
+ */\r
+define('PHPCAS_VERSION','1.0.1');\r
+\r
+// ------------------------------------------------------------------------\r
+// CAS VERSIONS\r
+// ------------------------------------------------------------------------\r
+ /**\r
+ * @addtogroup public\r
+ * @{\r
+ */\r
+\r
+/**\r
+ * CAS version 1.0\r
+ */\r
+define("CAS_VERSION_1_0",'1.0');\r
+/*!\r
+ * CAS version 2.0\r
+ */\r
+define("CAS_VERSION_2_0",'2.0');\r
+\r
+/** @} */\r
+ /**\r
+ * @addtogroup publicPGTStorage\r
+ * @{\r
+ */\r
+// ------------------------------------------------------------------------\r
+// FILE PGT STORAGE\r
+// ------------------------------------------------------------------------\r
+ /**\r
+ * Default path used when storing PGT's to file\r
+ */\r
+define("CAS_PGT_STORAGE_FILE_DEFAULT_PATH",'/tmp');\r
+/**\r
+ * phpCAS::setPGTStorageFile()'s 2nd parameter to write plain text files\r
+ */\r
+define("CAS_PGT_STORAGE_FILE_FORMAT_PLAIN",'plain');\r
+/**\r
+ * phpCAS::setPGTStorageFile()'s 2nd parameter to write xml files\r
+ */\r
+define("CAS_PGT_STORAGE_FILE_FORMAT_XML",'xml');\r
+/**\r
+ * Default format used when storing PGT's to file\r
+ */\r
+define("CAS_PGT_STORAGE_FILE_DEFAULT_FORMAT",CAS_PGT_STORAGE_FILE_FORMAT_PLAIN);\r
+// ------------------------------------------------------------------------\r
+// DATABASE PGT STORAGE\r
+// ------------------------------------------------------------------------\r
+ /**\r
+ * default database type when storing PGT's to database\r
+ */\r
+define("CAS_PGT_STORAGE_DB_DEFAULT_DATABASE_TYPE",'mysql');\r
+/**\r
+ * default host when storing PGT's to database\r
+ */\r
+define("CAS_PGT_STORAGE_DB_DEFAULT_HOSTNAME",'localhost');\r
+/**\r
+ * default port when storing PGT's to database\r
+ */\r
+define("CAS_PGT_STORAGE_DB_DEFAULT_PORT",'');\r
+/**\r
+ * default database when storing PGT's to database\r
+ */\r
+define("CAS_PGT_STORAGE_DB_DEFAULT_DATABASE",'phpCAS');\r
+/**\r
+ * default table when storing PGT's to database\r
+ */\r
+define("CAS_PGT_STORAGE_DB_DEFAULT_TABLE",'pgt');\r
+\r
+/** @} */\r
+// ------------------------------------------------------------------------\r
+// SERVICE ACCESS ERRORS\r
+// ------------------------------------------------------------------------\r
+ /**\r
+ * @addtogroup publicServices\r
+ * @{\r
+ */\r
+\r
+/**\r
+ * phpCAS::service() error code on success\r
+ */\r
+define("PHPCAS_SERVICE_OK",0);\r
+/**\r
+ * phpCAS::service() error code when the PT could not retrieve because\r
+ * the CAS server did not respond.\r
+ */\r
+define("PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE",1);\r
+/**\r
+ * phpCAS::service() error code when the PT could not retrieve because\r
+ * the response of the CAS server was ill-formed.\r
+ */\r
+define("PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE",2);\r
+/**\r
+ * phpCAS::service() error code when the PT could not retrieve because\r
+ * the CAS server did not want to.\r
+ */\r
+define("PHPCAS_SERVICE_PT_FAILURE",3);\r
+/**\r
+ * phpCAS::service() error code when the service was not available.\r
+ */\r
+define("PHPCAS_SERVICE_NOT AVAILABLE",4);\r
+\r
+/** @} */\r
+// ------------------------------------------------------------------------\r
+// LANGUAGES\r
+// ------------------------------------------------------------------------\r
+ /**\r
+ * @addtogroup publicLang\r
+ * @{\r
+ */\r
+\r
+define("PHPCAS_LANG_ENGLISH", 'english');\r
+define("PHPCAS_LANG_FRENCH", 'french');\r
+define("PHPCAS_LANG_GREEK", 'greek');\r
+define("PHPCAS_LANG_GERMAN", 'german');\r
+define("PHPCAS_LANG_JAPANESE", 'japanese');\r
+define("PHPCAS_LANG_SPANISH", 'spanish');\r
+define("PHPCAS_LANG_CATALAN", 'catalan');\r
+\r
+/** @} */\r
+\r
+/**\r
+ * @addtogroup internalLang\r
+ * @{\r
+ */\r
+\r
+/**\r
+ * phpCAS default language (when phpCAS::setLang() is not used)\r
+ */\r
+define("PHPCAS_LANG_DEFAULT", PHPCAS_LANG_ENGLISH);\r
+\r
+/** @} */\r
+// ------------------------------------------------------------------------\r
+// DEBUG\r
+// ------------------------------------------------------------------------\r
+ /**\r
+ * @addtogroup publicDebug\r
+ * @{\r
+ */\r
+\r
+/**\r
+ * The default directory for the debug file under Unix.\r
+ */\r
+define('DEFAULT_DEBUG_DIR','/tmp/');\r
+\r
+/** @} */\r
+// ------------------------------------------------------------------------\r
+// MISC\r
+// ------------------------------------------------------------------------\r
+ /**\r
+ * @addtogroup internalMisc\r
+ * @{\r
+ */\r
+\r
+/**\r
+ * This global variable is used by the interface class phpCAS.\r
+ *\r
+ * @hideinitializer\r
+ */\r
+$GLOBALS['PHPCAS_CLIENT'] = null;\r
+\r
+/**\r
+ * This global variable is used to store where the initializer is called from \r
+ * (to print a comprehensive error in case of multiple calls).\r
+ *\r
+ * @hideinitializer\r
+ */\r
+$GLOBALS['PHPCAS_INIT_CALL'] = array('done' => FALSE,\r
+ 'file' => '?',\r
+ 'line' => -1,\r
+ 'method' => '?');\r
+\r
+/**\r
+ * This global variable is used to store where the method checking\r
+ * the authentication is called from (to print comprehensive errors)\r
+ *\r
+ * @hideinitializer\r
+ */\r
+$GLOBALS['PHPCAS_AUTH_CHECK_CALL'] = array('done' => FALSE,\r
+ 'file' => '?',\r
+ 'line' => -1,\r
+ 'method' => '?',\r
+ 'result' => FALSE);\r
+\r
+/**\r
+ * This global variable is used to store phpCAS debug mode.\r
+ *\r
+ * @hideinitializer\r
+ */\r
+$GLOBALS['PHPCAS_DEBUG'] = array('filename' => FALSE,\r
+ 'indent' => 0,\r
+ 'unique_id' => '');\r
+\r
+/** @} */\r
+\r
+// ########################################################################\r
+// CLIENT CLASS\r
+// ########################################################################\r
+\r
+// include client class\r
+include_once(dirname(__FILE__).'/CAS/client.php');\r
+\r
+// ########################################################################\r
+// INTERFACE CLASS\r
+// ########################################################################\r
+\r
+/**\r
+ * @class phpCAS\r
+ * The phpCAS class is a simple container for the phpCAS library. It provides CAS\r
+ * authentication for web applications written in PHP.\r
+ *\r
+ * @ingroup public\r
+ * @author Pascal Aubry <pascal.aubry at univ-rennes1.fr>\r
+ *\r
+ * \internal All its methods access the same object ($PHPCAS_CLIENT, declared \r
+ * at the end of CAS/client.php).\r
+ */\r
+\r
+\r
+\r
+class phpCAS\r
+{\r
+ \r
+ // ########################################################################\r
+ // INITIALIZATION\r
+ // ########################################################################\r
+ \r
+ /**\r
+ * @addtogroup publicInit\r
+ * @{\r
+ */\r
+ \r
+ /**\r
+ * phpCAS client initializer.\r
+ * @note Only one of the phpCAS::client() and phpCAS::proxy functions should be\r
+ * called, only once, and before all other methods (except phpCAS::getVersion()\r
+ * and phpCAS::setDebug()).\r
+ *\r
+ * @param $server_version the version of the CAS server\r
+ * @param $server_hostname the hostname of the CAS server\r
+ * @param $server_port the port the CAS server is running on\r
+ * @param $server_uri the URI the CAS server is responding on\r
+ * @param $start_session Have phpCAS start PHP sessions (default true)\r
+ *\r
+ * @return a newly created CASClient object\r
+ */\r
+ function client($server_version,\r
+ $server_hostname,\r
+ $server_port,\r
+ $server_uri,\r
+ $start_session = true)\r
+ {\r
+ global $PHPCAS_CLIENT, $PHPCAS_INIT_CALL;\r
+ \r
+ phpCAS::traceBegin();\r
+ if ( is_object($PHPCAS_CLIENT) ) {\r
+ phpCAS::error($PHPCAS_INIT_CALL['method'].'() has already been called (at '.$PHPCAS_INIT_CALL['file'].':'.$PHPCAS_INIT_CALL['line'].')');\r
+ }\r
+ if ( gettype($server_version) != 'string' ) {\r
+ phpCAS::error('type mismatched for parameter $server_version (should be `string\')');\r
+ }\r
+ if ( gettype($server_hostname) != 'string' ) {\r
+ phpCAS::error('type mismatched for parameter $server_hostname (should be `string\')');\r
+ }\r
+ if ( gettype($server_port) != 'integer' ) {\r
+ phpCAS::error('type mismatched for parameter $server_port (should be `integer\')');\r
+ }\r
+ if ( gettype($server_uri) != 'string' ) {\r
+ phpCAS::error('type mismatched for parameter $server_uri (should be `string\')');\r
+ }\r
+ \r
+ // store where the initialzer is called from\r
+ $dbg = phpCAS::backtrace();\r
+ $PHPCAS_INIT_CALL = array('done' => TRUE,\r
+ 'file' => $dbg[0]['file'],\r
+ 'line' => $dbg[0]['line'],\r
+ 'method' => __CLASS__.'::'.__FUNCTION__);\r
+ \r
+ // initialize the global object $PHPCAS_CLIENT\r
+ $PHPCAS_CLIENT = new CASClient($server_version,FALSE/*proxy*/,$server_hostname,$server_port,$server_uri,$start_session);\r
+ phpCAS::traceEnd();\r
+ }\r
+ \r
+ /**\r
+ * phpCAS proxy initializer.\r
+ * @note Only one of the phpCAS::client() and phpCAS::proxy functions should be\r
+ * called, only once, and before all other methods (except phpCAS::getVersion()\r
+ * and phpCAS::setDebug()).\r
+ *\r
+ * @param $server_version the version of the CAS server\r
+ * @param $server_hostname the hostname of the CAS server\r
+ * @param $server_port the port the CAS server is running on\r
+ * @param $server_uri the URI the CAS server is responding on\r
+ * @param $start_session Have phpCAS start PHP sessions (default true)\r
+ *\r
+ * @return a newly created CASClient object\r
+ */\r
+ function proxy($server_version,\r
+ $server_hostname,\r
+ $server_port,\r
+ $server_uri,\r
+ $start_session = true)\r
+ {\r
+ global $PHPCAS_CLIENT, $PHPCAS_INIT_CALL;\r
+ \r
+ phpCAS::traceBegin();\r
+ if ( is_object($PHPCAS_CLIENT) ) {\r
+ phpCAS::error($PHPCAS_INIT_CALL['method'].'() has already been called (at '.$PHPCAS_INIT_CALL['file'].':'.$PHPCAS_INIT_CALL['line'].')');\r
+ }\r
+ if ( gettype($server_version) != 'string' ) {\r
+ phpCAS::error('type mismatched for parameter $server_version (should be `string\')');\r
+ }\r
+ if ( gettype($server_hostname) != 'string' ) {\r
+ phpCAS::error('type mismatched for parameter $server_hostname (should be `string\')');\r
+ }\r
+ if ( gettype($server_port) != 'integer' ) {\r
+ phpCAS::error('type mismatched for parameter $server_port (should be `integer\')');\r
+ }\r
+ if ( gettype($server_uri) != 'string' ) {\r
+ phpCAS::error('type mismatched for parameter $server_uri (should be `string\')');\r
+ }\r
+ \r
+ // store where the initialzer is called from\r
+ $dbg = phpCAS::backtrace();\r
+ $PHPCAS_INIT_CALL = array('done' => TRUE,\r
+ 'file' => $dbg[0]['file'],\r
+ 'line' => $dbg[0]['line'],\r
+ 'method' => __CLASS__.'::'.__FUNCTION__);\r
+ \r
+ // initialize the global object $PHPCAS_CLIENT\r
+ $PHPCAS_CLIENT = new CASClient($server_version,TRUE/*proxy*/,$server_hostname,$server_port,$server_uri,$start_session);\r
+ phpCAS::traceEnd();\r
+ }\r
+ \r
+ /** @} */\r
+ // ########################################################################\r
+ // DEBUGGING\r
+ // ########################################################################\r
+ \r
+ /**\r
+ * @addtogroup publicDebug\r
+ * @{\r
+ */\r
+ \r
+ /**\r
+ * Set/unset debug mode\r
+ *\r
+ * @param $filename the name of the file used for logging, or FALSE to stop debugging.\r
+ */\r
+ function setDebug($filename='')\r
+ {\r
+ global $PHPCAS_DEBUG;\r
+ \r
+ if ( $filename != FALSE && gettype($filename) != 'string' ) {\r
+ phpCAS::error('type mismatched for parameter $dbg (should be FALSE or the name of the log file)');\r
+ }\r
+ \r
+ if ( empty($filename) ) {\r
+ if ( preg_match('/^Win.*/',getenv('OS')) ) {\r
+ if ( isset($_ENV['TMP']) ) {\r
+ $debugDir = $_ENV['TMP'].'/';\r
+ } else if ( isset($_ENV['TEMP']) ) {\r
+ $debugDir = $_ENV['TEMP'].'/';\r
+ } else {\r
+ $debugDir = '';\r
+ }\r
+ } else {\r
+ $debugDir = DEFAULT_DEBUG_DIR;\r
+ }\r
+ $filename = $debugDir . 'phpCAS.log';\r
+ }\r
+ \r
+ if ( empty($PHPCAS_DEBUG['unique_id']) ) {\r
+ $PHPCAS_DEBUG['unique_id'] = substr(strtoupper(md5(uniqid(''))),0,4);\r
+ }\r
+ \r
+ $PHPCAS_DEBUG['filename'] = $filename;\r
+ \r
+ phpCAS::trace('START ******************');\r
+ }\r
+ \r
+ /** @} */\r
+ /**\r
+ * @addtogroup internalDebug\r
+ * @{\r
+ */\r
+ \r
+ /**\r
+ * This method is a wrapper for debug_backtrace() that is not available \r
+ * in all PHP versions (>= 4.3.0 only)\r
+ */\r
+ function backtrace()\r
+ {\r
+ if ( function_exists('debug_backtrace') ) {\r
+ return debug_backtrace();\r
+ } else {\r
+ // poor man's hack ... but it does work ...\r
+ return array();\r
+ }\r
+ }\r
+ \r
+ /**\r
+ * Logs a string in debug mode.\r
+ *\r
+ * @param $str the string to write\r
+ *\r
+ * @private\r
+ */\r
+ function log($str)\r
+ {\r
+ $indent_str = ".";\r
+ global $PHPCAS_DEBUG;\r
+ \r
+ if ( $PHPCAS_DEBUG['filename'] ) {\r
+ for ($i=0;$i<$PHPCAS_DEBUG['indent'];$i++) {\r
+ $indent_str .= '| ';\r
+ }\r
+ error_log($PHPCAS_DEBUG['unique_id'].' '.$indent_str.$str."\n",3,$PHPCAS_DEBUG['filename']);\r
+ }\r
+ \r
+ }\r
+ \r
+ /**\r
+ * This method is used by interface methods to print an error and where the function\r
+ * was originally called from.\r
+ *\r
+ * @param $msg the message to print\r
+ *\r
+ * @private\r
+ */\r
+ function error($msg)\r
+ {\r
+ $dbg = phpCAS::backtrace();\r
+ $function = '?';\r
+ $file = '?';\r
+ $line = '?';\r
+ if ( is_array($dbg) ) {\r
+ for ( $i=1; $i<sizeof($dbg); $i++) {\r
+ if ( is_array($dbg[$i]) ) {\r
+ if ( $dbg[$i]['class'] == __CLASS__ ) {\r
+ $function = $dbg[$i]['function'];\r
+ $file = $dbg[$i]['file'];\r
+ $line = $dbg[$i]['line'];\r
+ }\r
+ }\r
+ }\r
+ }\r
+ echo "<br />\n<b>phpCAS error</b>: <font color=\"FF0000\"><b>".__CLASS__."::".$function.'(): '.htmlentities($msg)."</b></font> in <b>".$file."</b> on line <b>".$line."</b><br />\n";\r
+ phpCAS::trace($msg);\r
+ phpCAS::traceExit();\r
+ exit();\r
+ }\r
+ \r
+ /**\r
+ * This method is used to log something in debug mode.\r
+ */\r
+ function trace($str)\r
+ {\r
+ $dbg = phpCAS::backtrace();\r
+ phpCAS::log($str.' ['.basename($dbg[1]['file']).':'.$dbg[1]['line'].']');\r
+ }\r
+ \r
+ /**\r
+ * This method is used to indicate the start of the execution of a function in debug mode.\r
+ */\r
+ function traceBegin()\r
+ {\r
+ global $PHPCAS_DEBUG;\r
+ \r
+ $dbg = phpCAS::backtrace();\r
+ $str = '=> ';\r
+ if ( !empty($dbg[2]['class']) ) {\r
+ $str .= $dbg[2]['class'].'::';\r
+ }\r
+ $str .= $dbg[2]['function'].'('; \r
+ if ( is_array($dbg[2]['args']) ) {\r
+ foreach ($dbg[2]['args'] as $index => $arg) {\r
+ if ( $index != 0 ) {\r
+ $str .= ', ';\r
+ }\r
+ $str .= str_replace("\n","",var_export($arg,TRUE));\r
+ }\r
+ }\r
+ $str .= ') ['.basename($dbg[2]['file']).':'.$dbg[2]['line'].']';\r
+ phpCAS::log($str);\r
+ $PHPCAS_DEBUG['indent'] ++;\r
+ }\r
+ \r
+ /**\r
+ * This method is used to indicate the end of the execution of a function in debug mode.\r
+ *\r
+ * @param $res the result of the function\r
+ */\r
+ function traceEnd($res='')\r
+ {\r
+ global $PHPCAS_DEBUG;\r
+ \r
+ $PHPCAS_DEBUG['indent'] --;\r
+ $dbg = phpCAS::backtrace();\r
+ $str = '';\r
+ $str .= '<= '.str_replace("\n","",var_export($res,TRUE));\r
+ phpCAS::log($str);\r
+ }\r
+ \r
+ /**\r
+ * This method is used to indicate the end of the execution of the program\r
+ */\r
+ function traceExit()\r
+ {\r
+ global $PHPCAS_DEBUG;\r
+ \r
+ phpCAS::log('exit()');\r
+ while ( $PHPCAS_DEBUG['indent'] > 0 ) {\r
+ phpCAS::log('-');\r
+ $PHPCAS_DEBUG['indent'] --;\r
+ }\r
+ }\r
+ \r
+ /** @} */\r
+ // ########################################################################\r
+ // INTERNATIONALIZATION\r
+ // ########################################################################\r
+ /**\r
+ * @addtogroup publicLang\r
+ * @{\r
+ */\r
+ \r
+ /**\r
+ * This method is used to set the language used by phpCAS. \r
+ * @note Can be called only once.\r
+ *\r
+ * @param $lang a string representing the language.\r
+ *\r
+ * @sa PHPCAS_LANG_FRENCH, PHPCAS_LANG_ENGLISH\r
+ */\r
+ function setLang($lang)\r
+ {\r
+ global $PHPCAS_CLIENT;\r
+ if ( !is_object($PHPCAS_CLIENT) ) {\r
+ phpCAS::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()');\r
+ }\r
+ if ( gettype($lang) != 'string' ) {\r
+ phpCAS::error('type mismatched for parameter $lang (should be `string\')');\r
+ }\r
+ $PHPCAS_CLIENT->setLang($lang);\r
+ }\r
+ \r
+ /** @} */\r
+ // ########################################################################\r
+ // VERSION\r
+ // ########################################################################\r
+ /**\r
+ * @addtogroup public\r
+ * @{\r
+ */\r
+ \r
+ /**\r
+ * This method returns the phpCAS version.\r
+ *\r
+ * @return the phpCAS version.\r
+ */\r
+ function getVersion()\r
+ {\r
+ return PHPCAS_VERSION;\r
+ }\r
+ \r
+ /** @} */\r
+ // ########################################################################\r
+ // HTML OUTPUT\r
+ // ########################################################################\r
+ /**\r
+ * @addtogroup publicOutput\r
+ * @{\r
+ */\r
+ \r
+ /**\r
+ * This method sets the HTML header used for all outputs.\r
+ *\r
+ * @param $header the HTML header.\r
+ */\r
+ function setHTMLHeader($header)\r
+ {\r
+ global $PHPCAS_CLIENT;\r
+ if ( !is_object($PHPCAS_CLIENT) ) {\r
+ phpCAS::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()');\r
+ }\r
+ if ( gettype($header) != 'string' ) {\r
+ phpCAS::error('type mismatched for parameter $header (should be `string\')');\r
+ }\r
+ $PHPCAS_CLIENT->setHTMLHeader($header);\r
+ }\r
+ \r
+ /**\r
+ * This method sets the HTML footer used for all outputs.\r
+ *\r
+ * @param $footer the HTML footer.\r
+ */\r
+ function setHTMLFooter($footer)\r
+ {\r
+ global $PHPCAS_CLIENT;\r
+ if ( !is_object($PHPCAS_CLIENT) ) {\r
+ phpCAS::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()');\r
+ }\r
+ if ( gettype($footer) != 'string' ) {\r
+ phpCAS::error('type mismatched for parameter $footer (should be `string\')');\r
+ }\r
+ $PHPCAS_CLIENT->setHTMLFooter($footer);\r
+ }\r
+ \r
+ /** @} */\r
+ // ########################################################################\r
+ // PGT STORAGE\r
+ // ########################################################################\r
+ /**\r
+ * @addtogroup publicPGTStorage\r
+ * @{\r
+ */\r
+ \r
+ /**\r
+ * This method is used to tell phpCAS to store the response of the\r
+ * CAS server to PGT requests onto the filesystem. \r
+ *\r
+ * @param $format the format used to store the PGT's (`plain' and `xml' allowed)\r
+ * @param $path the path where the PGT's should be stored\r
+ */\r
+ function setPGTStorageFile($format='',\r
+ $path='')\r
+ {\r
+ global $PHPCAS_CLIENT,$PHPCAS_AUTH_CHECK_CALL;\r
+ \r
+ phpCAS::traceBegin();\r
+ if ( !is_object($PHPCAS_CLIENT) ) {\r
+ phpCAS::error('this method should only be called after '.__CLASS__.'::proxy()');\r
+ }\r
+ if ( !$PHPCAS_CLIENT->isProxy() ) {\r
+ phpCAS::error('this method should only be called after '.__CLASS__.'::proxy()');\r
+ }\r
+ if ( $PHPCAS_AUTH_CHECK_CALL['done'] ) {\r
+ phpCAS::error('this method should only be called before '.$PHPCAS_AUTH_CHECK_CALL['method'].'() (called at '.$PHPCAS_AUTH_CHECK_CALL['file'].':'.$PHPCAS_AUTH_CHECK_CALL['line'].')');\r
+ }\r
+ if ( gettype($format) != 'string' ) {\r
+ phpCAS::error('type mismatched for parameter $format (should be `string\')');\r
+ }\r
+ if ( gettype($path) != 'string' ) {\r
+ phpCAS::error('type mismatched for parameter $format (should be `string\')');\r
+ }\r
+ $PHPCAS_CLIENT->setPGTStorageFile($format,$path);\r
+ phpCAS::traceEnd();\r
+ }\r
+ \r
+ /**\r
+ * This method is used to tell phpCAS to store the response of the\r
+ * CAS server to PGT requests into a database. \r
+ * @note The connection to the database is done only when needed. \r
+ * As a consequence, bad parameters are detected only when \r
+ * initializing PGT storage, except in debug mode.\r
+ *\r
+ * @param $user the user to access the data with\r
+ * @param $password the user's password\r
+ * @param $database_type the type of the database hosting the data\r
+ * @param $hostname the server hosting the database\r
+ * @param $port the port the server is listening on\r
+ * @param $database the name of the database\r
+ * @param $table the name of the table storing the data\r
+ */\r
+ function setPGTStorageDB($user,\r
+ $password,\r
+ $database_type='',\r
+ $hostname='',\r
+ $port=0,\r
+ $database='',\r
+ $table='')\r
+ {\r
+ global $PHPCAS_CLIENT,$PHPCAS_AUTH_CHECK_CALL;\r
+ \r
+ phpCAS::traceBegin();\r
+ if ( !is_object($PHPCAS_CLIENT) ) {\r
+ phpCAS::error('this method should only be called after '.__CLASS__.'::proxy()');\r
+ }\r
+ if ( !$PHPCAS_CLIENT->isProxy() ) {\r
+ phpCAS::error('this method should only be called after '.__CLASS__.'::proxy()');\r
+ }\r
+ if ( $PHPCAS_AUTH_CHECK_CALL['done'] ) {\r
+ phpCAS::error('this method should only be called before '.$PHPCAS_AUTH_CHECK_CALL['method'].'() (called at '.$PHPCAS_AUTH_CHECK_CALL['file'].':'.$PHPCAS_AUTH_CHECK_CALL['line'].')');\r
+ }\r
+ if ( gettype($user) != 'string' ) {\r
+ phpCAS::error('type mismatched for parameter $user (should be `string\')');\r
+ }\r
+ if ( gettype($password) != 'string' ) {\r
+ phpCAS::error('type mismatched for parameter $password (should be `string\')');\r
+ }\r
+ if ( gettype($database_type) != 'string' ) {\r
+ phpCAS::error('type mismatched for parameter $database_type (should be `string\')');\r
+ }\r
+ if ( gettype($hostname) != 'string' ) {\r
+ phpCAS::error('type mismatched for parameter $hostname (should be `string\')');\r
+ }\r
+ if ( gettype($port) != 'integer' ) {\r
+ phpCAS::error('type mismatched for parameter $port (should be `integer\')');\r
+ }\r
+ if ( gettype($database) != 'string' ) {\r
+ phpCAS::error('type mismatched for parameter $database (should be `string\')');\r
+ }\r
+ if ( gettype($table) != 'string' ) {\r
+ phpCAS::error('type mismatched for parameter $table (should be `string\')');\r
+ }\r
+ $PHPCAS_CLIENT->setPGTStorageDB($this,$user,$password,$hostname,$port,$database,$table);\r
+ phpCAS::traceEnd();\r
+ }\r
+ \r
+ /** @} */\r
+ // ########################################################################\r
+ // ACCESS TO EXTERNAL SERVICES\r
+ // ########################################################################\r
+ /**\r
+ * @addtogroup publicServices\r
+ * @{\r
+ */\r
+ \r
+ /**\r
+ * This method is used to access an HTTP[S] service.\r
+ * \r
+ * @param $url the service to access.\r
+ * @param $err_code an error code Possible values are PHPCAS_SERVICE_OK (on\r
+ * success), PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE, PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE,\r
+ * PHPCAS_SERVICE_PT_FAILURE, PHPCAS_SERVICE_NOT AVAILABLE.\r
+ * @param $output the output of the service (also used to give an error\r
+ * message on failure).\r
+ *\r
+ * @return TRUE on success, FALSE otherwise (in this later case, $err_code\r
+ * gives the reason why it failed and $output contains an error message).\r
+ */\r
+ function serviceWeb($url,&$err_code,&$output)\r
+ {\r
+ global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;\r
+ \r
+ phpCAS::traceBegin();\r
+ if ( !is_object($PHPCAS_CLIENT) ) {\r
+ phpCAS::error('this method should only be called after '.__CLASS__.'::proxy()');\r
+ }\r
+ if ( !$PHPCAS_CLIENT->isProxy() ) {\r
+ phpCAS::error('this method should only be called after '.__CLASS__.'::proxy()');\r
+ }\r
+ if ( !$PHPCAS_AUTH_CHECK_CALL['done'] ) {\r
+ phpCAS::error('this method should only be called after the programmer is sure the user has been authenticated (by calling '.__CLASS__.'::checkAuthentication() or '.__CLASS__.'::forceAuthentication()');\r
+ }\r
+ if ( !$PHPCAS_AUTH_CHECK_CALL['result'] ) {\r
+ phpCAS::error('authentication was checked (by '.$PHPCAS_AUTH_CHECK_CALL['method'].'() at '.$PHPCAS_AUTH_CHECK_CALL['file'].':'.$PHPCAS_AUTH_CHECK_CALL['line'].') but the method returned FALSE');\r
+ }\r
+ if ( gettype($url) != 'string' ) {\r
+ phpCAS::error('type mismatched for parameter $url (should be `string\')');\r
+ }\r
+ \r
+ $res = $PHPCAS_CLIENT->serviceWeb($url,$err_code,$output);\r
+ \r
+ phpCAS::traceEnd($res);\r
+ return $res;\r
+ }\r
+ \r
+ /**\r
+ * This method is used to access an IMAP/POP3/NNTP service.\r
+ * \r
+ * @param $url a string giving the URL of the service, including the mailing box\r
+ * for IMAP URLs, as accepted by imap_open().\r
+ * @param $flags options given to imap_open().\r
+ * @param $err_code an error code Possible values are PHPCAS_SERVICE_OK (on\r
+ * success), PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE, PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE,\r
+ * PHPCAS_SERVICE_PT_FAILURE, PHPCAS_SERVICE_NOT AVAILABLE.\r
+ * @param $err_msg an error message on failure\r
+ * @param $pt the Proxy Ticket (PT) retrieved from the CAS server to access the URL\r
+ * on success, FALSE on error).\r
+ *\r
+ * @return an IMAP stream on success, FALSE otherwise (in this later case, $err_code\r
+ * gives the reason why it failed and $err_msg contains an error message).\r
+ */\r
+ function serviceMail($url,$flags,&$err_code,&$err_msg,&$pt)\r
+ {\r
+ global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;\r
+ \r
+ phpCAS::traceBegin();\r
+ if ( !is_object($PHPCAS_CLIENT) ) {\r
+ phpCAS::error('this method should only be called after '.__CLASS__.'::proxy()');\r
+ }\r
+ if ( !$PHPCAS_CLIENT->isProxy() ) {\r
+ phpCAS::error('this method should only be called after '.__CLASS__.'::proxy()');\r
+ }\r
+ if ( !$PHPCAS_AUTH_CHECK_CALL['done'] ) {\r
+ phpCAS::error('this method should only be called after the programmer is sure the user has been authenticated (by calling '.__CLASS__.'::checkAuthentication() or '.__CLASS__.'::forceAuthentication()');\r
+ }\r
+ if ( !$PHPCAS_AUTH_CHECK_CALL['result'] ) {\r
+ phpCAS::error('authentication was checked (by '.$PHPCAS_AUTH_CHECK_CALL['method'].'() at '.$PHPCAS_AUTH_CHECK_CALL['file'].':'.$PHPCAS_AUTH_CHECK_CALL['line'].') but the method returned FALSE');\r
+ }\r
+ if ( gettype($url) != 'string' ) {\r
+ phpCAS::error('type mismatched for parameter $url (should be `string\')');\r
+ }\r
+ \r
+ if ( gettype($flags) != 'integer' ) {\r
+ phpCAS::error('type mismatched for parameter $flags (should be `integer\')');\r
+ }\r
+ \r
+ $res = $PHPCAS_CLIENT->serviceMail($url,$flags,$err_code,$err_msg,$pt);\r
+ \r
+ phpCAS::traceEnd($res);\r
+ return $res;\r
+ }\r
+ \r
+ /** @} */\r
+ // ########################################################################\r
+ // AUTHENTICATION\r
+ // ########################################################################\r
+ /**\r
+ * @addtogroup publicAuth\r
+ * @{\r
+ */\r
+ \r
+ /**\r
+ * Set the times authentication will be cached before really accessing the CAS server in gateway mode: \r
+ * - -1: check only once, and then never again (until you pree login)\r
+ * - 0: always check\r
+ * - n: check every "n" time\r
+ *\r
+ * @param $n an integer.\r
+ */\r
+ function setCacheTimesForAuthRecheck($n)\r
+ {\r
+ global $PHPCAS_CLIENT;\r
+ if ( !is_object($PHPCAS_CLIENT) ) {\r
+ phpCAS::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()');\r
+ }\r
+ if ( gettype($n) != 'integer' ) {\r
+ phpCAS::error('type mismatched for parameter $header (should be `string\')');\r
+ }\r
+ $PHPCAS_CLIENT->setCacheTimesForAuthRecheck($n);\r
+ }\r
+ \r
+ /**\r
+ * This method is called to check if the user is authenticated (use the gateway feature).\r
+ * @return TRUE when the user is authenticated; otherwise FALSE.\r
+ */\r
+ function checkAuthentication()\r
+ {\r
+ global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;\r
+ \r
+ phpCAS::traceBegin();\r
+ if ( !is_object($PHPCAS_CLIENT) ) {\r
+ phpCAS::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()');\r
+ }\r
+ \r
+ $auth = $PHPCAS_CLIENT->checkAuthentication();\r
+ \r
+ // store where the authentication has been checked and the result\r
+ $dbg = phpCAS::backtrace();\r
+ $PHPCAS_AUTH_CHECK_CALL = array('done' => TRUE,\r
+ 'file' => $dbg[0]['file'],\r
+ 'line' => $dbg[0]['line'],\r
+ 'method' => __CLASS__.'::'.__FUNCTION__,\r
+ 'result' => $auth );\r
+ phpCAS::traceEnd($auth);\r
+ return $auth; \r
+ }\r
+ \r
+ /**\r
+ * This method is called to force authentication if the user was not already \r
+ * authenticated. If the user is not authenticated, halt by redirecting to \r
+ * the CAS server.\r
+ */\r
+ function forceAuthentication()\r
+ {\r
+ global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;\r
+ \r
+ phpCAS::traceBegin();\r
+ if ( !is_object($PHPCAS_CLIENT) ) {\r
+ phpCAS::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()');\r
+ }\r
+ \r
+ $auth = $PHPCAS_CLIENT->forceAuthentication();\r
+ \r
+ // store where the authentication has been checked and the result\r
+ $dbg = phpCAS::backtrace();\r
+ $PHPCAS_AUTH_CHECK_CALL = array('done' => TRUE,\r
+ 'file' => $dbg[0]['file'],\r
+ 'line' => $dbg[0]['line'],\r
+ 'method' => __CLASS__.'::'.__FUNCTION__,\r
+ 'result' => $auth );\r
+ \r
+ if ( !$auth ) {\r
+ phpCAS::trace('user is not authenticated, redirecting to the CAS server');\r
+ $PHPCAS_CLIENT->forceAuthentication();\r
+ } else {\r
+ phpCAS::trace('no need to authenticate (user `'.phpCAS::getUser().'\' is already authenticated)');\r
+ }\r
+ \r
+ phpCAS::traceEnd();\r
+ return $auth; \r
+ }\r
+ \r
+ /**\r
+ * This method is called to renew the authentication.\r
+ **/\r
+ function renewAuthentication() {\r
+ global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;\r
+ \r
+ phpCAS::traceBegin();\r
+ if ( !is_object($PHPCAS_CLIENT) ) {\r
+ phpCAS::error('this method should not be called before'.__CLASS__.'::client() or '.__CLASS__.'::proxy()');\r
+ }\r
+ \r
+ // store where the authentication has been checked and the result\r
+ $dbg = phpCAS::backtrace();\r
+ $PHPCAS_AUTH_CHECK_CALL = array('done' => TRUE, 'file' => $dbg[0]['file'], 'line' => $dbg[0]['line'], 'method' => __CLASS__.'::'.__FUNCTION__, 'result' => $auth );\r
+ \r
+ $PHPCAS_CLIENT->renewAuthentication();\r
+ phpCAS::traceEnd();\r
+ }\r
+\r
+ /**\r
+ * This method has been left from version 0.4.1 for compatibility reasons.\r
+ */\r
+ function authenticate()\r
+ {\r
+ phpCAS::error('this method is deprecated. You should use '.__CLASS__.'::forceAuthentication() instead');\r
+ }\r
+ \r
+ /**\r
+ * This method is called to check if the user is authenticated (previously or by\r
+ * tickets given in the URL).\r
+ *\r
+ * @return TRUE when the user is authenticated.\r
+ */\r
+ function isAuthenticated()\r
+ {\r
+ global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;\r
+ \r
+ phpCAS::traceBegin();\r
+ if ( !is_object($PHPCAS_CLIENT) ) {\r
+ phpCAS::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()');\r
+ }\r
+ \r
+ // call the isAuthenticated method of the global $PHPCAS_CLIENT object\r
+ $auth = $PHPCAS_CLIENT->isAuthenticated();\r
+ \r
+ // store where the authentication has been checked and the result\r
+ $dbg = phpCAS::backtrace();\r
+ $PHPCAS_AUTH_CHECK_CALL = array('done' => TRUE,\r
+ 'file' => $dbg[0]['file'],\r
+ 'line' => $dbg[0]['line'],\r
+ 'method' => __CLASS__.'::'.__FUNCTION__,\r
+ 'result' => $auth );\r
+ phpCAS::traceEnd($auth);\r
+ return $auth;\r
+ }\r
+ \r
+ /**\r
+ * Checks whether authenticated based on $_SESSION. Useful to avoid\r
+ * server calls.\r
+ * @return true if authenticated, false otherwise.\r
+ * @since 0.4.22 by Brendan Arnold\r
+ */\r
+ function isSessionAuthenticated ()\r
+ {\r
+ global $PHPCAS_CLIENT;\r
+ if ( !is_object($PHPCAS_CLIENT) ) {\r
+ phpCAS::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()');\r
+ }\r
+ return($PHPCAS_CLIENT->isSessionAuthenticated());\r
+ }\r
+ \r
+ /**\r
+ * This method returns the CAS user's login name.\r
+ * @warning should not be called only after phpCAS::forceAuthentication()\r
+ * or phpCAS::checkAuthentication().\r
+ *\r
+ * @return the login name of the authenticated user\r
+ */\r
+ function getUser()\r
+ {\r
+ global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;\r
+ if ( !is_object($PHPCAS_CLIENT) ) {\r
+ phpCAS::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()');\r
+ }\r
+ if ( !$PHPCAS_AUTH_CHECK_CALL['done'] ) {\r
+ phpCAS::error('this method should only be called after '.__CLASS__.'::forceAuthentication() or '.__CLASS__.'::isAuthenticated()');\r
+ }\r
+ if ( !$PHPCAS_AUTH_CHECK_CALL['result'] ) {\r
+ phpCAS::error('authentication was checked (by '.$PHPCAS_AUTH_CHECK_CALL['method'].'() at '.$PHPCAS_AUTH_CHECK_CALL['file'].':'.$PHPCAS_AUTH_CHECK_CALL['line'].') but the method returned FALSE');\r
+ }\r
+ return $PHPCAS_CLIENT->getUser();\r
+ }\r
+ \r
+ /**\r
+ * Handle logout requests.\r
+ */\r
+ function handleLogoutRequests($check_client=true, $allowed_clients=false)\r
+ {\r
+ global $PHPCAS_CLIENT;\r
+ if ( !is_object($PHPCAS_CLIENT) ) {\r
+ phpCAS::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()');\r
+ }\r
+ return($PHPCAS_CLIENT->handleLogoutRequests($check_client, $allowed_clients));\r
+ }\r
+ \r
+ /**\r
+ * This method returns the URL to be used to login.\r
+ * or phpCAS::isAuthenticated().\r
+ *\r
+ * @return the login name of the authenticated user\r
+ */\r
+ function getServerLoginURL()\r
+ {\r
+ global $PHPCAS_CLIENT;\r
+ if ( !is_object($PHPCAS_CLIENT) ) {\r
+ phpCAS::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()');\r
+ }\r
+ return $PHPCAS_CLIENT->getServerLoginURL();\r
+ }\r
+ \r
+ /**\r
+ * Set the login URL of the CAS server.\r
+ * @param $url the login URL\r
+ * @since 0.4.21 by Wyman Chan\r
+ */\r
+ function setServerLoginURL($url='')\r
+ {\r
+ global $PHPCAS_CLIENT;\r
+ phpCAS::traceBegin();\r
+ if ( !is_object($PHPCAS_CLIENT) ) {\r
+ phpCAS::error('this method should only be called after\r
+ '.__CLASS__.'::client()');\r
+ }\r
+ if ( gettype($url) != 'string' ) {\r
+ phpCAS::error('type mismatched for parameter $url (should be\r
+ `string\')');\r
+ }\r
+ $PHPCAS_CLIENT->setServerLoginURL($url);\r
+ phpCAS::traceEnd();\r
+ }\r
+ \r
+ /**\r
+ * This method returns the URL to be used to login.\r
+ * or phpCAS::isAuthenticated().\r
+ *\r
+ * @return the login name of the authenticated user\r
+ */\r
+ function getServerLogoutURL()\r
+ {\r
+ global $PHPCAS_CLIENT;\r
+ if ( !is_object($PHPCAS_CLIENT) ) {\r
+ phpCAS::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()');\r
+ }\r
+ return $PHPCAS_CLIENT->getServerLogoutURL();\r
+ }\r
+ \r
+ /**\r
+ * Set the logout URL of the CAS server.\r
+ * @param $url the logout URL\r
+ * @since 0.4.21 by Wyman Chan\r
+ */\r
+ function setServerLogoutURL($url='')\r
+ {\r
+ global $PHPCAS_CLIENT;\r
+ phpCAS::traceBegin();\r
+ if ( !is_object($PHPCAS_CLIENT) ) {\r
+ phpCAS::error('this method should only be called after\r
+ '.__CLASS__.'::client()');\r
+ }\r
+ if ( gettype($url) != 'string' ) {\r
+ phpCAS::error('type mismatched for parameter $url (should be\r
+ `string\')');\r
+ }\r
+ $PHPCAS_CLIENT->setServerLogoutURL($url);\r
+ phpCAS::traceEnd();\r
+ }\r
+ \r
+ /**\r
+ * This method is used to logout from CAS.\r
+ * @params $params an array that contains the optional url and service parameters that will be passed to the CAS server\r
+ * @public\r
+ */\r
+ function logout($params = "") {\r
+ global $PHPCAS_CLIENT;\r
+ phpCAS::traceBegin();\r
+ if (!is_object($PHPCAS_CLIENT)) {\r
+ phpCAS::error('this method should only be called after '.__CLASS__.'::client() or'.__CLASS__.'::proxy()');\r
+ }\r
+ $parsedParams = array();\r
+ if ($params != "") {\r
+ if (is_string($params)) {\r
+ phpCAS::error('method `phpCAS::logout($url)\' is now deprecated, use `phpCAS::logoutWithUrl($url)\' instead');\r
+ }\r
+ if (!is_array($params)) {\r
+ phpCAS::error('type mismatched for parameter $params (should be `array\')');\r
+ }\r
+ foreach ($params as $key => $value) {\r
+ if ($key != "service" && $key != "url") {\r
+ phpCAS::error('only `url\' and `service\' parameters are allowed for method `phpCAS::logout($params)\'');\r
+ }\r
+ $parsedParams[$key] = $value;\r
+ }\r
+ }\r
+ $PHPCAS_CLIENT->logout($parsedParams);\r
+ // never reached\r
+ phpCAS::traceEnd();\r
+ }\r
+ \r
+ /**\r
+ * This method is used to logout from CAS. Halts by redirecting to the CAS server.\r
+ * @param $service a URL that will be transmitted to the CAS server\r
+ */\r
+ function logoutWithRedirectService($service) {\r
+ global $PHPCAS_CLIENT;\r
+ phpCAS::traceBegin();\r
+ if ( !is_object($PHPCAS_CLIENT) ) {\r
+ phpCAS::error('this method should only be called after '.__CLASS__.'::client() or'.__CLASS__.'::proxy()');\r
+ }\r
+ if (!is_string($service)) {\r
+ phpCAS::error('type mismatched for parameter $service (should be `string\')');\r
+ }\r
+ $PHPCAS_CLIENT->logout(array("service" => $service));\r
+ // never reached\r
+ phpCAS::traceEnd();\r
+ }\r
+ \r
+ /**\r
+ * This method is used to logout from CAS. Halts by redirecting to the CAS server.\r
+ * @param $url a URL that will be transmitted to the CAS server\r
+ */\r
+ function logoutWithUrl($url) {\r
+ global $PHPCAS_CLIENT;\r
+ phpCAS::traceBegin();\r
+ if ( !is_object($PHPCAS_CLIENT) ) {\r
+ phpCAS::error('this method should only be called after '.__CLASS__.'::client() or'.__CLASS__.'::proxy()');\r
+ }\r
+ if (!is_string($url)) {\r
+ phpCAS::error('type mismatched for parameter $url (should be `string\')');\r
+ }\r
+ $PHPCAS_CLIENT->logout(array("url" => $url));\r
+ // never reached\r
+ phpCAS::traceEnd();\r
+ }\r
+ \r
+ /**\r
+ * This method is used to logout from CAS. Halts by redirecting to the CAS server.\r
+ * @param $service a URL that will be transmitted to the CAS server\r
+ * @param $url a URL that will be transmitted to the CAS server\r
+ */\r
+ function logoutWithRedirectServiceAndUrl($service, $url) {\r
+ global $PHPCAS_CLIENT;\r
+ phpCAS::traceBegin();\r
+ if ( !is_object($PHPCAS_CLIENT) ) {\r
+ phpCAS::error('this method should only be called after '.__CLASS__.'::client() or'.__CLASS__.'::proxy()');\r
+ }\r
+ if (!is_string($service)) {\r
+ phpCAS::error('type mismatched for parameter $service (should be `string\')');\r
+ }\r
+ if (!is_string($url)) {\r
+ phpCAS::error('type mismatched for parameter $url (should be `string\')');\r
+ }\r
+ $PHPCAS_CLIENT->logout(array("service" => $service, "url" => $url));\r
+ // never reached\r
+ phpCAS::traceEnd();\r
+ }\r
+ \r
+ /**\r
+ * Set the fixed URL that will be used by the CAS server to transmit the PGT.\r
+ * When this method is not called, a phpCAS script uses its own URL for the callback.\r
+ *\r
+ * @param $url the URL\r
+ */\r
+ function setFixedCallbackURL($url='')\r
+ {\r
+ global $PHPCAS_CLIENT;\r
+ phpCAS::traceBegin();\r
+ if ( !is_object($PHPCAS_CLIENT) ) {\r
+ phpCAS::error('this method should only be called after '.__CLASS__.'::proxy()');\r
+ }\r
+ if ( !$PHPCAS_CLIENT->isProxy() ) {\r
+ phpCAS::error('this method should only be called after '.__CLASS__.'::proxy()');\r
+ }\r
+ if ( gettype($url) != 'string' ) {\r
+ phpCAS::error('type mismatched for parameter $url (should be `string\')');\r
+ }\r
+ $PHPCAS_CLIENT->setCallbackURL($url);\r
+ phpCAS::traceEnd();\r
+ }\r
+ \r
+ /**\r
+ * Set the fixed URL that will be set as the CAS service parameter. When this\r
+ * method is not called, a phpCAS script uses its own URL.\r
+ *\r
+ * @param $url the URL\r
+ */\r
+ function setFixedServiceURL($url)\r
+ {\r
+ global $PHPCAS_CLIENT;\r
+ phpCAS::traceBegin();\r
+ if ( !is_object($PHPCAS_CLIENT) ) {\r
+ phpCAS::error('this method should only be called after '.__CLASS__.'::proxy()');\r
+ } \r
+ if ( gettype($url) != 'string' ) {\r
+ phpCAS::error('type mismatched for parameter $url (should be `string\')');\r
+ }\r
+ $PHPCAS_CLIENT->setURL($url);\r
+ phpCAS::traceEnd();\r
+ }\r
+ \r
+ /**\r
+ * Get the URL that is set as the CAS service parameter.\r
+ */\r
+ function getServiceURL()\r
+ {\r
+ global $PHPCAS_CLIENT;\r
+ if ( !is_object($PHPCAS_CLIENT) ) {\r
+ phpCAS::error('this method should only be called after '.__CLASS__.'::proxy()');\r
+ } \r
+ return($PHPCAS_CLIENT->getURL());\r
+ }\r
+ \r
+ /**\r
+ * Retrieve a Proxy Ticket from the CAS server.\r
+ */\r
+ function retrievePT($target_service,&$err_code,&$err_msg)\r
+ {\r
+ global $PHPCAS_CLIENT;\r
+ if ( !is_object($PHPCAS_CLIENT) ) {\r
+ phpCAS::error('this method should only be called after '.__CLASS__.'::proxy()');\r
+ } \r
+ if ( gettype($target_service) != 'string' ) {\r
+ phpCAS::error('type mismatched for parameter $target_service(should be `string\')');\r
+ }\r
+ return($PHPCAS_CLIENT->retrievePT($target_service,$err_code,$err_msg));\r
+ }\r
+ \r
+ /**\r
+ * Set the certificate of the CAS server.\r
+ *\r
+ * @param $cert the PEM certificate\r
+ */\r
+ function setCasServerCert($cert)\r
+ {\r
+ global $PHPCAS_CLIENT;\r
+ phpCAS::traceBegin();\r
+ if ( !is_object($PHPCAS_CLIENT) ) {\r
+ phpCAS::error('this method should only be called after '.__CLASS__.'::client() or'.__CLASS__.'::proxy()');\r
+ } \r
+ if ( gettype($cert) != 'string' ) {\r
+ phpCAS::error('type mismatched for parameter $cert (should be `string\')');\r
+ }\r
+ $PHPCAS_CLIENT->setCasServerCert($cert);\r
+ phpCAS::traceEnd();\r
+ }\r
+ \r
+ /**\r
+ * Set the certificate of the CAS server CA.\r
+ *\r
+ * @param $cert the CA certificate\r
+ */\r
+ function setCasServerCACert($cert)\r
+ {\r
+ global $PHPCAS_CLIENT;\r
+ phpCAS::traceBegin();\r
+ if ( !is_object($PHPCAS_CLIENT) ) {\r
+ phpCAS::error('this method should only be called after '.__CLASS__.'::client() or'.__CLASS__.'::proxy()');\r
+ } \r
+ if ( gettype($cert) != 'string' ) {\r
+ phpCAS::error('type mismatched for parameter $cert (should be `string\')');\r
+ }\r
+ $PHPCAS_CLIENT->setCasServerCACert($cert);\r
+ phpCAS::traceEnd();\r
+ }\r
+ \r
+ /**\r
+ * Set no SSL validation for the CAS server.\r
+ */\r
+ function setNoCasServerValidation()\r
+ {\r
+ global $PHPCAS_CLIENT;\r
+ phpCAS::traceBegin();\r
+ if ( !is_object($PHPCAS_CLIENT) ) {\r
+ phpCAS::error('this method should only be called after '.__CLASS__.'::client() or'.__CLASS__.'::proxy()');\r
+ } \r
+ $PHPCAS_CLIENT->setNoCasServerValidation();\r
+ phpCAS::traceEnd();\r
+ }\r
+ \r
+ /** @} */\r
+ \r
+ /**\r
+ * Change CURL options.\r
+ * CURL is used to connect through HTTPS to CAS server\r
+ * @param $key the option key\r
+ * @param $value the value to set\r
+ */\r
+ function setExtraCurlOption($key, $value)\r
+ {\r
+ global $PHPCAS_CLIENT;\r
+ phpCAS::traceBegin();\r
+ if ( !is_object($PHPCAS_CLIENT) ) {\r
+ phpCAS::error('this method should only be called after '.__CLASS__.'::client() or'.__CLASS__.'::proxy()');\r
+ } \r
+ $PHPCAS_CLIENT->setExtraCurlOption($key, $value);\r
+ phpCAS::traceEnd();\r
+ }\r
+\r
+}\r
+\r
+// ########################################################################\r
+// DOCUMENTATION\r
+// ########################################################################\r
+\r
+// ########################################################################\r
+// MAIN PAGE\r
+\r
+/**\r
+ * @mainpage\r
+ *\r
+ * The following pages only show the source documentation.\r
+ *\r
+ */\r
+\r
+// ########################################################################\r
+// MODULES DEFINITION\r
+\r
+/** @defgroup public User interface */\r
+\r
+/** @defgroup publicInit Initialization\r
+ * @ingroup public */\r
+\r
+/** @defgroup publicAuth Authentication\r
+ * @ingroup public */\r
+\r
+/** @defgroup publicServices Access to external services\r
+ * @ingroup public */\r
+\r
+/** @defgroup publicConfig Configuration\r
+ * @ingroup public */\r
+\r
+/** @defgroup publicLang Internationalization\r
+ * @ingroup publicConfig */\r
+\r
+/** @defgroup publicOutput HTML output\r
+ * @ingroup publicConfig */\r
+\r
+/** @defgroup publicPGTStorage PGT storage\r
+ * @ingroup publicConfig */\r
+\r
+/** @defgroup publicDebug Debugging\r
+ * @ingroup public */\r
+\r
+\r
+/** @defgroup internal Implementation */\r
+\r
+/** @defgroup internalAuthentication Authentication\r
+ * @ingroup internal */\r
+\r
+/** @defgroup internalBasic CAS Basic client features (CAS 1.0, Service Tickets)\r
+ * @ingroup internal */\r
+\r
+/** @defgroup internalProxy CAS Proxy features (CAS 2.0, Proxy Granting Tickets)\r
+ * @ingroup internal */\r
+\r
+/** @defgroup internalPGTStorage PGT storage\r
+ * @ingroup internalProxy */\r
+\r
+/** @defgroup internalPGTStorageDB PGT storage in a database\r
+ * @ingroup internalPGTStorage */\r
+\r
+/** @defgroup internalPGTStorageFile PGT storage on the filesystem\r
+ * @ingroup internalPGTStorage */\r
+\r
+/** @defgroup internalCallback Callback from the CAS server\r
+ * @ingroup internalProxy */\r
+\r
+/** @defgroup internalProxied CAS proxied client features (CAS 2.0, Proxy Tickets)\r
+ * @ingroup internal */\r
+\r
+/** @defgroup internalConfig Configuration\r
+ * @ingroup internal */\r
+\r
+/** @defgroup internalOutput HTML output\r
+ * @ingroup internalConfig */\r
+\r
+/** @defgroup internalLang Internationalization\r
+ * @ingroup internalConfig\r
+ *\r
+ * To add a new language:\r
+ * - 1. define a new constant PHPCAS_LANG_XXXXXX in CAS/CAS.php\r
+ * - 2. copy any file from CAS/languages to CAS/languages/XXXXXX.php\r
+ * - 3. Make the translations\r
+ */\r
+\r
+/** @defgroup internalDebug Debugging\r
+ * @ingroup internal */\r
+\r
+/** @defgroup internalMisc Miscellaneous\r
+ * @ingroup internal */\r
+\r
+// ########################################################################\r
+// EXAMPLES\r
+\r
+/**\r
+ * @example example_simple.php\r
+ */\r
+ /**\r
+ * @example example_proxy.php\r
+ */\r
+ /**\r
+ * @example example_proxy2.php\r
+ */\r
+ /**\r
+ * @example example_lang.php\r
+ */\r
+ /**\r
+ * @example example_html.php\r
+ */\r
+ /**\r
+ * @example example_file.php\r
+ */\r
+ /**\r
+ * @example example_db.php\r
+ */\r
+ /**\r
+ * @example example_service.php\r
+ */\r
+ /**\r
+ * @example example_session_proxy.php\r
+ */\r
+ /**\r
+ * @example example_session_service.php\r
+ */\r
+ /**\r
+ * @example example_gateway.php\r
+ */\r
+\r
+\r
+\r
+?>\r
--- /dev/null
+<?php\r
+\r
+/**\r
+ * @file CAS/PGTStorage/pgt-db.php\r
+ * Basic class for PGT database storage\r
+ */\r
+\r
+/**\r
+ * @class PGTStorageDB\r
+ * The PGTStorageDB class is a class for PGT database storage. An instance of \r
+ * this class is returned by CASClient::SetPGTStorageDB().\r
+ *\r
+ * @author Pascal Aubry <pascal.aubry at univ-rennes1.fr>\r
+ *\r
+ * @ingroup internalPGTStorageDB\r
+ */\r
+\r
+class PGTStorageDB extends PGTStorage\r
+{\r
+ /** \r
+ * @addtogroup internalPGTStorageDB\r
+ * @{ \r
+ */\r
+\r
+ /**\r
+ * a string representing a PEAR DB URL to connect to the database. Written by\r
+ * PGTStorageDB::PGTStorageDB(), read by getURL().\r
+ *\r
+ * @hideinitializer\r
+ * @private\r
+ */\r
+ var $_url='';\r
+\r
+ /**\r
+ * This method returns the PEAR DB URL to use to connect to the database.\r
+ *\r
+ * @return a PEAR DB URL\r
+ *\r
+ * @private\r
+ */\r
+ function getURL()\r
+ {\r
+ return $this->_url;\r
+ }\r
+\r
+ /**\r
+ * The handle of the connection to the database where PGT's are stored. Written by\r
+ * PGTStorageDB::init(), read by getLink().\r
+ *\r
+ * @hideinitializer\r
+ * @private\r
+ */\r
+ var $_link = null;\r
+\r
+ /**\r
+ * This method returns the handle of the connection to the database where PGT's are \r
+ * stored.\r
+ *\r
+ * @return a handle of connection.\r
+ *\r
+ * @private\r
+ */\r
+ function getLink()\r
+ {\r
+ return $this->_link;\r
+ }\r
+\r
+ /**\r
+ * The name of the table where PGT's are stored. Written by \r
+ * PGTStorageDB::PGTStorageDB(), read by getTable().\r
+ *\r
+ * @hideinitializer\r
+ * @private\r
+ */\r
+ var $_table = '';\r
+\r
+ /**\r
+ * This method returns the name of the table where PGT's are stored.\r
+ *\r
+ * @return the name of a table.\r
+ *\r
+ * @private\r
+ */\r
+ function getTable()\r
+ {\r
+ return $this->_table;\r
+ }\r
+\r
+ // ########################################################################\r
+ // DEBUGGING\r
+ // ########################################################################\r
+ \r
+ /**\r
+ * This method returns an informational string giving the type of storage\r
+ * used by the object (used for debugging purposes).\r
+ *\r
+ * @return an informational string.\r
+ * @public\r
+ */\r
+ function getStorageType()\r
+ {\r
+ return "database";\r
+ }\r
+\r
+ /**\r
+ * This method returns an informational string giving informations on the\r
+ * parameters of the storage.(used for debugging purposes).\r
+ *\r
+ * @public\r
+ */\r
+ function getStorageInfo()\r
+ {\r
+ return 'url=`'.$this->getURL().'\', table=`'.$this->getTable().'\'';\r
+ }\r
+\r
+ // ########################################################################\r
+ // CONSTRUCTOR\r
+ // ########################################################################\r
+ \r
+ /**\r
+ * The class constructor, called by CASClient::SetPGTStorageDB().\r
+ *\r
+ * @param $cas_parent the CASClient instance that creates the object.\r
+ * @param $user the user to access the data with\r
+ * @param $password the user's password\r
+ * @param $database_type the type of the database hosting the data\r
+ * @param $hostname the server hosting the database\r
+ * @param $port the port the server is listening on\r
+ * @param $database the name of the database\r
+ * @param $table the name of the table storing the data\r
+ *\r
+ * @public\r
+ */\r
+ function PGTStorageDB($cas_parent,$user,$password,$database_type,$hostname,$port,$database,$table)\r
+ {\r
+ phpCAS::traceBegin();\r
+\r
+ // call the ancestor's constructor\r
+ $this->PGTStorage($cas_parent);\r
+\r
+ if ( empty($database_type) ) $database_type = CAS_PGT_STORAGE_DB_DEFAULT_DATABASE_TYPE;\r
+ if ( empty($hostname) ) $hostname = CAS_PGT_STORAGE_DB_DEFAULT_HOSTNAME;\r
+ if ( $port==0 ) $port = CAS_PGT_STORAGE_DB_DEFAULT_PORT;\r
+ if ( empty($database) ) $database = CAS_PGT_STORAGE_DB_DEFAULT_DATABASE;\r
+ if ( empty($table) ) $table = CAS_PGT_STORAGE_DB_DEFAULT_TABLE;\r
+\r
+ // build and store the PEAR DB URL\r
+ $this->_url = $database_type.':'.'//'.$user.':'.$password.'@'.$hostname.':'.$port.'/'.$database;\r
+\r
+ // XXX should use setURL and setTable\r
+ phpCAS::traceEnd();\r
+ }\r
+ \r
+ // ########################################################################\r
+ // INITIALIZATION\r
+ // ########################################################################\r
+ \r
+ /**\r
+ * This method is used to initialize the storage. Halts on error.\r
+ *\r
+ * @public\r
+ */\r
+ function init()\r
+ {\r
+ phpCAS::traceBegin();\r
+ // if the storage has already been initialized, return immediatly\r
+ if ( $this->isInitialized() )\r
+ return;\r
+ // call the ancestor's method (mark as initialized)\r
+ parent::init();\r
+ \r
+ //include phpDB library (the test was introduced in release 0.4.8 for \r
+ //the integration into Tikiwiki).\r
+ if (!class_exists('DB')) {\r
+ include_once('DB.php');\r
+ }\r
+\r
+ // try to connect to the database\r
+ $this->_link = DB::connect($this->getURL());\r
+ if ( DB::isError($this->_link) ) {\r
+ phpCAS::error('could not connect to database ('.DB::errorMessage($this->_link).')');\r
+ }\r
+ var_dump($this->_link);\r
+ phpCAS::traceBEnd();\r
+ }\r
+\r
+ /** @} */\r
+}\r
+\r
+?>
\ No newline at end of file
--- /dev/null
+<?php\r
+\r
+/**\r
+ * @file CAS/PGTStorage/pgt-file.php\r
+ * Basic class for PGT file storage\r
+ */\r
+\r
+/**\r
+ * @class PGTStorageFile\r
+ * The PGTStorageFile class is a class for PGT file storage. An instance of \r
+ * this class is returned by CASClient::SetPGTStorageFile().\r
+ *\r
+ * @author Pascal Aubry <pascal.aubry at univ-rennes1.fr>\r
+ *\r
+ * @ingroup internalPGTStorageFile\r
+ */\r
+\r
+class PGTStorageFile extends PGTStorage\r
+{\r
+ /** \r
+ * @addtogroup internalPGTStorageFile \r
+ * @{ \r
+ */\r
+\r
+ /**\r
+ * a string telling where PGT's should be stored on the filesystem. Written by\r
+ * PGTStorageFile::PGTStorageFile(), read by getPath().\r
+ *\r
+ * @private\r
+ */\r
+ var $_path;\r
+\r
+ /**\r
+ * This method returns the name of the directory where PGT's should be stored \r
+ * on the filesystem.\r
+ *\r
+ * @return the name of a directory (with leading and trailing '/')\r
+ *\r
+ * @private\r
+ */\r
+ function getPath()\r
+ {\r
+ return $this->_path;\r
+ }\r
+\r
+ /**\r
+ * a string telling the format to use to store PGT's (plain or xml). Written by\r
+ * PGTStorageFile::PGTStorageFile(), read by getFormat().\r
+ *\r
+ * @private\r
+ */\r
+ var $_format;\r
+\r
+ /**\r
+ * This method returns the format to use when storing PGT's on the filesystem.\r
+ *\r
+ * @return a string corresponding to the format used (plain or xml).\r
+ *\r
+ * @private\r
+ */\r
+ function getFormat()\r
+ {\r
+ return $this->_format;\r
+ }\r
+\r
+ // ########################################################################\r
+ // DEBUGGING\r
+ // ########################################################################\r
+ \r
+ /**\r
+ * This method returns an informational string giving the type of storage\r
+ * used by the object (used for debugging purposes).\r
+ *\r
+ * @return an informational string.\r
+ * @public\r
+ */\r
+ function getStorageType()\r
+ {\r
+ return "file";\r
+ }\r
+\r
+ /**\r
+ * This method returns an informational string giving informations on the\r
+ * parameters of the storage.(used for debugging purposes).\r
+ *\r
+ * @return an informational string.\r
+ * @public\r
+ */\r
+ function getStorageInfo()\r
+ {\r
+ return 'path=`'.$this->getPath().'\', format=`'.$this->getFormat().'\'';\r
+ }\r
+\r
+ // ########################################################################\r
+ // CONSTRUCTOR\r
+ // ########################################################################\r
+ \r
+ /**\r
+ * The class constructor, called by CASClient::SetPGTStorageFile().\r
+ *\r
+ * @param $cas_parent the CASClient instance that creates the object.\r
+ * @param $format the format used to store the PGT's (`plain' and `xml' allowed).\r
+ * @param $path the path where the PGT's should be stored\r
+ *\r
+ * @public\r
+ */\r
+ function PGTStorageFile($cas_parent,$format,$path)\r
+ {\r
+ phpCAS::traceBegin();\r
+ // call the ancestor's constructor\r
+ $this->PGTStorage($cas_parent);\r
+\r
+ if (empty($format) ) $format = CAS_PGT_STORAGE_FILE_DEFAULT_FORMAT;\r
+ if (empty($path) ) $path = CAS_PGT_STORAGE_FILE_DEFAULT_PATH;\r
+\r
+ // check that the path is an absolute path\r
+ if (getenv("OS")=="Windows_NT"){\r
+ \r
+ if (!preg_match('`^[a-zA-Z]:`', $path)) {\r
+ phpCAS::error('an absolute path is needed for PGT storage to file');\r
+ }\r
+ \r
+ }\r
+ else\r
+ {\r
+ \r
+ if ( $path[0] != '/' ) {\r
+ phpCAS::error('an absolute path is needed for PGT storage to file');\r
+ }\r
+\r
+ // store the path (with a leading and trailing '/') \r
+ $path = preg_replace('|[/]*$|','/',$path);\r
+ $path = preg_replace('|^[/]*|','/',$path);\r
+ }\r
+ \r
+ $this->_path = $path;\r
+ // check the format and store it\r
+ switch ($format) {\r
+ case CAS_PGT_STORAGE_FILE_FORMAT_PLAIN:\r
+ case CAS_PGT_STORAGE_FILE_FORMAT_XML:\r
+ $this->_format = $format;\r
+ break;\r
+ default:\r
+ phpCAS::error('unknown PGT file storage format (`'.CAS_PGT_STORAGE_FILE_FORMAT_PLAIN.'\' and `'.CAS_PGT_STORAGE_FILE_FORMAT_XML.'\' allowed)');\r
+ }\r
+ phpCAS::traceEnd(); \r
+ }\r
+\r
+ // ########################################################################\r
+ // INITIALIZATION\r
+ // ########################################################################\r
+ \r
+ /**\r
+ * This method is used to initialize the storage. Halts on error.\r
+ *\r
+ * @public\r
+ */\r
+ function init()\r
+ {\r
+ phpCAS::traceBegin();\r
+ // if the storage has already been initialized, return immediatly\r
+ if ( $this->isInitialized() )\r
+ return;\r
+ // call the ancestor's method (mark as initialized)\r
+ parent::init();\r
+ phpCAS::traceEnd(); \r
+ }\r
+\r
+ // ########################################################################\r
+ // PGT I/O\r
+ // ########################################################################\r
+\r
+ /**\r
+ * This method returns the filename corresponding to a PGT Iou.\r
+ *\r
+ * @param $pgt_iou the PGT iou.\r
+ *\r
+ * @return a filename\r
+ * @private\r
+ */\r
+ function getPGTIouFilename($pgt_iou)\r
+ {\r
+ phpCAS::traceBegin();\r
+ $filename = $this->getPath().$pgt_iou.'.'.$this->getFormat();\r
+ phpCAS::traceEnd($filename);\r
+ return $filename;\r
+ }\r
+ \r
+ /**\r
+ * This method stores a PGT and its corresponding PGT Iou into a file. Echoes a\r
+ * warning on error.\r
+ *\r
+ * @param $pgt the PGT\r
+ * @param $pgt_iou the PGT iou\r
+ *\r
+ * @public\r
+ */\r
+ function write($pgt,$pgt_iou)\r
+ {\r
+ phpCAS::traceBegin();\r
+ $fname = $this->getPGTIouFilename($pgt_iou);\r
+ if ( $f=fopen($fname,"w") ) {\r
+ if ( fputs($f,$pgt) === FALSE ) {\r
+ phpCAS::error('could not write PGT to `'.$fname.'\'');\r
+ }\r
+ fclose($f);\r
+ } else {\r
+ phpCAS::error('could not open `'.$fname.'\'');\r
+ }\r
+ phpCAS::traceEnd(); \r
+ }\r
+\r
+ /**\r
+ * This method reads a PGT corresponding to a PGT Iou and deletes the \r
+ * corresponding file.\r
+ *\r
+ * @param $pgt_iou the PGT iou\r
+ *\r
+ * @return the corresponding PGT, or FALSE on error\r
+ *\r
+ * @public\r
+ */\r
+ function read($pgt_iou)\r
+ {\r
+ phpCAS::traceBegin();\r
+ $pgt = FALSE;\r
+ $fname = $this->getPGTIouFilename($pgt_iou);\r
+ if ( !($f=fopen($fname,"r")) ) {\r
+ phpCAS::trace('could not open `'.$fname.'\'');\r
+ } else {\r
+ if ( ($pgt=fgets($f)) === FALSE ) {\r
+ phpCAS::trace('could not read PGT from `'.$fname.'\'');\r
+ } \r
+ fclose($f);\r
+ }\r
+\r
+ // delete the PGT file\r
+ @unlink($fname);\r
+\r
+ phpCAS::traceEnd($pgt);\r
+ return $pgt;\r
+ }\r
+ \r
+ /** @} */\r
+ \r
+}\r
+\r
+ \r
+?>
\ No newline at end of file
--- /dev/null
+<?php\r
+\r
+/**\r
+ * @file CAS/PGTStorage/pgt-main.php\r
+ * Basic class for PGT storage\r
+ */\r
+\r
+/**\r
+ * @class PGTStorage\r
+ * The PGTStorage class is a generic class for PGT storage. This class should\r
+ * not be instanciated itself but inherited by specific PGT storage classes.\r
+ *\r
+ * @author Pascal Aubry <pascal.aubry at univ-rennes1.fr>\r
+ *\r
+ * @ingroup internalPGTStorage\r
+ */\r
+\r
+class PGTStorage\r
+{\r
+ /** \r
+ * @addtogroup internalPGTStorage\r
+ * @{ \r
+ */\r
+\r
+ // ########################################################################\r
+ // CONSTRUCTOR\r
+ // ########################################################################\r
+ \r
+ /**\r
+ * The constructor of the class, should be called only by inherited classes.\r
+ *\r
+ * @param $cas_parent the CASclient instance that creates the current object.\r
+ *\r
+ * @protected\r
+ */\r
+ function PGTStorage($cas_parent)\r
+ {\r
+ phpCAS::traceBegin();\r
+ if ( !$cas_parent->isProxy() ) {\r
+ phpCAS::error('defining PGT storage makes no sense when not using a CAS proxy'); \r
+ }\r
+ phpCAS::traceEnd();\r
+ }\r
+\r
+ // ########################################################################\r
+ // DEBUGGING\r
+ // ########################################################################\r
+ \r
+ /**\r
+ * This virtual method returns an informational string giving the type of storage\r
+ * used by the object (used for debugging purposes).\r
+ *\r
+ * @public\r
+ */\r
+ function getStorageType()\r
+ {\r
+ phpCAS::error(__CLASS__.'::'.__FUNCTION__.'() should never be called'); \r
+ }\r
+\r
+ /**\r
+ * This virtual method returns an informational string giving informations on the\r
+ * parameters of the storage.(used for debugging purposes).\r
+ *\r
+ * @public\r
+ */\r
+ function getStorageInfo()\r
+ {\r
+ phpCAS::error(__CLASS__.'::'.__FUNCTION__.'() should never be called'); \r
+ }\r
+\r
+ // ########################################################################\r
+ // ERROR HANDLING\r
+ // ########################################################################\r
+ \r
+ /**\r
+ * string used to store an error message. Written by PGTStorage::setErrorMessage(),\r
+ * read by PGTStorage::getErrorMessage().\r
+ *\r
+ * @hideinitializer\r
+ * @private\r
+ * @deprecated not used.\r
+ */\r
+ var $_error_message=FALSE;\r
+\r
+ /**\r
+ * This method sets en error message, which can be read later by \r
+ * PGTStorage::getErrorMessage().\r
+ *\r
+ * @param $error_message an error message\r
+ *\r
+ * @protected\r
+ * @deprecated not used.\r
+ */\r
+ function setErrorMessage($error_message)\r
+ {\r
+ $this->_error_message = $error_message;\r
+ }\r
+\r
+ /**\r
+ * This method returns an error message set by PGTStorage::setErrorMessage().\r
+ *\r
+ * @return an error message when set by PGTStorage::setErrorMessage(), FALSE\r
+ * otherwise.\r
+ *\r
+ * @public\r
+ * @deprecated not used.\r
+ */\r
+ function getErrorMessage()\r
+ {\r
+ return $this->_error_message;\r
+ }\r
+\r
+ // ########################################################################\r
+ // INITIALIZATION\r
+ // ########################################################################\r
+\r
+ /**\r
+ * a boolean telling if the storage has already been initialized. Written by \r
+ * PGTStorage::init(), read by PGTStorage::isInitialized().\r
+ *\r
+ * @hideinitializer\r
+ * @private\r
+ */\r
+ var $_initialized = FALSE;\r
+\r
+ /**\r
+ * This method tells if the storage has already been intialized.\r
+ *\r
+ * @return a boolean\r
+ *\r
+ * @protected\r
+ */\r
+ function isInitialized()\r
+ {\r
+ return $this->_initialized;\r
+ }\r
+\r
+ /**\r
+ * This virtual method initializes the object.\r
+ *\r
+ * @protected\r
+ */\r
+ function init()\r
+ {\r
+ $this->_initialized = TRUE;\r
+ }\r
+\r
+ // ########################################################################\r
+ // PGT I/O\r
+ // ########################################################################\r
+\r
+ /**\r
+ * This virtual method stores a PGT and its corresponding PGT Iuo.\r
+ * @note Should never be called.\r
+ *\r
+ * @param $pgt the PGT\r
+ * @param $pgt_iou the PGT iou\r
+ *\r
+ * @protected\r
+ */\r
+ function write($pgt,$pgt_iou)\r
+ {\r
+ phpCAS::error(__CLASS__.'::'.__FUNCTION__.'() should never be called'); \r
+ }\r
+\r
+ /**\r
+ * This virtual method reads a PGT corresponding to a PGT Iou and deletes\r
+ * the corresponding storage entry.\r
+ * @note Should never be called.\r
+ *\r
+ * @param $pgt_iou the PGT iou\r
+ *\r
+ * @protected\r
+ */\r
+ function read($pgt_iou)\r
+ {\r
+ phpCAS::error(__CLASS__.'::'.__FUNCTION__.'() should never be called'); \r
+ }\r
+\r
+ /** @} */\r
+ \r
+} \r
+\r
+// include specific PGT storage classes\r
+include_once(dirname(__FILE__).'/pgt-file.php'); \r
+include_once(dirname(__FILE__).'/pgt-db.php');\r
+ \r
+?>
\ No newline at end of file
--- /dev/null
+<?php\r
+\r
+/**\r
+ * @file CAS/client.php\r
+ * Main class of the phpCAS library\r
+ */\r
+\r
+// include internationalization stuff\r
+include_once(dirname(__FILE__).'/languages/languages.php');\r
+\r
+// include PGT storage classes\r
+include_once(dirname(__FILE__).'/PGTStorage/pgt-main.php');\r
+\r
+/**\r
+ * @class CASClient\r
+ * The CASClient class is a client interface that provides CAS authentication\r
+ * to PHP applications.\r
+ *\r
+ * @author Pascal Aubry <pascal.aubry at univ-rennes1.fr>\r
+ */\r
+\r
+class CASClient\r
+{\r
+ \r
+ // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX\r
+ // XX XX\r
+ // XX CONFIGURATION XX\r
+ // XX XX\r
+ // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX\r
+ \r
+ // ########################################################################\r
+ // HTML OUTPUT\r
+ // ########################################################################\r
+ /**\r
+ * @addtogroup internalOutput\r
+ * @{\r
+ */ \r
+ \r
+ /**\r
+ * This method filters a string by replacing special tokens by appropriate values\r
+ * and prints it. The corresponding tokens are taken into account:\r
+ * - __CAS_VERSION__\r
+ * - __PHPCAS_VERSION__\r
+ * - __SERVER_BASE_URL__\r
+ *\r
+ * Used by CASClient::PrintHTMLHeader() and CASClient::printHTMLFooter().\r
+ *\r
+ * @param $str the string to filter and output\r
+ *\r
+ * @private\r
+ */\r
+ function HTMLFilterOutput($str)\r
+ {\r
+ $str = str_replace('__CAS_VERSION__',$this->getServerVersion(),$str);\r
+ $str = str_replace('__PHPCAS_VERSION__',phpCAS::getVersion(),$str);\r
+ $str = str_replace('__SERVER_BASE_URL__',$this->getServerBaseURL(),$str);\r
+ echo $str;\r
+ }\r
+ \r
+ /**\r
+ * A string used to print the header of HTML pages. Written by CASClient::setHTMLHeader(),\r
+ * read by CASClient::printHTMLHeader().\r
+ *\r
+ * @hideinitializer\r
+ * @private\r
+ * @see CASClient::setHTMLHeader, CASClient::printHTMLHeader()\r
+ */\r
+ var $_output_header = '';\r
+ \r
+ /**\r
+ * This method prints the header of the HTML output (after filtering). If\r
+ * CASClient::setHTMLHeader() was not used, a default header is output.\r
+ *\r
+ * @param $title the title of the page\r
+ *\r
+ * @see HTMLFilterOutput()\r
+ * @private\r
+ */\r
+ function printHTMLHeader($title)\r
+ {\r
+ $this->HTMLFilterOutput(str_replace('__TITLE__',\r
+ $title,\r
+ (empty($this->_output_header)\r
+ ? '<html><head><title>__TITLE__</title></head><body><h1>__TITLE__</h1>'\r
+ : $this->_output_header)\r
+ )\r
+ );\r
+ }\r
+ \r
+ /**\r
+ * A string used to print the footer of HTML pages. Written by CASClient::setHTMLFooter(),\r
+ * read by printHTMLFooter().\r
+ *\r
+ * @hideinitializer\r
+ * @private\r
+ * @see CASClient::setHTMLFooter, CASClient::printHTMLFooter()\r
+ */\r
+ var $_output_footer = '';\r
+ \r
+ /**\r
+ * This method prints the footer of the HTML output (after filtering). If\r
+ * CASClient::setHTMLFooter() was not used, a default footer is output.\r
+ *\r
+ * @see HTMLFilterOutput()\r
+ * @private\r
+ */\r
+ function printHTMLFooter()\r
+ {\r
+ $this->HTMLFilterOutput(empty($this->_output_footer)\r
+ ?('<hr><address>phpCAS __PHPCAS_VERSION__ '.$this->getString(CAS_STR_USING_SERVER).' <a href="__SERVER_BASE_URL__">__SERVER_BASE_URL__</a> (CAS __CAS_VERSION__)</a></address></body></html>')\r
+ :$this->_output_footer);\r
+ }\r
+ \r
+ /**\r
+ * This method set the HTML header used for all outputs.\r
+ *\r
+ * @param $header the HTML header.\r
+ *\r
+ * @public\r
+ */\r
+ function setHTMLHeader($header)\r
+ {\r
+ $this->_output_header = $header;\r
+ }\r
+ \r
+ /**\r
+ * This method set the HTML footer used for all outputs.\r
+ *\r
+ * @param $footer the HTML footer.\r
+ *\r
+ * @public\r
+ */\r
+ function setHTMLFooter($footer)\r
+ {\r
+ $this->_output_footer = $footer;\r
+ }\r
+ \r
+ /** @} */\r
+ // ########################################################################\r
+ // INTERNATIONALIZATION\r
+ // ########################################################################\r
+ /**\r
+ * @addtogroup internalLang\r
+ * @{\r
+ */ \r
+ /**\r
+ * A string corresponding to the language used by phpCAS. Written by \r
+ * CASClient::setLang(), read by CASClient::getLang().\r
+ \r
+ * @note debugging information is always in english (debug purposes only).\r
+ *\r
+ * @hideinitializer\r
+ * @private\r
+ * @sa CASClient::_strings, CASClient::getString()\r
+ */\r
+ var $_lang = '';\r
+ \r
+ /**\r
+ * This method returns the language used by phpCAS.\r
+ *\r
+ * @return a string representing the language\r
+ *\r
+ * @private\r
+ */\r
+ function getLang()\r
+ {\r
+ if ( empty($this->_lang) )\r
+ $this->setLang(PHPCAS_LANG_DEFAULT);\r
+ return $this->_lang;\r
+ }\r
+ \r
+ /**\r
+ * array containing the strings used by phpCAS. Written by CASClient::setLang(), read by \r
+ * CASClient::getString() and used by CASClient::setLang().\r
+ *\r
+ * @note This array is filled by instructions in CAS/languages/<$this->_lang>.php\r
+ *\r
+ * @private\r
+ * @see CASClient::_lang, CASClient::getString(), CASClient::setLang(), CASClient::getLang()\r
+ */\r
+ var $_strings;\r
+ \r
+ /**\r
+ * This method returns a string depending on the language.\r
+ *\r
+ * @param $str the index of the string in $_string.\r
+ *\r
+ * @return the string corresponding to $index in $string.\r
+ *\r
+ * @private\r
+ */\r
+ function getString($str)\r
+ {\r
+ // call CASclient::getLang() to be sure the language is initialized\r
+ $this->getLang();\r
+ \r
+ if ( !isset($this->_strings[$str]) ) {\r
+ trigger_error('string `'.$str.'\' not defined for language `'.$this->getLang().'\'',E_USER_ERROR);\r
+ }\r
+ return $this->_strings[$str];\r
+ }\r
+ \r
+ /**\r
+ * This method is used to set the language used by phpCAS. \r
+ * @note Can be called only once.\r
+ *\r
+ * @param $lang a string representing the language.\r
+ *\r
+ * @public\r
+ * @sa CAS_LANG_FRENCH, CAS_LANG_ENGLISH\r
+ */\r
+ function setLang($lang)\r
+ {\r
+ // include the corresponding language file\r
+ include_once(dirname(__FILE__).'/languages/'.$lang.'.php');\r
+ \r
+ if ( !is_array($this->_strings) ) {\r
+ trigger_error('language `'.$lang.'\' is not implemented',E_USER_ERROR);\r
+ }\r
+ $this->_lang = $lang;\r
+ }\r
+ \r
+ /** @} */\r
+ // ########################################################################\r
+ // CAS SERVER CONFIG\r
+ // ########################################################################\r
+ /**\r
+ * @addtogroup internalConfig\r
+ * @{\r
+ */ \r
+ \r
+ /**\r
+ * a record to store information about the CAS server.\r
+ * - $_server["version"]: the version of the CAS server\r
+ * - $_server["hostname"]: the hostname of the CAS server\r
+ * - $_server["port"]: the port the CAS server is running on\r
+ * - $_server["uri"]: the base URI the CAS server is responding on\r
+ * - $_server["base_url"]: the base URL of the CAS server\r
+ * - $_server["login_url"]: the login URL of the CAS server\r
+ * - $_server["service_validate_url"]: the service validating URL of the CAS server\r
+ * - $_server["proxy_url"]: the proxy URL of the CAS server\r
+ * - $_server["proxy_validate_url"]: the proxy validating URL of the CAS server\r
+ * - $_server["logout_url"]: the logout URL of the CAS server\r
+ *\r
+ * $_server["version"], $_server["hostname"], $_server["port"] and $_server["uri"]\r
+ * are written by CASClient::CASClient(), read by CASClient::getServerVersion(), \r
+ * CASClient::getServerHostname(), CASClient::getServerPort() and CASClient::getServerURI().\r
+ *\r
+ * The other fields are written and read by CASClient::getServerBaseURL(), \r
+ * CASClient::getServerLoginURL(), CASClient::getServerServiceValidateURL(), \r
+ * CASClient::getServerProxyValidateURL() and CASClient::getServerLogoutURL().\r
+ *\r
+ * @hideinitializer\r
+ * @private\r
+ */\r
+ var $_server = array(\r
+ 'version' => -1,\r
+ 'hostname' => 'none',\r
+ 'port' => -1,\r
+ 'uri' => 'none'\r
+ );\r
+ \r
+ /**\r
+ * This method is used to retrieve the version of the CAS server.\r
+ * @return the version of the CAS server.\r
+ * @private\r
+ */\r
+ function getServerVersion()\r
+ { \r
+ return $this->_server['version']; \r
+ }\r
+ \r
+ /**\r
+ * This method is used to retrieve the hostname of the CAS server.\r
+ * @return the hostname of the CAS server.\r
+ * @private\r
+ */\r
+ function getServerHostname()\r
+ { return $this->_server['hostname']; }\r
+ \r
+ /**\r
+ * This method is used to retrieve the port of the CAS server.\r
+ * @return the port of the CAS server.\r
+ * @private\r
+ */\r
+ function getServerPort()\r
+ { return $this->_server['port']; }\r
+ \r
+ /**\r
+ * This method is used to retrieve the URI of the CAS server.\r
+ * @return a URI.\r
+ * @private\r
+ */\r
+ function getServerURI()\r
+ { return $this->_server['uri']; }\r
+ \r
+ /**\r
+ * This method is used to retrieve the base URL of the CAS server.\r
+ * @return a URL.\r
+ * @private\r
+ */\r
+ function getServerBaseURL()\r
+ { \r
+ // the URL is build only when needed\r
+ if ( empty($this->_server['base_url']) ) {\r
+ $this->_server['base_url'] = 'https://'\r
+ .$this->getServerHostname()\r
+ .':'\r
+ .$this->getServerPort()\r
+ .$this->getServerURI();\r
+ }\r
+ return $this->_server['base_url']; \r
+ }\r
+ \r
+ /**\r
+ * This method is used to retrieve the login URL of the CAS server.\r
+ * @param $gateway true to check authentication, false to force it\r
+ * @param $renew true to force the authentication with the CAS server\r
+ * NOTE : It is recommended that CAS implementations ignore the\r
+ "gateway" parameter if "renew" is set\r
+ * @return a URL.\r
+ * @private\r
+ */\r
+ function getServerLoginURL($gateway=false,$renew=false) {\r
+ phpCAS::traceBegin();\r
+ // the URL is build only when needed\r
+ if ( empty($this->_server['login_url']) ) {\r
+ $this->_server['login_url'] = $this->getServerBaseURL();\r
+ $this->_server['login_url'] .= 'login?service=';\r
+ // $this->_server['login_url'] .= preg_replace('/&/','%26',$this->getURL());\r
+ $this->_server['login_url'] .= urlencode($this->getURL());\r
+ if($renew) {\r
+ // It is recommended that when the "renew" parameter is set, its value be "true"\r
+ $this->_server['login_url'] .= '&renew=true';\r
+ } elseif ($gateway) {\r
+ // It is recommended that when the "gateway" parameter is set, its value be "true"\r
+ $this->_server['login_url'] .= '&gateway=true';\r
+ }\r
+ }\r
+ phpCAS::traceEnd($this->_server['login_url']);\r
+ return $this->_server['login_url'];\r
+ } \r
+ \r
+ /**\r
+ * This method sets the login URL of the CAS server.\r
+ * @param $url the login URL\r
+ * @private\r
+ * @since 0.4.21 by Wyman Chan\r
+ */\r
+ function setServerLoginURL($url)\r
+ {\r
+ return $this->_server['login_url'] = $url;\r
+ }\r
+ \r
+ /**\r
+ * This method is used to retrieve the service validating URL of the CAS server.\r
+ * @return a URL.\r
+ * @private\r
+ */\r
+ function getServerServiceValidateURL()\r
+ { \r
+ // the URL is build only when needed\r
+ if ( empty($this->_server['service_validate_url']) ) {\r
+ switch ($this->getServerVersion()) {\r
+ case CAS_VERSION_1_0:\r
+ $this->_server['service_validate_url'] = $this->getServerBaseURL().'validate';\r
+ break;\r
+ case CAS_VERSION_2_0:\r
+ $this->_server['service_validate_url'] = $this->getServerBaseURL().'serviceValidate';\r
+ break;\r
+ }\r
+ }\r
+ // return $this->_server['service_validate_url'].'?service='.preg_replace('/&/','%26',$this->getURL()); \r
+ return $this->_server['service_validate_url'].'?service='.urlencode($this->getURL()); \r
+ }\r
+ \r
+ /**\r
+ * This method is used to retrieve the proxy validating URL of the CAS server.\r
+ * @return a URL.\r
+ * @private\r
+ */\r
+ function getServerProxyValidateURL()\r
+ { \r
+ // the URL is build only when needed\r
+ if ( empty($this->_server['proxy_validate_url']) ) {\r
+ switch ($this->getServerVersion()) {\r
+ case CAS_VERSION_1_0:\r
+ $this->_server['proxy_validate_url'] = '';\r
+ break;\r
+ case CAS_VERSION_2_0:\r
+ $this->_server['proxy_validate_url'] = $this->getServerBaseURL().'proxyValidate';\r
+ break;\r
+ }\r
+ }\r
+ // return $this->_server['proxy_validate_url'].'?service='.preg_replace('/&/','%26',$this->getURL()); \r
+ return $this->_server['proxy_validate_url'].'?service='.urlencode($this->getURL()); \r
+ }\r
+ \r
+ /**\r
+ * This method is used to retrieve the proxy URL of the CAS server.\r
+ * @return a URL.\r
+ * @private\r
+ */\r
+ function getServerProxyURL()\r
+ { \r
+ // the URL is build only when needed\r
+ if ( empty($this->_server['proxy_url']) ) {\r
+ switch ($this->getServerVersion()) {\r
+ case CAS_VERSION_1_0:\r
+ $this->_server['proxy_url'] = '';\r
+ break;\r
+ case CAS_VERSION_2_0:\r
+ $this->_server['proxy_url'] = $this->getServerBaseURL().'proxy';\r
+ break;\r
+ }\r
+ }\r
+ return $this->_server['proxy_url']; \r
+ }\r
+ \r
+ /**\r
+ * This method is used to retrieve the logout URL of the CAS server.\r
+ * @return a URL.\r
+ * @private\r
+ */\r
+ function getServerLogoutURL()\r
+ { \r
+ // the URL is build only when needed\r
+ if ( empty($this->_server['logout_url']) ) {\r
+ $this->_server['logout_url'] = $this->getServerBaseURL().'logout';\r
+ }\r
+ return $this->_server['logout_url']; \r
+ }\r
+ \r
+ /**\r
+ * This method sets the logout URL of the CAS server.\r
+ * @param $url the logout URL\r
+ * @private\r
+ * @since 0.4.21 by Wyman Chan\r
+ */\r
+ function setServerLogoutURL($url)\r
+ {\r
+ return $this->_server['logout_url'] = $url;\r
+ }\r
+\r
+ /**\r
+ * An array to store extra curl options.\r
+ */ \r
+ var $_curl_options = array();\r
+\r
+ /**\r
+ * This method is used to set additional user curl options.\r
+ */\r
+ function setExtraCurlOption($key, $value)\r
+ {\r
+ $this->_curl_options[$key] = $value;\r
+ }\r
+ \r
+ /**\r
+ * This method checks to see if the request is secured via HTTPS\r
+ * @return true if https, false otherwise\r
+ * @private\r
+ */\r
+ function isHttps() {\r
+ //if ( isset($_SERVER['HTTPS']) && !empty($_SERVER['HTTPS']) ) {\r
+ //0.4.24 by Hinnack\r
+ if ( isset($_SERVER['HTTPS']) && !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') {\r
+ return true;\r
+ } else {\r
+ return false;\r
+ }\r
+ }\r
+ \r
+ // ########################################################################\r
+ // CONSTRUCTOR\r
+ // ########################################################################\r
+ /**\r
+ * CASClient constructor.\r
+ *\r
+ * @param $server_version the version of the CAS server\r
+ * @param $proxy TRUE if the CAS client is a CAS proxy, FALSE otherwise\r
+ * @param $server_hostname the hostname of the CAS server\r
+ * @param $server_port the port the CAS server is running on\r
+ * @param $server_uri the URI the CAS server is responding on\r
+ * @param $start_session Have phpCAS start PHP sessions (default true)\r
+ *\r
+ * @return a newly created CASClient object\r
+ *\r
+ * @public\r
+ */\r
+ function CASClient(\r
+ $server_version,\r
+ $proxy,\r
+ $server_hostname,\r
+ $server_port,\r
+ $server_uri,\r
+ $start_session = true) {\r
+ \r
+ phpCAS::traceBegin();\r
+ \r
+ if (!$this->isLogoutRequest() && !empty($_GET['ticket']) && $start_session) {\r
+ // copy old session vars and destroy the current session\r
+ if (!isset($_SESSION)) {\r
+ session_start();\r
+ }\r
+ $old_session = $_SESSION;\r
+ session_destroy();\r
+ // set up a new session, of name based on the ticket\r
+ $session_id = preg_replace('/[^\w]/','',$_GET['ticket']);\r
+ phpCAS::LOG("Session ID: " . $session_id);\r
+ session_id($session_id);\r
+ if (!isset($_SESSION)) {\r
+ session_start();\r
+ }\r
+ // restore old session vars\r
+ $_SESSION = $old_session;
+ // Redirect to location without ticket.
+ header('Location: '.$this->getURL());\r
+ }\r
+ \r
+ //activate session mechanism if desired\r
+ if (!$this->isLogoutRequest() && $start_session) {\r
+ session_start();\r
+ }\r
+ \r
+ $this->_proxy = $proxy;\r
+ \r
+ //check version\r
+ switch ($server_version) {\r
+ case CAS_VERSION_1_0:\r
+ if ( $this->isProxy() )\r
+ phpCAS::error('CAS proxies are not supported in CAS '\r
+ .$server_version);\r
+ break;\r
+ case CAS_VERSION_2_0:\r
+ break;\r
+ default:\r
+ phpCAS::error('this version of CAS (`'\r
+ .$server_version\r
+ .'\') is not supported by phpCAS '\r
+ .phpCAS::getVersion());\r
+ }\r
+ $this->_server['version'] = $server_version;\r
+ \r
+ //check hostname\r
+ if ( empty($server_hostname) \r
+ || !preg_match('/[\.\d\-abcdefghijklmnopqrstuvwxyz]*/',$server_hostname) ) {\r
+ phpCAS::error('bad CAS server hostname (`'.$server_hostname.'\')');\r
+ }\r
+ $this->_server['hostname'] = $server_hostname;\r
+ \r
+ //check port\r
+ if ( $server_port == 0 \r
+ || !is_int($server_port) ) {\r
+ phpCAS::error('bad CAS server port (`'.$server_hostname.'\')');\r
+ }\r
+ $this->_server['port'] = $server_port;\r
+ \r
+ //check URI\r
+ if ( !preg_match('/[\.\d\-_abcdefghijklmnopqrstuvwxyz\/]*/',$server_uri) ) {\r
+ phpCAS::error('bad CAS server URI (`'.$server_uri.'\')');\r
+ }\r
+ //add leading and trailing `/' and remove doubles \r
+ $server_uri = preg_replace('/\/\//','/','/'.$server_uri.'/');\r
+ $this->_server['uri'] = $server_uri;\r
+ \r
+ //set to callback mode if PgtIou and PgtId CGI GET parameters are provided \r
+ if ( $this->isProxy() ) {\r
+ $this->setCallbackMode(!empty($_GET['pgtIou'])&&!empty($_GET['pgtId']));\r
+ }\r
+ \r
+ if ( $this->isCallbackMode() ) {\r
+ //callback mode: check that phpCAS is secured\r
+ if ( !$this->isHttps() ) {\r
+ phpCAS::error('CAS proxies must be secured to use phpCAS; PGT\'s will not be received from the CAS server');\r
+ }\r
+ } else {\r
+ //normal mode: get ticket and remove it from CGI parameters for developpers\r
+ $ticket = (isset($_GET['ticket']) ? $_GET['ticket'] : null);\r
+ switch ($this->getServerVersion()) {\r
+ case CAS_VERSION_1_0: // check for a Service Ticket\r
+ if( preg_match('/^ST-/',$ticket) ) {\r
+ phpCAS::trace('ST \''.$ticket.'\' found');\r
+ //ST present\r
+ $this->setST($ticket);\r
+ //ticket has been taken into account, unset it to hide it to applications\r
+ unset($_GET['ticket']);\r
+ } else if ( !empty($ticket) ) {\r
+ //ill-formed ticket, halt\r
+ phpCAS::error('ill-formed ticket found in the URL (ticket=`'.htmlentities($ticket).'\')');\r
+ }\r
+ break;\r
+ case CAS_VERSION_2_0: // check for a Service or Proxy Ticket\r
+ if( preg_match('/^[SP]T-/',$ticket) ) {\r
+ phpCAS::trace('ST or PT \''.$ticket.'\' found');\r
+ $this->setPT($ticket);\r
+ unset($_GET['ticket']);\r
+ } else if ( !empty($ticket) ) {\r
+ //ill-formed ticket, halt\r
+ phpCAS::error('ill-formed ticket found in the URL (ticket=`'.htmlentities($ticket).'\')');\r
+ } \r
+ break;\r
+ }\r
+ }\r
+ phpCAS::traceEnd();\r
+ }\r
+ \r
+ /** @} */\r
+ \r
+ // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX\r
+ // XX XX\r
+ // XX AUTHENTICATION XX\r
+ // XX XX\r
+ // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX\r
+ \r
+ /**\r
+ * @addtogroup internalAuthentication\r
+ * @{\r
+ */ \r
+ \r
+ /**\r
+ * The Authenticated user. Written by CASClient::setUser(), read by CASClient::getUser().\r
+ * @attention client applications should use phpCAS::getUser().\r
+ *\r
+ * @hideinitializer\r
+ * @private\r
+ */\r
+ var $_user = '';\r
+ \r
+ /**\r
+ * This method sets the CAS user's login name.\r
+ *\r
+ * @param $user the login name of the authenticated user.\r
+ *\r
+ * @private\r
+ */\r
+ function setUser($user)\r
+ {\r
+ $this->_user = $user;\r
+ }\r
+ \r
+ /**\r
+ * This method returns the CAS user's login name.\r
+ * @warning should be called only after CASClient::forceAuthentication() or \r
+ * CASClient::isAuthenticated(), otherwise halt with an error.\r
+ *\r
+ * @return the login name of the authenticated user\r
+ */\r
+ function getUser()\r
+ {\r
+ if ( empty($this->_user) ) {\r
+ phpCAS::error('this method should be used only after '.__CLASS__.'::forceAuthentication() or '.__CLASS__.'::isAuthenticated()');\r
+ }\r
+ return $this->_user;\r
+ }\r
+ \r
+ /**\r
+ * This method is called to renew the authentication of the user\r
+ * If the user is authenticated, renew the connection\r
+ * If not, redirect to CAS\r
+ * @public\r
+ */\r
+ function renewAuthentication(){\r
+ phpCAS::traceBegin();\r
+ // Either way, the user is authenticated by CAS\r
+ if( isset( $_SESSION['phpCAS']['auth_checked'] ) )\r
+ unset($_SESSION['phpCAS']['auth_checked']);\r
+ if ( $this->isAuthenticated() ) {\r
+ phpCAS::trace('user already authenticated; renew');\r
+ $this->redirectToCas(false,true);\r
+ } else {\r
+ $this->redirectToCas();\r
+ }\r
+ phpCAS::traceEnd();\r
+ }\r
+\r
+ /**\r
+ * This method is called to be sure that the user is authenticated. When not \r
+ * authenticated, halt by redirecting to the CAS server; otherwise return TRUE.\r
+ * @return TRUE when the user is authenticated; otherwise halt.\r
+ * @public\r
+ */\r
+ function forceAuthentication()\r
+ {\r
+ phpCAS::traceBegin();\r
+ \r
+ if ( $this->isAuthenticated() ) {\r
+ // the user is authenticated, nothing to be done.\r
+ phpCAS::trace('no need to authenticate');\r
+ $res = TRUE;\r
+ } else {\r
+ // the user is not authenticated, redirect to the CAS server\r
+ if (isset($_SESSION['phpCAS']['auth_checked'])) {\r
+ unset($_SESSION['phpCAS']['auth_checked']);\r
+ }\r
+ $this->redirectToCas(FALSE/* no gateway */); \r
+ // never reached\r
+ $res = FALSE;\r
+ }\r
+ phpCAS::traceEnd($res);\r
+ return $res;\r
+ }\r
+ \r
+ /**\r
+ * An integer that gives the number of times authentication will be cached before rechecked.\r
+ *\r
+ * @hideinitializer\r
+ * @private\r
+ */\r
+ var $_cache_times_for_auth_recheck = 0;\r
+ \r
+ /**\r
+ * Set the number of times authentication will be cached before rechecked.\r
+ *\r
+ * @param $n an integer.\r
+ *\r
+ * @public\r
+ */\r
+ function setCacheTimesForAuthRecheck($n)\r
+ {\r
+ $this->_cache_times_for_auth_recheck = $n;\r
+ }\r
+ \r
+ /**\r
+ * This method is called to check whether the user is authenticated or not.\r
+ * @return TRUE when the user is authenticated, FALSE otherwise.\r
+ * @public\r
+ */\r
+ function checkAuthentication()\r
+ {\r
+ phpCAS::traceBegin();\r
+ \r
+ if ( $this->isAuthenticated() ) {\r
+ phpCAS::trace('user is authenticated');\r
+ $res = TRUE;\r
+ } else if (isset($_SESSION['phpCAS']['auth_checked'])) {\r
+ // the previous request has redirected the client to the CAS server with gateway=true\r
+ unset($_SESSION['phpCAS']['auth_checked']);\r
+ $res = FALSE;\r
+ } else {\r
+ // $_SESSION['phpCAS']['auth_checked'] = true;\r
+ // $this->redirectToCas(TRUE/* gateway */); \r
+ // // never reached\r
+ // $res = FALSE;\r
+ // avoid a check against CAS on every request\r
+ if (! isset($_SESSION['phpCAS']['unauth_count']) )\r
+ $_SESSION['phpCAS']['unauth_count'] = -2; // uninitialized\r
+ \r
+ if (($_SESSION['phpCAS']['unauth_count'] != -2 && $this->_cache_times_for_auth_recheck == -1) \r
+ || ($_SESSION['phpCAS']['unauth_count'] >= 0 && $_SESSION['phpCAS']['unauth_count'] < $this->_cache_times_for_auth_recheck))\r
+ {\r
+ $res = FALSE;\r
+ \r
+ if ($this->_cache_times_for_auth_recheck != -1)\r
+ {\r
+ $_SESSION['phpCAS']['unauth_count']++;\r
+ phpCAS::trace('user is not authenticated (cached for '.$_SESSION['phpCAS']['unauth_count'].' times of '.$this->_cache_times_for_auth_recheck.')');\r
+ }\r
+ else\r
+ {\r
+ phpCAS::trace('user is not authenticated (cached for until login pressed)');\r
+ }\r
+ }\r
+ else\r
+ {\r
+ $_SESSION['phpCAS']['unauth_count'] = 0;\r
+ $_SESSION['phpCAS']['auth_checked'] = true;\r
+ phpCAS::trace('user is not authenticated (cache reset)');\r
+ $this->redirectToCas(TRUE/* gateway */); \r
+ // never reached\r
+ $res = FALSE;\r
+ }\r
+ }\r
+ phpCAS::traceEnd($res);\r
+ return $res;\r
+ }\r
+ \r
+ /**\r
+ * This method is called to check if the user is authenticated (previously or by\r
+ * tickets given in the URL).\r
+ *\r
+ * @return TRUE when the user is authenticated.\r
+ *\r
+ * @public\r
+ */\r
+ function isAuthenticated()\r
+ {\r
+ phpCAS::traceBegin();\r
+ $res = FALSE;\r
+ $validate_url = '';\r
+ \r
+ if ( $this->wasPreviouslyAuthenticated() ) {\r
+ // the user has already (previously during the session) been \r
+ // authenticated, nothing to be done.\r
+ phpCAS::trace('user was already authenticated, no need to look for tickets');\r
+ $res = TRUE;\r
+ } \r
+ elseif ( $this->hasST() ) {\r
+ // if a Service Ticket was given, validate it\r
+ phpCAS::trace('ST `'.$this->getST().'\' is present');\r
+ $this->validateST($validate_url,$text_response,$tree_response); // if it fails, it halts\r
+ phpCAS::trace('ST `'.$this->getST().'\' was validated');\r
+ if ( $this->isProxy() ) {\r
+ $this->validatePGT($validate_url,$text_response,$tree_response); // idem\r
+ phpCAS::trace('PGT `'.$this->getPGT().'\' was validated');\r
+ $_SESSION['phpCAS']['pgt'] = $this->getPGT();\r
+ }\r
+ $_SESSION['phpCAS']['user'] = $this->getUser();\r
+ $res = TRUE;\r
+ }\r
+ elseif ( $this->hasPT() ) {\r
+ // if a Proxy Ticket was given, validate it\r
+ phpCAS::trace('PT `'.$this->getPT().'\' is present');\r
+ $this->validatePT($validate_url,$text_response,$tree_response); // note: if it fails, it halts\r
+ phpCAS::trace('PT `'.$this->getPT().'\' was validated');\r
+ if ( $this->isProxy() ) {\r
+ $this->validatePGT($validate_url,$text_response,$tree_response); // idem\r
+ phpCAS::trace('PGT `'.$this->getPGT().'\' was validated');\r
+ $_SESSION['phpCAS']['pgt'] = $this->getPGT();\r
+ }\r
+ $_SESSION['phpCAS']['user'] = $this->getUser();\r
+ $res = TRUE;\r
+ } \r
+ else {\r
+ // no ticket given, not authenticated\r
+ phpCAS::trace('no ticket found');\r
+ }\r
+ \r
+ phpCAS::traceEnd($res);\r
+ return $res;\r
+ }\r
+ \r
+ /**\r
+ * This method tells if the current session is authenticated.\r
+ * @return true if authenticated based soley on $_SESSION variable\r
+ * @since 0.4.22 by Brendan Arnold\r
+ */\r
+ function isSessionAuthenticated ()\r
+ {\r
+ return !empty($_SESSION['phpCAS']['user']);\r
+ }\r
+ \r
+ /**\r
+ * This method tells if the user has already been (previously) authenticated\r
+ * by looking into the session variables.\r
+ *\r
+ * @note This function switches to callback mode when needed.\r
+ *\r
+ * @return TRUE when the user has already been authenticated; FALSE otherwise.\r
+ *\r
+ * @private\r
+ */\r
+ function wasPreviouslyAuthenticated()\r
+ {\r
+ phpCAS::traceBegin();\r
+ \r
+ if ( $this->isCallbackMode() ) {\r
+ $this->callback();\r
+ }\r
+ \r
+ $auth = FALSE;\r
+ \r
+ if ( $this->isProxy() ) {\r
+ // CAS proxy: username and PGT must be present\r
+ if ( $this->isSessionAuthenticated() && !empty($_SESSION['phpCAS']['pgt']) ) {\r
+ // authentication already done\r
+ $this->setUser($_SESSION['phpCAS']['user']);\r
+ $this->setPGT($_SESSION['phpCAS']['pgt']);\r
+ phpCAS::trace('user = `'.$_SESSION['phpCAS']['user'].'\', PGT = `'.$_SESSION['phpCAS']['pgt'].'\''); \r
+ $auth = TRUE;\r
+ } elseif ( $this->isSessionAuthenticated() && empty($_SESSION['phpCAS']['pgt']) ) {\r
+ // these two variables should be empty or not empty at the same time\r
+ phpCAS::trace('username found (`'.$_SESSION['phpCAS']['user'].'\') but PGT is empty');\r
+ // unset all tickets to enforce authentication\r
+ unset($_SESSION['phpCAS']);\r
+ $this->setST('');\r
+ $this->setPT('');\r
+ } elseif ( !$this->isSessionAuthenticated() && !empty($_SESSION['phpCAS']['pgt']) ) {\r
+ // these two variables should be empty or not empty at the same time\r
+ phpCAS::trace('PGT found (`'.$_SESSION['phpCAS']['pgt'].'\') but username is empty'); \r
+ // unset all tickets to enforce authentication\r
+ unset($_SESSION['phpCAS']);\r
+ $this->setST('');\r
+ $this->setPT('');\r
+ } else {\r
+ phpCAS::trace('neither user not PGT found'); \r
+ }\r
+ } else {\r
+ // `simple' CAS client (not a proxy): username must be present\r
+ if ( $this->isSessionAuthenticated() ) {\r
+ // authentication already done\r
+ $this->setUser($_SESSION['phpCAS']['user']);\r
+ phpCAS::trace('user = `'.$_SESSION['phpCAS']['user'].'\''); \r
+ $auth = TRUE;\r
+ } else {\r
+ phpCAS::trace('no user found');\r
+ }\r
+ }\r
+ \r
+ phpCAS::traceEnd($auth);\r
+ return $auth;\r
+ }\r
+ \r
+ /**\r
+ * This method is used to redirect the client to the CAS server.\r
+ * It is used by CASClient::forceAuthentication() and CASClient::checkAuthentication().\r
+ * @param $gateway true to check authentication, false to force it\r
+ * @param $renew true to force the authentication with the CAS server\r
+ * @public\r
+ */\r
+ function redirectToCas($gateway=false,$renew=false){\r
+ phpCAS::traceBegin();\r
+ $cas_url = $this->getServerLoginURL($gateway,$renew);\r
+ header('Location: '.$cas_url);\r
+ phpCAS::log( "Redirect to : ".$cas_url );\r
+ \r
+ $this->printHTMLHeader($this->getString(CAS_STR_AUTHENTICATION_WANTED));\r
+ \r
+ printf('<p>'.$this->getString(CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED).'</p>',$cas_url);\r
+ $this->printHTMLFooter();\r
+ phpCAS::traceExit();\r
+ exit();\r
+ }\r
+\r
+// /**\r
+// * This method is used to logout from CAS.\r
+// * @param $url a URL that will be transmitted to the CAS server (to come back to when logged out)\r
+// * @public\r
+// */\r
+// function logout($url = "") {\r
+// phpCAS::traceBegin();\r
+// $cas_url = $this->getServerLogoutURL();\r
+// // v0.4.14 sebastien.gougeon at univ-rennes1.fr\r
+// // header('Location: '.$cas_url);\r
+// if ( $url != "" ) {\r
+// // Adam Moore 1.0.0RC2\r
+// $url = '?service=' . $url . '&url=' . $url;\r
+// }\r
+// header('Location: '.$cas_url . $url);\r
+// session_unset();\r
+// session_destroy();\r
+// $this->printHTMLHeader($this->getString(CAS_STR_LOGOUT));\r
+// printf('<p>'.$this->getString(CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED).'</p>',$cas_url);\r
+// $this->printHTMLFooter();\r
+// phpCAS::traceExit();\r
+// exit();\r
+// }\r
+ \r
+ /**\r
+ * This method is used to logout from CAS.\r
+ * @params $params an array that contains the optional url and service parameters that will be passed to the CAS server\r
+ * @public\r
+ */\r
+ function logout($params) {\r
+ phpCAS::traceBegin();\r
+ $cas_url = $this->getServerLogoutURL();\r
+ $paramSeparator = '?';\r
+ if (isset($params['url'])) {\r
+ $cas_url = $cas_url . $paramSeparator . "url=" . urlencode($params['url']); \r
+ $paramSeparator = '&';\r
+ }\r
+ if (isset($params['service'])) {\r
+ $cas_url = $cas_url . $paramSeparator . "service=" . urlencode($params['service']); \r
+ }\r
+ header('Location: '.$cas_url);\r
+ session_unset();\r
+ session_destroy();\r
+ $this->printHTMLHeader($this->getString(CAS_STR_LOGOUT));\r
+ printf('<p>'.$this->getString(CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED).'</p>',$cas_url);\r
+ $this->printHTMLFooter();\r
+ phpCAS::traceExit();\r
+ exit();\r
+ }\r
+ \r
+ /**\r
+ * @return true if the current request is a logout request.\r
+ * @private\r
+ */\r
+ function isLogoutRequest() {\r
+ return !empty($_POST['logoutRequest']);\r
+ }\r
+ \r
+ /**\r
+ * @return true if a logout request is allowed.\r
+ * @private\r
+ */\r
+ function isLogoutRequestAllowed() {\r
+ }\r
+ \r
+ /**\r
+ * This method handles logout requests.\r
+ * @param $check_client true to check the client bofore handling the request, \r
+ * false not to perform any access control. True by default.\r
+ * @param $allowed_clients an array of host names allowed to send logout requests. \r
+ * By default, only the CAs server (declared in the constructor) will be allowed.\r
+ * @public\r
+ */\r
+ function handleLogoutRequests($check_client=true, $allowed_clients=false) {\r
+ phpCAS::traceBegin();\r
+ if (!$this->isLogoutRequest()) {\r
+ phpCAS::log("Not a logout request");\r
+ phpCAS::traceEnd();\r
+ return;\r
+ }\r
+ phpCAS::log("Logout requested");\r
+ phpCAS::log("SAML REQUEST: ".$_POST['logoutRequest']);\r
+ if ($check_client) {\r
+ if (!$allowed_clients) {\r
+ $allowed_clients = array( $this->getServerHostname() ); \r
+ }\r
+ $client_ip = $_SERVER['REMOTE_ADDR'];\r
+ $client = gethostbyaddr($client_ip);\r
+ phpCAS::log("Client: ".$client);\r
+ $allowed = false;\r
+ foreach ($allowed_clients as $allowed_client) {\r
+ if ($client == $allowed_client) {\r
+ phpCAS::log("Allowed client '".$allowed_client."' matches, logout request is allowed");\r
+ $allowed = true;\r
+ break;\r
+ } else {\r
+ phpCAS::log("Allowed client '".$allowed_client."' does not match");\r
+ }\r
+ }\r
+ if (!$allowed) {\r
+ phpCAS::error("Unauthorized logout request from client '".$client."'");\r
+ printf("Unauthorized!");\r
+ phpCAS::traceExit();\r
+ exit();\r
+ }\r
+ } else {\r
+ phpCAS::log("No access control set");\r
+ }\r
+ // Extract the ticket from the SAML Request\r
+ preg_match("|<samlp:SessionIndex>(.*)</samlp:SessionIndex>|", $_POST['logoutRequest'], $tick, PREG_OFFSET_CAPTURE, 3);\r
+ $wrappedSamlSessionIndex = preg_replace('|<samlp:SessionIndex>|','',$tick[0][0]);\r
+ $ticket2logout = preg_replace('|</samlp:SessionIndex>|','',$wrappedSamlSessionIndex);\r
+ phpCAS::log("Ticket to logout: ".$ticket2logout);\r
+ $session_id = preg_replace('/[^\w]/','',$ticket2logout);\r
+ phpCAS::log("Session id: ".$session_id);\r
+\r
+ // fix New session ID\r
+ session_id($session_id);\r
+ $_COOKIE[session_name()]=$session_id;\r
+ $_GET[session_name()]=$session_id;\r
+ \r
+ // Overwrite session\r
+ session_start(); \r
+ session_unset();\r
+ session_destroy();\r
+ printf("Disconnected!");\r
+ phpCAS::traceExit();\r
+ exit();\r
+ }\r
+ \r
+ /** @} */\r
+ \r
+ // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX\r
+ // XX XX\r
+ // XX BASIC CLIENT FEATURES (CAS 1.0) XX\r
+ // XX XX\r
+ // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX\r
+ \r
+ // ########################################################################\r
+ // ST\r
+ // ########################################################################\r
+ /**\r
+ * @addtogroup internalBasic\r
+ * @{\r
+ */ \r
+ \r
+ /**\r
+ * the Service Ticket provided in the URL of the request if present\r
+ * (empty otherwise). Written by CASClient::CASClient(), read by \r
+ * CASClient::getST() and CASClient::hasPGT().\r
+ *\r
+ * @hideinitializer\r
+ * @private\r
+ */\r
+ var $_st = '';\r
+ \r
+ /**\r
+ * This method returns the Service Ticket provided in the URL of the request.\r
+ * @return The service ticket.\r
+ * @private\r
+ */\r
+ function getST()\r
+ { return $this->_st; }\r
+ \r
+ /**\r
+ * This method stores the Service Ticket.\r
+ * @param $st The Service Ticket.\r
+ * @private\r
+ */\r
+ function setST($st)\r
+ { $this->_st = $st; }\r
+ \r
+ /**\r
+ * This method tells if a Service Ticket was stored.\r
+ * @return TRUE if a Service Ticket has been stored.\r
+ * @private\r
+ */\r
+ function hasST()\r
+ { return !empty($this->_st); }\r
+ \r
+ /** @} */\r
+ \r
+ // ########################################################################\r
+ // ST VALIDATION\r
+ // ########################################################################\r
+ /**\r
+ * @addtogroup internalBasic\r
+ * @{\r
+ */ \r
+ \r
+ /**\r
+ * the certificate of the CAS server.\r
+ *\r
+ * @hideinitializer\r
+ * @private\r
+ */\r
+ var $_cas_server_cert = '';\r
+ \r
+ /**\r
+ * the certificate of the CAS server CA.\r
+ *\r
+ * @hideinitializer\r
+ * @private\r
+ */\r
+ var $_cas_server_ca_cert = '';\r
+ \r
+ /**\r
+ * Set to true not to validate the CAS server.\r
+ *\r
+ * @hideinitializer\r
+ * @private\r
+ */\r
+ var $_no_cas_server_validation = false;\r
+ \r
+ /**\r
+ * Set the certificate of the CAS server.\r
+ *\r
+ * @param $cert the PEM certificate\r
+ */\r
+ function setCasServerCert($cert)\r
+ {\r
+ $this->_cas_server_cert = $cert;\r
+ }\r
+ \r
+ /**\r
+ * Set the CA certificate of the CAS server.\r
+ *\r
+ * @param $cert the PEM certificate of the CA that emited the cert of the server\r
+ */\r
+ function setCasServerCACert($cert)\r
+ {\r
+ $this->_cas_server_ca_cert = $cert;\r
+ }\r
+ \r
+ /**\r
+ * Set no SSL validation for the CAS server.\r
+ */\r
+ function setNoCasServerValidation()\r
+ {\r
+ $this->_no_cas_server_validation = true;\r
+ }\r
+ \r
+ /**\r
+ * This method is used to validate a ST; halt on failure, and sets $validate_url,\r
+ * $text_reponse and $tree_response on success. These parameters are used later\r
+ * by CASClient::validatePGT() for CAS proxies.\r
+ * \r
+ * @param $validate_url the URL of the request to the CAS server.\r
+ * @param $text_response the response of the CAS server, as is (XML text).\r
+ * @param $tree_response the response of the CAS server, as a DOM XML tree.\r
+ *\r
+ * @return bool TRUE when successfull, halt otherwise by calling CASClient::authError().\r
+ *\r
+ * @private\r
+ */\r
+ function validateST($validate_url,&$text_response,&$tree_response)\r
+ {\r
+ phpCAS::traceBegin();\r
+ // build the URL to validate the ticket\r
+ $validate_url = $this->getServerServiceValidateURL().'&ticket='.$this->getST();\r
+ if ( $this->isProxy() ) {\r
+ // pass the callback url for CAS proxies\r
+ $validate_url .= '&pgtUrl='.$this->getCallbackURL();\r
+ }\r
+ \r
+ // open and read the URL\r
+ if ( !$this->readURL($validate_url,''/*cookies*/,$headers,$text_response,$err_msg) ) {\r
+ phpCAS::trace('could not open URL \''.$validate_url.'\' to validate ('.$err_msg.')');\r
+ $this->authError('ST not validated',\r
+ $validate_url,\r
+ TRUE/*$no_response*/);\r
+ }\r
+ \r
+ // analyze the result depending on the version\r
+ switch ($this->getServerVersion()) {\r
+ case CAS_VERSION_1_0:\r
+ if (preg_match('/^no\n/',$text_response)) {\r
+ phpCAS::trace('ST has not been validated');\r
+ $this->authError('ST not validated',\r
+ $validate_url,\r
+ FALSE/*$no_response*/,\r
+ FALSE/*$bad_response*/,\r
+ $text_response);\r
+ }\r
+ if (!preg_match('/^yes\n/',$text_response)) {\r
+ phpCAS::trace('ill-formed response');\r
+ $this->authError('ST not validated',\r
+ $validate_url,\r
+ FALSE/*$no_response*/,\r
+ TRUE/*$bad_response*/,\r
+ $text_response);\r
+ }\r
+ // ST has been validated, extract the user name\r
+ $arr = preg_split('/\n/',$text_response);\r
+ $this->setUser(trim($arr[1]));\r
+ break;\r
+ case CAS_VERSION_2_0:\r
+ // read the response of the CAS server into a DOM object\r
+ if ( !($dom = domxml_open_mem($text_response))) {\r
+ phpCAS::trace('domxml_open_mem() failed');\r
+ $this->authError('ST not validated',\r
+ $validate_url,\r
+ FALSE/*$no_response*/,\r
+ TRUE/*$bad_response*/,\r
+ $text_response);\r
+ }\r
+ // read the root node of the XML tree\r
+ if ( !($tree_response = $dom->document_element()) ) {\r
+ phpCAS::trace('document_element() failed');\r
+ $this->authError('ST not validated',\r
+ $validate_url,\r
+ FALSE/*$no_response*/,\r
+ TRUE/*$bad_response*/,\r
+ $text_response);\r
+ }\r
+ // insure that tag name is 'serviceResponse'\r
+ if ( $tree_response->node_name() != 'serviceResponse' ) {\r
+ phpCAS::trace('bad XML root node (should be `serviceResponse\' instead of `'.$tree_response->node_name().'\'');\r
+ $this->authError('ST not validated',\r
+ $validate_url,\r
+ FALSE/*$no_response*/,\r
+ TRUE/*$bad_response*/,\r
+ $text_response);\r
+ }\r
+ if ( sizeof($success_elements = $tree_response->get_elements_by_tagname("authenticationSuccess")) != 0) {\r
+ // authentication succeded, extract the user name\r
+ if ( sizeof($user_elements = $success_elements[0]->get_elements_by_tagname("user")) == 0) {\r
+ phpCAS::trace('<authenticationSuccess> found, but no <user>');\r
+ $this->authError('ST not validated',\r
+ $validate_url,\r
+ FALSE/*$no_response*/,\r
+ TRUE/*$bad_response*/,\r
+ $text_response);\r
+ }\r
+ $user = trim($user_elements[0]->get_content());\r
+ phpCAS::trace('user = `'.$user);\r
+ $this->setUser($user);\r
+ \r
+ } else if ( sizeof($failure_elements = $tree_response->get_elements_by_tagname("authenticationFailure")) != 0) {\r
+ phpCAS::trace('<authenticationFailure> found');\r
+ // authentication failed, extract the error code and message\r
+ $this->authError('ST not validated',\r
+ $validate_url,\r
+ FALSE/*$no_response*/,\r
+ FALSE/*$bad_response*/,\r
+ $text_response,\r
+ $failure_elements[0]->get_attribute('code')/*$err_code*/,\r
+ trim($failure_elements[0]->get_content())/*$err_msg*/);\r
+ } else {\r
+ phpCAS::trace('neither <authenticationSuccess> nor <authenticationFailure> found');\r
+ $this->authError('ST not validated',\r
+ $validate_url,\r
+ FALSE/*$no_response*/,\r
+ TRUE/*$bad_response*/,\r
+ $text_response);\r
+ }\r
+ break;\r
+ }\r
+ \r
+ // at this step, ST has been validated and $this->_user has been set,\r
+ phpCAS::traceEnd(TRUE);\r
+ return TRUE;\r
+ }\r
+ \r
+ /** @} */\r
+ \r
+ // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX\r
+ // XX XX\r
+ // XX PROXY FEATURES (CAS 2.0) XX\r
+ // XX XX\r
+ // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX\r
+ \r
+ // ########################################################################\r
+ // PROXYING\r
+ // ########################################################################\r
+ /**\r
+ * @addtogroup internalProxy\r
+ * @{\r
+ */\r
+ \r
+ /**\r
+ * A boolean telling if the client is a CAS proxy or not. Written by CASClient::CASClient(), \r
+ * read by CASClient::isProxy().\r
+ *\r
+ * @private\r
+ */\r
+ var $_proxy;\r
+ \r
+ /**\r
+ * Tells if a CAS client is a CAS proxy or not\r
+ *\r
+ * @return TRUE when the CAS client is a CAs proxy, FALSE otherwise\r
+ *\r
+ * @private\r
+ */\r
+ function isProxy()\r
+ {\r
+ return $this->_proxy;\r
+ }\r
+ \r
+ /** @} */\r
+ // ########################################################################\r
+ // PGT\r
+ // ########################################################################\r
+ /**\r
+ * @addtogroup internalProxy\r
+ * @{\r
+ */ \r
+ \r
+ /**\r
+ * the Proxy Grnting Ticket given by the CAS server (empty otherwise). \r
+ * Written by CASClient::setPGT(), read by CASClient::getPGT() and CASClient::hasPGT().\r
+ *\r
+ * @hideinitializer\r
+ * @private\r
+ */\r
+ var $_pgt = '';\r
+ \r
+ /**\r
+ * This method returns the Proxy Granting Ticket given by the CAS server.\r
+ * @return The Proxy Granting Ticket.\r
+ * @private\r
+ */\r
+ function getPGT()\r
+ { return $this->_pgt; }\r
+ \r
+ /**\r
+ * This method stores the Proxy Granting Ticket.\r
+ * @param $pgt The Proxy Granting Ticket.\r
+ * @private\r
+ */\r
+ function setPGT($pgt)\r
+ { $this->_pgt = $pgt; }\r
+ \r
+ /**\r
+ * This method tells if a Proxy Granting Ticket was stored.\r
+ * @return TRUE if a Proxy Granting Ticket has been stored.\r
+ * @private\r
+ */\r
+ function hasPGT()\r
+ { return !empty($this->_pgt); }\r
+ \r
+ /** @} */\r
+ \r
+ // ########################################################################\r
+ // CALLBACK MODE\r
+ // ########################################################################\r
+ /**\r
+ * @addtogroup internalCallback\r
+ * @{\r
+ */ \r
+ /**\r
+ * each PHP script using phpCAS in proxy mode is its own callback to get the\r
+ * PGT back from the CAS server. callback_mode is detected by the constructor\r
+ * thanks to the GET parameters.\r
+ */\r
+ \r
+ /**\r
+ * a boolean to know if the CAS client is running in callback mode. Written by\r
+ * CASClient::setCallBackMode(), read by CASClient::isCallbackMode().\r
+ *\r
+ * @hideinitializer\r
+ * @private\r
+ */\r
+ var $_callback_mode = FALSE;\r
+ \r
+ /**\r
+ * This method sets/unsets callback mode.\r
+ *\r
+ * @param $callback_mode TRUE to set callback mode, FALSE otherwise.\r
+ *\r
+ * @private\r
+ */\r
+ function setCallbackMode($callback_mode)\r
+ {\r
+ $this->_callback_mode = $callback_mode;\r
+ }\r
+ \r
+ /**\r
+ * This method returns TRUE when the CAs client is running i callback mode, \r
+ * FALSE otherwise.\r
+ *\r
+ * @return A boolean.\r
+ *\r
+ * @private\r
+ */\r
+ function isCallbackMode()\r
+ {\r
+ return $this->_callback_mode;\r
+ }\r
+ \r
+ /**\r
+ * the URL that should be used for the PGT callback (in fact the URL of the \r
+ * current request without any CGI parameter). Written and read by \r
+ * CASClient::getCallbackURL().\r
+ *\r
+ * @hideinitializer\r
+ * @private\r
+ */\r
+ var $_callback_url = '';\r
+ \r
+ /**\r
+ * This method returns the URL that should be used for the PGT callback (in\r
+ * fact the URL of the current request without any CGI parameter, except if\r
+ * phpCAS::setFixedCallbackURL() was used).\r
+ *\r
+ * @return The callback URL\r
+ *\r
+ * @private\r
+ */\r
+ function getCallbackURL()\r
+ {\r
+ // the URL is built when needed only\r
+ if ( empty($this->_callback_url) ) {\r
+ $final_uri = '';\r
+ // remove the ticket if present in the URL\r
+ $final_uri = 'https://';\r
+ /* replaced by Julien Marchal - v0.4.6\r
+ * $this->uri .= $_SERVER['SERVER_NAME'];\r
+ */\r
+ if(empty($_SERVER['HTTP_X_FORWARDED_SERVER'])){\r
+ /* replaced by teedog - v0.4.12\r
+ * $final_uri .= $_SERVER['SERVER_NAME'];\r
+ */\r
+ if (empty($_SERVER['SERVER_NAME'])) {\r
+ $final_uri .= $_SERVER['HTTP_HOST'];\r
+ } else {\r
+ $final_uri .= $_SERVER['SERVER_NAME'];\r
+ }\r
+ } else {\r
+ $final_uri .= $_SERVER['HTTP_X_FORWARDED_SERVER'];\r
+ }\r
+ if ( ($this->isHttps() && $_SERVER['SERVER_PORT']!=443)\r
+ || (!$this->isHttps() && $_SERVER['SERVER_PORT']!=80) ) {\r
+ $final_uri .= ':';\r
+ $final_uri .= $_SERVER['SERVER_PORT'];\r
+ }\r
+ $request_uri = $_SERVER['REQUEST_URI'];\r
+ $request_uri = preg_replace('/\?.*$/','',$request_uri);\r
+ $final_uri .= $request_uri;\r
+ $this->setCallbackURL($final_uri);\r
+ }\r
+ return $this->_callback_url;\r
+ }\r
+ \r
+ /**\r
+ * This method sets the callback url.\r
+ *\r
+ * @param $callback_url url to set callback \r
+ *\r
+ * @private\r
+ */\r
+ function setCallbackURL($url)\r
+ {\r
+ return $this->_callback_url = $url;\r
+ }\r
+ \r
+ /**\r
+ * This method is called by CASClient::CASClient() when running in callback\r
+ * mode. It stores the PGT and its PGT Iou, prints its output and halts.\r
+ *\r
+ * @private\r
+ */\r
+ function callback()\r
+ {\r
+ phpCAS::traceBegin();\r
+ $this->printHTMLHeader('phpCAS callback');\r
+ $pgt_iou = $_GET['pgtIou'];\r
+ $pgt = $_GET['pgtId'];\r
+ phpCAS::trace('Storing PGT `'.$pgt.'\' (id=`'.$pgt_iou.'\')');\r
+ echo '<p>Storing PGT `'.$pgt.'\' (id=`'.$pgt_iou.'\').</p>';\r
+ $this->storePGT($pgt,$pgt_iou);\r
+ $this->printHTMLFooter();\r
+ phpCAS::traceExit();\r
+ }\r
+ \r
+ /** @} */\r
+ \r
+ // ########################################################################\r
+ // PGT STORAGE\r
+ // ########################################################################\r
+ /**\r
+ * @addtogroup internalPGTStorage\r
+ * @{\r
+ */ \r
+ \r
+ /**\r
+ * an instance of a class inheriting of PGTStorage, used to deal with PGT\r
+ * storage. Created by CASClient::setPGTStorageFile() or CASClient::setPGTStorageDB(), used \r
+ * by CASClient::setPGTStorageFile(), CASClient::setPGTStorageDB() and CASClient::initPGTStorage().\r
+ *\r
+ * @hideinitializer\r
+ * @private\r
+ */\r
+ var $_pgt_storage = null;\r
+ \r
+ /**\r
+ * This method is used to initialize the storage of PGT's.\r
+ * Halts on error.\r
+ *\r
+ * @private\r
+ */\r
+ function initPGTStorage()\r
+ {\r
+ // if no SetPGTStorageXxx() has been used, default to file\r
+ if ( !is_object($this->_pgt_storage) ) {\r
+ $this->setPGTStorageFile();\r
+ }\r
+ \r
+ // initializes the storage\r
+ $this->_pgt_storage->init();\r
+ }\r
+ \r
+ /**\r
+ * This method stores a PGT. Halts on error.\r
+ *\r
+ * @param $pgt the PGT to store\r
+ * @param $pgt_iou its corresponding Iou\r
+ *\r
+ * @private\r
+ */\r
+ function storePGT($pgt,$pgt_iou)\r
+ {\r
+ // ensure that storage is initialized\r
+ $this->initPGTStorage();\r
+ // writes the PGT\r
+ $this->_pgt_storage->write($pgt,$pgt_iou);\r
+ }\r
+ \r
+ /**\r
+ * This method reads a PGT from its Iou and deletes the corresponding storage entry.\r
+ *\r
+ * @param $pgt_iou the PGT Iou\r
+ *\r
+ * @return The PGT corresponding to the Iou, FALSE when not found.\r
+ *\r
+ * @private\r
+ */\r
+ function loadPGT($pgt_iou)\r
+ {\r
+ // ensure that storage is initialized\r
+ $this->initPGTStorage();\r
+ // read the PGT\r
+ return $this->_pgt_storage->read($pgt_iou);\r
+ }\r
+ \r
+ /**\r
+ * This method is used to tell phpCAS to store the response of the\r
+ * CAS server to PGT requests onto the filesystem. \r
+ *\r
+ * @param $format the format used to store the PGT's (`plain' and `xml' allowed)\r
+ * @param $path the path where the PGT's should be stored\r
+ *\r
+ * @public\r
+ */\r
+ function setPGTStorageFile($format='',\r
+ $path='')\r
+ {\r
+ // check that the storage has not already been set\r
+ if ( is_object($this->_pgt_storage) ) {\r
+ phpCAS::error('PGT storage already defined');\r
+ }\r
+ \r
+ // create the storage object\r
+ $this->_pgt_storage = &new PGTStorageFile($this,$format,$path);\r
+ }\r
+ \r
+ /**\r
+ * This method is used to tell phpCAS to store the response of the\r
+ * CAS server to PGT requests into a database. \r
+ * @note The connection to the database is done only when needed. \r
+ * As a consequence, bad parameters are detected only when \r
+ * initializing PGT storage.\r
+ *\r
+ * @param $user the user to access the data with\r
+ * @param $password the user's password\r
+ * @param $database_type the type of the database hosting the data\r
+ * @param $hostname the server hosting the database\r
+ * @param $port the port the server is listening on\r
+ * @param $database the name of the database\r
+ * @param $table the name of the table storing the data\r
+ *\r
+ * @public\r
+ */\r
+ function setPGTStorageDB($user,\r
+ $password,\r
+ $database_type,\r
+ $hostname,\r
+ $port,\r
+ $database,\r
+ $table)\r
+ {\r
+ // check that the storage has not already been set\r
+ if ( is_object($this->_pgt_storage) ) {\r
+ phpCAS::error('PGT storage already defined');\r
+ }\r
+ \r
+ // warn the user that he should use file storage...\r
+ trigger_error('PGT storage into database is an experimental feature, use at your own risk',E_USER_WARNING);\r
+ \r
+ // create the storage object\r
+ $this->_pgt_storage = & new PGTStorageDB($this,$user,$password,$database_type,$hostname,$port,$database,$table);\r
+ }\r
+ \r
+ // ########################################################################\r
+ // PGT VALIDATION\r
+ // ########################################################################\r
+ /**\r
+ * This method is used to validate a PGT; halt on failure.\r
+ * \r
+ * @param $validate_url the URL of the request to the CAS server.\r
+ * @param $text_response the response of the CAS server, as is (XML text); result\r
+ * of CASClient::validateST() or CASClient::validatePT().\r
+ * @param $tree_response the response of the CAS server, as a DOM XML tree; result\r
+ * of CASClient::validateST() or CASClient::validatePT().\r
+ *\r
+ * @return bool TRUE when successfull, halt otherwise by calling CASClient::authError().\r
+ *\r
+ * @private\r
+ */\r
+ function validatePGT(&$validate_url,$text_response,$tree_response)\r
+ {\r
+ phpCAS::traceBegin();\r
+ if ( sizeof($arr = $tree_response->get_elements_by_tagname("proxyGrantingTicket")) == 0) {\r
+ phpCAS::trace('<proxyGrantingTicket> not found');\r
+ // authentication succeded, but no PGT Iou was transmitted\r
+ $this->authError('Ticket validated but no PGT Iou transmitted',\r
+ $validate_url,\r
+ FALSE/*$no_response*/,\r
+ FALSE/*$bad_response*/,\r
+ $text_response);\r
+ } else {\r
+ // PGT Iou transmitted, extract it\r
+ $pgt_iou = trim($arr[0]->get_content());\r
+ $pgt = $this->loadPGT($pgt_iou);\r
+ if ( $pgt == FALSE ) {\r
+ phpCAS::trace('could not load PGT');\r
+ $this->authError('PGT Iou was transmitted but PGT could not be retrieved',\r
+ $validate_url,\r
+ FALSE/*$no_response*/,\r
+ FALSE/*$bad_response*/,\r
+ $text_response);\r
+ }\r
+ $this->setPGT($pgt);\r
+ }\r
+ phpCAS::traceEnd(TRUE);\r
+ return TRUE;\r
+ }\r
+ \r
+ // ########################################################################\r
+ // PGT VALIDATION\r
+ // ########################################################################\r
+ \r
+ /**\r
+ * This method is used to retrieve PT's from the CAS server thanks to a PGT.\r
+ * \r
+ * @param $target_service the service to ask for with the PT.\r
+ * @param $err_code an error code (PHPCAS_SERVICE_OK on success).\r
+ * @param $err_msg an error message (empty on success).\r
+ *\r
+ * @return a Proxy Ticket, or FALSE on error.\r
+ *\r
+ * @private\r
+ */\r
+ function retrievePT($target_service,&$err_code,&$err_msg)\r
+ {\r
+ phpCAS::traceBegin();\r
+ \r
+ // by default, $err_msg is set empty and $pt to TRUE. On error, $pt is\r
+ // set to false and $err_msg to an error message. At the end, if $pt is FALSE \r
+ // and $error_msg is still empty, it is set to 'invalid response' (the most\r
+ // commonly encountered error).\r
+ $err_msg = '';\r
+ \r
+ // build the URL to retrieve the PT\r
+ // $cas_url = $this->getServerProxyURL().'?targetService='.preg_replace('/&/','%26',$target_service).'&pgt='.$this->getPGT();\r
+ $cas_url = $this->getServerProxyURL().'?targetService='.urlencode($target_service).'&pgt='.$this->getPGT();\r
+ \r
+ // open and read the URL\r
+ if ( !$this->readURL($cas_url,''/*cookies*/,$headers,$cas_response,$err_msg) ) {\r
+ phpCAS::trace('could not open URL \''.$cas_url.'\' to validate ('.$err_msg.')');\r
+ $err_code = PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE;\r
+ $err_msg = 'could not retrieve PT (no response from the CAS server)';\r
+ phpCAS::traceEnd(FALSE);\r
+ return FALSE;\r
+ }\r
+ \r
+ $bad_response = FALSE;\r
+ \r
+ if ( !$bad_response ) {\r
+ // read the response of the CAS server into a DOM object\r
+ if ( !($dom = @domxml_open_mem($cas_response))) {\r
+ phpCAS::trace('domxml_open_mem() failed');\r
+ // read failed\r
+ $bad_response = TRUE;\r
+ } \r
+ }\r
+ \r
+ if ( !$bad_response ) {\r
+ // read the root node of the XML tree\r
+ if ( !($root = $dom->document_element()) ) {\r
+ phpCAS::trace('document_element() failed');\r
+ // read failed\r
+ $bad_response = TRUE;\r
+ } \r
+ }\r
+ \r
+ if ( !$bad_response ) {\r
+ // insure that tag name is 'serviceResponse'\r
+ if ( $root->node_name() != 'serviceResponse' ) {\r
+ phpCAS::trace('node_name() failed');\r
+ // bad root node\r
+ $bad_response = TRUE;\r
+ } \r
+ }\r
+ \r
+ if ( !$bad_response ) {\r
+ // look for a proxySuccess tag\r
+ if ( sizeof($arr = $root->get_elements_by_tagname("proxySuccess")) != 0) {\r
+ // authentication succeded, look for a proxyTicket tag\r
+ if ( sizeof($arr = $root->get_elements_by_tagname("proxyTicket")) != 0) {\r
+ $err_code = PHPCAS_SERVICE_OK;\r
+ $err_msg = '';\r
+ phpCAS::trace('original PT: '.trim($arr[0]->get_content()));\r
+ $pt = trim($arr[0]->get_content());\r
+ phpCAS::traceEnd($pt);\r
+ return $pt;\r
+ } else {\r
+ phpCAS::trace('<proxySuccess> was found, but not <proxyTicket>');\r
+ }\r
+ } \r
+ // look for a proxyFailure tag\r
+ else if ( sizeof($arr = $root->get_elements_by_tagname("proxyFailure")) != 0) {\r
+ // authentication failed, extract the error\r
+ $err_code = PHPCAS_SERVICE_PT_FAILURE;\r
+ $err_msg = 'PT retrieving failed (code=`'\r
+ .$arr[0]->get_attribute('code')\r
+ .'\', message=`'\r
+ .trim($arr[0]->get_content())\r
+ .'\')';\r
+ phpCAS::traceEnd(FALSE);\r
+ return FALSE;\r
+ } else {\r
+ phpCAS::trace('neither <proxySuccess> nor <proxyFailure> found');\r
+ }\r
+ }\r
+ \r
+ // at this step, we are sure that the response of the CAS server was ill-formed\r
+ $err_code = PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE;\r
+ $err_msg = 'Invalid response from the CAS server (response=`'.$cas_response.'\')';\r
+ \r
+ phpCAS::traceEnd(FALSE);\r
+ return FALSE;\r
+ }\r
+ \r
+ // ########################################################################\r
+ // ACCESS TO EXTERNAL SERVICES\r
+ // ########################################################################\r
+ \r
+ /**\r
+ * This method is used to acces a remote URL.\r
+ *\r
+ * @param $url the URL to access.\r
+ * @param $cookies an array containing cookies strings such as 'name=val'\r
+ * @param $headers an array containing the HTTP header lines of the response\r
+ * (an empty array on failure).\r
+ * @param $body the body of the response, as a string (empty on failure).\r
+ * @param $err_msg an error message, filled on failure.\r
+ *\r
+ * @return TRUE on success, FALSE otherwise (in this later case, $err_msg\r
+ * contains an error message).\r
+ *\r
+ * @private\r
+ */\r
+ function readURL($url,$cookies,&$headers,&$body,&$err_msg)\r
+ {\r
+ phpCAS::traceBegin();\r
+ $headers = '';\r
+ $body = '';\r
+ $err_msg = '';\r
+ \r
+ $res = TRUE;\r
+ \r
+ // initialize the CURL session\r
+ $ch = curl_init($url);\r
+ \r
+ if (version_compare(PHP_VERSION,'5.1.3','>=')) {\r
+ //only avaible in php5\r
+ curl_setopt_array($ch, $this->_curl_options);\r
+ } else {\r
+ foreach ($this->_curl_options as $key => $value) {\r
+ curl_setopt($ch, $key, $value);\r
+ }\r
+ }\r
+\r
+ if ($this->_cas_server_cert == '' && $this->_cas_server_ca_cert == '' && !$this->_no_cas_server_validation) {\r
+ phpCAS::error('one of the methods phpCAS::setCasServerCert(), phpCAS::setCasServerCACert() or phpCAS::setNoCasServerValidation() must be called.');\r
+ }\r
+ if ($this->_cas_server_cert != '' ) {\r
+ curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);\r
+ curl_setopt($ch, CURLOPT_SSLCERT, $this->_cas_server_cert);\r
+ } else if ($this->_cas_server_ca_cert != '') {\r
+ curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);\r
+ curl_setopt($ch, CURLOPT_CAINFO, $this->_cas_server_ca_cert);\r
+ } else {\r
+ curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 1);\r
+ curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);\r
+ }\r
+ \r
+ // return the CURL output into a variable\r
+ curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);\r
+ // get the HTTP header with a callback\r
+ $this->_curl_headers = array(); // empty the headers array\r
+ curl_setopt($ch, CURLOPT_HEADERFUNCTION, array($this, '_curl_read_headers'));\r
+ // add cookies headers\r
+ if ( is_array($cookies) ) {\r
+ curl_setopt($ch,CURLOPT_COOKIE,implode(';',$cookies));\r
+ }\r
+ // perform the query\r
+ $buf = curl_exec ($ch);\r
+ if ( $buf === FALSE ) {\r
+ phpCAS::trace('curl_exec() failed');\r
+ $err_msg = 'CURL error #'.curl_errno($ch).': '.curl_error($ch);\r
+ // close the CURL session\r
+ curl_close ($ch);\r
+ $res = FALSE;\r
+ } else {\r
+ // close the CURL session\r
+ curl_close ($ch);\r
+ \r
+ $headers = $this->_curl_headers;\r
+ $body = $buf;\r
+ }\r
+ \r
+ phpCAS::traceEnd($res);\r
+ return $res;\r
+ }\r
+ \r
+ /**\r
+ * This method is the callback used by readURL method to request HTTP headers.\r
+ */\r
+ var $_curl_headers = array();\r
+ function _curl_read_headers($ch, $header)\r
+ {\r
+ $this->_curl_headers[] = $header;\r
+ return strlen($header);\r
+ }\r
+\r
+ /**\r
+ * This method is used to access an HTTP[S] service.\r
+ * \r
+ * @param $url the service to access.\r
+ * @param $err_code an error code Possible values are PHPCAS_SERVICE_OK (on\r
+ * success), PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE, PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE,\r
+ * PHPCAS_SERVICE_PT_FAILURE, PHPCAS_SERVICE_NOT AVAILABLE.\r
+ * @param $output the output of the service (also used to give an error\r
+ * message on failure).\r
+ *\r
+ * @return TRUE on success, FALSE otherwise (in this later case, $err_code\r
+ * gives the reason why it failed and $output contains an error message).\r
+ *\r
+ * @public\r
+ */\r
+ function serviceWeb($url,&$err_code,&$output)\r
+ {\r
+ phpCAS::traceBegin();\r
+ // at first retrieve a PT\r
+ $pt = $this->retrievePT($url,$err_code,$output);\r
+ \r
+ $res = TRUE;\r
+ \r
+ // test if PT was retrieved correctly\r
+ if ( !$pt ) {\r
+ // note: $err_code and $err_msg are filled by CASClient::retrievePT()\r
+ phpCAS::trace('PT was not retrieved correctly');\r
+ $res = FALSE;\r
+ } else {\r
+ // add cookies if necessary\r
+ if ( is_array($_SESSION['phpCAS']['services'][$url]['cookies']) ) {\r
+ foreach ( $_SESSION['phpCAS']['services'][$url]['cookies'] as $name => $val ) { \r
+ $cookies[] = $name.'='.$val;\r
+ }\r
+ }\r
+ \r
+ // build the URL including the PT\r
+ if ( strstr($url,'?') === FALSE ) {\r
+ $service_url = $url.'?ticket='.$pt;\r
+ } else {\r
+ $service_url = $url.'&ticket='.$pt;\r
+ }\r
+ \r
+ phpCAS::trace('reading URL`'.$service_url.'\'');\r
+ if ( !$this->readURL($service_url,$cookies,$headers,$output,$err_msg) ) {\r
+ phpCAS::trace('could not read URL`'.$service_url.'\'');\r
+ $err_code = PHPCAS_SERVICE_NOT_AVAILABLE;\r
+ // give an error message\r
+ $output = sprintf($this->getString(CAS_STR_SERVICE_UNAVAILABLE),\r
+ $service_url,\r
+ $err_msg);\r
+ $res = FALSE;\r
+ } else {\r
+ // URL has been fetched, extract the cookies\r
+ phpCAS::trace('URL`'.$service_url.'\' has been read, storing cookies:');\r
+ foreach ( $headers as $header ) {\r
+ // test if the header is a cookie\r
+ if ( preg_match('/^Set-Cookie:/',$header) ) {\r
+ // the header is a cookie, remove the beginning\r
+ $header_val = preg_replace('/^Set-Cookie: */','',$header);\r
+ // extract interesting information\r
+ $name_val = strtok($header_val,'; ');\r
+ // extract the name and the value of the cookie\r
+ $cookie_name = strtok($name_val,'=');\r
+ $cookie_val = strtok('=');\r
+ // store the cookie \r
+ $_SESSION['phpCAS']['services'][$url]['cookies'][$cookie_name] = $cookie_val;\r
+ phpCAS::trace($cookie_name.' -> '.$cookie_val);\r
+ }\r
+ }\r
+ }\r
+ }\r
+ \r
+ phpCAS::traceEnd($res);\r
+ return $res;\r
+ }\r
+ \r
+ /**\r
+ * This method is used to access an IMAP/POP3/NNTP service.\r
+ * \r
+ * @param $url a string giving the URL of the service, including the mailing box\r
+ * for IMAP URLs, as accepted by imap_open().\r
+ * @param $flags options given to imap_open().\r
+ * @param $err_code an error code Possible values are PHPCAS_SERVICE_OK (on\r
+ * success), PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE, PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE,\r
+ * PHPCAS_SERVICE_PT_FAILURE, PHPCAS_SERVICE_NOT AVAILABLE.\r
+ * @param $err_msg an error message on failure\r
+ * @param $pt the Proxy Ticket (PT) retrieved from the CAS server to access the URL\r
+ * on success, FALSE on error).\r
+ *\r
+ * @return an IMAP stream on success, FALSE otherwise (in this later case, $err_code\r
+ * gives the reason why it failed and $err_msg contains an error message).\r
+ *\r
+ * @public\r
+ */\r
+ function serviceMail($url,$flags,&$err_code,&$err_msg,&$pt)\r
+ {\r
+ phpCAS::traceBegin();\r
+ // at first retrieve a PT\r
+ $pt = $this->retrievePT($target_service,$err_code,$output);\r
+ \r
+ $stream = FALSE;\r
+ \r
+ // test if PT was retrieved correctly\r
+ if ( !$pt ) {\r
+ // note: $err_code and $err_msg are filled by CASClient::retrievePT()\r
+ phpCAS::trace('PT was not retrieved correctly');\r
+ } else {\r
+ phpCAS::trace('opening IMAP URL `'.$url.'\'...');\r
+ $stream = @imap_open($url,$this->getUser(),$pt,$flags);\r
+ if ( !$stream ) {\r
+ phpCAS::trace('could not open URL');\r
+ $err_code = PHPCAS_SERVICE_NOT_AVAILABLE;\r
+ // give an error message\r
+ $err_msg = sprintf($this->getString(CAS_STR_SERVICE_UNAVAILABLE),\r
+ $service_url,\r
+ var_export(imap_errors(),TRUE));\r
+ $pt = FALSE;\r
+ $stream = FALSE;\r
+ } else {\r
+ phpCAS::trace('ok');\r
+ }\r
+ }\r
+ \r
+ phpCAS::traceEnd($stream);\r
+ return $stream;\r
+ }\r
+ \r
+ /** @} */\r
+ \r
+ // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX\r
+ // XX XX\r
+ // XX PROXIED CLIENT FEATURES (CAS 2.0) XX\r
+ // XX XX\r
+ // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX\r
+ \r
+ // ########################################################################\r
+ // PT\r
+ // ########################################################################\r
+ /**\r
+ * @addtogroup internalProxied\r
+ * @{\r
+ */ \r
+ \r
+ /**\r
+ * the Proxy Ticket provided in the URL of the request if present\r
+ * (empty otherwise). Written by CASClient::CASClient(), read by \r
+ * CASClient::getPT() and CASClient::hasPGT().\r
+ *\r
+ * @hideinitializer\r
+ * @private\r
+ */\r
+ var $_pt = '';\r
+ \r
+ /**\r
+ * This method returns the Proxy Ticket provided in the URL of the request.\r
+ * @return The proxy ticket.\r
+ * @private\r
+ */\r
+ function getPT()\r
+ {\r
+ // return 'ST'.substr($this->_pt, 2);\r
+ return $this->_pt;\r
+ }\r
+ \r
+ /**\r
+ * This method stores the Proxy Ticket.\r
+ * @param $pt The Proxy Ticket.\r
+ * @private\r
+ */\r
+ function setPT($pt)\r
+ { $this->_pt = $pt; }\r
+ \r
+ /**\r
+ * This method tells if a Proxy Ticket was stored.\r
+ * @return TRUE if a Proxy Ticket has been stored.\r
+ * @private\r
+ */\r
+ function hasPT()\r
+ { return !empty($this->_pt); }\r
+ \r
+ /** @} */\r
+ // ########################################################################\r
+ // PT VALIDATION\r
+ // ########################################################################\r
+ /**\r
+ * @addtogroup internalProxied\r
+ * @{\r
+ */ \r
+ \r
+ /**\r
+ * This method is used to validate a PT; halt on failure\r
+ * \r
+ * @return bool TRUE when successfull, halt otherwise by calling CASClient::authError().\r
+ *\r
+ * @private\r
+ */\r
+ function validatePT(&$validate_url,&$text_response,&$tree_response)\r
+ {\r
+ phpCAS::traceBegin();\r
+ // build the URL to validate the ticket\r
+ $validate_url = $this->getServerProxyValidateURL().'&ticket='.$this->getPT();\r
+ \r
+ if ( $this->isProxy() ) {\r
+ // pass the callback url for CAS proxies\r
+ $validate_url .= '&pgtUrl='.$this->getCallbackURL();\r
+ }\r
+ \r
+ // open and read the URL\r
+ if ( !$this->readURL($validate_url,''/*cookies*/,$headers,$text_response,$err_msg) ) {\r
+ phpCAS::trace('could not open URL \''.$validate_url.'\' to validate ('.$err_msg.')');\r
+ $this->authError('PT not validated',\r
+ $validate_url,\r
+ TRUE/*$no_response*/);\r
+ }\r
+ \r
+ // read the response of the CAS server into a DOM object\r
+ if ( !($dom = domxml_open_mem($text_response))) {\r
+ // read failed\r
+ $this->authError('PT not validated',\r
+ $validate_url,\r
+ FALSE/*$no_response*/,\r
+ TRUE/*$bad_response*/,\r
+ $text_response);\r
+ }\r
+ // read the root node of the XML tree\r
+ if ( !($tree_response = $dom->document_element()) ) {\r
+ // read failed\r
+ $this->authError('PT not validated',\r
+ $validate_url,\r
+ FALSE/*$no_response*/,\r
+ TRUE/*$bad_response*/,\r
+ $text_response);\r
+ }\r
+ // insure that tag name is 'serviceResponse'\r
+ if ( $tree_response->node_name() != 'serviceResponse' ) {\r
+ // bad root node\r
+ $this->authError('PT not validated',\r
+ $validate_url,\r
+ FALSE/*$no_response*/,\r
+ TRUE/*$bad_response*/,\r
+ $text_response);\r
+ }\r
+ if ( sizeof($arr = $tree_response->get_elements_by_tagname("authenticationSuccess")) != 0) {\r
+ // authentication succeded, extract the user name\r
+ if ( sizeof($arr = $tree_response->get_elements_by_tagname("user")) == 0) {\r
+ // no user specified => error\r
+ $this->authError('PT not validated',\r
+ $validate_url,\r
+ FALSE/*$no_response*/,\r
+ TRUE/*$bad_response*/,\r
+ $text_response);\r
+ }\r
+ $this->setUser(trim($arr[0]->get_content()));\r
+ \r
+ } else if ( sizeof($arr = $tree_response->get_elements_by_tagname("authenticationFailure")) != 0) {\r
+ // authentication succeded, extract the error code and message\r
+ $this->authError('PT not validated',\r
+ $validate_url,\r
+ FALSE/*$no_response*/,\r
+ FALSE/*$bad_response*/,\r
+ $text_response,\r
+ $arr[0]->get_attribute('code')/*$err_code*/,\r
+ trim($arr[0]->get_content())/*$err_msg*/);\r
+ } else {\r
+ $this->authError('PT not validated',\r
+ $validate_url, \r
+ FALSE/*$no_response*/,\r
+ TRUE/*$bad_response*/,\r
+ $text_response);\r
+ }\r
+ \r
+ // at this step, PT has been validated and $this->_user has been set,\r
+ \r
+ phpCAS::traceEnd(TRUE);\r
+ return TRUE;\r
+ }\r
+ \r
+ /** @} */\r
+ \r
+ // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX\r
+ // XX XX\r
+ // XX MISC XX\r
+ // XX XX\r
+ // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX\r
+ \r
+ /**\r
+ * @addtogroup internalMisc\r
+ * @{\r
+ */ \r
+ \r
+ // ########################################################################\r
+ // URL\r
+ // ########################################################################\r
+ /**\r
+ * the URL of the current request (without any ticket CGI parameter). Written \r
+ * and read by CASClient::getURL().\r
+ *\r
+ * @hideinitializer\r
+ * @private\r
+ */\r
+ var $_url = '';\r
+ \r
+ /**\r
+ * This method returns the URL of the current request (without any ticket\r
+ * CGI parameter).\r
+ *\r
+ * @return The URL\r
+ *\r
+ * @private\r
+ */\r
+ function getURL()\r
+ {\r
+ phpCAS::traceBegin();\r
+ // the URL is built when needed only\r
+ if ( empty($this->_url) ) {\r
+ $final_uri = '';\r
+ // remove the ticket if present in the URL\r
+ $final_uri = ($this->isHttps()) ? 'https' : 'http';\r
+ $final_uri .= '://';\r
+ /* replaced by Julien Marchal - v0.4.6\r
+ * $this->_url .= $_SERVER['SERVER_NAME'];\r
+ */\r
+ if(empty($_SERVER['HTTP_X_FORWARDED_SERVER'])){\r
+ /* replaced by teedog - v0.4.12\r
+ * $this->_url .= $_SERVER['SERVER_NAME'];\r
+ */\r
+ if (empty($_SERVER['SERVER_NAME'])) {\r
+ $server_name = $_SERVER['HTTP_HOST'];\r
+ } else {\r
+ $server_name = $_SERVER['SERVER_NAME'];\r
+ }\r
+ } else {\r
+ $server_name = $_SERVER['HTTP_X_FORWARDED_SERVER'];\r
+ }\r
+ $final_uri .= $server_name;\r
+ if (!strpos($server_name, ':')) {\r
+ if ( ($this->isHttps() && $_SERVER['SERVER_PORT']!=443)\r
+ || (!$this->isHttps() && $_SERVER['SERVER_PORT']!=80) ) {\r
+ $final_uri .= ':';\r
+ $final_uri .= $_SERVER['SERVER_PORT'];\r
+ }\r
+ }\r
+ \r
+ $final_uri .= strtok($_SERVER['REQUEST_URI'],"?");\r
+ $cgi_params = '?'.strtok("?");\r
+ // remove the ticket if present in the CGI parameters\r
+ $cgi_params = preg_replace('/&ticket=[^&]*/','',$cgi_params);\r
+ $cgi_params = preg_replace('/\?ticket=[^&;]*/','?',$cgi_params);\r
+ $cgi_params = preg_replace('/\?%26/','?',$cgi_params);\r
+ $cgi_params = preg_replace('/\?&/','?',$cgi_params);\r
+ $cgi_params = preg_replace('/\?$/','',$cgi_params);\r
+ $final_uri .= $cgi_params;\r
+ $this->setURL($final_uri);\r
+ }\r
+ phpCAS::traceEnd($this->_url);\r
+ return $this->_url;\r
+ }\r
+ \r
+ /**\r
+ * This method sets the URL of the current request \r
+ *\r
+ * @param $url url to set for service\r
+ *\r
+ * @private\r
+ */\r
+ function setURL($url)\r
+ {\r
+ $this->_url = $url;\r
+ }\r
+ \r
+ // ########################################################################\r
+ // AUTHENTICATION ERROR HANDLING\r
+ // ########################################################################\r
+ /**\r
+ * This method is used to print the HTML output when the user was not authenticated.\r
+ *\r
+ * @param $failure the failure that occured\r
+ * @param $cas_url the URL the CAS server was asked for\r
+ * @param $no_response the response from the CAS server (other \r
+ * parameters are ignored if TRUE)\r
+ * @param $bad_response bad response from the CAS server ($err_code\r
+ * and $err_msg ignored if TRUE)\r
+ * @param $cas_response the response of the CAS server\r
+ * @param $err_code the error code given by the CAS server\r
+ * @param $err_msg the error message given by the CAS server\r
+ *\r
+ * @private\r
+ */\r
+ function authError($failure,$cas_url,$no_response,$bad_response='',$cas_response='',$err_code='',$err_msg='')\r
+ {\r
+ phpCAS::traceBegin();\r
+ \r
+ $this->printHTMLHeader($this->getString(CAS_STR_AUTHENTICATION_FAILED));\r
+ printf($this->getString(CAS_STR_YOU_WERE_NOT_AUTHENTICATED),$this->getURL(),$_SERVER['SERVER_ADMIN']);\r
+ phpCAS::trace('CAS URL: '.$cas_url);\r
+ phpCAS::trace('Authentication failure: '.$failure);\r
+ if ( $no_response ) {\r
+ phpCAS::trace('Reason: no response from the CAS server');\r
+ } else {\r
+ if ( $bad_response ) {\r
+ phpCAS::trace('Reason: bad response from the CAS server');\r
+ } else {\r
+ switch ($this->getServerVersion()) {\r
+ case CAS_VERSION_1_0:\r
+ phpCAS::trace('Reason: CAS error');\r
+ break;\r
+ case CAS_VERSION_2_0:\r
+ if ( empty($err_code) )\r
+ phpCAS::trace('Reason: no CAS error');\r
+ else\r
+ phpCAS::trace('Reason: ['.$err_code.'] CAS error: '.$err_msg);\r
+ break;\r
+ }\r
+ }\r
+ phpCAS::trace('CAS response: '.$cas_response);\r
+ }\r
+ $this->printHTMLFooter();\r
+ phpCAS::traceExit();\r
+ exit();\r
+ }\r
+ \r
+ /** @} */\r
+}\r
+\r
+?>
\ No newline at end of file
--- /dev/null
+<?php\r
+/**\r
+ * @file domxml-php4-php5.php\r
+ * Require PHP5, uses built-in DOM extension.\r
+ * To be used in PHP4 scripts using DOMXML extension.\r
+ * Allows PHP4/DOMXML scripts to run on PHP5/DOM.\r
+ * (Requires PHP5/XSL extension for domxml_xslt functions)\r
+ *\r
+ * Typical use:\r
+ * <pre>\r
+ * {\r
+ * if (version_compare(PHP_VERSION,'5','>='))\r
+ * require_once('domxml-php4-to-php5.php');\r
+ * }\r
+ * </pre>\r
+ *\r
+ * Version 1.5.5, 2005-01-18, http://alexandre.alapetite.net/doc-alex/domxml-php4-php5/\r
+ *\r
+ * ------------------------------------------------------------------<br>\r
+ * Written by Alexandre Alapetite, http://alexandre.alapetite.net/cv/\r
+ *\r
+ * Copyright 2004, Licence: Creative Commons "Attribution-ShareAlike 2.0 France" BY-SA (FR),\r
+ * http://creativecommons.org/licenses/by-sa/2.0/fr/\r
+ * http://alexandre.alapetite.net/divers/apropos/#by-sa\r
+ * - Attribution. You must give the original author credit\r
+ * - Share Alike. If you alter, transform, or build upon this work,\r
+ * you may distribute the resulting work only under a license identical to this one\r
+ * - The French law is authoritative\r
+ * - Any of these conditions can be waived if you get permission from Alexandre Alapetite\r
+ * - Please send to Alexandre Alapetite the modifications you make,\r
+ * in order to improve this file for the benefit of everybody\r
+ *\r
+ * If you want to distribute this code, please do it as a link to:\r
+ * http://alexandre.alapetite.net/doc-alex/domxml-php4-php5/\r
+ */\r
+\r
+function domxml_new_doc($version) {return new php4DOMDocument('');}\r
+function domxml_open_file($filename) {return new php4DOMDocument($filename);}\r
+function domxml_open_mem($str)\r
+{\r
+ $dom=new php4DOMDocument('');\r
+ $dom->myDOMNode->loadXML($str);\r
+ return $dom;\r
+}\r
+function xpath_eval($xpath_context,$eval_str,$contextnode=null) {return $xpath_context->query($eval_str,$contextnode);}\r
+function xpath_new_context($dom_document) {return new php4DOMXPath($dom_document);}\r
+\r
+class php4DOMAttr extends php4DOMNode\r
+{\r
+ function php4DOMAttr($aDOMAttr) {$this->myDOMNode=$aDOMAttr;}\r
+ function Name() {return $this->myDOMNode->name;}\r
+ function Specified() {return $this->myDOMNode->specified;}\r
+ function Value() {return $this->myDOMNode->value;}\r
+}\r
+\r
+class php4DOMDocument extends php4DOMNode\r
+{\r
+ function php4DOMDocument($filename='')\r
+ {\r
+ $this->myDOMNode=new DOMDocument();\r
+ if ($filename!='') $this->myDOMNode->load($filename);\r
+ }\r
+ function create_attribute($name,$value)\r
+ {\r
+ $myAttr=$this->myDOMNode->createAttribute($name);\r
+ $myAttr->value=$value;\r
+ return new php4DOMAttr($myAttr,$this);\r
+ }\r
+ function create_cdata_section($content) {return new php4DOMNode($this->myDOMNode->createCDATASection($content),$this);}\r
+ function create_comment($data) {return new php4DOMNode($this->myDOMNode->createComment($data),$this);}\r
+ function create_element($name) {return new php4DOMElement($this->myDOMNode->createElement($name),$this);}\r
+ function create_text_node($content) {return new php4DOMNode($this->myDOMNode->createTextNode($content),$this);}\r
+ function document_element() {return new php4DOMElement($this->myDOMNode->documentElement,$this);}\r
+ function dump_file($filename,$compressionmode=false,$format=false) {return $this->myDOMNode->save($filename);}\r
+ function dump_mem($format=false,$encoding=false) {return $this->myDOMNode->saveXML();}\r
+ function get_element_by_id($id) {return new php4DOMElement($this->myDOMNode->getElementById($id),$this);}\r
+ function get_elements_by_tagname($name)\r
+ {\r
+ $myDOMNodeList=$this->myDOMNode->getElementsByTagName($name);\r
+ $nodeSet=array();\r
+ $i=0;\r
+ if (isset($myDOMNodeList))\r
+ while ($node=$myDOMNodeList->item($i))\r
+ {\r
+ $nodeSet[]=new php4DOMElement($node,$this);\r
+ $i++;\r
+ }\r
+ return $nodeSet;\r
+ }\r
+ function html_dump_mem() {return $this->myDOMNode->saveHTML();}\r
+ function root() {return new php4DOMElement($this->myDOMNode->documentElement,$this);}\r
+}\r
+\r
+class php4DOMElement extends php4DOMNode\r
+{\r
+ function get_attribute($name) {return $this->myDOMNode->getAttribute($name);}\r
+ function get_elements_by_tagname($name)\r
+ {\r
+ $myDOMNodeList=$this->myDOMNode->getElementsByTagName($name);\r
+ $nodeSet=array();\r
+ $i=0;\r
+ if (isset($myDOMNodeList))\r
+ while ($node=$myDOMNodeList->item($i))\r
+ {\r
+ $nodeSet[]=new php4DOMElement($node,$this->myOwnerDocument);\r
+ $i++;\r
+ }\r
+ return $nodeSet;\r
+ }\r
+ function has_attribute($name) {return $this->myDOMNode->hasAttribute($name);}\r
+ function remove_attribute($name) {return $this->myDOMNode->removeAttribute($name);}\r
+ function set_attribute($name,$value) {return $this->myDOMNode->setAttribute($name,$value);}\r
+ function tagname() {return $this->myDOMNode->tagName;}\r
+}\r
+\r
+class php4DOMNode\r
+{\r
+ var $myDOMNode;\r
+ var $myOwnerDocument;\r
+ function php4DOMNode($aDomNode,$aOwnerDocument)\r
+ {\r
+ $this->myDOMNode=$aDomNode;\r
+ $this->myOwnerDocument=$aOwnerDocument;\r
+ }\r
+ function __get($name)\r
+ {\r
+ if ($name=='type') return $this->myDOMNode->nodeType;\r
+ elseif ($name=='tagname') return $this->myDOMNode->tagName;\r
+ elseif ($name=='content') return $this->myDOMNode->textContent;\r
+ else\r
+ {\r
+ $myErrors=debug_backtrace();\r
+ trigger_error('Undefined property: '.get_class($this).'::$'.$name.' ['.$myErrors[0]['file'].':'.$myErrors[0]['line'].']',E_USER_NOTICE);\r
+ return false;\r
+ }\r
+ }\r
+ function append_child($newnode) {return new php4DOMElement($this->myDOMNode->appendChild($newnode->myDOMNode),$this->myOwnerDocument);}\r
+ function append_sibling($newnode) {return new php4DOMElement($this->myDOMNode->parentNode->appendChild($newnode->myDOMNode),$this->myOwnerDocument);}\r
+ function attributes()\r
+ {\r
+ $myDOMNodeList=$this->myDOMNode->attributes;\r
+ $nodeSet=array();\r
+ $i=0;\r
+ if (isset($myDOMNodeList))\r
+ while ($node=$myDOMNodeList->item($i))\r
+ {\r
+ $nodeSet[]=new php4DOMAttr($node,$this->myOwnerDocument);\r
+ $i++;\r
+ }\r
+ return $nodeSet;\r
+ }\r
+ function child_nodes()\r
+ {\r
+ $myDOMNodeList=$this->myDOMNode->childNodes;\r
+ $nodeSet=array();\r
+ $i=0;\r
+ if (isset($myDOMNodeList))\r
+ while ($node=$myDOMNodeList->item($i))\r
+ {\r
+ $nodeSet[]=new php4DOMElement($node,$this->myOwnerDocument);\r
+ $i++;\r
+ }\r
+ return $nodeSet;\r
+ }\r
+ function children() {return $this->child_nodes();}\r
+ function clone_node($deep=false) {return new php4DOMElement($this->myDOMNode->cloneNode($deep),$this->myOwnerDocument);}\r
+ function first_child() {return new php4DOMElement($this->myDOMNode->firstChild,$this->myOwnerDocument);}\r
+ function get_content() {return $this->myDOMNode->textContent;}\r
+ function has_attributes() {return $this->myDOMNode->hasAttributes();}\r
+ function has_child_nodes() {return $this->myDOMNode->hasChildNodes();}\r
+ function insert_before($newnode,$refnode) {return new php4DOMElement($this->myDOMNode->insertBefore($newnode->myDOMNode,$refnode->myDOMNode),$this->myOwnerDocument);}\r
+ function is_blank_node()\r
+ {\r
+ $myDOMNodeList=$this->myDOMNode->childNodes;\r
+ $i=0;\r
+ if (isset($myDOMNodeList))\r
+ while ($node=$myDOMNodeList->item($i))\r
+ {\r
+ if (($node->nodeType==XML_ELEMENT_NODE)||\r
+ (($node->nodeType==XML_TEXT_NODE)&&!ereg('^([[:cntrl:]]|[[:space:]])*$',$node->nodeValue)))\r
+ return false;\r
+ $i++;\r
+ }\r
+ return true;\r
+ }\r
+ function last_child() {return new php4DOMElement($this->myDOMNode->lastChild,$this->myOwnerDocument);}\r
+ function new_child($name,$content)\r
+ {\r
+ $mySubNode=$this->myDOMNode->ownerDocument->createElement($name);\r
+ $mySubNode->appendChild($this->myDOMNode->ownerDocument->createTextNode($content));\r
+ $this->myDOMNode->appendChild($mySubNode);\r
+ return new php4DOMElement($mySubNode,$this->myOwnerDocument);\r
+ }\r
+ function next_sibling() {return new php4DOMElement($this->myDOMNode->nextSibling,$this->myOwnerDocument);}\r
+ function node_name() {return $this->myDOMNode->localName;}\r
+ function node_type() {return $this->myDOMNode->nodeType;}\r
+ function node_value() {return $this->myDOMNode->nodeValue;}\r
+ function owner_document() {return $this->myOwnerDocument;}\r
+ function parent_node() {return new php4DOMElement($this->myDOMNode->parentNode,$this->myOwnerDocument);}\r
+ function prefix() {return $this->myDOMNode->prefix;}\r
+ function previous_sibling() {return new php4DOMElement($this->myDOMNode->previousSibling,$this->myOwnerDocument);}\r
+ function remove_child($oldchild) {return new php4DOMElement($this->myDOMNode->removeChild($oldchild->myDOMNode),$this->myOwnerDocument);}\r
+ function replace_child($oldnode,$newnode) {return new php4DOMElement($this->myDOMNode->replaceChild($oldnode->myDOMNode,$newnode->myDOMNode),$this->myOwnerDocument);}\r
+ function set_content($text)\r
+ {\r
+ if (($this->myDOMNode->hasChildNodes())&&($this->myDOMNode->firstChild->nodeType==XML_TEXT_NODE))\r
+ $this->myDOMNode->removeChild($this->myDOMNode->firstChild);\r
+ return $this->myDOMNode->appendChild($this->myDOMNode->ownerDocument->createTextNode($text));\r
+ }\r
+}\r
+\r
+class php4DOMNodelist\r
+{\r
+ var $myDOMNodelist;\r
+ var $nodeset;\r
+ function php4DOMNodelist($aDOMNodelist,$aOwnerDocument)\r
+ {\r
+ $this->myDOMNodelist=$aDOMNodelist;\r
+ $this->nodeset=array();\r
+ $i=0;\r
+ if (isset($this->myDOMNodelist))\r
+ while ($node=$this->myDOMNodelist->item($i))\r
+ {\r
+ $this->nodeset[]=new php4DOMElement($node,$aOwnerDocument);\r
+ $i++;\r
+ }\r
+ }\r
+}\r
+\r
+class php4DOMXPath\r
+{\r
+ var $myDOMXPath;\r
+ var $myOwnerDocument;\r
+ function php4DOMXPath($dom_document)\r
+ {\r
+ $this->myOwnerDocument=$dom_document;\r
+ $this->myDOMXPath=new DOMXPath($dom_document->myDOMNode);\r
+ }\r
+ function query($eval_str,$contextnode)\r
+ {\r
+ if (isset($contextnode)) return new php4DOMNodelist($this->myDOMXPath->query($eval_str,$contextnode->myDOMNode),$this->myOwnerDocument);\r
+ else return new php4DOMNodelist($this->myDOMXPath->query($eval_str),$this->myOwnerDocument);\r
+ }\r
+ function xpath_register_ns($prefix,$namespaceURI) {return $this->myDOMXPath->registerNamespace($prefix,$namespaceURI);}\r
+}\r
+\r
+if (extension_loaded('xsl'))\r
+{//See also: http://alexandre.alapetite.net/doc-alex/xslt-php4-php5/\r
+ function domxml_xslt_stylesheet($xslstring) {return new php4DomXsltStylesheet(DOMDocument::loadXML($xslstring));}\r
+ function domxml_xslt_stylesheet_doc($dom_document) {return new php4DomXsltStylesheet($dom_document);}\r
+ function domxml_xslt_stylesheet_file($xslfile) {return new php4DomXsltStylesheet(DOMDocument::load($xslfile));}\r
+ class php4DomXsltStylesheet\r
+ {\r
+ var $myxsltProcessor;\r
+ function php4DomXsltStylesheet($dom_document)\r
+ {\r
+ $this->myxsltProcessor=new xsltProcessor();\r
+ $this->myxsltProcessor->importStyleSheet($dom_document);\r
+ }\r
+ function process($dom_document,$xslt_parameters=array(),$param_is_xpath=false)\r
+ {\r
+ foreach ($xslt_parameters as $param=>$value)\r
+ $this->myxsltProcessor->setParameter('',$param,$value);\r
+ $myphp4DOMDocument=new php4DOMDocument();\r
+ $myphp4DOMDocument->myDOMNode=$this->myxsltProcessor->transformToDoc($dom_document->myDOMNode);\r
+ return $myphp4DOMDocument;\r
+ }\r
+ function result_dump_file($dom_document,$filename)\r
+ {\r
+ $html=$dom_document->myDOMNode->saveHTML();\r
+ file_put_contents($filename,$html);\r
+ return $html;\r
+ }\r
+ function result_dump_mem($dom_document) {return $dom_document->myDOMNode->saveHTML();}\r
+ }\r
+}\r
+?>
\ No newline at end of file
--- /dev/null
+<?php\r
+\r
+/**\r
+ * @file languages/spanish.php\r
+ * @author Iván-Benjamín García Torà <ivaniclixx AT gmail DOT com>\r
+ * @sa @link internalLang Internationalization @endlink\r
+ * @ingroup internalLang\r
+ */\r
+\r
+$this->_strings = array(\r
+ CAS_STR_USING_SERVER \r
+ => 'usant servidor',\r
+ CAS_STR_AUTHENTICATION_WANTED \r
+ => 'Autentificació CAS necessària!',\r
+ CAS_STR_LOGOUT \r
+ => 'Sortida de CAS necessària!',\r
+ CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED \r
+ => 'Ja hauria d\ haver estat redireccionat al servidor CAS. Feu click <a href="%s">aquí</a> per a continuar.',\r
+ CAS_STR_AUTHENTICATION_FAILED \r
+ => 'Autentificació CAS fallida!',\r
+ CAS_STR_YOU_WERE_NOT_AUTHENTICATED \r
+ => '<p>No estàs autentificat.</p><p>Pots tornar a intentar-ho fent click <a href="%s">aquí</a>.</p><p>Si el problema persisteix hauría de contactar amb l\'<a href="mailto:%s">administrador d\'aquest llocc</a>.</p>',\r
+ CAS_STR_SERVICE_UNAVAILABLE\r
+ => 'El servei `<b>%s</b>\' no està disponible (<b>%s</b>).'\r
+);\r
+\r
+?>\r
--- /dev/null
+<?php\r
+\r
+/**\r
+ * @file languages/english.php\r
+ * @author Pascal Aubry <pascal.aubry at univ-rennes1.fr>\r
+ * @sa @link internalLang Internationalization @endlink\r
+ * @ingroup internalLang\r
+ */\r
+\r
+$this->_strings = array(\r
+ CAS_STR_USING_SERVER \r
+ => 'using server',\r
+ CAS_STR_AUTHENTICATION_WANTED \r
+ => 'CAS Authentication wanted!',\r
+ CAS_STR_LOGOUT \r
+ => 'CAS logout wanted!',\r
+ CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED \r
+ => 'You should already have been redirected to the CAS server. Click <a href="%s">here</a> to continue.',\r
+ CAS_STR_AUTHENTICATION_FAILED \r
+ => 'CAS Authentication failed!',\r
+ CAS_STR_YOU_WERE_NOT_AUTHENTICATED \r
+ => '<p>You were not authenticated.</p><p>You may submit your request again by clicking <a href="%s">here</a>.</p><p>If the problem persists, you may contact <a href="mailto:%s">the administrator of this site</a>.</p>',\r
+ CAS_STR_SERVICE_UNAVAILABLE\r
+ => 'The service `<b>%s</b>\' is not available (<b>%s</b>).'\r
+);\r
+\r
+?>
\ No newline at end of file
--- /dev/null
+<?php\r
+\r
+/**\r
+ * @file languages/english.php\r
+ * @author Pascal Aubry <pascal.aubry at univ-rennes1.fr>\r
+ * @sa @link internalLang Internationalization @endlink\r
+ * @ingroup internalLang\r
+ */\r
+\r
+$this->_strings = array(\r
+ CAS_STR_USING_SERVER \r
+ => 'utilisant le serveur',\r
+ CAS_STR_AUTHENTICATION_WANTED \r
+ => 'Authentication CAS nécessaire !',\r
+ CAS_STR_LOGOUT \r
+ => 'Déconnexion demandée !',\r
+ CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED \r
+ => 'Vous auriez du etre redirigé(e) vers le serveur CAS. Cliquez <a href="%s">ici</a> pour continuer.',\r
+ CAS_STR_AUTHENTICATION_FAILED \r
+ => 'Authentification CAS infructueuse !',\r
+ CAS_STR_YOU_WERE_NOT_AUTHENTICATED \r
+ => '<p>Vous n\'avez pas été authentifié(e).</p><p>Vous pouvez soumettre votre requete à nouveau en cliquant <a href="%s">ici</a>.</p><p>Si le problème persiste, vous pouvez contacter <a href="mailto:%s">l\'administrateur de ce site</a>.</p>',\r
+ CAS_STR_SERVICE_UNAVAILABLE\r
+ => 'Le service `<b>%s</b>\' est indisponible (<b>%s</b>)'\r
+\r
+);\r
+\r
+?>
\ No newline at end of file
--- /dev/null
+<?php\r
+\r
+/**\r
+ * @file languages/german.php\r
+ * @author Henrik Genssen <hg at mediafactory.de>\r
+ * @sa @link internalLang Internationalization @endlink\r
+ * @ingroup internalLang\r
+ */\r
+\r
+$this->_strings = array(\r
+ CAS_STR_USING_SERVER \r
+ => 'via Server',\r
+ CAS_STR_AUTHENTICATION_WANTED \r
+ => 'CAS Authentifizierung erforderlich!',\r
+ CAS_STR_LOGOUT \r
+ => 'CAS Abmeldung!',\r
+ CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED \r
+ => 'eigentlich häten Sie zum CAS Server weitergeleitet werden sollen. Drücken Sie <a href="%s">hier</a> um fortzufahren.',\r
+ CAS_STR_AUTHENTICATION_FAILED \r
+ => 'CAS Anmeldung fehlgeschlagen!',\r
+ CAS_STR_YOU_WERE_NOT_AUTHENTICATED \r
+ => '<p>Sie wurden nicht angemeldet.</p><p>Um es erneut zu versuchen klicken Sie <a href="%s">hier</a>.</p><p>Wenn das Problem bestehen bleibt, kontkatieren Sie den <a href="mailto:%s">Administrator</a> dieser Seite.</p>',\r
+ CAS_STR_SERVICE_UNAVAILABLE\r
+ => 'Der Dienst `<b>%s</b>\' ist nicht verfügbar (<b>%s</b>).'\r
+);\r
+\r
+?>
\ No newline at end of file
--- /dev/null
+<?php\r
+\r
+/**\r
+ * @file languages/greek.php\r
+ * @author Vangelis Haniotakis <haniotak at ucnet.uoc.gr>\r
+ * @sa @link internalLang Internationalization @endlink\r
+ * @ingroup internalLang\r
+ */\r
+\r
+$this->_strings = array(\r
+ CAS_STR_USING_SERVER \r
+ => '÷ñçóéìïðïéåßôáé ï åîõðçñåôçôÞò',\r
+ CAS_STR_AUTHENTICATION_WANTED \r
+ => 'Áðáéôåßôáé ç ôáõôïðïßçóç CAS!',\r
+ CAS_STR_LOGOUT \r
+ => 'Áðáéôåßôáé ç áðïóýíäåóç áðü CAS!',\r
+ CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED \r
+ => 'Èá Ýðñåðå íá åß÷áôå áíáêáôåõèõíèåß óôïí åîõðçñåôçôÞ CAS. ÊÜíôå êëßê <a href="%s">åäþ</a> ãéá íá óõíå÷ßóåôå.',\r
+ CAS_STR_AUTHENTICATION_FAILED \r
+ => 'Ç ôáõôïðïßçóç CAS áðÝôõ÷å!',\r
+ CAS_STR_YOU_WERE_NOT_AUTHENTICATED \r
+ => '<p>Äåí ôáõôïðïéçèÞêáôå.</p><p>Ìðïñåßôå íá îáíáðñïóðáèÞóåôå, êÜíïíôáò êëßê <a href="%s">åäþ</a>.</p><p>Åáí ôï ðñüâëçìá åðéìåßíåé, åëÜôå óå åðáöÞ ìå ôïí <a href="mailto:%s">äéá÷åéñéóôÞ</a>.</p>',\r
+ CAS_STR_SERVICE_UNAVAILABLE\r
+ => 'Ç õðçñåóßá `<b>%s</b>\' äåí åßíáé äéáèÝóéìç (<b>%s</b>).'\r
+);\r
+\r
+?>
\ No newline at end of file
--- /dev/null
+<?php
+
+/**
+ * @file languages/japanese.php
+ * @author fnorif (fnorif@yahoo.co.jp)
+ *
+ * Now Encoding is EUC-JP and LF
+ **/
+
+$this->_strings = array(
+ CAS_STR_USING_SERVER
+ => 'using server',
+ CAS_STR_AUTHENTICATION_WANTED
+ => 'CAS¤Ë¤è¤ëǧ¾Ú¤ò¹Ô¤¤¤Þ¤¹',
+ CAS_STR_LOGOUT
+ => 'CAS¤«¤é¥í¥°¥¢¥¦¥È¤·¤Þ¤¹!',
+ CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED
+ => 'CAS¥µ¡¼¥Ð¤Ë¹Ô¤¯É¬Íפ¬¤¢¤ê¤Þ¤¹¡£¼«Æ°Åª¤ËžÁ÷¤µ¤ì¤Ê¤¤¾ì¹ç¤Ï <a href="%s">¤³¤Á¤é</a> ¤ò¥¯¥ê¥Ã¥¯¤·¤Æ³¹Ô¤·¤Þ¤¹¡£',
+ CAS_STR_AUTHENTICATION_FAILED
+ => 'CAS¤Ë¤è¤ëǧ¾Ú¤Ë¼ºÇÔ¤·¤Þ¤·¤¿',
+ CAS_STR_YOU_WERE_NOT_AUTHENTICATED
+ => '<p>ǧ¾Ú¤Ç¤¤Þ¤»¤ó¤Ç¤·¤¿.</p><p>¤â¤¦°ìÅ٥ꥯ¥¨¥¹¥È¤òÁ÷¿®¤¹¤ë¾ì¹ç¤Ï<a href="%s">¤³¤Á¤é</a>¤ò¥¯¥ê¥Ã¥¯.</p><p>ÌäÂ꤬²ò·è¤·¤Ê¤¤¾ì¹ç¤Ï <a href="mailto:%s">¤³¤Î¥µ¥¤¥È¤Î´ÉÍý¼Ô</a>¤ËÌ䤤¹ç¤ï¤»¤Æ¤¯¤À¤µ¤¤.</p>',
+ CAS_STR_SERVICE_UNAVAILABLE
+ => '¥µ¡¼¥Ó¥¹ `<b>%s</b>\' ¤ÏÍøÍѤǤ¤Þ¤»¤ó (<b>%s</b>).'
+);
+
+?>
\ No newline at end of file
--- /dev/null
+<?php\r
+\r
+/**\r
+ * @file languages/languages.php\r
+ * Internationalization constants\r
+ * @author Pascal Aubry <pascal.aubry at univ-rennes1.fr>\r
+ * @sa @link internalLang Internationalization @endlink\r
+ * @ingroup internalLang\r
+ */\r
+\r
+//@{\r
+/**\r
+ * a phpCAS string index\r
+ */\r
+define("CAS_STR_USING_SERVER", 1);\r
+define("CAS_STR_AUTHENTICATION_WANTED", 2);\r
+define("CAS_STR_LOGOUT", 3);\r
+define("CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED", 4);\r
+define("CAS_STR_AUTHENTICATION_FAILED", 5);\r
+define("CAS_STR_YOU_WERE_NOT_AUTHENTICATED", 6);\r
+define("CAS_STR_SERVICE_UNAVAILABLE", 7);\r
+//@}\r
+\r
+?>
\ No newline at end of file
--- /dev/null
+<?php\r
+\r
+/**\r
+ * @file languages/spanish.php\r
+ * @author Iván-Benjamín García Torà <ivaniclixx AT gmail DOT com>\r
+ * @sa @link internalLang Internationalization @endlink\r
+ * @ingroup internalLang\r
+ */\r
+\r
+$this->_strings = array(\r
+ CAS_STR_USING_SERVER \r
+ => 'usando servidor',\r
+ CAS_STR_AUTHENTICATION_WANTED \r
+ => '¡Autentificación CAS necesaria!',\r
+ CAS_STR_LOGOUT \r
+ => '¡Salida CAS necesaria!',\r
+ CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED \r
+ => 'Ya debería haber sido redireccionado al servidor CAS. Haga click <a href="%s">aquí</a> para continuar.',\r
+ CAS_STR_AUTHENTICATION_FAILED \r
+ => '¡Autentificación CAS fallida!',\r
+ CAS_STR_YOU_WERE_NOT_AUTHENTICATED \r
+ => '<p>No estás autentificado.</p><p>Puedes volver a intentarlo haciendo click <a href="%s">aquí</a>.</p><p>Si el problema persiste debería contactar con el <a href="mailto:%s">administrador de este sitio</a>.</p>',\r
+ CAS_STR_SERVICE_UNAVAILABLE\r
+ => 'El servicio `<b>%s</b>\' no está disponible (<b>%s</b>).'\r
+);\r
+\r
+?>\r
projects / quix0rs-gnu-social.git / commitdiff