<?php\r
\r
-// commented in 0.4.22-RC2 for Sylvain Derosiaux\r
-// error_reporting(E_ALL ^ E_NOTICE);\r
+/*\r
+ * Copyright © 2003-2010, The ESUP-Portail consortium & the JA-SIG Collaborative.\r
+ * All rights reserved.\r
+ * \r
+ * Redistribution and use in source and binary forms, with or without\r
+ * modification, are permitted provided that the following conditions are met:\r
+ * \r
+ * * Redistributions of source code must retain the above copyright notice,\r
+ * this list of conditions and the following disclaimer.\r
+ * * Redistributions in binary form must reproduce the above copyright notice,\r
+ * this list of conditions and the following disclaimer in the documentation\r
+ * and/or other materials provided with the distribution.\r
+ * * Neither the name of the ESUP-Portail consortium & the JA-SIG\r
+ * Collaborative nor the names of its contributors may be used to endorse or\r
+ * promote products derived from this software without specific prior\r
+ * written permission.\r
+\r
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND\r
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED\r
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE\r
+ * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR\r
+ * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES\r
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;\r
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON\r
+ * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\r
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS\r
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\r
+ */\r
\r
//\r
// hack by Vangelis Haniotakis to handle the absence of $_SERVER['REQUEST_URI'] in IIS\r
//\r
if (!$_SERVER['REQUEST_URI']) {\r
- $_SERVER['REQUEST_URI'] = $_SERVER['SCRIPT_NAME'].'?'.$_SERVER['QUERY_STRING'];\r
+ $_SERVER['REQUEST_URI'] = $_SERVER['SCRIPT_NAME'] . '?' . $_SERVER['QUERY_STRING'];\r
}\r
\r
//\r
// another one by Vangelis Haniotakis also to make phpCAS work with PHP5\r
//\r
-if (version_compare(PHP_VERSION,'5','>=')) {\r
- require_once(dirname(__FILE__).'/CAS/domxml-php4-to-php5.php');\r
+if (version_compare(PHP_VERSION, '5', '>=') && !(function_exists('domxml_new_doc'))) {\r
+ require_once (dirname(__FILE__) . '/CAS/domxml-php4-to-php5.php');\r
}\r
\r
/**\r
/**\r
* phpCAS version. accessible for the user by phpCAS::getVersion().\r
*/\r
-define('PHPCAS_VERSION','1.1.0RC6');\r
+define('PHPCAS_VERSION', '1.1.2');\r
\r
// ------------------------------------------------------------------------\r
// CAS VERSIONS\r
// ------------------------------------------------------------------------\r
- /**\r
- * @addtogroup public\r
- * @{\r
- */\r
+/**\r
+ * @addtogroup public\r
+ * @{\r
+ */\r
\r
/**\r
* CAS version 1.0\r
*/\r
-define("CAS_VERSION_1_0",'1.0');\r
+define("CAS_VERSION_1_0", '1.0');\r
/*!\r
* CAS version 2.0\r
*/\r
-define("CAS_VERSION_2_0",'2.0');\r
+define("CAS_VERSION_2_0", '2.0');\r
\r
// ------------------------------------------------------------------------\r
// SAML defines\r
/**\r
* SOAP envelope for SAML POST\r
*/\r
-define ("SAML_SOAP_ENV", '<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"><SOAP-ENV:Header/>');\r
+define("SAML_SOAP_ENV", '<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"><SOAP-ENV:Header/>');\r
\r
/**\r
* SOAP body for SAML POST\r
*/\r
-define ("SAML_SOAP_BODY", '<SOAP-ENV:Body>');\r
+define("SAML_SOAP_BODY", '<SOAP-ENV:Body>');\r
\r
/**\r
* SAMLP request\r
*/\r
-define ("SAMLP_REQUEST", '<samlp:Request xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" MajorVersion="1" MinorVersion="1" RequestID="_192.168.16.51.1024506224022" IssueInstant="2002-06-19T17:03:44.022Z">');\r
-define ("SAMLP_REQUEST_CLOSE", '</samlp:Request>');\r
+define("SAMLP_REQUEST", '<samlp:Request xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" MajorVersion="1" MinorVersion="1" RequestID="_192.168.16.51.1024506224022" IssueInstant="2002-06-19T17:03:44.022Z">');\r
+define("SAMLP_REQUEST_CLOSE", '</samlp:Request>');\r
\r
/**\r
* SAMLP artifact tag (for the ticket)\r
*/\r
-define ("SAML_ASSERTION_ARTIFACT", '<samlp:AssertionArtifact>');\r
+define("SAML_ASSERTION_ARTIFACT", '<samlp:AssertionArtifact>');\r
\r
/**\r
* SAMLP close\r
*/\r
-define ("SAML_ASSERTION_ARTIFACT_CLOSE", '</samlp:AssertionArtifact>');\r
+define("SAML_ASSERTION_ARTIFACT_CLOSE", '</samlp:AssertionArtifact>');\r
\r
/**\r
* SOAP body close\r
*/\r
-define ("SAML_SOAP_BODY_CLOSE", '</SOAP-ENV:Body>');\r
+define("SAML_SOAP_BODY_CLOSE", '</SOAP-ENV:Body>');\r
\r
/**\r
* SOAP envelope close\r
*/\r
-define ("SAML_SOAP_ENV_CLOSE", '</SOAP-ENV:Envelope>');\r
+define("SAML_SOAP_ENV_CLOSE", '</SOAP-ENV:Envelope>');\r
\r
/**\r
* SAML Attributes\r
*/\r
define("SAML_ATTRIBUTES", 'SAMLATTRIBS');\r
\r
-\r
-\r
/** @} */\r
- /**\r
- * @addtogroup publicPGTStorage\r
- * @{\r
- */\r
+/**\r
+ * @addtogroup publicPGTStorage\r
+ * @{\r
+ */\r
// ------------------------------------------------------------------------\r
// FILE PGT STORAGE\r
// ------------------------------------------------------------------------\r
- /**\r
- * Default path used when storing PGT's to file\r
- */\r
-define("CAS_PGT_STORAGE_FILE_DEFAULT_PATH",'/tmp');\r
+/**\r
+ * Default path used when storing PGT's to file\r
+ */\r
+define("CAS_PGT_STORAGE_FILE_DEFAULT_PATH", '/tmp');\r
/**\r
* phpCAS::setPGTStorageFile()'s 2nd parameter to write plain text files\r
*/\r
-define("CAS_PGT_STORAGE_FILE_FORMAT_PLAIN",'plain');\r
+define("CAS_PGT_STORAGE_FILE_FORMAT_PLAIN", 'plain');\r
/**\r
* phpCAS::setPGTStorageFile()'s 2nd parameter to write xml files\r
*/\r
-define("CAS_PGT_STORAGE_FILE_FORMAT_XML",'xml');\r
+define("CAS_PGT_STORAGE_FILE_FORMAT_XML", 'xml');\r
/**\r
* Default format used when storing PGT's to file\r
*/\r
-define("CAS_PGT_STORAGE_FILE_DEFAULT_FORMAT",CAS_PGT_STORAGE_FILE_FORMAT_PLAIN);\r
+define("CAS_PGT_STORAGE_FILE_DEFAULT_FORMAT", CAS_PGT_STORAGE_FILE_FORMAT_PLAIN);\r
// ------------------------------------------------------------------------\r
// DATABASE PGT STORAGE\r
// ------------------------------------------------------------------------\r
- /**\r
- * default database type when storing PGT's to database\r
- */\r
-define("CAS_PGT_STORAGE_DB_DEFAULT_DATABASE_TYPE",'mysql');\r
+/**\r
+ * default database type when storing PGT's to database\r
+ */\r
+define("CAS_PGT_STORAGE_DB_DEFAULT_DATABASE_TYPE", 'mysql');\r
/**\r
* default host when storing PGT's to database\r
*/\r
-define("CAS_PGT_STORAGE_DB_DEFAULT_HOSTNAME",'localhost');\r
+define("CAS_PGT_STORAGE_DB_DEFAULT_HOSTNAME", 'localhost');\r
/**\r
* default port when storing PGT's to database\r
*/\r
-define("CAS_PGT_STORAGE_DB_DEFAULT_PORT",'');\r
+define("CAS_PGT_STORAGE_DB_DEFAULT_PORT", '');\r
/**\r
* default database when storing PGT's to database\r
*/\r
-define("CAS_PGT_STORAGE_DB_DEFAULT_DATABASE",'phpCAS');\r
+define("CAS_PGT_STORAGE_DB_DEFAULT_DATABASE", 'phpCAS');\r
/**\r
* default table when storing PGT's to database\r
*/\r
-define("CAS_PGT_STORAGE_DB_DEFAULT_TABLE",'pgt');\r
+define("CAS_PGT_STORAGE_DB_DEFAULT_TABLE", 'pgt');\r
\r
/** @} */\r
// ------------------------------------------------------------------------\r
// SERVICE ACCESS ERRORS\r
// ------------------------------------------------------------------------\r
- /**\r
- * @addtogroup publicServices\r
- * @{\r
- */\r
+/**\r
+ * @addtogroup publicServices\r
+ * @{\r
+ */\r
\r
/**\r
* phpCAS::service() error code on success\r
*/\r
-define("PHPCAS_SERVICE_OK",0);\r
+define("PHPCAS_SERVICE_OK", 0);\r
/**\r
* phpCAS::service() error code when the PT could not retrieve because\r
* the CAS server did not respond.\r
*/\r
-define("PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE",1);\r
+define("PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE", 1);\r
/**\r
* phpCAS::service() error code when the PT could not retrieve because\r
* the response of the CAS server was ill-formed.\r
*/\r
-define("PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE",2);\r
+define("PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE", 2);\r
/**\r
* phpCAS::service() error code when the PT could not retrieve because\r
* the CAS server did not want to.\r
*/\r
-define("PHPCAS_SERVICE_PT_FAILURE",3);\r
+define("PHPCAS_SERVICE_PT_FAILURE", 3);\r
/**\r
* phpCAS::service() error code when the service was not available.\r
*/\r
-define("PHPCAS_SERVICE_NOT AVAILABLE",4);\r
+define("PHPCAS_SERVICE_NOT AVAILABLE", 4);\r
\r
/** @} */\r
// ------------------------------------------------------------------------\r
// LANGUAGES\r
// ------------------------------------------------------------------------\r
- /**\r
- * @addtogroup publicLang\r
- * @{\r
- */\r
-\r
-define("PHPCAS_LANG_ENGLISH", 'english');\r
-define("PHPCAS_LANG_FRENCH", 'french');\r
-define("PHPCAS_LANG_GREEK", 'greek');\r
-define("PHPCAS_LANG_GERMAN", 'german');\r
-define("PHPCAS_LANG_JAPANESE", 'japanese');\r
-define("PHPCAS_LANG_SPANISH", 'spanish');\r
-define("PHPCAS_LANG_CATALAN", 'catalan');\r
+/**\r
+ * @addtogroup publicLang\r
+ * @{\r
+ */\r
+\r
+define("PHPCAS_LANG_ENGLISH", 'english');\r
+define("PHPCAS_LANG_FRENCH", 'french');\r
+define("PHPCAS_LANG_GREEK", 'greek');\r
+define("PHPCAS_LANG_GERMAN", 'german');\r
+define("PHPCAS_LANG_JAPANESE", 'japanese');\r
+define("PHPCAS_LANG_SPANISH", 'spanish');\r
+define("PHPCAS_LANG_CATALAN", 'catalan');\r
\r
/** @} */\r
\r
// ------------------------------------------------------------------------\r
// DEBUG\r
// ------------------------------------------------------------------------\r
- /**\r
- * @addtogroup publicDebug\r
- * @{\r
- */\r
+/**\r
+ * @addtogroup publicDebug\r
+ * @{\r
+ */\r
\r
/**\r
* The default directory for the debug file under Unix.\r
*/\r
-define('DEFAULT_DEBUG_DIR','/tmp/');\r
+define('DEFAULT_DEBUG_DIR', '/tmp/');\r
\r
/** @} */\r
// ------------------------------------------------------------------------\r
// MISC\r
// ------------------------------------------------------------------------\r
- /**\r
- * @addtogroup internalMisc\r
- * @{\r
- */\r
+/**\r
+ * @addtogroup internalMisc\r
+ * @{\r
+ */\r
\r
/**\r
* This global variable is used by the interface class phpCAS.\r
*\r
* @hideinitializer\r
*/\r
-$GLOBALS['PHPCAS_CLIENT'] = null;\r
+$GLOBALS['PHPCAS_CLIENT'] = null;\r
\r
/**\r
* This global variable is used to store where the initializer is called from \r
*\r
* @hideinitializer\r
*/\r
-$GLOBALS['PHPCAS_INIT_CALL'] = array('done' => FALSE,\r
+$GLOBALS['PHPCAS_INIT_CALL'] = array (\r
+ 'done' => FALSE,\r
'file' => '?',\r
'line' => -1,\r
- 'method' => '?');\r
+ 'method' => '?'\r
+);\r
\r
/**\r
* This global variable is used to store where the method checking\r
*\r
* @hideinitializer\r
*/\r
-$GLOBALS['PHPCAS_AUTH_CHECK_CALL'] = array('done' => FALSE,\r
+$GLOBALS['PHPCAS_AUTH_CHECK_CALL'] = array (\r
+ 'done' => FALSE,\r
'file' => '?',\r
'line' => -1,\r
'method' => '?',\r
- 'result' => FALSE);\r
+ 'result' => FALSE\r
+);\r
\r
/**\r
* This global variable is used to store phpCAS debug mode.\r
*\r
* @hideinitializer\r
*/\r
-$GLOBALS['PHPCAS_DEBUG'] = array('filename' => FALSE,\r
+$GLOBALS['PHPCAS_DEBUG'] = array (\r
+ 'filename' => FALSE,\r
'indent' => 0,\r
- 'unique_id' => '');\r
+ 'unique_id' => ''\r
+);\r
\r
/** @} */\r
\r
// ########################################################################\r
\r
// include client class\r
-include_once(dirname(__FILE__).'/CAS/client.php');\r
+include_once (dirname(__FILE__) . '/CAS/client.php');\r
\r
// ########################################################################\r
// INTERFACE CLASS\r
* at the end of CAS/client.php).\r
*/\r
\r
+class phpCAS {\r
\r
-\r
-class phpCAS\r
-{\r
- \r
// ########################################################################\r
// INITIALIZATION\r
// ########################################################################\r
- \r
+\r
/**\r
* @addtogroup publicInit\r
* @{\r
*/\r
- \r
+\r
/**\r
* phpCAS client initializer.\r
* @note Only one of the phpCAS::client() and phpCAS::proxy functions should be\r
*\r
* @return a newly created CASClient object\r
*/\r
- function client($server_version,\r
- $server_hostname,\r
- $server_port,\r
- $server_uri,\r
- $start_session = true)\r
- {\r
+ function client($server_version, $server_hostname, $server_port, $server_uri, $start_session = true) {\r
global $PHPCAS_CLIENT, $PHPCAS_INIT_CALL;\r
- \r
- phpCAS::traceBegin();\r
- if ( is_object($PHPCAS_CLIENT) ) {\r
- phpCAS::error($PHPCAS_INIT_CALL['method'].'() has already been called (at '.$PHPCAS_INIT_CALL['file'].':'.$PHPCAS_INIT_CALL['line'].')');\r
+\r
+ phpCAS :: traceBegin();\r
+ if (is_object($PHPCAS_CLIENT)) {\r
+ phpCAS :: error($PHPCAS_INIT_CALL['method'] . '() has already been called (at ' . $PHPCAS_INIT_CALL['file'] . ':' . $PHPCAS_INIT_CALL['line'] . ')');\r
}\r
- if ( gettype($server_version) != 'string' ) {\r
- phpCAS::error('type mismatched for parameter $server_version (should be `string\')');\r
+ if (gettype($server_version) != 'string') {\r
+ phpCAS :: error('type mismatched for parameter $server_version (should be `string\')');\r
}\r
- if ( gettype($server_hostname) != 'string' ) {\r
- phpCAS::error('type mismatched for parameter $server_hostname (should be `string\')');\r
+ if (gettype($server_hostname) != 'string') {\r
+ phpCAS :: error('type mismatched for parameter $server_hostname (should be `string\')');\r
}\r
- if ( gettype($server_port) != 'integer' ) {\r
- phpCAS::error('type mismatched for parameter $server_port (should be `integer\')');\r
+ if (gettype($server_port) != 'integer') {\r
+ phpCAS :: error('type mismatched for parameter $server_port (should be `integer\')');\r
}\r
- if ( gettype($server_uri) != 'string' ) {\r
- phpCAS::error('type mismatched for parameter $server_uri (should be `string\')');\r
+ if (gettype($server_uri) != 'string') {\r
+ phpCAS :: error('type mismatched for parameter $server_uri (should be `string\')');\r
}\r
- \r
+\r
// store where the initializer is called from\r
- $dbg = phpCAS::backtrace();\r
- $PHPCAS_INIT_CALL = array('done' => TRUE,\r
+ $dbg = phpCAS :: backtrace();\r
+ $PHPCAS_INIT_CALL = array (\r
+ 'done' => TRUE,\r
'file' => $dbg[0]['file'],\r
'line' => $dbg[0]['line'],\r
- 'method' => __CLASS__.'::'.__FUNCTION__);\r
- \r
+ 'method' => __CLASS__ . '::' . __FUNCTION__\r
+ );\r
+\r
// initialize the global object $PHPCAS_CLIENT\r
- $PHPCAS_CLIENT = new CASClient($server_version,FALSE/*proxy*/,$server_hostname,$server_port,$server_uri,$start_session);\r
- phpCAS::traceEnd();\r
- }\r
- \r
+ $PHPCAS_CLIENT = new CASClient($server_version, FALSE /*proxy*/\r
+ , $server_hostname, $server_port, $server_uri, $start_session);\r
+ phpCAS :: traceEnd();\r
+ }\r
+\r
/**\r
* phpCAS proxy initializer.\r
* @note Only one of the phpCAS::client() and phpCAS::proxy functions should be\r
*\r
* @return a newly created CASClient object\r
*/\r
- function proxy($server_version,\r
- $server_hostname,\r
- $server_port,\r
- $server_uri,\r
- $start_session = true)\r
- {\r
+ function proxy($server_version, $server_hostname, $server_port, $server_uri, $start_session = true) {\r
global $PHPCAS_CLIENT, $PHPCAS_INIT_CALL;\r
- \r
- phpCAS::traceBegin();\r
- if ( is_object($PHPCAS_CLIENT) ) {\r
- phpCAS::error($PHPCAS_INIT_CALL['method'].'() has already been called (at '.$PHPCAS_INIT_CALL['file'].':'.$PHPCAS_INIT_CALL['line'].')');\r
+\r
+ phpCAS :: traceBegin();\r
+ if (is_object($PHPCAS_CLIENT)) {\r
+ phpCAS :: error($PHPCAS_INIT_CALL['method'] . '() has already been called (at ' . $PHPCAS_INIT_CALL['file'] . ':' . $PHPCAS_INIT_CALL['line'] . ')');\r
}\r
- if ( gettype($server_version) != 'string' ) {\r
- phpCAS::error('type mismatched for parameter $server_version (should be `string\')');\r
+ if (gettype($server_version) != 'string') {\r
+ phpCAS :: error('type mismatched for parameter $server_version (should be `string\')');\r
}\r
- if ( gettype($server_hostname) != 'string' ) {\r
- phpCAS::error('type mismatched for parameter $server_hostname (should be `string\')');\r
+ if (gettype($server_hostname) != 'string') {\r
+ phpCAS :: error('type mismatched for parameter $server_hostname (should be `string\')');\r
}\r
- if ( gettype($server_port) != 'integer' ) {\r
- phpCAS::error('type mismatched for parameter $server_port (should be `integer\')');\r
+ if (gettype($server_port) != 'integer') {\r
+ phpCAS :: error('type mismatched for parameter $server_port (should be `integer\')');\r
}\r
- if ( gettype($server_uri) != 'string' ) {\r
- phpCAS::error('type mismatched for parameter $server_uri (should be `string\')');\r
+ if (gettype($server_uri) != 'string') {\r
+ phpCAS :: error('type mismatched for parameter $server_uri (should be `string\')');\r
}\r
- \r
+\r
// store where the initialzer is called from\r
- $dbg = phpCAS::backtrace();\r
- $PHPCAS_INIT_CALL = array('done' => TRUE,\r
+ $dbg = phpCAS :: backtrace();\r
+ $PHPCAS_INIT_CALL = array (\r
+ 'done' => TRUE,\r
'file' => $dbg[0]['file'],\r
'line' => $dbg[0]['line'],\r
- 'method' => __CLASS__.'::'.__FUNCTION__);\r
- \r
+ 'method' => __CLASS__ . '::' . __FUNCTION__\r
+ );\r
+\r
// initialize the global object $PHPCAS_CLIENT\r
- $PHPCAS_CLIENT = new CASClient($server_version,TRUE/*proxy*/,$server_hostname,$server_port,$server_uri,$start_session);\r
- phpCAS::traceEnd();\r
- }\r
- \r
+ $PHPCAS_CLIENT = new CASClient($server_version, TRUE /*proxy*/\r
+ , $server_hostname, $server_port, $server_uri, $start_session);\r
+ phpCAS :: traceEnd();\r
+ }\r
+\r
/** @} */\r
// ########################################################################\r
// DEBUGGING\r
// ########################################################################\r
- \r
+\r
/**\r
* @addtogroup publicDebug\r
* @{\r
*/\r
- \r
+\r
/**\r
* Set/unset debug mode\r
*\r
* @param $filename the name of the file used for logging, or FALSE to stop debugging.\r
*/\r
- function setDebug($filename='')\r
- {\r
+ function setDebug($filename = '') {\r
global $PHPCAS_DEBUG;\r
- \r
- if ( $filename != FALSE && gettype($filename) != 'string' ) {\r
- phpCAS::error('type mismatched for parameter $dbg (should be FALSE or the name of the log file)');\r
- }\r
- \r
- if ( empty($filename) ) {\r
- if ( preg_match('/^Win.*/',getenv('OS')) ) {\r
- if ( isset($_ENV['TMP']) ) {\r
- $debugDir = $_ENV['TMP'].'/';\r
- } else if ( isset($_ENV['TEMP']) ) {\r
- $debugDir = $_ENV['TEMP'].'/';\r
- } else {\r
- $debugDir = '';\r
- }\r
+\r
+ if ($filename != FALSE && gettype($filename) != 'string') {\r
+ phpCAS :: error('type mismatched for parameter $dbg (should be FALSE or the name of the log file)');\r
+ }\r
+\r
+ if (empty ($filename)) {\r
+ if (preg_match('/^Win.*/', getenv('OS'))) {\r
+ if (isset ($_ENV['TMP'])) {\r
+ $debugDir = $_ENV['TMP'] . '/';\r
+ } else\r
+ if (isset ($_ENV['TEMP'])) {\r
+ $debugDir = $_ENV['TEMP'] . '/';\r
+ } else {\r
+ $debugDir = '';\r
+ }\r
} else {\r
$debugDir = DEFAULT_DEBUG_DIR;\r
}\r
$filename = $debugDir . 'phpCAS.log';\r
}\r
- \r
- if ( empty($PHPCAS_DEBUG['unique_id']) ) {\r
- $PHPCAS_DEBUG['unique_id'] = substr(strtoupper(md5(uniqid(''))),0,4);\r
+\r
+ if (empty ($PHPCAS_DEBUG['unique_id'])) {\r
+ $PHPCAS_DEBUG['unique_id'] = substr(strtoupper(md5(uniqid(''))), 0, 4);\r
}\r
- \r
+\r
$PHPCAS_DEBUG['filename'] = $filename;\r
- \r
- phpCAS::trace('START ******************');\r
- }\r
- \r
+\r
+ phpCAS :: trace('START phpCAS-' . PHPCAS_VERSION . ' ******************');\r
+ }\r
+\r
/** @} */\r
/**\r
* @addtogroup internalDebug\r
* @{\r
*/\r
- \r
+\r
/**\r
* This method is a wrapper for debug_backtrace() that is not available \r
* in all PHP versions (>= 4.3.0 only)\r
*/\r
- function backtrace()\r
- {\r
- if ( function_exists('debug_backtrace') ) {\r
+ function backtrace() {\r
+ if (function_exists('debug_backtrace')) {\r
return debug_backtrace();\r
} else {\r
// poor man's hack ... but it does work ...\r
- return array();\r
- }\r
+ return array ();\r
}\r
- \r
+ }\r
+\r
/**\r
* Logs a string in debug mode.\r
*\r
*\r
* @private\r
*/\r
- function log($str)\r
- {\r
+ function log($str) {\r
$indent_str = ".";\r
global $PHPCAS_DEBUG;\r
- \r
- if ( $PHPCAS_DEBUG['filename'] ) {\r
- for ($i=0;$i<$PHPCAS_DEBUG['indent'];$i++) {\r
+\r
+ if ($PHPCAS_DEBUG['filename']) {\r
+ for ($i = 0; $i < $PHPCAS_DEBUG['indent']; $i++) {\r
$indent_str .= '| ';\r
}\r
- error_log($PHPCAS_DEBUG['unique_id'].' '.$indent_str.$str."\n",3,$PHPCAS_DEBUG['filename']);\r
- }\r
- \r
+ error_log($PHPCAS_DEBUG['unique_id'] . ' ' . $indent_str . $str . "\n", 3, $PHPCAS_DEBUG['filename']);\r
}\r
- \r
+\r
+ }\r
+\r
/**\r
* This method is used by interface methods to print an error and where the function\r
* was originally called from.\r
*\r
* @private\r
*/\r
- function error($msg)\r
- {\r
- $dbg = phpCAS::backtrace();\r
+ function error($msg) {\r
+ $dbg = phpCAS :: backtrace();\r
$function = '?';\r
$file = '?';\r
$line = '?';\r
- if ( is_array($dbg) ) {\r
- for ( $i=1; $i<sizeof($dbg); $i++) {\r
- if ( is_array($dbg[$i]) ) {\r
- if ( $dbg[$i]['class'] == __CLASS__ ) {\r
+ if (is_array($dbg)) {\r
+ for ($i = 1; $i < sizeof($dbg); $i++) {\r
+ if (is_array($dbg[$i])) {\r
+ if ($dbg[$i]['class'] == __CLASS__) {\r
$function = $dbg[$i]['function'];\r
$file = $dbg[$i]['file'];\r
$line = $dbg[$i]['line'];\r
}\r
}\r
}\r
- echo "<br />\n<b>phpCAS error</b>: <font color=\"FF0000\"><b>".__CLASS__."::".$function.'(): '.htmlentities($msg)."</b></font> in <b>".$file."</b> on line <b>".$line."</b><br />\n";\r
- phpCAS::trace($msg);\r
- phpCAS::traceExit();\r
- exit();\r
- }\r
- \r
+ echo "<br />\n<b>phpCAS error</b>: <font color=\"FF0000\"><b>" . __CLASS__ . "::" . $function . '(): ' . htmlentities($msg) . "</b></font> in <b>" . $file . "</b> on line <b>" . $line . "</b><br />\n";\r
+ phpCAS :: trace($msg);\r
+ phpCAS :: traceExit();\r
+ exit ();\r
+ }\r
+\r
/**\r
* This method is used to log something in debug mode.\r
*/\r
- function trace($str)\r
- {\r
- $dbg = phpCAS::backtrace();\r
- phpCAS::log($str.' ['.basename($dbg[1]['file']).':'.$dbg[1]['line'].']');\r
- }\r
- \r
+ function trace($str) {\r
+ $dbg = phpCAS :: backtrace();\r
+ phpCAS :: log($str . ' [' . basename($dbg[1]['file']) . ':' . $dbg[1]['line'] . ']');\r
+ }\r
+\r
/**\r
* This method is used to indicate the start of the execution of a function in debug mode.\r
*/\r
- function traceBegin()\r
- {\r
+ function traceBegin() {\r
global $PHPCAS_DEBUG;\r
- \r
- $dbg = phpCAS::backtrace();\r
+\r
+ $dbg = phpCAS :: backtrace();\r
$str = '=> ';\r
- if ( !empty($dbg[2]['class']) ) {\r
- $str .= $dbg[2]['class'].'::';\r
+ if (!empty ($dbg[2]['class'])) {\r
+ $str .= $dbg[2]['class'] . '::';\r
}\r
- $str .= $dbg[2]['function'].'('; \r
- if ( is_array($dbg[2]['args']) ) {\r
+ $str .= $dbg[2]['function'] . '(';\r
+ if (is_array($dbg[2]['args'])) {\r
foreach ($dbg[2]['args'] as $index => $arg) {\r
- if ( $index != 0 ) {\r
+ if ($index != 0) {\r
$str .= ', ';\r
}\r
- $str .= str_replace("\n","",var_export($arg,TRUE));\r
+ $str .= str_replace("\n", "", var_export($arg, TRUE));\r
}\r
}\r
- $str .= ') ['.basename($dbg[2]['file']).':'.$dbg[2]['line'].']';\r
- phpCAS::log($str);\r
- $PHPCAS_DEBUG['indent'] ++;\r
- }\r
- \r
+ $str .= ') [' . basename($dbg[2]['file']) . ':' . $dbg[2]['line'] . ']';\r
+ phpCAS :: log($str);\r
+ $PHPCAS_DEBUG['indent']++;\r
+ }\r
+\r
/**\r
* This method is used to indicate the end of the execution of a function in debug mode.\r
*\r
* @param $res the result of the function\r
*/\r
- function traceEnd($res='')\r
- {\r
+ function traceEnd($res = '') {\r
global $PHPCAS_DEBUG;\r
- \r
- $PHPCAS_DEBUG['indent'] --;\r
- $dbg = phpCAS::backtrace();\r
+\r
+ $PHPCAS_DEBUG['indent']--;\r
+ $dbg = phpCAS :: backtrace();\r
$str = '';\r
- $str .= '<= '.str_replace("\n","",var_export($res,TRUE));\r
- phpCAS::log($str);\r
- }\r
- \r
+ $str .= '<= ' . str_replace("\n", "", var_export($res, TRUE));\r
+ phpCAS :: log($str);\r
+ }\r
+\r
/**\r
* This method is used to indicate the end of the execution of the program\r
*/\r
- function traceExit()\r
- {\r
+ function traceExit() {\r
global $PHPCAS_DEBUG;\r
- \r
- phpCAS::log('exit()');\r
- while ( $PHPCAS_DEBUG['indent'] > 0 ) {\r
- phpCAS::log('-');\r
- $PHPCAS_DEBUG['indent'] --;\r
- }\r
+\r
+ phpCAS :: log('exit()');\r
+ while ($PHPCAS_DEBUG['indent'] > 0) {\r
+ phpCAS :: log('-');\r
+ $PHPCAS_DEBUG['indent']--;\r
}\r
- \r
+ }\r
+\r
/** @} */\r
// ########################################################################\r
// INTERNATIONALIZATION\r
* @addtogroup publicLang\r
* @{\r
*/\r
- \r
+\r
/**\r
* This method is used to set the language used by phpCAS. \r
* @note Can be called only once.\r
*\r
* @sa PHPCAS_LANG_FRENCH, PHPCAS_LANG_ENGLISH\r
*/\r
- function setLang($lang)\r
- {\r
+ function setLang($lang) {\r
global $PHPCAS_CLIENT;\r
- if ( !is_object($PHPCAS_CLIENT) ) {\r
- phpCAS::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()');\r
+ if (!is_object($PHPCAS_CLIENT)) {\r
+ phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');\r
}\r
- if ( gettype($lang) != 'string' ) {\r
- phpCAS::error('type mismatched for parameter $lang (should be `string\')');\r
+ if (gettype($lang) != 'string') {\r
+ phpCAS :: error('type mismatched for parameter $lang (should be `string\')');\r
}\r
$PHPCAS_CLIENT->setLang($lang);\r
- }\r
- \r
+ }\r
+\r
/** @} */\r
// ########################################################################\r
// VERSION\r
* @addtogroup public\r
* @{\r
*/\r
- \r
+\r
/**\r
* This method returns the phpCAS version.\r
*\r
* @return the phpCAS version.\r
*/\r
- function getVersion()\r
- {\r
+ function getVersion() {\r
return PHPCAS_VERSION;\r
- }\r
- \r
+ }\r
+\r
/** @} */\r
// ########################################################################\r
// HTML OUTPUT\r
* @addtogroup publicOutput\r
* @{\r
*/\r
- \r
+\r
/**\r
* This method sets the HTML header used for all outputs.\r
*\r
* @param $header the HTML header.\r
*/\r
- function setHTMLHeader($header)\r
- {\r
+ function setHTMLHeader($header) {\r
global $PHPCAS_CLIENT;\r
- if ( !is_object($PHPCAS_CLIENT) ) {\r
- phpCAS::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()');\r
+ if (!is_object($PHPCAS_CLIENT)) {\r
+ phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');\r
}\r
- if ( gettype($header) != 'string' ) {\r
- phpCAS::error('type mismatched for parameter $header (should be `string\')');\r
+ if (gettype($header) != 'string') {\r
+ phpCAS :: error('type mismatched for parameter $header (should be `string\')');\r
}\r
$PHPCAS_CLIENT->setHTMLHeader($header);\r
- }\r
- \r
+ }\r
+\r
/**\r
* This method sets the HTML footer used for all outputs.\r
*\r
* @param $footer the HTML footer.\r
*/\r
- function setHTMLFooter($footer)\r
- {\r
+ function setHTMLFooter($footer) {\r
global $PHPCAS_CLIENT;\r
- if ( !is_object($PHPCAS_CLIENT) ) {\r
- phpCAS::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()');\r
+ if (!is_object($PHPCAS_CLIENT)) {\r
+ phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');\r
}\r
- if ( gettype($footer) != 'string' ) {\r
- phpCAS::error('type mismatched for parameter $footer (should be `string\')');\r
+ if (gettype($footer) != 'string') {\r
+ phpCAS :: error('type mismatched for parameter $footer (should be `string\')');\r
}\r
$PHPCAS_CLIENT->setHTMLFooter($footer);\r
- }\r
- \r
+ }\r
+\r
/** @} */\r
// ########################################################################\r
// PGT STORAGE\r
* @addtogroup publicPGTStorage\r
* @{\r
*/\r
- \r
+\r
/**\r
* This method is used to tell phpCAS to store the response of the\r
* CAS server to PGT requests onto the filesystem. \r
* @param $format the format used to store the PGT's (`plain' and `xml' allowed)\r
* @param $path the path where the PGT's should be stored\r
*/\r
- function setPGTStorageFile($format='',\r
- $path='')\r
- {\r
- global $PHPCAS_CLIENT,$PHPCAS_AUTH_CHECK_CALL;\r
- \r
- phpCAS::traceBegin();\r
- if ( !is_object($PHPCAS_CLIENT) ) {\r
- phpCAS::error('this method should only be called after '.__CLASS__.'::proxy()');\r
- }\r
- if ( !$PHPCAS_CLIENT->isProxy() ) {\r
- phpCAS::error('this method should only be called after '.__CLASS__.'::proxy()');\r
+ function setPGTStorageFile($format = '', $path = '') {\r
+ global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;\r
+\r
+ phpCAS :: traceBegin();\r
+ if (!is_object($PHPCAS_CLIENT)) {\r
+ phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');\r
}\r
- if ( $PHPCAS_AUTH_CHECK_CALL['done'] ) {\r
- phpCAS::error('this method should only be called before '.$PHPCAS_AUTH_CHECK_CALL['method'].'() (called at '.$PHPCAS_AUTH_CHECK_CALL['file'].':'.$PHPCAS_AUTH_CHECK_CALL['line'].')');\r
+ if (!$PHPCAS_CLIENT->isProxy()) {\r
+ phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');\r
}\r
- if ( gettype($format) != 'string' ) {\r
- phpCAS::error('type mismatched for parameter $format (should be `string\')');\r
+ if ($PHPCAS_AUTH_CHECK_CALL['done']) {\r
+ phpCAS :: error('this method should only be called before ' . $PHPCAS_AUTH_CHECK_CALL['method'] . '() (called at ' . $PHPCAS_AUTH_CHECK_CALL['file'] . ':' . $PHPCAS_AUTH_CHECK_CALL['line'] . ')');\r
}\r
- if ( gettype($path) != 'string' ) {\r
- phpCAS::error('type mismatched for parameter $format (should be `string\')');\r
+ if (gettype($format) != 'string') {\r
+ phpCAS :: error('type mismatched for parameter $format (should be `string\')');\r
}\r
- $PHPCAS_CLIENT->setPGTStorageFile($format,$path);\r
- phpCAS::traceEnd();\r
+ if (gettype($path) != 'string') {\r
+ phpCAS :: error('type mismatched for parameter $format (should be `string\')');\r
}\r
- \r
+ $PHPCAS_CLIENT->setPGTStorageFile($format, $path);\r
+ phpCAS :: traceEnd();\r
+ }\r
+\r
/**\r
* This method is used to tell phpCAS to store the response of the\r
* CAS server to PGT requests into a database. \r
* @param $database the name of the database\r
* @param $table the name of the table storing the data\r
*/\r
- function setPGTStorageDB($user,\r
- $password,\r
- $database_type='',\r
- $hostname='',\r
- $port=0,\r
- $database='',\r
- $table='')\r
- {\r
- global $PHPCAS_CLIENT,$PHPCAS_AUTH_CHECK_CALL;\r
- \r
- phpCAS::traceBegin();\r
- if ( !is_object($PHPCAS_CLIENT) ) {\r
- phpCAS::error('this method should only be called after '.__CLASS__.'::proxy()');\r
- }\r
- if ( !$PHPCAS_CLIENT->isProxy() ) {\r
- phpCAS::error('this method should only be called after '.__CLASS__.'::proxy()');\r
+ function setPGTStorageDB($user, $password, $database_type = '', $hostname = '', $port = 0, $database = '', $table = '') {\r
+ global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;\r
+\r
+ phpCAS :: traceBegin();\r
+ if (!is_object($PHPCAS_CLIENT)) {\r
+ phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');\r
}\r
- if ( $PHPCAS_AUTH_CHECK_CALL['done'] ) {\r
- phpCAS::error('this method should only be called before '.$PHPCAS_AUTH_CHECK_CALL['method'].'() (called at '.$PHPCAS_AUTH_CHECK_CALL['file'].':'.$PHPCAS_AUTH_CHECK_CALL['line'].')');\r
+ if (!$PHPCAS_CLIENT->isProxy()) {\r
+ phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');\r
}\r
- if ( gettype($user) != 'string' ) {\r
- phpCAS::error('type mismatched for parameter $user (should be `string\')');\r
+ if ($PHPCAS_AUTH_CHECK_CALL['done']) {\r
+ phpCAS :: error('this method should only be called before ' . $PHPCAS_AUTH_CHECK_CALL['method'] . '() (called at ' . $PHPCAS_AUTH_CHECK_CALL['file'] . ':' . $PHPCAS_AUTH_CHECK_CALL['line'] . ')');\r
}\r
- if ( gettype($password) != 'string' ) {\r
- phpCAS::error('type mismatched for parameter $password (should be `string\')');\r
+ if (gettype($user) != 'string') {\r
+ phpCAS :: error('type mismatched for parameter $user (should be `string\')');\r
}\r
- if ( gettype($database_type) != 'string' ) {\r
- phpCAS::error('type mismatched for parameter $database_type (should be `string\')');\r
+ if (gettype($password) != 'string') {\r
+ phpCAS :: error('type mismatched for parameter $password (should be `string\')');\r
}\r
- if ( gettype($hostname) != 'string' ) {\r
- phpCAS::error('type mismatched for parameter $hostname (should be `string\')');\r
+ if (gettype($database_type) != 'string') {\r
+ phpCAS :: error('type mismatched for parameter $database_type (should be `string\')');\r
}\r
- if ( gettype($port) != 'integer' ) {\r
- phpCAS::error('type mismatched for parameter $port (should be `integer\')');\r
+ if (gettype($hostname) != 'string') {\r
+ phpCAS :: error('type mismatched for parameter $hostname (should be `string\')');\r
}\r
- if ( gettype($database) != 'string' ) {\r
- phpCAS::error('type mismatched for parameter $database (should be `string\')');\r
+ if (gettype($port) != 'integer') {\r
+ phpCAS :: error('type mismatched for parameter $port (should be `integer\')');\r
}\r
- if ( gettype($table) != 'string' ) {\r
- phpCAS::error('type mismatched for parameter $table (should be `string\')');\r
+ if (gettype($database) != 'string') {\r
+ phpCAS :: error('type mismatched for parameter $database (should be `string\')');\r
}\r
- $PHPCAS_CLIENT->setPGTStorageDB($user,$password,$database_type,$hostname,$port,$database,$table);\r
- phpCAS::traceEnd();\r
+ if (gettype($table) != 'string') {\r
+ phpCAS :: error('type mismatched for parameter $table (should be `string\')');\r
}\r
- \r
+ $PHPCAS_CLIENT->setPGTStorageDB($user, $password, $database_type, $hostname, $port, $database, $table);\r
+ phpCAS :: traceEnd();\r
+ }\r
+\r
/** @} */\r
// ########################################################################\r
// ACCESS TO EXTERNAL SERVICES\r
* @addtogroup publicServices\r
* @{\r
*/\r
- \r
+\r
/**\r
* This method is used to access an HTTP[S] service.\r
* \r
* @return TRUE on success, FALSE otherwise (in this later case, $err_code\r
* gives the reason why it failed and $output contains an error message).\r
*/\r
- function serviceWeb($url,&$err_code,&$output)\r
- {\r
+ function serviceWeb($url, & $err_code, & $output) {\r
global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;\r
- \r
- phpCAS::traceBegin();\r
- if ( !is_object($PHPCAS_CLIENT) ) {\r
- phpCAS::error('this method should only be called after '.__CLASS__.'::proxy()');\r
+\r
+ phpCAS :: traceBegin();\r
+ if (!is_object($PHPCAS_CLIENT)) {\r
+ phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');\r
}\r
- if ( !$PHPCAS_CLIENT->isProxy() ) {\r
- phpCAS::error('this method should only be called after '.__CLASS__.'::proxy()');\r
+ if (!$PHPCAS_CLIENT->isProxy()) {\r
+ phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');\r
}\r
- if ( !$PHPCAS_AUTH_CHECK_CALL['done'] ) {\r
- phpCAS::error('this method should only be called after the programmer is sure the user has been authenticated (by calling '.__CLASS__.'::checkAuthentication() or '.__CLASS__.'::forceAuthentication()');\r
+ if (!$PHPCAS_AUTH_CHECK_CALL['done']) {\r
+ phpCAS :: error('this method should only be called after the programmer is sure the user has been authenticated (by calling ' . __CLASS__ . '::checkAuthentication() or ' . __CLASS__ . '::forceAuthentication()');\r
}\r
- if ( !$PHPCAS_AUTH_CHECK_CALL['result'] ) {\r
- phpCAS::error('authentication was checked (by '.$PHPCAS_AUTH_CHECK_CALL['method'].'() at '.$PHPCAS_AUTH_CHECK_CALL['file'].':'.$PHPCAS_AUTH_CHECK_CALL['line'].') but the method returned FALSE');\r
+ if (!$PHPCAS_AUTH_CHECK_CALL['result']) {\r
+ phpCAS :: error('authentication was checked (by ' . $PHPCAS_AUTH_CHECK_CALL['method'] . '() at ' . $PHPCAS_AUTH_CHECK_CALL['file'] . ':' . $PHPCAS_AUTH_CHECK_CALL['line'] . ') but the method returned FALSE');\r
}\r
- if ( gettype($url) != 'string' ) {\r
- phpCAS::error('type mismatched for parameter $url (should be `string\')');\r
+ if (gettype($url) != 'string') {\r
+ phpCAS :: error('type mismatched for parameter $url (should be `string\')');\r
}\r
- \r
- $res = $PHPCAS_CLIENT->serviceWeb($url,$err_code,$output);\r
- \r
- phpCAS::traceEnd($res);\r
+\r
+ $res = $PHPCAS_CLIENT->serviceWeb($url, $err_code, $output);\r
+\r
+ phpCAS :: traceEnd($res);\r
return $res;\r
- }\r
- \r
+ }\r
+\r
/**\r
* This method is used to access an IMAP/POP3/NNTP service.\r
* \r
* @return an IMAP stream on success, FALSE otherwise (in this later case, $err_code\r
* gives the reason why it failed and $err_msg contains an error message).\r
*/\r
- function serviceMail($url,$service,$flags,&$err_code,&$err_msg,&$pt)\r
- {\r
+ function serviceMail($url, $service, $flags, & $err_code, & $err_msg, & $pt) {\r
global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;\r
- \r
- phpCAS::traceBegin();\r
- if ( !is_object($PHPCAS_CLIENT) ) {\r
- phpCAS::error('this method should only be called after '.__CLASS__.'::proxy()');\r
+\r
+ phpCAS :: traceBegin();\r
+ if (!is_object($PHPCAS_CLIENT)) {\r
+ phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');\r
}\r
- if ( !$PHPCAS_CLIENT->isProxy() ) {\r
- phpCAS::error('this method should only be called after '.__CLASS__.'::proxy()');\r
+ if (!$PHPCAS_CLIENT->isProxy()) {\r
+ phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');\r
}\r
- if ( !$PHPCAS_AUTH_CHECK_CALL['done'] ) {\r
- phpCAS::error('this method should only be called after the programmer is sure the user has been authenticated (by calling '.__CLASS__.'::checkAuthentication() or '.__CLASS__.'::forceAuthentication()');\r
+ if (!$PHPCAS_AUTH_CHECK_CALL['done']) {\r
+ phpCAS :: error('this method should only be called after the programmer is sure the user has been authenticated (by calling ' . __CLASS__ . '::checkAuthentication() or ' . __CLASS__ . '::forceAuthentication()');\r
}\r
- if ( !$PHPCAS_AUTH_CHECK_CALL['result'] ) {\r
- phpCAS::error('authentication was checked (by '.$PHPCAS_AUTH_CHECK_CALL['method'].'() at '.$PHPCAS_AUTH_CHECK_CALL['file'].':'.$PHPCAS_AUTH_CHECK_CALL['line'].') but the method returned FALSE');\r
+ if (!$PHPCAS_AUTH_CHECK_CALL['result']) {\r
+ phpCAS :: error('authentication was checked (by ' . $PHPCAS_AUTH_CHECK_CALL['method'] . '() at ' . $PHPCAS_AUTH_CHECK_CALL['file'] . ':' . $PHPCAS_AUTH_CHECK_CALL['line'] . ') but the method returned FALSE');\r
}\r
- if ( gettype($url) != 'string' ) {\r
- phpCAS::error('type mismatched for parameter $url (should be `string\')');\r
+ if (gettype($url) != 'string') {\r
+ phpCAS :: error('type mismatched for parameter $url (should be `string\')');\r
}\r
- \r
- if ( gettype($flags) != 'integer' ) {\r
- phpCAS::error('type mismatched for parameter $flags (should be `integer\')');\r
+\r
+ if (gettype($flags) != 'integer') {\r
+ phpCAS :: error('type mismatched for parameter $flags (should be `integer\')');\r
}\r
- \r
- $res = $PHPCAS_CLIENT->serviceMail($url,$service,$flags,$err_code,$err_msg,$pt);\r
- \r
- phpCAS::traceEnd($res);\r
+\r
+ $res = $PHPCAS_CLIENT->serviceMail($url, $service, $flags, $err_code, $err_msg, $pt);\r
+\r
+ phpCAS :: traceEnd($res);\r
return $res;\r
- }\r
- \r
+ }\r
+\r
/** @} */\r
// ########################################################################\r
// AUTHENTICATION\r
* @addtogroup publicAuth\r
* @{\r
*/\r
- \r
+\r
/**\r
* Set the times authentication will be cached before really accessing the CAS server in gateway mode: \r
* - -1: check only once, and then never again (until you pree login)\r
*\r
* @param $n an integer.\r
*/\r
- function setCacheTimesForAuthRecheck($n)\r
- {\r
+ function setCacheTimesForAuthRecheck($n) {\r
global $PHPCAS_CLIENT;\r
- if ( !is_object($PHPCAS_CLIENT) ) {\r
- phpCAS::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()');\r
+ if (!is_object($PHPCAS_CLIENT)) {\r
+ phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');\r
}\r
- if ( gettype($n) != 'integer' ) {\r
- phpCAS::error('type mismatched for parameter $header (should be `string\')');\r
+ if (gettype($n) != 'integer') {\r
+ phpCAS :: error('type mismatched for parameter $header (should be `string\')');\r
}\r
$PHPCAS_CLIENT->setCacheTimesForAuthRecheck($n);\r
- }\r
- \r
+ }\r
+\r
/**\r
* This method is called to check if the user is authenticated (use the gateway feature).\r
* @return TRUE when the user is authenticated; otherwise FALSE.\r
*/\r
- function checkAuthentication()\r
- {\r
+ function checkAuthentication() {\r
global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;\r
- \r
- phpCAS::traceBegin();\r
- if ( !is_object($PHPCAS_CLIENT) ) {\r
- phpCAS::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()');\r
+\r
+ phpCAS :: traceBegin();\r
+ if (!is_object($PHPCAS_CLIENT)) {\r
+ phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');\r
}\r
- \r
+\r
$auth = $PHPCAS_CLIENT->checkAuthentication();\r
- \r
+\r
// store where the authentication has been checked and the result\r
- $dbg = phpCAS::backtrace();\r
- $PHPCAS_AUTH_CHECK_CALL = array('done' => TRUE,\r
+ $dbg = phpCAS :: backtrace();\r
+ $PHPCAS_AUTH_CHECK_CALL = array (\r
+ 'done' => TRUE,\r
'file' => $dbg[0]['file'],\r
'line' => $dbg[0]['line'],\r
- 'method' => __CLASS__.'::'.__FUNCTION__,\r
- 'result' => $auth );\r
- phpCAS::traceEnd($auth);\r
- return $auth; \r
- }\r
+ 'method' => __CLASS__ . '::' . __FUNCTION__,\r
+ 'result' => $auth\r
+ );\r
+ phpCAS :: traceEnd($auth);\r
+ return $auth;\r
+ }\r
\r
/**\r
* This method is called to force authentication if the user was not already \r
* authenticated. If the user is not authenticated, halt by redirecting to \r
* the CAS server.\r
*/\r
- function forceAuthentication()\r
- {\r
+ function forceAuthentication() {\r
global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;\r
- \r
- phpCAS::traceBegin();\r
- if ( !is_object($PHPCAS_CLIENT) ) {\r
- phpCAS::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()');\r
+\r
+ phpCAS :: traceBegin();\r
+ if (!is_object($PHPCAS_CLIENT)) {\r
+ phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');\r
}\r
- \r
+\r
$auth = $PHPCAS_CLIENT->forceAuthentication();\r
- \r
+\r
// store where the authentication has been checked and the result\r
- $dbg = phpCAS::backtrace();\r
- $PHPCAS_AUTH_CHECK_CALL = array('done' => TRUE,\r
+ $dbg = phpCAS :: backtrace();\r
+ $PHPCAS_AUTH_CHECK_CALL = array (\r
+ 'done' => TRUE,\r
'file' => $dbg[0]['file'],\r
'line' => $dbg[0]['line'],\r
- 'method' => __CLASS__.'::'.__FUNCTION__,\r
- 'result' => $auth );\r
- \r
- if ( !$auth ) {\r
- phpCAS::trace('user is not authenticated, redirecting to the CAS server');\r
+ 'method' => __CLASS__ . '::' . __FUNCTION__,\r
+ 'result' => $auth\r
+ );\r
+\r
+ if (!$auth) {\r
+ phpCAS :: trace('user is not authenticated, redirecting to the CAS server');\r
$PHPCAS_CLIENT->forceAuthentication();\r
} else {\r
- phpCAS::trace('no need to authenticate (user `'.phpCAS::getUser().'\' is already authenticated)');\r
+ phpCAS :: trace('no need to authenticate (user `' . phpCAS :: getUser() . '\' is already authenticated)');\r
}\r
- \r
- phpCAS::traceEnd();\r
- return $auth; \r
- }\r
- \r
+\r
+ phpCAS :: traceEnd();\r
+ return $auth;\r
+ }\r
+\r
/**\r
* This method is called to renew the authentication.\r
**/\r
function renewAuthentication() {\r
global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;\r
- \r
- phpCAS::traceBegin();\r
- if ( !is_object($PHPCAS_CLIENT) ) {\r
- phpCAS::error('this method should not be called before'.__CLASS__.'::client() or '.__CLASS__.'::proxy()');\r
+\r
+ phpCAS :: traceBegin();\r
+ if (!is_object($PHPCAS_CLIENT)) {\r
+ phpCAS :: error('this method should not be called before' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');\r
}\r
- \r
+\r
// store where the authentication has been checked and the result\r
- $dbg = phpCAS::backtrace();\r
- $PHPCAS_AUTH_CHECK_CALL = array('done' => TRUE, 'file' => $dbg[0]['file'], 'line' => $dbg[0]['line'], 'method' => __CLASS__.'::'.__FUNCTION__, 'result' => $auth );\r
- \r
+ $dbg = phpCAS :: backtrace();\r
+ $PHPCAS_AUTH_CHECK_CALL = array (\r
+ 'done' => TRUE,\r
+ 'file' => $dbg[0]['file'],\r
+ 'line' => $dbg[0]['line'],\r
+ 'method' => __CLASS__ . '::' . __FUNCTION__,\r
+ 'result' => $auth\r
+ );\r
+\r
$PHPCAS_CLIENT->renewAuthentication();\r
- phpCAS::traceEnd();\r
+ phpCAS :: traceEnd();\r
}\r
\r
/**\r
* This method has been left from version 0.4.1 for compatibility reasons.\r
*/\r
- function authenticate()\r
- {\r
- phpCAS::error('this method is deprecated. You should use '.__CLASS__.'::forceAuthentication() instead');\r
- }\r
- \r
+ function authenticate() {\r
+ phpCAS :: error('this method is deprecated. You should use ' . __CLASS__ . '::forceAuthentication() instead');\r
+ }\r
+\r
/**\r
* This method is called to check if the user is authenticated (previously or by\r
* tickets given in the URL).\r
*\r
* @return TRUE when the user is authenticated.\r
*/\r
- function isAuthenticated()\r
- {\r
+ function isAuthenticated() {\r
global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;\r
- \r
- phpCAS::traceBegin();\r
- if ( !is_object($PHPCAS_CLIENT) ) {\r
- phpCAS::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()');\r
+\r
+ phpCAS :: traceBegin();\r
+ if (!is_object($PHPCAS_CLIENT)) {\r
+ phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');\r
}\r
- \r
+\r
// call the isAuthenticated method of the global $PHPCAS_CLIENT object\r
$auth = $PHPCAS_CLIENT->isAuthenticated();\r
- \r
+\r
// store where the authentication has been checked and the result\r
- $dbg = phpCAS::backtrace();\r
- $PHPCAS_AUTH_CHECK_CALL = array('done' => TRUE,\r
+ $dbg = phpCAS :: backtrace();\r
+ $PHPCAS_AUTH_CHECK_CALL = array (\r
+ 'done' => TRUE,\r
'file' => $dbg[0]['file'],\r
'line' => $dbg[0]['line'],\r
- 'method' => __CLASS__.'::'.__FUNCTION__,\r
- 'result' => $auth );\r
- phpCAS::traceEnd($auth);\r
+ 'method' => __CLASS__ . '::' . __FUNCTION__,\r
+ 'result' => $auth\r
+ );\r
+ phpCAS :: traceEnd($auth);\r
return $auth;\r
- }\r
- \r
+ }\r
+\r
/**\r
* Checks whether authenticated based on $_SESSION. Useful to avoid\r
* server calls.\r
* @return true if authenticated, false otherwise.\r
* @since 0.4.22 by Brendan Arnold\r
*/\r
- function isSessionAuthenticated ()\r
- {\r
+ function isSessionAuthenticated() {\r
global $PHPCAS_CLIENT;\r
- if ( !is_object($PHPCAS_CLIENT) ) {\r
- phpCAS::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()');\r
- }\r
- return($PHPCAS_CLIENT->isSessionAuthenticated());\r
+ if (!is_object($PHPCAS_CLIENT)) {\r
+ phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');\r
}\r
- \r
+ return ($PHPCAS_CLIENT->isSessionAuthenticated());\r
+ }\r
+\r
/**\r
* This method returns the CAS user's login name.\r
* @warning should not be called only after phpCAS::forceAuthentication()\r
*\r
* @return the login name of the authenticated user\r
*/\r
- function getUser()\r
- {\r
+ function getUser() {\r
global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;\r
- if ( !is_object($PHPCAS_CLIENT) ) {\r
- phpCAS::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()');\r
+ if (!is_object($PHPCAS_CLIENT)) {\r
+ phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');\r
}\r
- if ( !$PHPCAS_AUTH_CHECK_CALL['done'] ) {\r
- phpCAS::error('this method should only be called after '.__CLASS__.'::forceAuthentication() or '.__CLASS__.'::isAuthenticated()');\r
+ if (!$PHPCAS_AUTH_CHECK_CALL['done']) {\r
+ phpCAS :: error('this method should only be called after ' . __CLASS__ . '::forceAuthentication() or ' . __CLASS__ . '::isAuthenticated()');\r
}\r
- if ( !$PHPCAS_AUTH_CHECK_CALL['result'] ) {\r
- phpCAS::error('authentication was checked (by '.$PHPCAS_AUTH_CHECK_CALL['method'].'() at '.$PHPCAS_AUTH_CHECK_CALL['file'].':'.$PHPCAS_AUTH_CHECK_CALL['line'].') but the method returned FALSE');\r
+ if (!$PHPCAS_AUTH_CHECK_CALL['result']) {\r
+ phpCAS :: error('authentication was checked (by ' . $PHPCAS_AUTH_CHECK_CALL['method'] . '() at ' . $PHPCAS_AUTH_CHECK_CALL['file'] . ':' . $PHPCAS_AUTH_CHECK_CALL['line'] . ') but the method returned FALSE');\r
}\r
return $PHPCAS_CLIENT->getUser();\r
- }\r
- \r
+ }\r
+\r
/**\r
* This method returns the CAS user's login name.\r
* @warning should not be called only after phpCAS::forceAuthentication()\r
*\r
* @return the login name of the authenticated user\r
*/\r
- function getAttributes()\r
- {\r
+ function getAttributes() {\r
global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;\r
- if ( !is_object($PHPCAS_CLIENT) ) {\r
- phpCAS::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()');\r
+ if (!is_object($PHPCAS_CLIENT)) {\r
+ phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');\r
}\r
- if ( !$PHPCAS_AUTH_CHECK_CALL['done'] ) {\r
- phpCAS::error('this method should only be called after '.__CLASS__.'::forceAuthentication() or '.__CLASS__.'::isAuthenticated()');\r
+ if (!$PHPCAS_AUTH_CHECK_CALL['done']) {\r
+ phpCAS :: error('this method should only be called after ' . __CLASS__ . '::forceAuthentication() or ' . __CLASS__ . '::isAuthenticated()');\r
}\r
- if ( !$PHPCAS_AUTH_CHECK_CALL['result'] ) {\r
- phpCAS::error('authentication was checked (by '.$PHPCAS_AUTH_CHECK_CALL['method'].'() at '.$PHPCAS_AUTH_CHECK_CALL['file'].':'.$PHPCAS_AUTH_CHECK_CALL['line'].') but the method returned FALSE');\r
+ if (!$PHPCAS_AUTH_CHECK_CALL['result']) {\r
+ phpCAS :: error('authentication was checked (by ' . $PHPCAS_AUTH_CHECK_CALL['method'] . '() at ' . $PHPCAS_AUTH_CHECK_CALL['file'] . ':' . $PHPCAS_AUTH_CHECK_CALL['line'] . ') but the method returned FALSE');\r
}\r
return $PHPCAS_CLIENT->getAttributes();\r
+ }\r
+ /**\r
+ * Handle logout requests.\r
+ */\r
+ function handleLogoutRequests($check_client = true, $allowed_clients = false) {\r
+ global $PHPCAS_CLIENT;\r
+ if (!is_object($PHPCAS_CLIENT)) {\r
+ phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');\r
}\r
- /**\r
- * Handle logout requests.\r
- */\r
- function handleLogoutRequests($check_client=true, $allowed_clients=false)\r
- {\r
- global $PHPCAS_CLIENT;\r
- if ( !is_object($PHPCAS_CLIENT) ) {\r
- phpCAS::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()');\r
- }\r
- return($PHPCAS_CLIENT->handleLogoutRequests($check_client, $allowed_clients));\r
- }\r
- \r
+ return ($PHPCAS_CLIENT->handleLogoutRequests($check_client, $allowed_clients));\r
+ }\r
+\r
/**\r
* This method returns the URL to be used to login.\r
* or phpCAS::isAuthenticated().\r
*\r
* @return the login name of the authenticated user\r
*/\r
- function getServerLoginURL()\r
- {\r
+ function getServerLoginURL() {\r
global $PHPCAS_CLIENT;\r
- if ( !is_object($PHPCAS_CLIENT) ) {\r
- phpCAS::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()');\r
+ if (!is_object($PHPCAS_CLIENT)) {\r
+ phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');\r
}\r
return $PHPCAS_CLIENT->getServerLoginURL();\r
- }\r
- \r
+ }\r
+\r
/**\r
* Set the login URL of the CAS server.\r
* @param $url the login URL\r
* @since 0.4.21 by Wyman Chan\r
*/\r
- function setServerLoginURL($url='')\r
- {\r
+ function setServerLoginURL($url = '') {\r
global $PHPCAS_CLIENT;\r
- phpCAS::traceBegin();\r
- if ( !is_object($PHPCAS_CLIENT) ) {\r
- phpCAS::error('this method should only be called after\r
- '.__CLASS__.'::client()');\r
+ phpCAS :: traceBegin();\r
+ if (!is_object($PHPCAS_CLIENT)) {\r
+ phpCAS :: error('this method should only be called after\r
+ ' . __CLASS__ . '::client()');\r
}\r
- if ( gettype($url) != 'string' ) {\r
- phpCAS::error('type mismatched for parameter $url (should be\r
- `string\')');\r
+ if (gettype($url) != 'string') {\r
+ phpCAS :: error('type mismatched for parameter $url (should be\r
+ `string\')');\r
}\r
$PHPCAS_CLIENT->setServerLoginURL($url);\r
- phpCAS::traceEnd();\r
- }\r
- \r
- \r
+ phpCAS :: traceEnd();\r
+ }\r
+\r
/**\r
* Set the serviceValidate URL of the CAS server.\r
+ * Used only in CAS 1.0 validations\r
* @param $url the serviceValidate URL\r
* @since 1.1.0 by Joachim Fritschi\r
*/\r
- function setServerServiceValidateURL($url='')\r
- {\r
+ function setServerServiceValidateURL($url = '') {\r
global $PHPCAS_CLIENT;\r
- phpCAS::traceBegin();\r
- if ( !is_object($PHPCAS_CLIENT) ) {\r
- phpCAS::error('this method should only be called after\r
- '.__CLASS__.'::client()');\r
+ phpCAS :: traceBegin();\r
+ if (!is_object($PHPCAS_CLIENT)) {\r
+ phpCAS :: error('this method should only be called after\r
+ ' . __CLASS__ . '::client()');\r
}\r
- if ( gettype($url) != 'string' ) {\r
- phpCAS::error('type mismatched for parameter $url (should be\r
- `string\')');\r
+ if (gettype($url) != 'string') {\r
+ phpCAS :: error('type mismatched for parameter $url (should be\r
+ `string\')');\r
}\r
$PHPCAS_CLIENT->setServerServiceValidateURL($url);\r
- phpCAS::traceEnd();\r
- }\r
- \r
- \r
- /**\r
+ phpCAS :: traceEnd();\r
+ }\r
+\r
+ /**\r
* Set the proxyValidate URL of the CAS server.\r
+ * Used for all CAS 2.0 validations\r
* @param $url the proxyValidate URL\r
* @since 1.1.0 by Joachim Fritschi\r
*/\r
- function setServerProxyValidateURL($url='')\r
- {\r
+ function setServerProxyValidateURL($url = '') {\r
global $PHPCAS_CLIENT;\r
- phpCAS::traceBegin();\r
- if ( !is_object($PHPCAS_CLIENT) ) {\r
- phpCAS::error('this method should only be called after\r
- '.__CLASS__.'::client()');\r
+ phpCAS :: traceBegin();\r
+ if (!is_object($PHPCAS_CLIENT)) {\r
+ phpCAS :: error('this method should only be called after\r
+ ' . __CLASS__ . '::client()');\r
}\r
- if ( gettype($url) != 'string' ) {\r
- phpCAS::error('type mismatched for parameter $url (should be\r
- `string\')');\r
+ if (gettype($url) != 'string') {\r
+ phpCAS :: error('type mismatched for parameter $url (should be\r
+ `string\')');\r
}\r
$PHPCAS_CLIENT->setServerProxyValidateURL($url);\r
- phpCAS::traceEnd();\r
- }\r
- \r
- /**\r
+ phpCAS :: traceEnd();\r
+ }\r
+\r
+ /**\r
* Set the samlValidate URL of the CAS server.\r
* @param $url the samlValidate URL\r
* @since 1.1.0 by Joachim Fritschi\r
*/\r
- function setServerSamlValidateURL($url='')\r
- {\r
+ function setServerSamlValidateURL($url = '') {\r
global $PHPCAS_CLIENT;\r
- phpCAS::traceBegin();\r
- if ( !is_object($PHPCAS_CLIENT) ) {\r
- phpCAS::error('this method should only be called after\r
- '.__CLASS__.'::client()');\r
+ phpCAS :: traceBegin();\r
+ if (!is_object($PHPCAS_CLIENT)) {\r
+ phpCAS :: error('this method should only be called after\r
+ ' . __CLASS__ . '::client()');\r
}\r
- if ( gettype($url) != 'string' ) {\r
- phpCAS::error('type mismatched for parameter $url (should be\r
- `string\')');\r
+ if (gettype($url) != 'string') {\r
+ phpCAS :: error('type mismatched for parameter $url (should be\r
+ `string\')');\r
}\r
$PHPCAS_CLIENT->setServerSamlValidateURL($url);\r
- phpCAS::traceEnd();\r
- } \r
- \r
+ phpCAS :: traceEnd();\r
+ }\r
+\r
/**\r
* This method returns the URL to be used to login.\r
* or phpCAS::isAuthenticated().\r
*\r
* @return the login name of the authenticated user\r
*/\r
- function getServerLogoutURL()\r
- {\r
+ function getServerLogoutURL() {\r
global $PHPCAS_CLIENT;\r
- if ( !is_object($PHPCAS_CLIENT) ) {\r
- phpCAS::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()');\r
+ if (!is_object($PHPCAS_CLIENT)) {\r
+ phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');\r
}\r
return $PHPCAS_CLIENT->getServerLogoutURL();\r
- }\r
- \r
+ }\r
+\r
/**\r
* Set the logout URL of the CAS server.\r
* @param $url the logout URL\r
* @since 0.4.21 by Wyman Chan\r
*/\r
- function setServerLogoutURL($url='')\r
- {\r
+ function setServerLogoutURL($url = '') {\r
global $PHPCAS_CLIENT;\r
- phpCAS::traceBegin();\r
- if ( !is_object($PHPCAS_CLIENT) ) {\r
- phpCAS::error('this method should only be called after\r
- '.__CLASS__.'::client()');\r
+ phpCAS :: traceBegin();\r
+ if (!is_object($PHPCAS_CLIENT)) {\r
+ phpCAS :: error('this method should only be called after\r
+ ' . __CLASS__ . '::client()');\r
}\r
- if ( gettype($url) != 'string' ) {\r
- phpCAS::error('type mismatched for parameter $url (should be\r
- `string\')');\r
+ if (gettype($url) != 'string') {\r
+ phpCAS :: error('type mismatched for parameter $url (should be\r
+ `string\')');\r
}\r
$PHPCAS_CLIENT->setServerLogoutURL($url);\r
- phpCAS::traceEnd();\r
- }\r
- \r
+ phpCAS :: traceEnd();\r
+ }\r
+\r
/**\r
* This method is used to logout from CAS.\r
* @params $params an array that contains the optional url and service parameters that will be passed to the CAS server\r
*/\r
function logout($params = "") {\r
global $PHPCAS_CLIENT;\r
- phpCAS::traceBegin();\r
+ phpCAS :: traceBegin();\r
if (!is_object($PHPCAS_CLIENT)) {\r
- phpCAS::error('this method should only be called after '.__CLASS__.'::client() or'.__CLASS__.'::proxy()');\r
+ phpCAS :: error('this method should only be called after ' . __CLASS__ . '::client() or' . __CLASS__ . '::proxy()');\r
}\r
- $parsedParams = array();\r
+ $parsedParams = array ();\r
if ($params != "") {\r
if (is_string($params)) {\r
- phpCAS::error('method `phpCAS::logout($url)\' is now deprecated, use `phpCAS::logoutWithUrl($url)\' instead');\r
+ phpCAS :: error('method `phpCAS::logout($url)\' is now deprecated, use `phpCAS::logoutWithUrl($url)\' instead');\r
}\r
if (!is_array($params)) {\r
- phpCAS::error('type mismatched for parameter $params (should be `array\')');\r
+ phpCAS :: error('type mismatched for parameter $params (should be `array\')');\r
}\r
foreach ($params as $key => $value) {\r
if ($key != "service" && $key != "url") {\r
- phpCAS::error('only `url\' and `service\' parameters are allowed for method `phpCAS::logout($params)\'');\r
+ phpCAS :: error('only `url\' and `service\' parameters are allowed for method `phpCAS::logout($params)\'');\r
}\r
$parsedParams[$key] = $value;\r
}\r
}\r
$PHPCAS_CLIENT->logout($parsedParams);\r
// never reached\r
- phpCAS::traceEnd();\r
+ phpCAS :: traceEnd();\r
}\r
- \r
+\r
/**\r
* This method is used to logout from CAS. Halts by redirecting to the CAS server.\r
* @param $service a URL that will be transmitted to the CAS server\r
*/\r
function logoutWithRedirectService($service) {\r
global $PHPCAS_CLIENT;\r
- phpCAS::traceBegin();\r
- if ( !is_object($PHPCAS_CLIENT) ) {\r
- phpCAS::error('this method should only be called after '.__CLASS__.'::client() or'.__CLASS__.'::proxy()');\r
+ phpCAS :: traceBegin();\r
+ if (!is_object($PHPCAS_CLIENT)) {\r
+ phpCAS :: error('this method should only be called after ' . __CLASS__ . '::client() or' . __CLASS__ . '::proxy()');\r
}\r
if (!is_string($service)) {\r
- phpCAS::error('type mismatched for parameter $service (should be `string\')');\r
+ phpCAS :: error('type mismatched for parameter $service (should be `string\')');\r
}\r
- $PHPCAS_CLIENT->logout(array("service" => $service));\r
+ $PHPCAS_CLIENT->logout(array (\r
+ "service" => $service\r
+ ));\r
// never reached\r
- phpCAS::traceEnd();\r
+ phpCAS :: traceEnd();\r
}\r
- \r
+\r
/**\r
* This method is used to logout from CAS. Halts by redirecting to the CAS server.\r
* @param $url a URL that will be transmitted to the CAS server\r
*/\r
function logoutWithUrl($url) {\r
global $PHPCAS_CLIENT;\r
- phpCAS::traceBegin();\r
- if ( !is_object($PHPCAS_CLIENT) ) {\r
- phpCAS::error('this method should only be called after '.__CLASS__.'::client() or'.__CLASS__.'::proxy()');\r
+ phpCAS :: traceBegin();\r
+ if (!is_object($PHPCAS_CLIENT)) {\r
+ phpCAS :: error('this method should only be called after ' . __CLASS__ . '::client() or' . __CLASS__ . '::proxy()');\r
}\r
if (!is_string($url)) {\r
- phpCAS::error('type mismatched for parameter $url (should be `string\')');\r
+ phpCAS :: error('type mismatched for parameter $url (should be `string\')');\r
}\r
- $PHPCAS_CLIENT->logout(array("url" => $url));\r
+ $PHPCAS_CLIENT->logout(array (\r
+ "url" => $url\r
+ ));\r
// never reached\r
- phpCAS::traceEnd();\r
+ phpCAS :: traceEnd();\r
}\r
- \r
+\r
/**\r
* This method is used to logout from CAS. Halts by redirecting to the CAS server.\r
* @param $service a URL that will be transmitted to the CAS server\r
*/\r
function logoutWithRedirectServiceAndUrl($service, $url) {\r
global $PHPCAS_CLIENT;\r
- phpCAS::traceBegin();\r
- if ( !is_object($PHPCAS_CLIENT) ) {\r
- phpCAS::error('this method should only be called after '.__CLASS__.'::client() or'.__CLASS__.'::proxy()');\r
+ phpCAS :: traceBegin();\r
+ if (!is_object($PHPCAS_CLIENT)) {\r
+ phpCAS :: error('this method should only be called after ' . __CLASS__ . '::client() or' . __CLASS__ . '::proxy()');\r
}\r
if (!is_string($service)) {\r
- phpCAS::error('type mismatched for parameter $service (should be `string\')');\r
+ phpCAS :: error('type mismatched for parameter $service (should be `string\')');\r
}\r
if (!is_string($url)) {\r
- phpCAS::error('type mismatched for parameter $url (should be `string\')');\r
+ phpCAS :: error('type mismatched for parameter $url (should be `string\')');\r
}\r
- $PHPCAS_CLIENT->logout(array("service" => $service, "url" => $url));\r
+ $PHPCAS_CLIENT->logout(array (\r
+ "service" => $service,\r
+ "url" => $url\r
+ ));\r
// never reached\r
- phpCAS::traceEnd();\r
+ phpCAS :: traceEnd();\r
}\r
- \r
+\r
/**\r
* Set the fixed URL that will be used by the CAS server to transmit the PGT.\r
* When this method is not called, a phpCAS script uses its own URL for the callback.\r
*\r
* @param $url the URL\r
*/\r
- function setFixedCallbackURL($url='')\r
- {\r
+ function setFixedCallbackURL($url = '') {\r
global $PHPCAS_CLIENT;\r
- phpCAS::traceBegin();\r
- if ( !is_object($PHPCAS_CLIENT) ) {\r
- phpCAS::error('this method should only be called after '.__CLASS__.'::proxy()');\r
+ phpCAS :: traceBegin();\r
+ if (!is_object($PHPCAS_CLIENT)) {\r
+ phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');\r
}\r
- if ( !$PHPCAS_CLIENT->isProxy() ) {\r
- phpCAS::error('this method should only be called after '.__CLASS__.'::proxy()');\r
+ if (!$PHPCAS_CLIENT->isProxy()) {\r
+ phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');\r
}\r
- if ( gettype($url) != 'string' ) {\r
- phpCAS::error('type mismatched for parameter $url (should be `string\')');\r
+ if (gettype($url) != 'string') {\r
+ phpCAS :: error('type mismatched for parameter $url (should be `string\')');\r
}\r
$PHPCAS_CLIENT->setCallbackURL($url);\r
- phpCAS::traceEnd();\r
- }\r
- \r
+ phpCAS :: traceEnd();\r
+ }\r
+\r
/**\r
* Set the fixed URL that will be set as the CAS service parameter. When this\r
* method is not called, a phpCAS script uses its own URL.\r
*\r
* @param $url the URL\r
*/\r
- function setFixedServiceURL($url)\r
- {\r
+ function setFixedServiceURL($url) {\r
global $PHPCAS_CLIENT;\r
- phpCAS::traceBegin();\r
- if ( !is_object($PHPCAS_CLIENT) ) {\r
- phpCAS::error('this method should only be called after '.__CLASS__.'::proxy()');\r
- } \r
- if ( gettype($url) != 'string' ) {\r
- phpCAS::error('type mismatched for parameter $url (should be `string\')');\r
+ phpCAS :: traceBegin();\r
+ if (!is_object($PHPCAS_CLIENT)) {\r
+ phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');\r
}\r
- $PHPCAS_CLIENT->setURL($url);\r
- phpCAS::traceEnd();\r
+ if (gettype($url) != 'string') {\r
+ phpCAS :: error('type mismatched for parameter $url (should be `string\')');\r
}\r
- \r
+ $PHPCAS_CLIENT->setURL($url);\r
+ phpCAS :: traceEnd();\r
+ }\r
+\r
/**\r
* Get the URL that is set as the CAS service parameter.\r
*/\r
- function getServiceURL()\r
- {\r
+ function getServiceURL() {\r
global $PHPCAS_CLIENT;\r
- if ( !is_object($PHPCAS_CLIENT) ) {\r
- phpCAS::error('this method should only be called after '.__CLASS__.'::proxy()');\r
- } \r
- return($PHPCAS_CLIENT->getURL());\r
+ if (!is_object($PHPCAS_CLIENT)) {\r
+ phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');\r
}\r
- \r
+ return ($PHPCAS_CLIENT->getURL());\r
+ }\r
+\r
/**\r
* Retrieve a Proxy Ticket from the CAS server.\r
*/\r
- function retrievePT($target_service,&$err_code,&$err_msg)\r
- {\r
+ function retrievePT($target_service, & $err_code, & $err_msg) {\r
global $PHPCAS_CLIENT;\r
- if ( !is_object($PHPCAS_CLIENT) ) {\r
- phpCAS::error('this method should only be called after '.__CLASS__.'::proxy()');\r
- } \r
- if ( gettype($target_service) != 'string' ) {\r
- phpCAS::error('type mismatched for parameter $target_service(should be `string\')');\r
+ if (!is_object($PHPCAS_CLIENT)) {\r
+ phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');\r
}\r
- return($PHPCAS_CLIENT->retrievePT($target_service,$err_code,$err_msg));\r
+ if (gettype($target_service) != 'string') {\r
+ phpCAS :: error('type mismatched for parameter $target_service(should be `string\')');\r
}\r
- \r
+ return ($PHPCAS_CLIENT->retrievePT($target_service, $err_code, $err_msg));\r
+ }\r
+\r
/**\r
* Set the certificate of the CAS server.\r
*\r
* @param $cert the PEM certificate\r
*/\r
- function setCasServerCert($cert)\r
- {\r
+ function setCasServerCert($cert) {\r
global $PHPCAS_CLIENT;\r
- phpCAS::traceBegin();\r
- if ( !is_object($PHPCAS_CLIENT) ) {\r
- phpCAS::error('this method should only be called after '.__CLASS__.'::client() or'.__CLASS__.'::proxy()');\r
- } \r
- if ( gettype($cert) != 'string' ) {\r
- phpCAS::error('type mismatched for parameter $cert (should be `string\')');\r
+ phpCAS :: traceBegin();\r
+ if (!is_object($PHPCAS_CLIENT)) {\r
+ phpCAS :: error('this method should only be called after ' . __CLASS__ . '::client() or' . __CLASS__ . '::proxy()');\r
}\r
- $PHPCAS_CLIENT->setCasServerCert($cert);\r
- phpCAS::traceEnd();\r
+ if (gettype($cert) != 'string') {\r
+ phpCAS :: error('type mismatched for parameter $cert (should be `string\')');\r
}\r
- \r
+ $PHPCAS_CLIENT->setCasServerCert($cert);\r
+ phpCAS :: traceEnd();\r
+ }\r
+\r
/**\r
* Set the certificate of the CAS server CA.\r
*\r
* @param $cert the CA certificate\r
*/\r
- function setCasServerCACert($cert)\r
- {\r
+ function setCasServerCACert($cert) {\r
global $PHPCAS_CLIENT;\r
- phpCAS::traceBegin();\r
- if ( !is_object($PHPCAS_CLIENT) ) {\r
- phpCAS::error('this method should only be called after '.__CLASS__.'::client() or'.__CLASS__.'::proxy()');\r
- } \r
- if ( gettype($cert) != 'string' ) {\r
- phpCAS::error('type mismatched for parameter $cert (should be `string\')');\r
+ phpCAS :: traceBegin();\r
+ if (!is_object($PHPCAS_CLIENT)) {\r
+ phpCAS :: error('this method should only be called after ' . __CLASS__ . '::client() or' . __CLASS__ . '::proxy()');\r
}\r
- $PHPCAS_CLIENT->setCasServerCACert($cert);\r
- phpCAS::traceEnd();\r
+ if (gettype($cert) != 'string') {\r
+ phpCAS :: error('type mismatched for parameter $cert (should be `string\')');\r
}\r
- \r
+ $PHPCAS_CLIENT->setCasServerCACert($cert);\r
+ phpCAS :: traceEnd();\r
+ }\r
+\r
/**\r
* Set no SSL validation for the CAS server.\r
*/\r
- function setNoCasServerValidation()\r
- {\r
+ function setNoCasServerValidation() {\r
global $PHPCAS_CLIENT;\r
- phpCAS::traceBegin();\r
- if ( !is_object($PHPCAS_CLIENT) ) {\r
- phpCAS::error('this method should only be called after '.__CLASS__.'::client() or'.__CLASS__.'::proxy()');\r
- } \r
- $PHPCAS_CLIENT->setNoCasServerValidation();\r
- phpCAS::traceEnd();\r
+ phpCAS :: traceBegin();\r
+ if (!is_object($PHPCAS_CLIENT)) {\r
+ phpCAS :: error('this method should only be called after ' . __CLASS__ . '::client() or' . __CLASS__ . '::proxy()');\r
}\r
- \r
+ $PHPCAS_CLIENT->setNoCasServerValidation();\r
+ phpCAS :: traceEnd();\r
+ }\r
+\r
/** @} */\r
- \r
- /**\r
- * Change CURL options.\r
- * CURL is used to connect through HTTPS to CAS server\r
- * @param $key the option key\r
- * @param $value the value to set\r
- */\r
- function setExtraCurlOption($key, $value)\r
- {\r
- global $PHPCAS_CLIENT;\r
- phpCAS::traceBegin();\r
- if ( !is_object($PHPCAS_CLIENT) ) {\r
- phpCAS::error('this method should only be called after '.__CLASS__.'::client() or'.__CLASS__.'::proxy()');\r
- } \r
- $PHPCAS_CLIENT->setExtraCurlOption($key, $value);\r
- phpCAS::traceEnd();\r
+\r
+ /**\r
+ * Change CURL options.\r
+ * CURL is used to connect through HTTPS to CAS server\r
+ * @param $key the option key\r
+ * @param $value the value to set\r
+ */\r
+ function setExtraCurlOption($key, $value) {\r
+ global $PHPCAS_CLIENT;\r
+ phpCAS :: traceBegin();\r
+ if (!is_object($PHPCAS_CLIENT)) {\r
+ phpCAS :: error('this method should only be called after ' . __CLASS__ . '::client() or' . __CLASS__ . '::proxy()');\r
}\r
+ $PHPCAS_CLIENT->setExtraCurlOption($key, $value);\r
+ phpCAS :: traceEnd();\r
+ }\r
\r
}\r
\r
/** @defgroup publicDebug Debugging\r
* @ingroup public */\r
\r
-\r
/** @defgroup internal Implementation */\r
\r
/** @defgroup internalAuthentication Authentication\r
/**\r
* @example example_simple.php\r
*/\r
- /**\r
- * @example example_proxy.php\r
- */\r
- /**\r
- * @example example_proxy2.php\r
- */\r
- /**\r
- * @example example_lang.php\r
- */\r
- /**\r
- * @example example_html.php\r
- */\r
- /**\r
- * @example example_file.php\r
- */\r
- /**\r
- * @example example_db.php\r
- */\r
- /**\r
- * @example example_service.php\r
- */\r
- /**\r
- * @example example_session_proxy.php\r
- */\r
- /**\r
- * @example example_session_service.php\r
- */\r
- /**\r
- * @example example_gateway.php\r
- */\r
-\r
-\r
-\r
+/**\r
+ * @example example_proxy.php\r
+ */\r
+/**\r
+ * @example example_proxy2.php\r
+ */\r
+/**\r
+ * @example example_lang.php\r
+ */\r
+/**\r
+ * @example example_html.php\r
+ */\r
+/**\r
+ * @example example_file.php\r
+ */\r
+/**\r
+ * @example example_db.php\r
+ */\r
+/**\r
+ * @example example_service.php\r
+ */\r
+/**\r
+ * @example example_session_proxy.php\r
+ */\r
+/**\r
+ * @example example_session_service.php\r
+ */\r
+/**\r
+ * @example example_gateway.php\r
+ */\r
+/**\r
+ * @example example_custom_urls.php\r
+ */\r
?>\r
<?php
+/*
+ * Copyright © 2003-2010, The ESUP-Portail consortium & the JA-SIG Collaborative.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * * Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ * * Neither the name of the ESUP-Portail consortium & the JA-SIG
+ * Collaborative nor the names of its contributors may be used to endorse or
+ * promote products derived from this software without specific prior
+ * written permission.
+
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
+ * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
/**
* @file CAS/client.php
* Main class of the phpCAS library
{
return $this->_server['login_url'] = $url;
}
-
-
+
+
/**
* This method sets the serviceValidate URL of the CAS server.
* @param $url the serviceValidate URL
{
return $this->_server['service_validate_url'] = $url;
}
-
-
+
+
/**
* This method sets the proxyValidate URL of the CAS server.
* @param $url the proxyValidate URL
{
return $this->_server['proxy_validate_url'] = $url;
}
-
-
+
+
/**
* This method sets the samlValidate URL of the CAS server.
* @param $url the samlValidate URL
{
return $this->_server['saml_validate_url'] = $url;
}
-
+
/**
* This method is used to retrieve the service validating URL of the CAS server.
return $this->_server['service_validate_url'].'?service='.urlencode($this->getURL());
}
/**
- * This method is used to retrieve the SAML validating URL of the CAS server.
- * @return a URL.
- * @private
- */
+ * This method is used to retrieve the SAML validating URL of the CAS server.
+ * @return a URL.
+ * @private
+ */
function getServerSamlValidateURL()
- {
- phpCAS::traceBegin();
- // the URL is build only when needed
- if ( empty($this->_server['saml_validate_url']) ) {
- switch ($this->getServerVersion()) {
- case SAML_VERSION_1_1:
- $this->_server['saml_validate_url'] = $this->getServerBaseURL().'samlValidate';
- break;
+ {
+ phpCAS::traceBegin();
+ // the URL is build only when needed
+ if ( empty($this->_server['saml_validate_url']) ) {
+ switch ($this->getServerVersion()) {
+ case SAML_VERSION_1_1:
+ $this->_server['saml_validate_url'] = $this->getServerBaseURL().'samlValidate';
+ break;
}
- }
- phpCAS::traceEnd($this->_server['saml_validate_url'].'?TARGET='.urlencode($this->getURL()));
- return $this->_server['saml_validate_url'].'?TARGET='.urlencode($this->getURL());
- }
+ }
+ phpCAS::traceEnd($this->_server['saml_validate_url'].'?TARGET='.urlencode($this->getURL()));
+ return $this->_server['saml_validate_url'].'?TARGET='.urlencode($this->getURL());
+ }
/**
* This method is used to retrieve the proxy validating URL of the CAS server.
* @return a URL.
{
return $this->_server['logout_url'] = $url;
}
-
+
/**
* An array to store extra curl options.
*/
var $_curl_options = array();
-
+
/**
* This method is used to set additional user curl options.
*/
function setExtraCurlOption($key, $value)
- {
+ {
$this->_curl_options[$key] = $value;
- }
-
+ }
+
/**
* This method checks to see if the request is secured via HTTPS
* @return true if https, false otherwise
if (version_compare(PHP_VERSION,'5','>=') && ini_get('zend.ze1_compatibility_mode')) {
phpCAS::error('phpCAS cannot support zend.ze1_compatibility_mode. Sorry.');
}
+ $this->_start_session = $start_session;
+
+ if ($this->_start_session && session_id())
+ {
+ phpCAS :: error("Another session was started before phpcas. Either disable the session" .
+ " handling for phpcas in the client() call or modify your application to leave" .
+ " session handling to phpcas");
+ }
// skip Session Handling for logout requests and if don't want it'
- if ($start_session && !$this->isLogoutRequest()) {
- phpCAS::trace("Starting session handling");
- // Check for Tickets from the CAS server
- if (empty($_GET['ticket'])){
- phpCAS::trace("No ticket found");
- // only create a session if necessary
- if (!isset($_SESSION)) {
- phpCAS::trace("No session found, creating new session");
- session_start();
- }
- }else{
- phpCAS::trace("Ticket found");
- // We have to copy any old data before renaming the session
- if (isset($_SESSION)) {
- phpCAS::trace("Old active session found, saving old data and destroying session");
- $old_session = $_SESSION;
- session_destroy();
- }else{
- session_start();
- phpCAS::trace("Starting possible old session to copy variables");
- $old_session = $_SESSION;
- session_destroy();
- }
- // set up a new session, of name based on the ticket
- $session_id = preg_replace('/[^\w]/','',$_GET['ticket']);
- phpCAS::LOG("Session ID: " . $session_id);
- session_id($session_id);
- session_start();
- // restore old session vars
- if(isset($old_session)){
- phpCAS::trace("Restoring old session vars");
- $_SESSION = $old_session;
- }
- }
- }else{
- phpCAS::trace("Skipping session creation");
+ if ($start_session && !$this->isLogoutRequest())
+ {
+ phpCAS :: trace("Starting a new session");
+ session_start();
}
-
+
// are we in proxy mode ?
$this->_proxy = $proxy;
}
break;
case CAS_VERSION_2_0: // check for a Service or Proxy Ticket
- if (preg_match('/^ST-/', $ticket)) {
- phpCAS::trace('ST \'' . $ticket . '\' found');
- $this->setST($ticket);
- unset ($_GET['ticket']);
- } else if (preg_match('/^PT-/', $ticket)) {
- phpCAS::trace('PT \'' . $ticket . '\' found');
+ if( preg_match('/^[SP]T-/',$ticket) ) {
+ phpCAS::trace('ST or PT \''.$ticket.'\' found');
$this->setPT($ticket);
unset($_GET['ticket']);
} else if ( !empty($ticket) ) {
break;
case SAML_VERSION_1_1: // SAML just does Service Tickets
if( preg_match('/^[SP]T-/',$ticket) ) {
- phpCAS::trace('SA \''.$ticket.'\' found');
- $this->setSA($ticket);
- unset($_GET['ticket']);
+ phpCAS::trace('SA \''.$ticket.'\' found');
+ $this->setSA($ticket);
+ unset($_GET['ticket']);
} else if ( !empty($ticket) ) {
//ill-formed ticket, halt
phpCAS::error('ill-formed ticket found in the URL (ticket=`'.htmlentities($ticket).'\')');
/** @} */
+ // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
+ // XX XX
+ // XX Session Handling XX
+ // XX XX
+ // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
+
+ /**
+ * A variable to whether phpcas will use its own session handling. Default = true
+ * @hideinitializer
+ * @private
+ */
+ var $_start_session = true;
+
+ function setStartSession($session)
+ {
+ $this->_start_session = session;
+ }
+
+ function getStartSession($session)
+ {
+ $this->_start_session = session;
+ }
+
+ /**
+ * Renaming the session
+ */
+ function renameSession($ticket)
+ {
+ phpCAS::traceBegin();
+ if($this->_start_session){
+ if (!empty ($this->_user))
+ {
+ $old_session = $_SESSION;
+ session_destroy();
+ // set up a new session, of name based on the ticket
+ $session_id = preg_replace('/[^\w]/', '', $ticket);
+ phpCAS :: trace("Session ID: ".$session_id);
+ session_id($session_id);
+ session_start();
+ phpCAS :: trace("Restoring old session vars");
+ $_SESSION = $old_session;
+ } else
+ {
+ phpCAS :: error('Session should only be renamed after successfull authentication');
+ }
+ }else{
+ phpCAS :: trace("Skipping session rename since phpCAS is not handling the session.");
+ }
+ phpCAS::traceEnd();
+ }
+
// XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
// XX XX
// XX AUTHENTICATION XX
}
return $this->_user;
}
-
-
+
+
/***********************************************************************************************************************
* Atrributes section
* @private
*/
var $_attributes = array();
-
+
function setAttributes($attributes)
{ $this->_attributes = $attributes; }
-
+
function getAttributes() {
if ( empty($this->_user) ) { // if no user is set, there shouldn't be any attributes also...
phpCAS::error('this method should be used only after '.__CLASS__.'::forceAuthentication() or '.__CLASS__.'::isAuthenticated()');
}
return $this->_attributes;
}
-
+
function hasAttributes()
{ return !empty($this->_attributes); }
-
+
function hasAttribute($key)
{ return (is_array($this->_attributes) && array_key_exists($key, $this->_attributes)); }
-
+
function getAttribute($key) {
if($this->hasAttribute($key)) {
return $this->_attributes[$key];
}
phpCAS::traceEnd();
}
-
+
/**
* This method is called to be sure that the user is authenticated. When not
* authenticated, halt by redirecting to the CAS server; otherwise return TRUE.
*/
function isAuthenticated()
{
- phpCAS::traceBegin();
- $res = FALSE;
- $validate_url = '';
-
- if ( $this->wasPreviouslyAuthenticated() ) {
+ phpCAS::traceBegin();
+ $res = FALSE;
+ $validate_url = '';
+
+ if ( $this->wasPreviouslyAuthenticated() ) {
+ if($this->hasST() || $this->hasPT() || $this->hasSA()){
+ // User has a additional ticket but was already authenticated
+ phpCAS::trace('ticket was present and will be discarded, use renewAuthenticate()');
+ header('Location: '.$this->getURL());
+ phpCAS::log( "Prepare redirect to remove ticket: ".$this->getURL() );
+ }else{
// the user has already (previously during the session) been
// authenticated, nothing to be done.
phpCAS::trace('user was already authenticated, no need to look for tickets');
- $res = TRUE;
}
- else {
- if ( $this->hasST() ) {
- // if a Service Ticket was given, validate it
- phpCAS::trace('ST `'.$this->getST().'\' is present');
- $this->validateST($validate_url,$text_response,$tree_response); // if it fails, it halts
- phpCAS::trace('ST `'.$this->getST().'\' was validated');
- if ( $this->isProxy() ) {
- $this->validatePGT($validate_url,$text_response,$tree_response); // idem
- phpCAS::trace('PGT `'.$this->getPGT().'\' was validated');
- $_SESSION['phpCAS']['pgt'] = $this->getPGT();
- }
- $_SESSION['phpCAS']['user'] = $this->getUser();
- $res = TRUE;
- }
- elseif ( $this->hasPT() ) {
- // if a Proxy Ticket was given, validate it
- phpCAS::trace('PT `'.$this->getPT().'\' is present');
- $this->validatePT($validate_url,$text_response,$tree_response); // note: if it fails, it halts
- phpCAS::trace('PT `'.$this->getPT().'\' was validated');
- if ( $this->isProxy() ) {
- $this->validatePGT($validate_url,$text_response,$tree_response); // idem
- phpCAS::trace('PGT `'.$this->getPGT().'\' was validated');
- $_SESSION['phpCAS']['pgt'] = $this->getPGT();
- }
- $_SESSION['phpCAS']['user'] = $this->getUser();
- $res = TRUE;
- }
- elseif ( $this->hasSA() ) {
- // if we have a SAML ticket, validate it.
- phpCAS::trace('SA `'.$this->getSA().'\' is present');
- $this->validateSA($validate_url,$text_response,$tree_response); // if it fails, it halts
- phpCAS::trace('SA `'.$this->getSA().'\' was validated');
- $_SESSION['phpCAS']['user'] = $this->getUser();
- $_SESSION['phpCAS']['attributes'] = $this->getAttributes();
- $res = TRUE;
- }
- else {
- // no ticket given, not authenticated
- phpCAS::trace('no ticket found');
+ $res = TRUE;
+ }
+ else {
+ if ( $this->hasST() ) {
+ // if a Service Ticket was given, validate it
+ phpCAS::trace('ST `'.$this->getST().'\' is present');
+ $this->validateST($validate_url,$text_response,$tree_response); // if it fails, it halts
+ phpCAS::trace('ST `'.$this->getST().'\' was validated');
+ if ( $this->isProxy() ) {
+ $this->validatePGT($validate_url,$text_response,$tree_response); // idem
+ phpCAS::trace('PGT `'.$this->getPGT().'\' was validated');
+ $_SESSION['phpCAS']['pgt'] = $this->getPGT();
}
- if ($res) {
- // if called with a ticket parameter, we need to redirect to the app without the ticket so that CAS-ification is transparent to the browser (for later POSTS)
- // most of the checks and errors should have been made now, so we're safe for redirect without masking error messages.
- header('Location: '.$this->getURL());
- phpCAS::log( "Prepare redirect to : ".$this->getURL() );
+ $_SESSION['phpCAS']['user'] = $this->getUser();
+ $res = TRUE;
+ }
+ elseif ( $this->hasPT() ) {
+ // if a Proxy Ticket was given, validate it
+ phpCAS::trace('PT `'.$this->getPT().'\' is present');
+ $this->validatePT($validate_url,$text_response,$tree_response); // note: if it fails, it halts
+ phpCAS::trace('PT `'.$this->getPT().'\' was validated');
+ if ( $this->isProxy() ) {
+ $this->validatePGT($validate_url,$text_response,$tree_response); // idem
+ phpCAS::trace('PGT `'.$this->getPGT().'\' was validated');
+ $_SESSION['phpCAS']['pgt'] = $this->getPGT();
}
+ $_SESSION['phpCAS']['user'] = $this->getUser();
+ $res = TRUE;
+ }
+ elseif ( $this->hasSA() ) {
+ // if we have a SAML ticket, validate it.
+ phpCAS::trace('SA `'.$this->getSA().'\' is present');
+ $this->validateSA($validate_url,$text_response,$tree_response); // if it fails, it halts
+ phpCAS::trace('SA `'.$this->getSA().'\' was validated');
+ $_SESSION['phpCAS']['user'] = $this->getUser();
+ $_SESSION['phpCAS']['attributes'] = $this->getAttributes();
+ $res = TRUE;
+ }
+ else {
+ // no ticket given, not authenticated
+ phpCAS::trace('no ticket found');
+ }
+ if ($res) {
+ // if called with a ticket parameter, we need to redirect to the app without the ticket so that CAS-ification is transparent to the browser (for later POSTS)
+ // most of the checks and errors should have been made now, so we're safe for redirect without masking error messages.
+ header('Location: '.$this->getURL());
+ phpCAS::log( "Prepare redirect to : ".$this->getURL() );
}
-
- phpCAS::traceEnd($res);
- return $res;
+ }
+
+ phpCAS::traceEnd($res);
+ return $res;
}
/**
phpCAS::traceExit();
exit();
}
-
-// /**
-// * This method is used to logout from CAS.
-// * @param $url a URL that will be transmitted to the CAS server (to come back to when logged out)
-// * @public
-// */
-// function logout($url = "") {
-// phpCAS::traceBegin();
-// $cas_url = $this->getServerLogoutURL();
-// // v0.4.14 sebastien.gougeon at univ-rennes1.fr
-// // header('Location: '.$cas_url);
-// if ( $url != "" ) {
-// // Adam Moore 1.0.0RC2
-// $url = '?service=' . $url . '&url=' . $url;
-// }
-// header('Location: '.$cas_url . $url);
-// session_unset();
-// session_destroy();
-// $this->printHTMLHeader($this->getString(CAS_STR_LOGOUT));
-// printf('<p>'.$this->getString(CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED).'</p>',$cas_url);
-// $this->printHTMLFooter();
-// phpCAS::traceExit();
-// exit();
-// }
+
/**
* This method is used to logout from CAS.
}
header('Location: '.$cas_url);
phpCAS::log( "Prepare redirect to : ".$cas_url );
-
+
session_unset();
session_destroy();
phpCAS::traceEnd();
return;
}
+ if(!$this->_start_session){
+ phpCAS::log("phpCAS can't handle logout requests if it does not manage the session.");
+ }
phpCAS::log("Logout requested");
phpCAS::log("SAML REQUEST: ".$_POST['logoutRequest']);
if ($check_client) {
}
if (!$allowed) {
phpCAS::error("Unauthorized logout request from client '".$client."'");
- printf("Unauthorized!");
+ printf("Unauthorized!");
phpCAS::traceExit();
exit();
}
phpCAS::log("Ticket to logout: ".$ticket2logout);
$session_id = preg_replace('/[^\w]/','',$ticket2logout);
phpCAS::log("Session id: ".$session_id);
-
- // fix New session ID
+
+ // destroy a possible application session created before phpcas
+ if(session_id()){
+ session_unset();
+ session_destroy();
+ }
+ // fix session ID
session_id($session_id);
$_COOKIE[session_name()]=$session_id;
$_GET[session_name()]=$session_id;
// Overwrite session
session_start();
session_unset();
- session_destroy();
- printf("Disconnected!");
+ session_destroy();
+ printf("Disconnected!");
phpCAS::traceExit();
exit();
}
* This method is used to validate a ST; halt on failure, and sets $validate_url,
* $text_reponse and $tree_response on success. These parameters are used later
* by CASClient::validatePGT() for CAS proxies.
- *
+ * Used for all CAS 1.0 validations
* @param $validate_url the URL of the request to the CAS server.
* @param $text_response the response of the CAS server, as is (XML text).
* @param $tree_response the response of the CAS server, as a DOM XML tree.
$validate_url = $this->getServerServiceValidateURL().'&ticket='.$this->getST();
if ( $this->isProxy() ) {
// pass the callback url for CAS proxies
- $validate_url .= '&pgtUrl='.$this->getCallbackURL();
+ $validate_url .= '&pgtUrl='.urlencode($this->getCallbackURL());
}
// open and read the URL
}
break;
}
+ $this->renameSession($this->getST());
+ // at this step, ST has been validated and $this->_user has been set,
+ phpCAS::traceEnd(TRUE);
+ return TRUE;
+ }
+
+ // ########################################################################
+ // SAML VALIDATION
+ // ########################################################################
+ /**
+ * @addtogroup internalBasic
+ * @{
+ */
+
+ /**
+ * This method is used to validate a SAML TICKET; halt on failure, and sets $validate_url,
+ * $text_reponse and $tree_response on success. These parameters are used later
+ * by CASClient::validatePGT() for CAS proxies.
+ *
+ * @param $validate_url the URL of the request to the CAS server.
+ * @param $text_response the response of the CAS server, as is (XML text).
+ * @param $tree_response the response of the CAS server, as a DOM XML tree.
+ *
+ * @return bool TRUE when successfull, halt otherwise by calling CASClient::authError().
+ *
+ * @private
+ */
+ function validateSA($validate_url,&$text_response,&$tree_response)
+ {
+ phpCAS::traceBegin();
+
+ // build the URL to validate the ticket
+ $validate_url = $this->getServerSamlValidateURL();
+
+ // open and read the URL
+ if ( !$this->readURL($validate_url,''/*cookies*/,$headers,$text_response,$err_msg) ) {
+ phpCAS::trace('could not open URL \''.$validate_url.'\' to validate ('.$err_msg.')');
+ $this->authError('SA not validated', $validate_url, TRUE/*$no_response*/);
+ }
+
+ phpCAS::trace('server version: '.$this->getServerVersion());
+ // analyze the result depending on the version
+ switch ($this->getServerVersion()) {
+ case SAML_VERSION_1_1:
+
+ // read the response of the CAS server into a DOM object
+ if ( !($dom = domxml_open_mem($text_response))) {
+ phpCAS::trace('domxml_open_mem() failed');
+ $this->authError('SA not validated',
+ $validate_url,
+ FALSE/*$no_response*/,
+ TRUE/*$bad_response*/,
+ $text_response);
+ }
+ // read the root node of the XML tree
+ if ( !($tree_response = $dom->document_element()) ) {
+ phpCAS::trace('document_element() failed');
+ $this->authError('SA not validated',
+ $validate_url,
+ FALSE/*$no_response*/,
+ TRUE/*$bad_response*/,
+ $text_response);
+ }
+ // insure that tag name is 'Envelope'
+ if ( $tree_response->node_name() != 'Envelope' ) {
+ phpCAS::trace('bad XML root node (should be `Envelope\' instead of `'.$tree_response->node_name().'\'');
+ $this->authError('SA not validated',
+ $validate_url,
+ FALSE/*$no_response*/,
+ TRUE/*$bad_response*/,
+ $text_response);
+ }
+ // check for the NameIdentifier tag in the SAML response
+ if ( sizeof($success_elements = $tree_response->get_elements_by_tagname("NameIdentifier")) != 0) {
+ phpCAS::trace('NameIdentifier found');
+ $user = trim($success_elements[0]->get_content());
+ phpCAS::trace('user = `'.$user.'`');
+ $this->setUser($user);
+ $this->setSessionAttributes($text_response);
+ } else {
+ phpCAS::trace('no <NameIdentifier> tag found in SAML payload');
+ $this->authError('SA not validated',
+ $validate_url,
+ FALSE/*$no_response*/,
+ TRUE/*$bad_response*/,
+ $text_response);
+ }
+ break;
+ }
+ $this->renameSession($this->getSA());
// at this step, ST has been validated and $this->_user has been set,
phpCAS::traceEnd(TRUE);
return TRUE;
}
-
- // ########################################################################
- // SAML VALIDATION
- // ########################################################################
- /**
- * @addtogroup internalBasic
- * @{
- */
-
- /**
- * This method is used to validate a SAML TICKET; halt on failure, and sets $validate_url,
- * $text_reponse and $tree_response on success. These parameters are used later
- * by CASClient::validatePGT() for CAS proxies.
- *
- * @param $validate_url the URL of the request to the CAS server.
- * @param $text_response the response of the CAS server, as is (XML text).
- * @param $tree_response the response of the CAS server, as a DOM XML tree.
- *
- * @return bool TRUE when successfull, halt otherwise by calling CASClient::authError().
- *
- * @private
- */
- function validateSA($validate_url,&$text_response,&$tree_response)
- {
- phpCAS::traceBegin();
-
- // build the URL to validate the ticket
- $validate_url = $this->getServerSamlValidateURL();
-
- // open and read the URL
- if ( !$this->readURL($validate_url,''/*cookies*/,$headers,$text_response,$err_msg) ) {
- phpCAS::trace('could not open URL \''.$validate_url.'\' to validate ('.$err_msg.')');
- $this->authError('SA not validated', $validate_url, TRUE/*$no_response*/);
- }
-
- phpCAS::trace('server version: '.$this->getServerVersion());
-
- // analyze the result depending on the version
- switch ($this->getServerVersion()) {
- case SAML_VERSION_1_1:
-
- // read the response of the CAS server into a DOM object
- if ( !($dom = domxml_open_mem($text_response))) {
- phpCAS::trace('domxml_open_mem() failed');
- $this->authError('SA not validated',
- $validate_url,
- FALSE/*$no_response*/,
- TRUE/*$bad_response*/,
- $text_response);
- }
- // read the root node of the XML tree
- if ( !($tree_response = $dom->document_element()) ) {
- phpCAS::trace('document_element() failed');
- $this->authError('SA not validated',
- $validate_url,
- FALSE/*$no_response*/,
- TRUE/*$bad_response*/,
- $text_response);
- }
- // insure that tag name is 'Envelope'
- if ( $tree_response->node_name() != 'Envelope' ) {
- phpCAS::trace('bad XML root node (should be `Envelope\' instead of `'.$tree_response->node_name().'\'');
- $this->authError('SA not validated',
- $validate_url,
- FALSE/*$no_response*/,
- TRUE/*$bad_response*/,
- $text_response);
- }
- // check for the NameIdentifier tag in the SAML response
- if ( sizeof($success_elements = $tree_response->get_elements_by_tagname("NameIdentifier")) != 0) {
- phpCAS::trace('NameIdentifier found');
- $user = trim($success_elements[0]->get_content());
- phpCAS::trace('user = `'.$user.'`');
- $this->setUser($user);
- $this->setSessionAttributes($text_response);
- } else {
- phpCAS::trace('no <NameIdentifier> tag found in SAML payload');
- $this->authError('SA not validated',
- $validate_url,
- FALSE/*$no_response*/,
- TRUE/*$bad_response*/,
- $text_response);
- }
- break;
- }
-
- // at this step, ST has been validated and $this->_user has been set,
- phpCAS::traceEnd(TRUE);
- return TRUE;
- }
-
- /**
- * This method will parse the DOM and pull out the attributes from the SAML
- * payload and put them into an array, then put the array into the session.
- *
- * @param $text_response the SAML payload.
- * @return bool TRUE when successfull, halt otherwise by calling CASClient::authError().
- *
- * @private
- */
- function setSessionAttributes($text_response)
- {
- phpCAS::traceBegin();
-
- $result = FALSE;
-
- if (isset($_SESSION[SAML_ATTRIBUTES])) {
- phpCAS::trace("session attrs already set."); //testbml - do we care?
- }
-
- $attr_array = array();
-
- if (($dom = domxml_open_mem($text_response))) {
- $xPath = $dom->xpath_new_context();
- $xPath->xpath_register_ns('samlp', 'urn:oasis:names:tc:SAML:1.0:protocol');
- $xPath->xpath_register_ns('saml', 'urn:oasis:names:tc:SAML:1.0:assertion');
- $nodelist = $xPath->xpath_eval("//saml:Attribute");
- $attrs = $nodelist->nodeset;
- phpCAS::trace($text_response);
- foreach($attrs as $attr){
- $xres = $xPath->xpath_eval("saml:AttributeValue", $attr);
- $name = $attr->get_attribute("AttributeName");
- $value_array = array();
- foreach($xres->nodeset as $node){
- $value_array[] = $node->get_content();
-
- }
- phpCAS::trace("* " . $name . "=" . $value_array);
- $attr_array[$name] = $value_array;
- }
- $_SESSION[SAML_ATTRIBUTES] = $attr_array;
- // UGent addition...
- foreach($attr_array as $attr_key => $attr_value) {
- if(count($attr_value) > 1) {
- $this->_attributes[$attr_key] = $attr_value;
- }
- else {
- $this->_attributes[$attr_key] = $attr_value[0];
- }
- }
- $result = TRUE;
- }
- phpCAS::traceEnd($result);
- return $result;
- }
+
+ /**
+ * This method will parse the DOM and pull out the attributes from the SAML
+ * payload and put them into an array, then put the array into the session.
+ *
+ * @param $text_response the SAML payload.
+ * @return bool TRUE when successfull and FALSE if no attributes a found
+ *
+ * @private
+ */
+ function setSessionAttributes($text_response)
+ {
+ phpCAS::traceBegin();
+
+ $result = FALSE;
+
+ if (isset($_SESSION[SAML_ATTRIBUTES])) {
+ phpCAS::trace("session attrs already set."); //testbml - do we care?
+ }
+
+ $attr_array = array();
+
+ if (($dom = domxml_open_mem($text_response))) {
+ $xPath = $dom->xpath_new_context();
+ $xPath->xpath_register_ns('samlp', 'urn:oasis:names:tc:SAML:1.0:protocol');
+ $xPath->xpath_register_ns('saml', 'urn:oasis:names:tc:SAML:1.0:assertion');
+ $nodelist = $xPath->xpath_eval("//saml:Attribute");
+ if($nodelist){
+ $attrs = $nodelist->nodeset;
+ foreach($attrs as $attr){
+ $xres = $xPath->xpath_eval("saml:AttributeValue", $attr);
+ $name = $attr->get_attribute("AttributeName");
+ $value_array = array();
+ foreach($xres->nodeset as $node){
+ $value_array[] = $node->get_content();
+ }
+ $attr_array[$name] = $value_array;
+ }
+ $_SESSION[SAML_ATTRIBUTES] = $attr_array;
+ // UGent addition...
+ foreach($attr_array as $attr_key => $attr_value) {
+ if(count($attr_value) > 1) {
+ $this->_attributes[$attr_key] = $attr_value;
+ phpCAS::trace("* " . $attr_key . "=" . $attr_value);
+ }
+ else {
+ $this->_attributes[$attr_key] = $attr_value[0];
+ phpCAS::trace("* " . $attr_key . "=" . $attr_value[0]);
+ }
+ }
+ $result = TRUE;
+ }else{
+ phpCAS::trace("SAML Attributes are empty");
+ $result = FALSE;
+ }
+ }
+ phpCAS::traceEnd($result);
+ return $result;
+ }
/** @} */
curl_setopt($ch, $key, $value);
}
}
-
+
if ($this->_cas_server_cert == '' && $this->_cas_server_ca_cert == '' && !$this->_no_cas_server_validation) {
phpCAS::error('one of the methods phpCAS::setCasServerCert(), phpCAS::setCasServerCACert() or phpCAS::setNoCasServerValidation() must be called.');
}
if ( is_array($cookies) ) {
curl_setopt($ch,CURLOPT_COOKIE,implode(';',$cookies));
}
- // add extra stuff if SAML
- if ($this->hasSA()) {
- $more_headers = array ("soapaction: http://www.oasis-open.org/committees/security",
- "cache-control: no-cache",
- "pragma: no-cache",
- "accept: text/xml",
- "connection: keep-alive",
- "content-type: text/xml");
-
- curl_setopt($ch, CURLOPT_HTTPHEADER, $more_headers);
- curl_setopt($ch, CURLOPT_POST, 1);
- $data = $this->buildSAMLPayload();
- //phpCAS::trace('SAML Payload: '.print_r($data, TRUE));
- curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
- }
+ // add extra stuff if SAML
+ if ($this->hasSA()) {
+ $more_headers = array ("soapaction: http://www.oasis-open.org/committees/security",
+ "cache-control: no-cache",
+ "pragma: no-cache",
+ "accept: text/xml",
+ "connection: keep-alive",
+ "content-type: text/xml");
+
+ curl_setopt($ch, CURLOPT_HTTPHEADER, $more_headers);
+ curl_setopt($ch, CURLOPT_POST, 1);
+ $data = $this->buildSAMLPayload();
+ //phpCAS::trace('SAML Payload: '.print_r($data, TRUE));
+ curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
+ }
// perform the query
$buf = curl_exec ($ch);
//phpCAS::trace('CURL: Call completed. Response body is: \''.$buf.'\'');
phpCAS::traceEnd($res);
return $res;
- }
-
- /**
- * This method is used to build the SAML POST body sent to /samlValidate URL.
- *
- * @return the SOAP-encased SAMLP artifact (the ticket).
- *
- * @private
- */
- function buildSAMLPayload()
- {
- phpCAS::traceBegin();
-
- //get the ticket
- $sa = $this->getSA();
- //phpCAS::trace("SA: ".$sa);
-
- $body=SAML_SOAP_ENV.SAML_SOAP_BODY.SAMLP_REQUEST.SAML_ASSERTION_ARTIFACT.$sa.SAML_ASSERTION_ARTIFACT_CLOSE.SAMLP_REQUEST_CLOSE.SAML_SOAP_BODY_CLOSE.SAML_SOAP_ENV_CLOSE;
-
- phpCAS::traceEnd($body);
- return ($body);
- }
-
+ }
+
+ /**
+ * This method is used to build the SAML POST body sent to /samlValidate URL.
+ *
+ * @return the SOAP-encased SAMLP artifact (the ticket).
+ *
+ * @private
+ */
+ function buildSAMLPayload()
+ {
+ phpCAS::traceBegin();
+
+ //get the ticket
+ $sa = $this->getSA();
+ //phpCAS::trace("SA: ".$sa);
+
+ $body=SAML_SOAP_ENV.SAML_SOAP_BODY.SAMLP_REQUEST.SAML_ASSERTION_ARTIFACT.$sa.SAML_ASSERTION_ARTIFACT_CLOSE.SAMLP_REQUEST_CLOSE.SAML_SOAP_BODY_CLOSE.SAML_SOAP_ENV_CLOSE;
+
+ phpCAS::traceEnd($body);
+ return ($body);
+ }
+
/**
* This method is the callback used by readURL method to request HTTP headers.
*/
var $_curl_headers = array();
function _curl_read_headers($ch, $header)
- {
+ {
$this->_curl_headers[] = $header;
return strlen($header);
- }
-
+ }
+
/**
* This method is used to access an HTTP[S] service.
*
function serviceWeb($url,&$err_code,&$output)
{
phpCAS::traceBegin();
+ $cookies = array();
// at first retrieve a PT
$pt = $this->retrievePT($url,$err_code,$output);
$res = FALSE;
} else {
// add cookies if necessary
- if ( is_array($_SESSION['phpCAS']['services'][$url]['cookies']) ) {
+ if ( isset($_SESSION['phpCAS']['services'][$url]['cookies']) &&
+ is_array($_SESSION['phpCAS']['services'][$url]['cookies']) ) {
foreach ( $_SESSION['phpCAS']['services'][$url]['cookies'] as $name => $val ) {
$cookies[] = $name.'='.$val;
}
function hasPT()
{ return !empty($this->_pt); }
/**
- * This method returns the SAML Ticket provided in the URL of the request.
- * @return The SAML ticket.
- * @private
- */
- function getSA()
- { return 'ST'.substr($this->_sa, 2); }
-
- /**
- * This method stores the SAML Ticket.
- * @param $sa The SAML Ticket.
- * @private
- */
- function setSA($sa)
- { $this->_sa = $sa; }
-
- /**
- * This method tells if a SAML Ticket was stored.
- * @return TRUE if a SAML Ticket has been stored.
- * @private
- */
- function hasSA()
- { return !empty($this->_sa); }
-
+ * This method returns the SAML Ticket provided in the URL of the request.
+ * @return The SAML ticket.
+ * @private
+ */
+ function getSA()
+ { return 'ST'.substr($this->_sa, 2); }
+
+ /**
+ * This method stores the SAML Ticket.
+ * @param $sa The SAML Ticket.
+ * @private
+ */
+ function setSA($sa)
+ { $this->_sa = $sa; }
+
+ /**
+ * This method tells if a SAML Ticket was stored.
+ * @return TRUE if a SAML Ticket has been stored.
+ * @private
+ */
+ function hasSA()
+ { return !empty($this->_sa); }
+
/** @} */
// ########################################################################
// PT VALIDATION
*/
/**
- * This method is used to validate a PT; halt on failure
- *
+ * This method is used to validate a ST or PT; halt on failure
+ * Used for all CAS 2.0 validations
* @return bool TRUE when successfull, halt otherwise by calling CASClient::authError().
*
* @private
if ( $this->isProxy() ) {
// pass the callback url for CAS proxies
- $validate_url .= '&pgtUrl='.$this->getCallbackURL();
+ $validate_url .= '&pgtUrl='.urlencode($this->getCallbackURL());
}
// open and read the URL
$text_response);
}
+ $this->renameSession($this->getPT());
// at this step, PT has been validated and $this->_user has been set,
phpCAS::traceEnd(TRUE);
}
}
- $php_is_for_sissies = split("\?", $_SERVER['REQUEST_URI'], 2);
- $final_uri .= $php_is_for_sissies[0];
- if(sizeof($php_is_for_sissies) > 1){
- $cgi_params = '?' . $php_is_for_sissies[1];
- } else {
- $cgi_params = '?';
+ $request_uri = explode('?', $_SERVER['REQUEST_URI'], 2);
+ $final_uri .= $request_uri[0];
+
+ if (isset($request_uri[1]) && $request_uri[1])
+ {
+ $query_string = $this->removeParameterFromQueryString('ticket', $request_uri[1]);
+
+ // If the query string still has anything left, append it to the final URI
+ if ($query_string !== '')
+ $final_uri .= "?$query_string";
+
}
- // remove the ticket if present in the CGI parameters
- $cgi_params = preg_replace('/&ticket=[^&]*/','',$cgi_params);
- $cgi_params = preg_replace('/\?ticket=[^&;]*/','?',$cgi_params);
- $cgi_params = preg_replace('/\?%26/','?',$cgi_params);
- $cgi_params = preg_replace('/\?&/','?',$cgi_params);
- $cgi_params = preg_replace('/\?$/','',$cgi_params);
- $final_uri .= $cgi_params;
+
+ phpCAS::trace("Final URI: $final_uri");
$this->setURL($final_uri);
}
phpCAS::traceEnd($this->_url);
return $this->_url;
- }
+ }
+
+
+
+ /**
+ * Removes a parameter from a query string
+ *
+ * @param string $parameterName
+ * @param string $queryString
+ * @return string
+ *
+ * @link http://stackoverflow.com/questions/1842681/regular-expression-to-remove-one-parameter-from-query-string
+ */
+ function removeParameterFromQueryString($parameterName, $queryString)
+ {
+ $parameterName = preg_quote($parameterName);
+ return preg_replace("/&$parameterName(=[^&]*)?|^$parameterName(=[^&]*)?&?/", '', $queryString);
+ }
+
/**
* This method sets the URL of the current request
phpCAS::traceBegin();
$this->printHTMLHeader($this->getString(CAS_STR_AUTHENTICATION_FAILED));
- printf($this->getString(CAS_STR_YOU_WERE_NOT_AUTHENTICATED),$this->getURL(),$_SERVER['SERVER_ADMIN']);
+ printf($this->getString(CAS_STR_YOU_WERE_NOT_AUTHENTICATED),htmlentities($this->getURL()),$_SERVER['SERVER_ADMIN']);
phpCAS::trace('CAS URL: '.$cas_url);
phpCAS::trace('Authentication failure: '.$failure);
if ( $no_response ) {
projects / quix0rs-gnu-social.git / commitdiff