Functions | |
| CASClient::setUser ($user) | |
| This method sets the CAS user's login name. | |
| CASClient::getUser () | |
| This method returns the CAS user's login name. | |
| CASClient::forceAuthentication () | |
| This method is called to be sure that the user is authenticated. | |
| CASClient::checkAuthentication () | |
| This method is called to check whether the ser is authenticated or not. | |
| CASClient::isAuthenticated () | |
| This method is called to check if the user is authenticated (previously or by tickets given in the URL. | |
| CASClient::wasPreviouslyAuthenticated () | |
| This method tells if the user has already been (previously) authenticated by looking into the session variables. | |
| CASClient::redirectToCas ($gateway) | |
| This method is used to redirect the client to the CAS server. | |
| CASClient::logout ($url="") | |
| This method is used to logout from CAS. | |
Variables | |
| CASClient::$_user | |
| The Authenticated user. | |
Function Documentation
| CASClient::checkAuthentication | ( | ) | [inherited] |
This method is called to check whether the ser is authenticated or not.
- Returns:
- TRUE when the user is authenticated, FALSE otherwise.
Definition at line 603 of file client.php.
References $_SESSION, $res, CASClient::isAuthenticated(), and CASClient::redirectToCas().
{
phpCAS::traceBegin();
if ( $this->isAuthenticated() ) {
phpCAS::trace('user is authenticated');
$res = TRUE;
} else if (isset($_SESSION['phpCAS']['auth_checked'])) {
// the previous request has redirected the client to the CAS server with gateway=true
unset($_SESSION['phpCAS']['auth_checked']);
$res = FALSE;
} else {
$_SESSION['phpCAS']['auth_checked'] = true;
$this->redirectToCas(TRUE/* gateway */);
// never reached
$res = FALSE;
}
phpCAS::traceEnd($res);
return $res;
}
Here is the call graph for this function:
| CASClient::forceAuthentication | ( | ) | [inherited] |
This method is called to be sure that the user is authenticated.
When not authenticated, halt by redirecting to the CAS server; otherwise return TRUE.
- Returns:
- TRUE when the user is authenticated; otherwise halt.
Definition at line 579 of file client.php.
References $_SESSION, $res, CASClient::isAuthenticated(), and CASClient::redirectToCas().
{
phpCAS::traceBegin();
if ( $this->isAuthenticated() ) {
// the user is authenticated, nothing to be done.
phpCAS::trace('no need to authenticate');
$res = TRUE;
} else {
// the user is not authenticated, redirect to the CAS server
unset($_SESSION['phpCAS']['auth_checked']);
$this->redirectToCas(FALSE/* no gateway */);
// never reached
$res = FALSE;
}
phpCAS::traceEnd($res);
return $res;
}
Here is the call graph for this function:
| CASClient::getUser | ( | ) | [inherited] |
This method returns the CAS user's login name.
- Warning:
- should be called only after CASClient::forceAuthentication() or CASClient::isAuthenticated(), otherwise halt with an error.
- Returns:
- the login name of the authenticated user
Definition at line 565 of file client.php.
Referenced by CASClient::isAuthenticated().
{
if ( empty($this->_user) ) {
phpCAS::error('this method should be used only after '.__CLASS__.'::forceAuthentication() or '.__CLASS__.'::isAuthenticated()');
}
return $this->_user;
}
Here is the caller graph for this function:
| CASClient::isAuthenticated | ( | ) | [inherited] |
This method is called to check if the user is authenticated (previously or by tickets given in the URL.
- Returns:
- TRUE when the user is authenticated; otherwise halt.
Definition at line 632 of file client.php.
References $_SESSION, $res, CASClient::getPGT(), CASClient::getPT(), CASClient::getST(), CASClient::getUser(), CASClient::hasST(), CASClient::isProxy(), CASClient::validatePGT(), CASClient::validatePT(), and CASClient::wasPreviouslyAuthenticated().
Referenced by CASClient::checkAuthentication(), and CASClient::forceAuthentication().
{
phpCAS::traceBegin();
$res = FALSE;
$validate_url = '';
if ( $this->wasPreviouslyAuthenticated() ) {
// the user has already (previously during the session) been
// authenticated, nothing to be done.
phpCAS::trace('user was already authenticated, no need to look for tickets');
$res = TRUE;
} elseif ( $this->hasST() ) {
// if a Service Ticket was given, validate it
phpCAS::trace('ST `'.$this->getST().'\' is present');
$this->validateST($validate_url,$text_response,$tree_response); // if it fails, it halts
phpCAS::trace('ST `'.$this->getST().'\' was validated');
if ( $this->isProxy() ) {
$this->validatePGT($validate_url,$text_response,$tree_response); // idem
phpCAS::trace('PGT `'.$this->getPGT().'\' was validated');
$_SESSION['phpCAS']['pgt'] = $this->getPGT();
}
$_SESSION['phpCAS']['user'] = $this->getUser();
$res = TRUE;
} elseif ( $this->hasPT() ) {
// if a Proxy Ticket was given, validate it
phpCAS::trace('PT `'.$this->getPT().'\' is present');
$this->validatePT($validate_url,$text_response,$tree_response); // note: if it fails, it halts
phpCAS::trace('PT `'.$this->getPT().'\' was validated');
if ( $this->isProxy() ) {
$this->validatePGT($validate_url,$text_response,$tree_response); // idem
phpCAS::trace('PGT `'.$this->getPGT().'\' was validated');
$_SESSION['phpCAS']['pgt'] = $this->getPGT();
}
$_SESSION['phpCAS']['user'] = $this->getUser();
$res = TRUE;
} else {
// no ticket given, not authenticated
phpCAS::trace('no ticket found');
}
phpCAS::traceEnd($res);
return $res;
}
Here is the call graph for this function:
Here is the caller graph for this function:
| CASClient::logout | ( | $ | url = "" |
) | [inherited] |
This method is used to logout from CAS.
- Parameters:
-
$url a URL that will be transmitted to the CAS server (to come back to when logged out)
Definition at line 760 of file client.php.
References exit, CASClient::getServerLogoutURL(), CASClient::getString(), CASClient::printHTMLFooter(), and CASClient::printHTMLHeader().
{
phpCAS::traceBegin();
$cas_url = $this->getServerLogoutURL();
// v0.4.14 sebastien.gougeon at univ-rennes1.fr
// header('Location: '.$cas_url);
if ( $url != "" ) {
$url = '?service=' . $url;
}
header('Location: '.$cas_url . $url);
session_unset();
session_destroy();
$this->printHTMLHeader($this->getString(CAS_STR_LOGOUT));
printf('<p>'.$this->getString(CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED).'</p>',$cas_url);
$this->printHTMLFooter();
phpCAS::traceExit();
exit();
}
Here is the call graph for this function:
| CASClient::redirectToCas | ( | $ | gateway | ) | [inherited] |
This method is used to redirect the client to the CAS server.
It is used by CASClient::forceAuthentication() and CASClient::checkAuthentication().
- Parameters:
-
$gateway true to check authentication, false to force it
Definition at line 743 of file client.php.
References exit, CASClient::getServerLoginURL(), CASClient::getString(), CASClient::printHTMLFooter(), and CASClient::printHTMLHeader().
Referenced by CASClient::checkAuthentication(), and CASClient::forceAuthentication().
{
phpCAS::traceBegin();
$cas_url = $this->getServerLoginURL($gateway);
header('Location: '.$cas_url);
$this->printHTMLHeader($this->getString(CAS_STR_AUTHENTICATION_WANTED));
printf('<p>'.$this->getString(CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED).'</p>',$cas_url);
$this->printHTMLFooter();
phpCAS::traceExit();
exit();
}
Here is the call graph for this function:
Here is the caller graph for this function:
| CASClient::setUser | ( | $ | user | ) | [private, inherited] |
This method sets the CAS user's login name.
- Parameters:
-
$user the login name of the authenticated user.
Definition at line 553 of file client.php.
References $user.
Referenced by CASClient::validateST(), and CASClient::wasPreviouslyAuthenticated().
{
$this->_user = $user;
}
Here is the caller graph for this function:
| CASClient::wasPreviouslyAuthenticated | ( | ) | [private, inherited] |
This method tells if the user has already been (previously) authenticated by looking into the session variables.
- Note:
- This function switches to callback mode when needed.
- Returns:
- TRUE when the user has already been authenticated; FALSE otherwise.
Definition at line 686 of file client.php.
References $_SESSION, $auth, CASClient::callback(), CASClient::isCallbackMode(), CASClient::isProxy(), CASClient::setPGT(), CASClient::setPT(), CASClient::setST(), and CASClient::setUser().
Referenced by CASClient::isAuthenticated().
{
phpCAS::traceBegin();
if ( $this->isCallbackMode() ) {
$this->callback();
}
$auth = FALSE;
if ( $this->isProxy() ) {
// CAS proxy: username and PGT must be present
if ( !empty($_SESSION['phpCAS']['user']) && !empty($_SESSION['phpCAS']['pgt']) ) {
// authentication already done
$this->setUser($_SESSION['phpCAS']['user']);
$this->setPGT($_SESSION['phpCAS']['pgt']);
phpCAS::trace('user = `'.$_SESSION['phpCAS']['user'].'\', PGT = `'.$_SESSION['phpCAS']['pgt'].'\'');
$auth = TRUE;
} elseif ( !empty($_SESSION['phpCAS']['user']) && empty($_SESSION['phpCAS']['pgt']) ) {
// these two variables should be empty or not empty at the same time
phpCAS::trace('username found (`'.$_SESSION['phpCAS']['user'].'\') but PGT is empty');
// unset all tickets to enforce authentication
unset($_SESSION['phpCAS']);
$this->setST('');
$this->setPT('');
} elseif ( empty($_SESSION['phpCAS']['user']) && !empty($_SESSION['phpCAS']['pgt']) ) {
// these two variables should be empty or not empty at the same time
phpCAS::trace('PGT found (`'.$_SESSION['phpCAS']['pgt'].'\') but username is empty');
// unset all tickets to enforce authentication
unset($_SESSION['phpCAS']);
$this->setST('');
$this->setPT('');
} else {
phpCAS::trace('neither user not PGT found');
}
} else {
// `simple' CAS client (not a proxy): username must be present
if ( !empty($_SESSION['phpCAS']['user']) ) {
// authentication already done
$this->setUser($_SESSION['phpCAS']['user']);
phpCAS::trace('user = `'.$_SESSION['phpCAS']['user'].'\'');
$auth = TRUE;
} else {
phpCAS::trace('no user found');
}
}
phpCAS::traceEnd($auth);
return $auth;
}
Here is the call graph for this function:
Here is the caller graph for this function:
Variable Documentation
CASClient::$_user [private, inherited] |
The Authenticated user.
Written by CASClient::setUser(), read by CASClient::getUser().
- Attention:
- client applications should use phpCAS::getUser().
Definition at line 544 of file client.php.
