Data Structures | |
| class | PGTStorage |
| The PGTStorage class is a generic class for PGT storage. More... | |
Functions | |
| CASClient::initPGTStorage () | |
| This method is used to initialize the storage of PGT's. | |
| CASClient::storePGT ($pgt, $pgt_iou) | |
| This method stores a PGT. | |
| CASClient::loadPGT ($pgt_iou) | |
| This method reads a PGT from its Iou and deletes the corresponding storage entry. | |
| CASClient::setPGTStorageFile ($format='', $path='') | |
| This method is used to tell phpCAS to store the response of the CAS server to PGT requests onto the filesystem. | |
| CASClient::setPGTStorageDB ($user, $password, $database_type, $hostname, $port, $database, $table) | |
| This method is used to tell phpCAS to store the response of the CAS server to PGT requests into a database. | |
| CASClient::validatePGT (&$validate_url, $text_response, $tree_response) | |
| This method is used to validate a PGT; halt on failure. | |
| CASClient::retrievePT ($target_service, &$err_code, &$err_msg) | |
| This method is used to retrieve PT's from the CAS server thanks to a PGT. | |
| CASClient::readURL ($url, $cookies, &$headers, &$body, &$err_msg) | |
| This method is used to acces a remote URL. | |
| CASClient::serviceWeb ($url, &$err_code, &$output) | |
| This method is used to access an HTTP[S] service. | |
| CASClient::serviceMail ($url, $flags, &$err_code, &$err_msg, &$pt) | |
| This method is used to access an IMAP/POP3/NNTP service. | |
| PGTStorage::PGTStorage ($cas_parent) | |
| The constructor of the class, should be called only by inherited classes. | |
| PGTStorage::getStorageType () | |
| This virtual method returns an informational string giving the type of storage used by the object (used for debugging purposes). | |
| PGTStorage::getStorageInfo () | |
| This virtual method returns an informational string giving informations on the parameters of the storage. | |
| PGTStorage::setErrorMessage ($error_message) | |
| This method sets en error message, which can be read later by PGTStorage::getErrorMessage(). | |
| PGTStorage::getErrorMessage () | |
| This method returns an error message set by PGTStorage::setErrorMessage(). | |
| PGTStorage::isInitialized () | |
| This method tells if the storage has already been intialized. | |
| PGTStorage::init () | |
| This virtual method initializes the object. | |
| PGTStorage::write ($pgt, $pgt_iou) | |
| This virtual method stores a PGT and its corresponding PGT Iuo. | |
| PGTStorage::read ($pgt_iou) | |
| This virtual method reads a PGT corresponding to a PGT Iou and deletes the corresponding storage entry. | |
Variables | |
| CASClient::$_pgt_storage | |
| an instance of a class inheriting of PGTStorage, used to deal with PGT storage. | |
| PGTStorage::$_error_message | |
| string used to store an error message. | |
| PGTStorage::$_initialized | |
| a boolean telling if the storage has already been initialized. | |
Function Documentation
| PGTStorage::getErrorMessage | ( | ) | [inherited] |
This method returns an error message set by PGTStorage::setErrorMessage().
- Returns:
- an error message when set by PGTStorage::setErrorMessage(), FALSE otherwise.
- Deprecated:
- not used.
Definition at line 108 of file pgt-main.php.
{
return $this->_error_message;
}
| PGTStorage::getStorageInfo | ( | ) | [inherited] |
This virtual method returns an informational string giving informations on the parameters of the storage.
(used for debugging purposes).
Reimplemented in PGTStorageDB, and PGTStorageFile.
Definition at line 66 of file pgt-main.php.
{
phpCAS::error(__CLASS__.'::'.__FUNCTION__.'() should never be called');
}
| PGTStorage::getStorageType | ( | ) | [inherited] |
This virtual method returns an informational string giving the type of storage used by the object (used for debugging purposes).
Reimplemented in PGTStorageDB, and PGTStorageFile.
Definition at line 55 of file pgt-main.php.
{
phpCAS::error(__CLASS__.'::'.__FUNCTION__.'() should never be called');
}
| PGTStorage::init | ( | ) | [protected, inherited] |
This virtual method initializes the object.
Reimplemented in PGTStorageDB, and PGTStorageFile.
Definition at line 143 of file pgt-main.php.
{
$this->_initialized = TRUE;
}
| CASClient::initPGTStorage | ( | ) | [private, inherited] |
This method is used to initialize the storage of PGT's.
Halts on error.
Definition at line 1200 of file client.php.
{
// if no SetPGTStorageXxx() has been used, default to file
if ( !is_object($this->_pgt_storage) ) {
$this->setPGTStorageFile();
}
// initializes the storage
$this->_pgt_storage->init();
}
| PGTStorage::isInitialized | ( | ) | [protected, inherited] |
This method tells if the storage has already been intialized.
- Returns:
- a boolean
Definition at line 133 of file pgt-main.php.
Referenced by PGTStorageFile::init(), and PGTStorageDB::init().
{
return $this->_initialized;
}
Here is the caller graph for this function:
| CASClient::loadPGT | ( | $ | pgt_iou | ) | [private, inherited] |
This method reads a PGT from its Iou and deletes the corresponding storage entry.
- Parameters:
-
$pgt_iou the PGT Iou
- Returns:
- The PGT corresponding to the Iou, FALSE when not found.
Definition at line 1236 of file client.php.
{
// ensure that storage is initialized
$this->initPGTStorage();
// read the PGT
return $this->_pgt_storage->read($pgt_iou);
}
| PGTStorage::PGTStorage | ( | $ | cas_parent | ) | [protected, inherited] |
The constructor of the class, should be called only by inherited classes.
- Parameters:
-
$cas_parent the CASclient instance that creates the current object.
Definition at line 36 of file pgt-main.php.
Referenced by PGTStorageDB::PGTStorageDB(), and PGTStorageFile::PGTStorageFile().
{
phpCAS::traceBegin();
if ( !$cas_parent->isProxy() ) {
phpCAS::error('defining PGT storage makes no sense when not using a CAS proxy');
}
phpCAS::traceEnd();
}
Here is the caller graph for this function:
| PGTStorage::read | ( | $ | pgt_iou | ) | [protected, inherited] |
This virtual method reads a PGT corresponding to a PGT Iou and deletes the corresponding storage entry.
- Note:
- Should never be called.
- Parameters:
-
$pgt_iou the PGT iou
Reimplemented in PGTStorageFile.
Definition at line 175 of file pgt-main.php.
{
phpCAS::error(__CLASS__.'::'.__FUNCTION__.'() should never be called');
}
| CASClient::readURL | ( | $ | url, | |
| $ | cookies, | |||
| &$ | headers, | |||
| &$ | body, | |||
| &$ | err_msg | |||
| ) | [private, inherited] |
This method is used to acces a remote URL.
- Parameters:
-
$url the URL to access. $cookies an array containing cookies strings such as 'name=val' $headers an array containing the HTTP header lines of the response (an empty array on failure). $body the body of the response, as a string (empty on failure). $err_msg an error message, filled on failure.
- Returns:
- TRUE on success, FALSE otherwise (in this later case, $err_msg contains an error message).
Definition at line 1470 of file client.php.
Referenced by CASClient::validateST().
{
phpCAS::traceBegin();
$headers = '';
$body = '';
$err_msg = '';
$res = TRUE;
// initialize the CURL session
$ch = curl_init($url);
// verify the the server's certificate corresponds to its name
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 1);
// but do not verify the certificate itself
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
// return the CURL output into a variable
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
// include the HTTP header with the body
curl_setopt($ch, CURLOPT_HEADER, 1);
// add cookies headers
if ( is_array($cookies) ) {
curl_setopt($ch,CURLOPT_COOKIE,implode(';',$cookies));
}
// perform the query
$buf = curl_exec ($ch);
if ( $buf === FALSE ) {
phpCAS::trace('cur_exec() failed');
$err_msg = 'CURL error #'.curl_errno($ch).': '.curl_error($ch);
// close the CURL session
curl_close ($ch);
$res = FALSE;
} else {
// close the CURL session
curl_close ($ch);
// find the end of the headers
// note: strpos($str,"\n\r\n\r") does not work (?)
$pos = FALSE;
for ($i=0; $i<strlen($buf); $i++) {
if ( $buf[$i] == chr(13) )
if ( $buf[$i+1] == chr(10) )
if ( $buf[$i+2] == chr(13) )
if ( $buf[$i+3] == chr(10) ) {
// header found
$pos = $i;
break;
}
}
if ( $pos === FALSE ) {
// end of header not found
$err_msg = 'no header found';
phpCAS::trace($err_msg);
$res = FALSE;
} else {
// extract headers into an array
$headers = preg_split ("/[\n\r]+/",substr($buf,0,$pos));
// extract body into a string
$body = substr($buf,$pos+4);
}
}
phpCAS::traceEnd($res);
return $res;
}
Here is the caller graph for this function:
| CASClient::retrievePT | ( | $ | target_service, | |
| &$ | err_code, | |||
| &$ | err_msg | |||
| ) | [private, inherited] |
This method is used to retrieve PT's from the CAS server thanks to a PGT.
- Parameters:
-
$target_service the service to ask for with the PT. $err_code an error code (PHPCAS_SERVICE_OK on success). $err_msg an error message (empty on success).
- Returns:
- a Proxy Ticket, or FALSE on error.
Definition at line 1362 of file client.php.
References domxml_open_mem().
{
phpCAS::traceBegin();
// by default, $err_msg is set empty and $pt to TRUE. On error, $pt is
// set to false and $err_msg to an error message. At the end, if $pt is FALSE
// and $error_msg is still empty, it is set to 'invalid response' (the most
// commonly encountered error).
$err_msg = '';
// build the URL to retrieve the PT
$cas_url = $this->getServerProxyURL().'?targetService='.preg_replace('/&/','%26',$target_service).'&pgt='.$this->getPGT();
// open and read the URL
if ( !$this->readURL($cas_url,''/*cookies*/,$headers,$cas_response,$err_msg) ) {
phpCAS::trace('could not open URL \''.$cas_url.'\' to validate ('.$err_msg.')');
$err_code = PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE;
$err_msg = 'could not retrieve PT (no response from the CAS server)';
phpCAS::traceEnd(FALSE);
return FALSE;
}
$bad_response = FALSE;
if ( !$bad_response ) {
// read the response of the CAS server into a DOM object
if ( !($dom = @domxml_open_mem($cas_response))) {
phpCAS::trace('domxml_open_mem() failed');
// read failed
$bad_response = TRUE;
}
}
if ( !$bad_response ) {
// read the root node of the XML tree
if ( !($root = $dom->document_element()) ) {
phpCAS::trace('document_element() failed');
// read failed
$bad_response = TRUE;
}
}
if ( !$bad_response ) {
// insure that tag name is 'serviceResponse'
if ( $root->node_name(true) != 'serviceResponse' ) {
phpCAS::trace('node_name() failed');
// bad root node
$bad_response = TRUE;
}
}
if ( !$bad_response ) {
// look for a proxySuccess tag
if ( sizeof($arr = $root->get_elements_by_tagname("proxySuccess")) != 0) {
// authentication succeded, look for a proxyTicket tag
if ( sizeof($arr = $root->get_elements_by_tagname("proxyTicket")) != 0) {
$err_code = PHPCAS_SERVICE_OK;
$err_msg = '';
$pt = trim($arr[0]->get_content());
phpCAS::traceEnd($pt);
return $pt;
} else {
phpCAS::trace('<proxySuccess> was found, but not <proxyTicket>');
}
}
// look for a proxyFailure tag
else if ( sizeof($arr = $root->get_elements_by_tagname("proxyFailure")) != 0) {
// authentication failed, extract the error
$err_code = PHPCAS_SERVICE_PT_FAILURE;
$err_msg = 'PT retrieving failed (code=`'
.$arr[0]->get_attribute('code')
.'\', message=`'
.trim($arr[0]->get_content())
.'\')';
phpCAS::traceEnd(FALSE);
return FALSE;
} else {
phpCAS::trace('neither <proxySuccess> nor <proxyFailure> found');
}
}
// at this step, we are sure that the response of the CAS server was ill-formed
$err_code = PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE;
$err_msg = 'Invalid response from the CAS server (response=`'.$cas_response.'\')';
phpCAS::traceEnd(FALSE);
return FALSE;
}
Here is the call graph for this function:
| CASClient::serviceMail | ( | $ | url, | |
| $ | flags, | |||
| &$ | err_code, | |||
| &$ | err_msg, | |||
| &$ | pt | |||
| ) | [inherited] |
This method is used to access an IMAP/POP3/NNTP service.
- Parameters:
-
$url a string giving the URL of the service, including the mailing box for IMAP URLs, as accepted by imap_open(). $flags options given to imap_open(). $err_code an error code Possible values are PHPCAS_SERVICE_OK (on success), PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE, PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE, PHPCAS_SERVICE_PT_FAILURE, PHPCAS_SERVICE_NOT AVAILABLE. $err_msg an error message on failure $pt the Proxy Ticket (PT) retrieved from the CAS server to access the URL on success, FALSE on error).
- Returns:
- an IMAP stream on success, FALSE otherwise (in this later case, $err_code gives the reason why it failed and $err_msg contains an error message).
Definition at line 1633 of file client.php.
{
phpCAS::traceBegin();
// at first retrieve a PT
$pt = $this->retrievePT($target_service,$err_code,$output);
$stream = FALSE;
// test if PT was retrieved correctly
if ( !$pt ) {
// note: $err_code and $err_msg are filled by CASClient::retrievePT()
phpCAS::trace('PT was not retrieved correctly');
} else {
phpCAS::trace('opening IMAP URL `'.$url.'\'...');
$stream = @imap_open($url,$this->getUser(),$pt,$flags);
if ( !$stream ) {
phpCAS::trace('could not open URL');
$err_code = PHPCAS_SERVICE_NOT_AVAILABLE;
// give an error message
$err_msg = sprintf($this->getString(CAS_STR_SERVICE_UNAVAILABLE),
$service_url,
var_export(imap_errors(),TRUE));
$pt = FALSE;
$stream = FALSE;
} else {
phpCAS::trace('ok');
}
}
phpCAS::traceEnd($stream);
return $stream;
}
| CASClient::serviceWeb | ( | $ | url, | |
| &$ | err_code, | |||
| &$ | output | |||
| ) | [inherited] |
This method is used to access an HTTP[S] service.
- Parameters:
-
$url the service to access. $err_code an error code Possible values are PHPCAS_SERVICE_OK (on success), PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE, PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE, PHPCAS_SERVICE_PT_FAILURE, PHPCAS_SERVICE_NOT AVAILABLE. $output the output of the service (also used to give an error message on failure).
- Returns:
- TRUE on success, FALSE otherwise (in this later case, $err_code gives the reason why it failed and $output contains an error message).
Definition at line 1553 of file client.php.
References $_SESSION, $output, and $res.
{
phpCAS::traceBegin();
// at first retrieve a PT
$pt = $this->retrievePT($url,$err_code,$output);
$res = TRUE;
// test if PT was retrieved correctly
if ( !$pt ) {
// note: $err_code and $err_msg are filled by CASClient::retrievePT()
phpCAS::trace('PT was not retrieved correctly');
$res = FALSE;
} else {
// add cookies if necessary
if ( is_array($_SESSION['phpCAS']['services'][$url]['cookies']) ) {
foreach ( $_SESSION['phpCAS']['services'][$url]['cookies'] as $name => $val ) {
$cookies[] = $name.'='.$val;
}
}
// build the URL including the PT
if ( strstr($url,'?') === FALSE ) {
$service_url = $url.'?ticket='.$pt;
} else {
$service_url = $url.'&ticket='.$pt;
}
phpCAS::trace('reading URL`'.$service_url.'\'');
if ( !$this->readURL($service_url,$cookies,$headers,$output,$err_msg) ) {
phpCAS::trace('could not read URL`'.$service_url.'\'');
$err_code = PHPCAS_SERVICE_NOT_AVAILABLE;
// give an error message
$output = sprintf($this->getString(CAS_STR_SERVICE_UNAVAILABLE),
$service_url,
$err_msg);
$res = FALSE;
} else {
// URL has been fetched, extract the cookies
phpCAS::trace('URL`'.$service_url.'\' has been read, storing cookies:');
foreach ( $headers as $header ) {
// test if the header is a cookie
if ( preg_match('/^Set-Cookie:/',$header) ) {
// the header is a cookie, remove the beginning
$header_val = preg_replace('/^Set-Cookie: */','',$header);
// extract interesting information
$name_val = strtok($header_val,'; ');
// extract the name and the value of the cookie
$cookie_name = strtok($name_val,'=');
$cookie_val = strtok('=');
// store the cookie
$_SESSION['phpCAS']['services'][$url]['cookies'][$cookie_name] = $cookie_val;
phpCAS::trace($cookie_name.' -> '.$cookie_val);
}
}
}
}
phpCAS::traceEnd($res);
return $res;
}
| PGTStorage::setErrorMessage | ( | $ | error_message | ) | [protected, inherited] |
This method sets en error message, which can be read later by PGTStorage::getErrorMessage().
- Parameters:
-
$error_message an error message
- Deprecated:
- not used.
Definition at line 94 of file pgt-main.php.
{
$this->_error_message = $error_message;
}
| CASClient::setPGTStorageDB | ( | $ | user, | |
| $ | password, | |||
| $ | database_type, | |||
| $ | hostname, | |||
| $ | port, | |||
| $ | database, | |||
| $ | table | |||
| ) | [inherited] |
This method is used to tell phpCAS to store the response of the CAS server to PGT requests into a database.
- Note:
- The connection to the database is done only when needed. As a consequence, bad parameters are detected only when initializing PGT storage.
- Parameters:
-
$user the user to access the data with $password the user's password $database_type the type of the database hosting the data $hostname the server hosting the database $port the port the server is listening on $database the name of the database $table the name of the table storing the data
Definition at line 1282 of file client.php.
{
// check that the storage has not already been set
if ( is_object($this->_pgt_storage) ) {
phpCAS::error('PGT storage already defined');
}
// warn the user that he should use file storage...
trigger_error('PGT storage into database is an experimental feature, use at your own risk',E_USER_WARNING);
// create the storage object
$this->_pgt_storage = & new PGTStorageDB($this,$user,$password,$database_type,$hostname,$port,$database,$table);
}
| CASClient::setPGTStorageFile | ( | $ | format = '', |
|
| $ | path = '' | |||
| ) | [inherited] |
This method is used to tell phpCAS to store the response of the CAS server to PGT requests onto the filesystem.
- Parameters:
-
$format the format used to store the PGT's (`plain' and `xml' allowed) $path the path where the PGT's should be stored
Definition at line 1253 of file client.php.
{
// check that the storage has not already been set
if ( is_object($this->_pgt_storage) ) {
phpCAS::error('PGT storage already defined');
}
// create the storage object
$this->_pgt_storage = &new PGTStorageFile($this,$format,$path);
}
| CASClient::storePGT | ( | $ | pgt, | |
| $ | pgt_iou | |||
| ) | [private, inherited] |
This method stores a PGT.
Halts on error.
- Parameters:
-
$pgt the PGT to store $pgt_iou its corresponding Iou
Definition at line 1219 of file client.php.
{
// ensure that storage is initialized
$this->initPGTStorage();
// writes the PGT
$this->_pgt_storage->write($pgt,$pgt_iou);
}
| CASClient::validatePGT | ( | &$ | validate_url, | |
| $ | text_response, | |||
| $ | tree_response | |||
| ) | [private, inherited] |
This method is used to validate a PGT; halt on failure.
- Parameters:
-
$validate_url the URL of the request to the CAS server. $text_response the response of the CAS server, as is (XML text); result of CASClient::validateST() or CASClient::validatePT(). $tree_response the response of the CAS server, as a DOM XML tree; result of CASClient::validateST() or CASClient::validatePT().
- Returns:
- bool TRUE when successfull, halt otherwise by calling CASClient::authError().
Definition at line 1318 of file client.php.
Referenced by CASClient::isAuthenticated().
{
phpCAS::traceBegin();
if ( sizeof($arr = $tree_response->get_elements_by_tagname("proxyGrantingTicket")) == 0) {
phpCAS::trace('<proxyGrantingTicket> not found');
// authentication succeded, but no PGT Iou was transmitted
$this->authError('Ticket validated but no PGT Iou transmitted',
$validate_url,
FALSE/*$no_response*/,
FALSE/*$bad_response*/,
$text_response);
} else {
// PGT Iou transmitted, extract it
$pgt_iou = trim($arr[0]->get_content());
$pgt = $this->loadPGT($pgt_iou);
if ( $pgt == FALSE ) {
phpCAS::trace('could not load PGT');
$this->authError('PGT Iou was transmitted but PGT could not be retrieved',
$validate_url,
FALSE/*$no_response*/,
FALSE/*$bad_response*/,
$text_response);
}
$this->setPGT($pgt);
}
phpCAS::traceEnd(TRUE);
return TRUE;
}
Here is the caller graph for this function:
| PGTStorage::write | ( | $ | pgt, | |
| $ | pgt_iou | |||
| ) | [protected, inherited] |
This virtual method stores a PGT and its corresponding PGT Iuo.
- Note:
- Should never be called.
- Parameters:
-
$pgt the PGT $pgt_iou the PGT iou
Reimplemented in PGTStorageFile.
Definition at line 161 of file pgt-main.php.
{
phpCAS::error(__CLASS__.'::'.__FUNCTION__.'() should never be called');
}
Variable Documentation
PGTStorage::$_error_message [private, inherited] |
string used to store an error message.
Written by PGTStorage::setErrorMessage(), read by PGTStorage::getErrorMessage().
- Deprecated:
- not used.
Definition at line 83 of file pgt-main.php.
PGTStorage::$_initialized [private, inherited] |
a boolean telling if the storage has already been initialized.
Written by PGTStorage::init(), read by PGTStorage::isInitialized().
Definition at line 124 of file pgt-main.php.
CASClient::$_pgt_storage [private, inherited] |
an instance of a class inheriting of PGTStorage, used to deal with PGT storage.
Created by CASClient::setPGTStorageFile() or CASClient::setPGTStorageDB(), used by CASClient::setPGTStorageFile(), CASClient::setPGTStorageDB() and CASClient::initPGTStorage().
Definition at line 1192 of file client.php.
