The CASClient class is a client interface that provides CAS authentication to PHP applications. More...
Public Member Functions | |
| setHTMLHeader ($header) | |
| This method set the HTML header used for all outputs. | |
| setHTMLFooter ($footer) | |
| This method set the HTML footer used for all outputs. | |
| setLang ($lang) | |
| This method is used to set the language used by phpCAS. | |
| CASClient ($server_version, $proxy, $server_hostname, $server_port, $server_uri, $start_session=true) | |
| CASClient constructor. | |
| getUser () | |
| This method returns the CAS user's login name. | |
| forceAuthentication () | |
| This method is called to be sure that the user is authenticated. | |
| checkAuthentication () | |
| This method is called to check whether the ser is authenticated or not. | |
| isAuthenticated () | |
| This method is called to check if the user is authenticated (previously or by tickets given in the URL. | |
| redirectToCas ($gateway) | |
| This method is used to redirect the client to the CAS server. | |
| logout ($url="") | |
| This method is used to logout from CAS. | |
| setPGTStorageFile ($format='', $path='') | |
| This method is used to tell phpCAS to store the response of the CAS server to PGT requests onto the filesystem. | |
| setPGTStorageDB ($user, $password, $database_type, $hostname, $port, $database, $table) | |
| This method is used to tell phpCAS to store the response of the CAS server to PGT requests into a database. | |
| serviceWeb ($url, &$err_code, &$output) | |
| This method is used to access an HTTP[S] service. | |
| serviceMail ($url, $flags, &$err_code, &$err_msg, &$pt) | |
| This method is used to access an IMAP/POP3/NNTP service. | |
| setHTMLHeader ($header) | |
| This method set the HTML header used for all outputs. | |
| setHTMLFooter ($footer) | |
| This method set the HTML footer used for all outputs. | |
| setLang ($lang) | |
| This method is used to set the language used by phpCAS. | |
| CASClient ($server_version, $proxy, $server_hostname, $server_port, $server_uri, $start_session=true) | |
| CASClient constructor. | |
| getUser () | |
| This method returns the CAS user's login name. | |
| forceAuthentication () | |
| This method is called to be sure that the user is authenticated. | |
| checkAuthentication () | |
| This method is called to check whether the ser is authenticated or not. | |
| isAuthenticated () | |
| This method is called to check if the user is authenticated (previously or by tickets given in the URL. | |
| redirectToCas ($gateway) | |
| This method is used to redirect the client to the CAS server. | |
| logout ($url="") | |
| This method is used to logout from CAS. | |
| setPGTStorageFile ($format='', $path='') | |
| This method is used to tell phpCAS to store the response of the CAS server to PGT requests onto the filesystem. | |
| setPGTStorageDB ($user, $password, $database_type, $hostname, $port, $database, $table) | |
| This method is used to tell phpCAS to store the response of the CAS server to PGT requests into a database. | |
| serviceWeb ($url, &$err_code, &$output) | |
| This method is used to access an HTTP[S] service. | |
| serviceMail ($url, $flags, &$err_code, &$err_msg, &$pt) | |
| This method is used to access an IMAP/POP3/NNTP service. | |
Private Member Functions | |
| HTMLFilterOutput ($str) | |
| This method filters a string by replacing special tokens by appropriate values and prints it. | |
| printHTMLHeader ($title) | |
| This method prints the header of the HTML output (after filtering). | |
| printHTMLFooter () | |
| This method prints the footer of the HTML output (after filtering). | |
| getLang () | |
| This method returns the language used by phpCAS. | |
| getString ($str) | |
| This method returns a string depending on the language. | |
| getServerVersion () | |
| This method is used to retrieve the version of the CAS server. | |
| getServerHostname () | |
| This method is used to retrieve the hostname of the CAS server. | |
| getServerPort () | |
| This method is used to retrieve the port of the CAS server. | |
| getServerURI () | |
| This method is used to retrieve the URI of the CAS server. | |
| getServerBaseURL () | |
| This method is used to retrieve the base URL of the CAS server. | |
| getServerLoginURL ($gateway) | |
| This method is used to retrieve the login URL of the CAS server. | |
| getServerServiceValidateURL () | |
| This method is used to retrieve the service validating URL of the CAS server. | |
| getServerProxyValidateURL () | |
| This method is used to retrieve the proxy validating URL of the CAS server. | |
| getServerProxyURL () | |
| This method is used to retrieve the proxy URL of the CAS server. | |
| getServerLogoutURL () | |
| This method is used to retrieve the logout URL of the CAS server. | |
| setUser ($user) | |
| This method sets the CAS user's login name. | |
| wasPreviouslyAuthenticated () | |
| This method tells if the user has already been (previously) authenticated by looking into the session variables. | |
| getST () | |
| This method returns the Service Ticket provided in the URL of the request. | |
| setST ($st) | |
| This method stores the Service Ticket. | |
| hasST () | |
| This method tells if a Service Ticket was stored. | |
| validateST ($validate_url, &$text_response, &$tree_response) | |
| This method is used to validate a ST; halt on failure, and sets $validate_url, $text_reponse and $tree_response on success. | |
| isProxy () | |
| Tells if a CAS client is a CAS proxy or not. | |
| getPGT () | |
| This method returns the Proxy Granting Ticket given by the CAS server. | |
| setPGT ($pgt) | |
| This method stores the Proxy Granting Ticket. | |
| hasPGT () | |
| This method tells if a Proxy Granting Ticket was stored. | |
| setCallbackMode ($callback_mode) | |
| This method sets/unsets callback mode. | |
| isCallbackMode () | |
| This method returns TRUE when the CAs client is running i callback mode, FALSE otherwise. | |
| getCallbackURL () | |
| This method returns the URL that should be used for the PGT callback (in fact the URL of the current request without any CGI parameter, except if phpCAS::setFixedCallbackURL() was used). | |
| setCallbackURL ($url) | |
| This method sets the callback url. | |
| callback () | |
| This method is called by CASClient::CASClient() when running in callback mode. | |
| initPGTStorage () | |
| This method is used to initialize the storage of PGT's. | |
| storePGT ($pgt, $pgt_iou) | |
| This method stores a PGT. | |
| loadPGT ($pgt_iou) | |
| This method reads a PGT from its Iou and deletes the corresponding storage entry. | |
| validatePGT (&$validate_url, $text_response, $tree_response) | |
| This method is used to validate a PGT; halt on failure. | |
| retrievePT ($target_service, &$err_code, &$err_msg) | |
| This method is used to retrieve PT's from the CAS server thanks to a PGT. | |
| readURL ($url, $cookies, &$headers, &$body, &$err_msg) | |
| This method is used to acces a remote URL. | |
| getPT () | |
| This method returns the Proxy Ticket provided in the URL of the request. | |
| setPT ($pt) | |
| This method stores the Proxy Ticket. | |
| hasPT () | |
| This method tells if a Proxy Ticket was stored. | |
| validatePT (&$validate_url, &$text_response, &$tree_response) | |
| This method is used to validate a PT; halt on failure. | |
| getURL () | |
| This method returns the URL of the current request (without any ticket CGI parameter). | |
| setURL ($url) | |
| This method sets the URL of the current request. | |
| authError ($failure, $cas_url, $no_response, $bad_response='', $cas_response='', $err_code='', $err_msg='') | |
| This method is used to print the HTML output when the user was not authenticated. | |
| HTMLFilterOutput ($str) | |
| This method filters a string by replacing special tokens by appropriate values and prints it. | |
| printHTMLHeader ($title) | |
| This method prints the header of the HTML output (after filtering). | |
| printHTMLFooter () | |
| This method prints the footer of the HTML output (after filtering). | |
| getLang () | |
| This method returns the language used by phpCAS. | |
| getString ($str) | |
| This method returns a string depending on the language. | |
| getServerVersion () | |
| This method is used to retrieve the version of the CAS server. | |
| getServerHostname () | |
| This method is used to retrieve the hostname of the CAS server. | |
| getServerPort () | |
| This method is used to retrieve the port of the CAS server. | |
| getServerURI () | |
| This method is used to retrieve the URI of the CAS server. | |
| getServerBaseURL () | |
| This method is used to retrieve the base URL of the CAS server. | |
| getServerLoginURL ($gateway) | |
| This method is used to retrieve the login URL of the CAS server. | |
| getServerServiceValidateURL () | |
| This method is used to retrieve the service validating URL of the CAS server. | |
| getServerProxyValidateURL () | |
| This method is used to retrieve the proxy validating URL of the CAS server. | |
| getServerProxyURL () | |
| This method is used to retrieve the proxy URL of the CAS server. | |
| getServerLogoutURL () | |
| This method is used to retrieve the logout URL of the CAS server. | |
| setUser ($user) | |
| This method sets the CAS user's login name. | |
| wasPreviouslyAuthenticated () | |
| This method tells if the user has already been (previously) authenticated by looking into the session variables. | |
| getST () | |
| This method returns the Service Ticket provided in the URL of the request. | |
| setST ($st) | |
| This method stores the Service Ticket. | |
| hasST () | |
| This method tells if a Service Ticket was stored. | |
| validateST ($validate_url, &$text_response, &$tree_response) | |
| This method is used to validate a ST; halt on failure, and sets $validate_url, $text_reponse and $tree_response on success. | |
| isProxy () | |
| Tells if a CAS client is a CAS proxy or not. | |
| getPGT () | |
| This method returns the Proxy Granting Ticket given by the CAS server. | |
| setPGT ($pgt) | |
| This method stores the Proxy Granting Ticket. | |
| hasPGT () | |
| This method tells if a Proxy Granting Ticket was stored. | |
| setCallbackMode ($callback_mode) | |
| This method sets/unsets callback mode. | |
| isCallbackMode () | |
| This method returns TRUE when the CAs client is running i callback mode, FALSE otherwise. | |
| getCallbackURL () | |
| This method returns the URL that should be used for the PGT callback (in fact the URL of the current request without any CGI parameter, except if phpCAS::setFixedCallbackURL() was used). | |
| setCallbackURL ($url) | |
| This method sets the callback url. | |
| callback () | |
| This method is called by CASClient::CASClient() when running in callback mode. | |
| initPGTStorage () | |
| This method is used to initialize the storage of PGT's. | |
| storePGT ($pgt, $pgt_iou) | |
| This method stores a PGT. | |
| loadPGT ($pgt_iou) | |
| This method reads a PGT from its Iou and deletes the corresponding storage entry. | |
| validatePGT (&$validate_url, $text_response, $tree_response) | |
| This method is used to validate a PGT; halt on failure. | |
| retrievePT ($target_service, &$err_code, &$err_msg) | |
| This method is used to retrieve PT's from the CAS server thanks to a PGT. | |
| readURL ($url, $cookies, &$headers, &$body, &$err_msg) | |
| This method is used to acces a remote URL. | |
| getPT () | |
| This method returns the Proxy Ticket provided in the URL of the request. | |
| setPT ($pt) | |
| This method stores the Proxy Ticket. | |
| hasPT () | |
| This method tells if a Proxy Ticket was stored. | |
| validatePT (&$validate_url, &$text_response, &$tree_response) | |
| This method is used to validate a PT; halt on failure. | |
| getURL () | |
| This method returns the URL of the current request (without any ticket CGI parameter). | |
| setURL ($url) | |
| This method sets the URL of the current request. | |
| authError ($failure, $cas_url, $no_response, $bad_response='', $cas_response='', $err_code='', $err_msg='') | |
| This method is used to print the HTML output when the user was not authenticated. | |
Private Attributes | |
| $_output_header | |
| A string used to print the header of HTML pages. | |
| $_output_footer | |
| A string used to print the footer of HTML pages. | |
| $_lang | |
| A string corresponding to the language used by phpCAS. | |
| $_strings | |
| array containing the strings used by phpCAS. | |
| $_server | |
| a record to store information about the CAS server. | |
| $_user | |
| The Authenticated user. | |
| $_st | |
| the Service Ticket provided in the URL of the request if present (empty otherwise). | |
| $_proxy | |
| A boolean telling if the client is a CAS proxy or not. | |
| $_pgt | |
| the Proxy Grnting Ticket given by the CAS server (empty otherwise). | |
| $_callback_mode | |
| each PHP script using phpCAS in proxy mode is its own callback to get the PGT back from the CAS server. | |
| $_callback_url | |
| the URL that should be used for the PGT callback (in fact the URL of the current request without any CGI parameter). | |
| $_pgt_storage | |
| an instance of a class inheriting of PGTStorage, used to deal with PGT storage. | |
| $_pt | |
| the Proxy Ticket provided in the URL of the request if present (empty otherwise). | |
| $_url | |
| the URL of the current request (without any ticket CGI parameter). | |
Detailed Description
The CASClient class is a client interface that provides CAS authentication to PHP applications.
Definition at line 22 of file client.php.
Member Function Documentation
| CASClient::authError | ( | $ | failure, | |
| $ | cas_url, | |||
| $ | no_response, | |||
| $ | bad_response = '', |
|||
| $ | cas_response = '', |
|||
| $ | err_code = '', |
|||
| $ | err_msg = '' | |||
| ) | [private] |
This method is used to print the HTML output when the user was not authenticated.
- Parameters:
-
$failure the failure that occured $cas_url the URL the CAS server was asked for $no_response the response from the CAS server (other parameters are ignored if TRUE) $bad_response bad response from the CAS server ($err_code and $err_msg ignored if TRUE) $cas_response the response of the CAS server $err_code the error code given by the CAS server $err_msg the error message given by the CAS server
Definition at line 1927 of file client4.php.
References exit.
{
phpCAS::traceBegin();
$this->printHTMLHeader($this->getString(CAS_STR_AUTHENTICATION_FAILED));
printf($this->getString(CAS_STR_YOU_WERE_NOT_AUTHENTICATED),$this->getURL(),$_SERVER['SERVER_ADMIN']);
phpCAS::trace('CAS URL: '.$cas_url);
phpCAS::trace('Authentication failure: '.$failure);
if ( $no_response ) {
phpCAS::trace('Reason: no response from the CAS server');
} else {
if ( $bad_response ) {
phpCAS::trace('Reason: bad response from the CAS server');
} else {
switch ($this->getServerVersion()) {
case CAS_VERSION_1_0:
phpCAS::trace('Reason: CAS error');
break;
case CAS_VERSION_2_0:
if ( empty($err_code) )
phpCAS::trace('Reason: no CAS error');
else
phpCAS::trace('Reason: ['.$err_code.'] CAS error: '.$err_msg);
break;
}
}
phpCAS::trace('CAS response: '.$cas_response);
}
$this->printHTMLFooter();
phpCAS::traceExit();
exit();
}
| CASClient::callback | ( | ) | [private] |
This method is called by CASClient::CASClient() when running in callback mode.
It stores the PGT and its PGT Iou, prints its output and halts.
Definition at line 1169 of file client4.php.
References $_GET.
{
phpCAS::traceBegin();
$this->printHTMLHeader('phpCAS callback');
$pgt_iou = $_GET['pgtIou'];
$pgt = $_GET['pgtId'];
phpCAS::trace('Storing PGT `'.$pgt.'\' (id=`'.$pgt_iou.'\')');
echo '<p>Storing PGT `'.$pgt.'\' (id=`'.$pgt_iou.'\').</p>';
$this->storePGT($pgt,$pgt_iou);
$this->printHTMLFooter();
phpCAS::traceExit();
}
| CASClient::CASClient | ( | $ | server_version, | |
| $ | proxy, | |||
| $ | server_hostname, | |||
| $ | server_port, | |||
| $ | server_uri, | |||
| $ | start_session = true | |||
| ) |
CASClient constructor.
- Parameters:
-
$server_version the version of the CAS server $proxy TRUE if the CAS client is a CAS proxy, FALSE otherwise $server_hostname the hostname of the CAS server $server_port the port the CAS server is running on $server_uri the URI the CAS server is responding on $start_session Have phpCAS start PHP sessions (default true)
- Returns:
- a newly created CASClient object
Definition at line 444 of file client4.php.
References $_GET, isCallbackMode(), isProxy(), and setCallbackMode().
{
phpCAS::traceBegin();
// activate session mechanism if desired
if ($start_session) {
session_start();
}
$this->_proxy = $proxy;
// check version
switch ($server_version) {
case CAS_VERSION_1_0:
if ( $this->isProxy() )
phpCAS::error('CAS proxies are not supported in CAS '
.$server_version);
break;
case CAS_VERSION_2_0:
break;
default:
phpCAS::error('this version of CAS (`'
.$server_version
.'\') is not supported by phpCAS '
.phpCAS::getVersion());
}
$this->_server['version'] = $server_version;
// check hostname
if ( empty($server_hostname)
|| !preg_match('/[\.\d\-abcdefghijklmnopqrstuvwxyz]*/',$server_hostname) ) {
phpCAS::error('bad CAS server hostname (`'.$server_hostname.'\')');
}
$this->_server['hostname'] = $server_hostname;
// check port
if ( $server_port == 0
|| !is_int($server_port) ) {
phpCAS::error('bad CAS server port (`'.$server_hostname.'\')');
}
$this->_server['port'] = $server_port;
// check URI
if ( !preg_match('/[\.\d\-_abcdefghijklmnopqrstuvwxyz\/]*/',$server_uri) ) {
phpCAS::error('bad CAS server URI (`'.$server_uri.'\')');
}
// add leading and trailing `/' and remove doubles
$server_uri = preg_replace('/\/\//','/','/'.$server_uri.'/');
$this->_server['uri'] = $server_uri;
// set to callback mode if PgtIou and PgtId CGI GET parameters are provided
if ( $this->isProxy() ) {
$this->setCallbackMode(!empty($_GET['pgtIou'])&&!empty($_GET['pgtId']));
}
if ( $this->isCallbackMode() ) {
// callback mode: check that phpCAS is secured
if ( $_SERVER['HTTPS'] != 'on' ) {
phpCAS::error('CAS proxies must be secured to use phpCAS; PGT\'s will not be received from the CAS server');
}
} else {
// normal mode: get ticket and remove it from CGI parameters for developpers
$ticket = $_GET['ticket'];
// at first check for a Service Ticket
if( preg_match('/^ST-/',$ticket)) {
phpCAS::trace('ST \''.$ticket.'\' found');
// ST present
$this->setST($ticket);
}
// in a second time check for a Proxy Ticket (CAS >= 2.0)
else if( ($this->getServerVersion()!=CAS_VERSION_1_0) && preg_match('/^PT-/',$ticket) ) {
phpCAS::trace('PT \''.$ticket.'\' found');
$this->setPT($ticket);
}
// ill-formed ticket, halt
else if ( !empty($ticket) ) {
phpCAS::error('ill-formed ticket found in the URL (ticket=`'.htmlentities($ticket).'\')');
}
// ticket has been taken into account, unset it to hide it to applications
unset($_GET['ticket']);
}
phpCAS::traceEnd();
}
Here is the call graph for this function:
| CASClient::checkAuthentication | ( | ) |
This method is called to check whether the ser is authenticated or not.
- Returns:
- TRUE when the user is authenticated, FALSE otherwise.
Definition at line 612 of file client4.php.
References $_SESSION, $res, isAuthenticated(), and redirectToCas().
{
phpCAS::traceBegin();
if ( $this->isAuthenticated() ) {
phpCAS::trace('user is authenticated');
$res = TRUE;
} else if (isset($_SESSION['phpCAS']['auth_checked'])) {
// the previous request has redirected the client to the CAS server with gateway=true
unset($_SESSION['phpCAS']['auth_checked']);
$res = FALSE;
} else {
$_SESSION['phpCAS']['auth_checked'] = true;
$this->redirectToCas(TRUE/* gateway */);
// never reached
$res = FALSE;
}
phpCAS::traceEnd($res);
return $res;
}
Here is the call graph for this function:
| CASClient::forceAuthentication | ( | ) |
This method is called to be sure that the user is authenticated.
When not authenticated, halt by redirecting to the CAS server; otherwise return TRUE.
- Returns:
- TRUE when the user is authenticated; otherwise halt.
Definition at line 588 of file client4.php.
References $_SESSION, $res, isAuthenticated(), and redirectToCas().
{
phpCAS::traceBegin();
if ( $this->isAuthenticated() ) {
// the user is authenticated, nothing to be done.
phpCAS::trace('no need to authenticate');
$res = TRUE;
} else {
// the user is not authenticated, redirect to the CAS server
unset($_SESSION['phpCAS']['auth_checked']);
$this->redirectToCas(FALSE/* no gateway */);
// never reached
$res = FALSE;
}
phpCAS::traceEnd($res);
return $res;
}
Here is the call graph for this function:
| CASClient::getCallbackURL | ( | ) | [private] |
This method returns the URL that should be used for the PGT callback (in fact the URL of the current request without any CGI parameter, except if phpCAS::setFixedCallbackURL() was used).
- Returns:
- The callback URL
Definition at line 1116 of file client4.php.
References $request_uri.
{
// the URL is built when needed only
if ( empty($this->_callback_url) ) {
$final_uri = '';
// remove the ticket if present in the URL
$final_uri = 'https://';
/* replaced by Julien Marchal - v0.4.6
* $this->uri .= $_SERVER['SERVER_NAME'];
*/
if(empty($_SERVER['HTTP_X_FORWARDED_SERVER'])){
/* replaced by teedog - v0.4.12
* $final_uri .= $_SERVER['SERVER_NAME'];
*/
if (empty($_SERVER['SERVER_NAME'])) {
$final_uri .= $_SERVER['HTTP_HOST'];
} else {
$final_uri .= $_SERVER['SERVER_NAME'];
}
} else {
$final_uri .= $_SERVER['HTTP_X_FORWARDED_SERVER'];
}
if ( ($_SERVER['HTTPS']=='on' && $_SERVER['SERVER_PORT']!=443)
|| ($_SERVER['HTTPS']!='on' && $_SERVER['SERVER_PORT']!=80) ) {
$final_uri .= ':';
$final_uri .= $_SERVER['SERVER_PORT'];
}
$request_uri = $_SERVER['REQUEST_URI'];
$request_uri = preg_replace('/\?.*$/','',$request_uri);
$final_uri .= $request_uri;
$this->setCallbackURL($final_uri);
}
return $this->_callback_url;
}
| CASClient::getLang | ( | ) | [private] |
This method returns the language used by phpCAS.
- Returns:
- a string representing the language
Definition at line 178 of file client4.php.
References setLang().
{
if ( empty($this->_lang) )
$this->setLang(PHPCAS_LANG_DEFAULT);
return $this->_lang;
}
Here is the call graph for this function:
| CASClient::getPGT | ( | ) | [private] |
This method returns the Proxy Granting Ticket given by the CAS server.
- Returns:
- The Proxy Granting Ticket.
Definition at line 1029 of file client4.php.
{ return $this->_pgt; }
| CASClient::getPT | ( | ) | [private] |
This method returns the Proxy Ticket provided in the URL of the request.
- Returns:
- The proxy ticket.
Definition at line 1705 of file client4.php.
{ return $this->_pt; }
| CASClient::getServerBaseURL | ( | ) | [private] |
This method is used to retrieve the base URL of the CAS server.
- Returns:
- a URL.
Definition at line 315 of file client4.php.
{
// the URL is build only when needed
if ( empty($this->_server['base_url']) ) {
$this->_server['base_url'] = 'https://'
.$this->getServerHostname()
.':'
.$this->getServerPort()
.$this->getServerURI();
}
return $this->_server['base_url'];
}
| CASClient::getServerHostname | ( | ) | [private] |
This method is used to retrieve the hostname of the CAS server.
- Returns:
- the hostname of the CAS server.
Definition at line 291 of file client4.php.
{ return $this->_server['hostname']; }
| CASClient::getServerLoginURL | ( | $ | gateway | ) | [private] |
This method is used to retrieve the login URL of the CAS server.
- Parameters:
-
$gateway true to check authentication, false to force it
- Returns:
- a URL.
Definition at line 334 of file client4.php.
References getServerBaseURL(), and getURL().
{
phpCAS::traceBegin();
// the URL is build only when needed
if ( empty($this->_server['login_url']) ) {
$this->_server['login_url'] = $this->getServerBaseURL();
$this->_server['login_url'] .= 'login?service=';
$this->_server['login_url'] .= preg_replace('/&/','%26',$this->getURL());
if ($gateway) {
$this->_server['login_url'] .= '&gateway=true';
}
}
phpCAS::traceEnd($this->_server['login_url']);
return $this->_server['login_url'];
}
Here is the call graph for this function:
| CASClient::getServerLogoutURL | ( | ) | [private] |
This method is used to retrieve the logout URL of the CAS server.
- Returns:
- a URL.
Definition at line 418 of file client4.php.
References getServerBaseURL().
{
// the URL is build only when needed
if ( empty($this->_server['logout_url']) ) {
$this->_server['logout_url'] = $this->getServerBaseURL().'logout';
}
return $this->_server['logout_url'];
}
Here is the call graph for this function:
| CASClient::getServerPort | ( | ) | [private] |
This method is used to retrieve the port of the CAS server.
- Returns:
- the port of the CAS server.
Definition at line 299 of file client4.php.
{ return $this->_server['port']; }
| CASClient::getServerProxyURL | ( | ) | [private] |
This method is used to retrieve the proxy URL of the CAS server.
- Returns:
- a URL.
Definition at line 397 of file client4.php.
References getServerBaseURL(), and getServerVersion().
{
// the URL is build only when needed
if ( empty($this->_server['proxy_url']) ) {
switch ($this->getServerVersion()) {
case CAS_VERSION_1_0:
$this->_server['proxy_url'] = '';
break;
case CAS_VERSION_2_0:
$this->_server['proxy_url'] = $this->getServerBaseURL().'proxy';
break;
}
}
return $this->_server['proxy_url'];
}
Here is the call graph for this function:
| CASClient::getServerProxyValidateURL | ( | ) | [private] |
This method is used to retrieve the proxy validating URL of the CAS server.
- Returns:
- a URL.
Definition at line 376 of file client4.php.
References getServerBaseURL(), getServerVersion(), and getURL().
{
// the URL is build only when needed
if ( empty($this->_server['proxy_validate_url']) ) {
switch ($this->getServerVersion()) {
case CAS_VERSION_1_0:
$this->_server['proxy_validate_url'] = '';
break;
case CAS_VERSION_2_0:
$this->_server['proxy_validate_url'] = $this->getServerBaseURL().'proxyValidate';
break;
}
}
return $this->_server['proxy_validate_url'].'?service='.preg_replace('/&/','%26',$this->getURL());
}
Here is the call graph for this function:
| CASClient::getServerServiceValidateURL | ( | ) | [private] |
This method is used to retrieve the service validating URL of the CAS server.
- Returns:
- a URL.
Definition at line 355 of file client4.php.
References getServerBaseURL(), getServerVersion(), and getURL().
{
// the URL is build only when needed
if ( empty($this->_server['service_validate_url']) ) {
switch ($this->getServerVersion()) {
case CAS_VERSION_1_0:
$this->_server['service_validate_url'] = $this->getServerBaseURL().'validate';
break;
case CAS_VERSION_2_0:
$this->_server['service_validate_url'] = $this->getServerBaseURL().'serviceValidate';
break;
}
}
return $this->_server['service_validate_url'].'?service='.preg_replace('/&/','%26',$this->getURL());
}
Here is the call graph for this function:
| CASClient::getServerURI | ( | ) | [private] |
This method is used to retrieve the URI of the CAS server.
- Returns:
- a URI.
Definition at line 307 of file client4.php.
{ return $this->_server['uri']; }
| CASClient::getServerVersion | ( | ) | [private] |
This method is used to retrieve the version of the CAS server.
- Returns:
- the version of the CAS server.
Definition at line 281 of file client4.php.
{
return $this->_server['version'];
}
| CASClient::getST | ( | ) | [private] |
This method returns the Service Ticket provided in the URL of the request.
- Returns:
- The service ticket.
Definition at line 819 of file client4.php.
{ return $this->_st; }
| CASClient::getString | ( | $ | str | ) | [private] |
This method returns a string depending on the language.
- Parameters:
-
$str the index of the string in $_string.
- Returns:
- the string corresponding to $index in $string.
Definition at line 205 of file client4.php.
References _strings, and getLang().
{
// call CASclient::getLang() to be sure the language is initialized
$this->getLang();
if ( !isset($this->_strings[$str]) ) {
trigger_error('string `'.$str.'\' not defined for language `'.$this->getLang().'\'',E_USER_ERROR);
}
return $this->_strings[$str];
}
Here is the call graph for this function:
| CASClient::getURL | ( | ) | [private] |
This method returns the URL of the current request (without any ticket CGI parameter).
- Returns:
- The URL
Definition at line 1854 of file client4.php.
{
phpCAS::traceBegin();
// the URL is built when needed only
if ( empty($this->_url) ) {
$final_uri = '';
// remove the ticket if present in the URL
$final_uri = ($_SERVER['HTTPS'] == 'on') ? 'https' : 'http';
$final_uri .= '://';
/* replaced by Julien Marchal - v0.4.6
* $this->_url .= $_SERVER['SERVER_NAME'];
*/
if(empty($_SERVER['HTTP_X_FORWARDED_SERVER'])){
/* replaced by teedog - v0.4.12
* $this->_url .= $_SERVER['SERVER_NAME'];
*/
if (empty($_SERVER['SERVER_NAME'])) {
$final_uri .= $_SERVER['HTTP_HOST'];
} else {
$final_uri .= $_SERVER['SERVER_NAME'];
}
} else {
$final_uri .= $_SERVER['HTTP_X_FORWARDED_SERVER'];
}
if ( ($_SERVER['HTTPS']=='on' && $_SERVER['SERVER_PORT']!=443)
|| ($_SERVER['HTTPS']!='on' && $_SERVER['SERVER_PORT']!=80) ) {
$final_uri .= ':';
$final_uri .= $_SERVER['SERVER_PORT'];
}
$final_uri .= strtok($_SERVER['REQUEST_URI'],"?");
$cgi_params = '?'.strtok("?");
// remove the ticket if present in the CGI parameters
$cgi_params = preg_replace('/&ticket=[^&]*/','',$cgi_params);
$cgi_params = preg_replace('/\?ticket=[^&;]*/','?',$cgi_params);
$cgi_params = preg_replace('/\?$/','',$cgi_params);
$final_uri .= $cgi_params;
$this->setURL($final_uri);
}
phpCAS::traceEnd($this->_url);
return $this->_url;
}
| CASClient::getUser | ( | ) |
This method returns the CAS user's login name.
- Warning:
- should be called only after CASClient::forceAuthentication() or CASClient::isAuthenticated(), otherwise halt with an error.
- Returns:
- the login name of the authenticated user
Definition at line 574 of file client4.php.
{
if ( empty($this->_user) ) {
phpCAS::error('this method should be used only after '.__CLASS__.'::forceAuthentication() or '.__CLASS__.'::isAuthenticated()');
}
return $this->_user;
}
| CASClient::hasPGT | ( | ) | [private] |
This method tells if a Proxy Granting Ticket was stored.
- Returns:
- TRUE if a Proxy Granting Ticket has been stored.
Definition at line 1045 of file client4.php.
{ return !empty($this->_pgt); }
| CASClient::hasPT | ( | ) | [private] |
This method tells if a Proxy Ticket was stored.
- Returns:
- TRUE if a Proxy Ticket has been stored.
Definition at line 1721 of file client4.php.
{ return !empty($this->_pt); }
| CASClient::hasST | ( | ) | [private] |
This method tells if a Service Ticket was stored.
- Returns:
- TRUE if a Service Ticket has been stored.
Definition at line 835 of file client4.php.
{ return !empty($this->_st); }
| CASClient::HTMLFilterOutput | ( | $ | str | ) | [private] |
This method filters a string by replacing special tokens by appropriate values and prints it.
The corresponding tokens are taken into account:
- __CAS_VERSION__
- __PHPCAS_VERSION__
- __SERVER_BASE_URL__
Used by CASClient::PrintHTMLHeader() and CASClient::printHTMLFooter().
- Parameters:
-
$str the string to filter and output
Definition at line 65 of file client4.php.
References getServerBaseURL(), and getServerVersion().
{
$str = str_replace('__CAS_VERSION__',$this->getServerVersion(),$str);
$str = str_replace('__PHPCAS_VERSION__',phpCAS::getVersion(),$str);
$str = str_replace('__SERVER_BASE_URL__',$this->getServerBaseURL(),$str);
echo $str;
}
Here is the call graph for this function:
| CASClient::initPGTStorage | ( | ) | [private] |
This method is used to initialize the storage of PGT's.
Halts on error.
Definition at line 1208 of file client4.php.
{
// if no SetPGTStorageXxx() has been used, default to file
if ( !is_object($this->_pgt_storage) ) {
$this->setPGTStorageFile();
}
// initializes the storage
$this->_pgt_storage->init();
}
| CASClient::isAuthenticated | ( | ) |
This method is called to check if the user is authenticated (previously or by tickets given in the URL.
- Returns:
- TRUE when the user is authenticated; otherwise halt.
Definition at line 641 of file client4.php.
References $_SESSION, $res, getPGT(), getPT(), getST(), getUser(), hasST(), isProxy(), validatePGT(), validatePT(), and wasPreviouslyAuthenticated().
{
phpCAS::traceBegin();
$res = FALSE;
$validate_url = '';
if ( $this->wasPreviouslyAuthenticated() ) {
// the user has already (previously during the session) been
// authenticated, nothing to be done.
phpCAS::trace('user was already authenticated, no need to look for tickets');
$res = TRUE;
} elseif ( $this->hasST() ) {
// if a Service Ticket was given, validate it
phpCAS::trace('ST `'.$this->getST().'\' is present');
$this->validateST($validate_url,$text_response,$tree_response); // if it fails, it halts
phpCAS::trace('ST `'.$this->getST().'\' was validated');
if ( $this->isProxy() ) {
$this->validatePGT($validate_url,$text_response,$tree_response); // idem
phpCAS::trace('PGT `'.$this->getPGT().'\' was validated');
$_SESSION['phpCAS']['pgt'] = $this->getPGT();
}
$_SESSION['phpCAS']['user'] = $this->getUser();
$res = TRUE;
} elseif ( $this->hasPT() ) {
// if a Proxy Ticket was given, validate it
phpCAS::trace('PT `'.$this->getPT().'\' is present');
$this->validatePT($validate_url,$text_response,$tree_response); // note: if it fails, it halts
phpCAS::trace('PT `'.$this->getPT().'\' was validated');
if ( $this->isProxy() ) {
$this->validatePGT($validate_url,$text_response,$tree_response); // idem
phpCAS::trace('PGT `'.$this->getPGT().'\' was validated');
$_SESSION['phpCAS']['pgt'] = $this->getPGT();
}
$_SESSION['phpCAS']['user'] = $this->getUser();
$res = TRUE;
} else {
// no ticket given, not authenticated
phpCAS::trace('no ticket found');
}
phpCAS::traceEnd($res);
return $res;
}
Here is the call graph for this function:
| CASClient::isCallbackMode | ( | ) | [private] |
This method returns TRUE when the CAs client is running i callback mode, FALSE otherwise.
- Returns:
- A boolean.
Definition at line 1092 of file client4.php.
{
return $this->_callback_mode;
}
| CASClient::isProxy | ( | ) | [private] |
Tells if a CAS client is a CAS proxy or not.
- Returns:
- TRUE when the CAS client is a CAs proxy, FALSE otherwise
Definition at line 1001 of file client4.php.
{
return $this->_proxy;
}
| CASClient::loadPGT | ( | $ | pgt_iou | ) | [private] |
This method reads a PGT from its Iou and deletes the corresponding storage entry.
- Parameters:
-
$pgt_iou the PGT Iou
- Returns:
- The PGT corresponding to the Iou, FALSE when not found.
Definition at line 1244 of file client4.php.
{
// ensure that storage is initialized
$this->initPGTStorage();
// read the PGT
return $this->_pgt_storage->read($pgt_iou);
}
| CASClient::logout | ( | $ | url = "" |
) |
This method is used to logout from CAS.
- Parameters:
-
$url a URL that will be transmitted to the CAS server (to come back to when logged out)
Definition at line 769 of file client4.php.
References exit, getServerLogoutURL(), getString(), printHTMLFooter(), and printHTMLHeader().
{
phpCAS::traceBegin();
$cas_url = $this->getServerLogoutURL();
// v0.4.14 sebastien.gougeon at univ-rennes1.fr
// header('Location: '.$cas_url);
if ( $url != "" ) {
$url = '?service=' . $url;
}
header('Location: '.$cas_url . $url);
session_unset();
session_destroy();
$this->printHTMLHeader($this->getString(CAS_STR_LOGOUT));
printf('<p>'.$this->getString(CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED).'</p>',$cas_url);
$this->printHTMLFooter();
phpCAS::traceExit();
exit();
}
Here is the call graph for this function:
| CASClient::printHTMLFooter | ( | ) | [private] |
This method prints the footer of the HTML output (after filtering).
If CASClient::setHTMLFooter() was not used, a default footer is output.
- See also:
- HTMLFilterOutput()
Definition at line 120 of file client4.php.
References getString(), and HTMLFilterOutput().
{
$this->HTMLFilterOutput(empty($this->_output_footer)
?('<hr><address>phpCAS __PHPCAS_VERSION__ '.$this->getString(CAS_STR_USING_SERVER).' <a href="__SERVER_BASE_URL__">__SERVER_BASE_URL__</a> (CAS __CAS_VERSION__)</a></address></body></html>')
:$this->_output_footer);
}
Here is the call graph for this function:
| CASClient::printHTMLHeader | ( | $ | title | ) | [private] |
This method prints the header of the HTML output (after filtering).
If CASClient::setHTMLHeader() was not used, a default header is output.
- Parameters:
-
$title the title of the page
- See also:
- HTMLFilterOutput()
Definition at line 92 of file client4.php.
References $title, and HTMLFilterOutput().
{
$this->HTMLFilterOutput(str_replace('__TITLE__',
$title,
(empty($this->_output_header)
? '<html><head><title>__TITLE__</title></head><body><h1>__TITLE__</h1>'
: $this->output_header)
)
);
}
Here is the call graph for this function:
| CASClient::readURL | ( | $ | url, | |
| $ | cookies, | |||
| &$ | headers, | |||
| &$ | body, | |||
| &$ | err_msg | |||
| ) | [private] |
This method is used to acces a remote URL.
- Parameters:
-
$url the URL to access. $cookies an array containing cookies strings such as 'name=val' $headers an array containing the HTTP header lines of the response (an empty array on failure). $body the body of the response, as a string (empty on failure). $err_msg an error message, filled on failure.
- Returns:
- TRUE on success, FALSE otherwise (in this later case, $err_msg contains an error message).
Definition at line 1478 of file client4.php.
{
phpCAS::traceBegin();
$headers = '';
$body = '';
$err_msg = '';
$res = TRUE;
// initialize the CURL session
$ch = curl_init($url);
// verify the the server's certificate corresponds to its name
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 1);
// but do not verify the certificate itself
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
// return the CURL output into a variable
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
// include the HTTP header with the body
curl_setopt($ch, CURLOPT_HEADER, 1);
// add cookies headers
if ( is_array($cookies) ) {
curl_setopt($ch,CURLOPT_COOKIE,implode(';',$cookies));
}
// perform the query
$buf = curl_exec ($ch);
if ( $buf === FALSE ) {
phpCAS::trace('cur_exec() failed');
$err_msg = 'CURL error #'.curl_errno($ch).': '.curl_error($ch);
// close the CURL session
curl_close ($ch);
$res = FALSE;
} else {
// close the CURL session
curl_close ($ch);
// find the end of the headers
// note: strpos($str,"\n\r\n\r") does not work (?)
$pos = FALSE;
for ($i=0; $i<strlen($buf); $i++) {
if ( $buf[$i] == chr(13) )
if ( $buf[$i+1] == chr(10) )
if ( $buf[$i+2] == chr(13) )
if ( $buf[$i+3] == chr(10) ) {
// header found
$pos = $i;
break;
}
}
if ( $pos === FALSE ) {
// end of header not found
$err_msg = 'no header found';
phpCAS::trace($err_msg);
$res = FALSE;
} else {
// extract headers into an array
$headers = preg_split ("/[\n\r]+/",substr($buf,0,$pos));
// extract body into a string
$body = substr($buf,$pos+4);
}
}
phpCAS::traceEnd($res);
return $res;
}
| CASClient::redirectToCas | ( | $ | gateway | ) |
This method is used to redirect the client to the CAS server.
It is used by CASClient::forceAuthentication() and CASClient::checkAuthentication().
- Parameters:
-
$gateway true to check authentication, false to force it
Definition at line 752 of file client4.php.
References exit, getServerLoginURL(), getString(), printHTMLFooter(), and printHTMLHeader().
{
phpCAS::traceBegin();
$cas_url = $this->getServerLoginURL($gateway);
header('Location: '.$cas_url);
$this->printHTMLHeader($this->getString(CAS_STR_AUTHENTICATION_WANTED));
printf('<p>'.$this->getString(CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED).'</p>',$cas_url);
$this->printHTMLFooter();
phpCAS::traceExit();
exit();
}
Here is the call graph for this function:
| CASClient::retrievePT | ( | $ | target_service, | |
| &$ | err_code, | |||
| &$ | err_msg | |||
| ) | [private] |
This method is used to retrieve PT's from the CAS server thanks to a PGT.
- Parameters:
-
$target_service the service to ask for with the PT. $err_code an error code (PHPCAS_SERVICE_OK on success). $err_msg an error message (empty on success).
- Returns:
- a Proxy Ticket, or FALSE on error.
Definition at line 1370 of file client4.php.
References domxml_open_mem().
{
phpCAS::traceBegin();
// by default, $err_msg is set empty and $pt to TRUE. On error, $pt is
// set to false and $err_msg to an error message. At the end, if $pt is FALSE
// and $error_msg is still empty, it is set to 'invalid response' (the most
// commonly encountered error).
$err_msg = '';
// build the URL to retrieve the PT
$cas_url = $this->getServerProxyURL().'?targetService='.preg_replace('/&/','%26',$target_service).'&pgt='.$this->getPGT();
// open and read the URL
if ( !$this->readURL($cas_url,''/*cookies*/,$headers,$cas_response,$err_msg) ) {
phpCAS::trace('could not open URL \''.$cas_url.'\' to validate ('.$err_msg.')');
$err_code = PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE;
$err_msg = 'could not retrieve PT (no response from the CAS server)';
phpCAS::traceEnd(FALSE);
return FALSE;
}
$bad_response = FALSE;
if ( !$bad_response ) {
// read the response of the CAS server into a DOM object
if ( !($dom = @domxml_open_mem($cas_response))) {
phpCAS::trace('domxml_open_mem() failed');
// read failed
$bad_response = TRUE;
}
}
if ( !$bad_response ) {
// read the root node of the XML tree
if ( !($root = $dom->document_element()) ) {
phpCAS::trace('document_element() failed');
// read failed
$bad_response = TRUE;
}
}
if ( !$bad_response ) {
// insure that tag name is 'serviceResponse'
if ( hnodename($root->node_name()) != 'serviceResponse' ) {
phpCAS::trace('node_name() failed');
// bad root node
$bad_response = TRUE;
}
}
if ( !$bad_response ) {
// look for a proxySuccess tag
if ( sizeof($arr = $root->get_elements_by_tagname("proxySuccess")) != 0) {
// authentication succeded, look for a proxyTicket tag
if ( sizeof($arr = $root->get_elements_by_tagname("proxyTicket")) != 0) {
$err_code = PHPCAS_SERVICE_OK;
$err_msg = '';
$pt = trim($arr[0]->get_content());
phpCAS::traceEnd($pt);
return $pt;
} else {
phpCAS::trace('<proxySuccess> was found, but not <proxyTicket>');
}
}
// look for a proxyFailure tag
else if ( sizeof($arr = $root->get_elements_by_tagname("proxyFailure")) != 0) {
// authentication failed, extract the error
$err_code = PHPCAS_SERVICE_PT_FAILURE;
$err_msg = 'PT retrieving failed (code=`'
.$arr[0]->get_attribute('code')
.'\', message=`'
.trim($arr[0]->get_content())
.'\')';
phpCAS::traceEnd(FALSE);
return FALSE;
} else {
phpCAS::trace('neither <proxySuccess> nor <proxyFailure> found');
}
}
// at this step, we are sure that the response of the CAS server was ill-formed
$err_code = PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE;
$err_msg = 'Invalid response from the CAS server (response=`'.$cas_response.'\')';
phpCAS::traceEnd(FALSE);
return FALSE;
}
Here is the call graph for this function:
| CASClient::serviceMail | ( | $ | url, | |
| $ | flags, | |||
| &$ | err_code, | |||
| &$ | err_msg, | |||
| &$ | pt | |||
| ) |
This method is used to access an IMAP/POP3/NNTP service.
- Parameters:
-
$url a string giving the URL of the service, including the mailing box for IMAP URLs, as accepted by imap_open(). $flags options given to imap_open(). $err_code an error code Possible values are PHPCAS_SERVICE_OK (on success), PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE, PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE, PHPCAS_SERVICE_PT_FAILURE, PHPCAS_SERVICE_NOT AVAILABLE. $err_msg an error message on failure $pt the Proxy Ticket (PT) retrieved from the CAS server to access the URL on success, FALSE on error).
- Returns:
- an IMAP stream on success, FALSE otherwise (in this later case, $err_code gives the reason why it failed and $err_msg contains an error message).
Definition at line 1641 of file client4.php.
{
phpCAS::traceBegin();
// at first retrieve a PT
$pt = $this->retrievePT($target_service,$err_code,$output);
$stream = FALSE;
// test if PT was retrieved correctly
if ( !$pt ) {
// note: $err_code and $err_msg are filled by CASClient::retrievePT()
phpCAS::trace('PT was not retrieved correctly');
} else {
phpCAS::trace('opening IMAP URL `'.$url.'\'...');
$stream = @imap_open($url,$this->getUser(),$pt,$flags);
if ( !$stream ) {
phpCAS::trace('could not open URL');
$err_code = PHPCAS_SERVICE_NOT_AVAILABLE;
// give an error message
$err_msg = sprintf($this->getString(CAS_STR_SERVICE_UNAVAILABLE),
$service_url,
var_export(imap_errors(),TRUE));
$pt = FALSE;
$stream = FALSE;
} else {
phpCAS::trace('ok');
}
}
phpCAS::traceEnd($stream);
return $stream;
}
| CASClient::serviceWeb | ( | $ | url, | |
| &$ | err_code, | |||
| &$ | output | |||
| ) |
This method is used to access an HTTP[S] service.
- Parameters:
-
$url the service to access. $err_code an error code Possible values are PHPCAS_SERVICE_OK (on success), PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE, PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE, PHPCAS_SERVICE_PT_FAILURE, PHPCAS_SERVICE_NOT AVAILABLE. $output the output of the service (also used to give an error message on failure).
- Returns:
- TRUE on success, FALSE otherwise (in this later case, $err_code gives the reason why it failed and $output contains an error message).
Definition at line 1561 of file client4.php.
References $_SESSION, $output, and $res.
{
phpCAS::traceBegin();
// at first retrieve a PT
$pt = $this->retrievePT($url,$err_code,$output);
$res = TRUE;
// test if PT was retrieved correctly
if ( !$pt ) {
// note: $err_code and $err_msg are filled by CASClient::retrievePT()
phpCAS::trace('PT was not retrieved correctly');
$res = FALSE;
} else {
// add cookies if necessary
if ( is_array($_SESSION['phpCAS']['services'][$url]['cookies']) ) {
foreach ( $_SESSION['phpCAS']['services'][$url]['cookies'] as $name => $val ) {
$cookies[] = $name.'='.$val;
}
}
// build the URL including the PT
if ( strstr($url,'?') === FALSE ) {
$service_url = $url.'?ticket='.$pt;
} else {
$service_url = $url.'&ticket='.$pt;
}
phpCAS::trace('reading URL`'.$service_url.'\'');
if ( !$this->readURL($service_url,$cookies,$headers,$output,$err_msg) ) {
phpCAS::trace('could not read URL`'.$service_url.'\'');
$err_code = PHPCAS_SERVICE_NOT_AVAILABLE;
// give an error message
$output = sprintf($this->getString(CAS_STR_SERVICE_UNAVAILABLE),
$service_url,
$err_msg);
$res = FALSE;
} else {
// URL has been fetched, extract the cookies
phpCAS::trace('URL`'.$service_url.'\' has been read, storing cookies:');
foreach ( $headers as $header ) {
// test if the header is a cookie
if ( preg_match('/^Set-Cookie:/',$header) ) {
// the header is a cookie, remove the beginning
$header_val = preg_replace('/^Set-Cookie: */','',$header);
// extract interesting information
$name_val = strtok($header_val,'; ');
// extract the name and the value of the cookie
$cookie_name = strtok($name_val,'=');
$cookie_val = strtok('=');
// store the cookie
$_SESSION['phpCAS']['services'][$url]['cookies'][$cookie_name] = $cookie_val;
phpCAS::trace($cookie_name.' -> '.$cookie_val);
}
}
}
}
phpCAS::traceEnd($res);
return $res;
}
| CASClient::setCallbackMode | ( | $ | callback_mode | ) | [private] |
This method sets/unsets callback mode.
- Parameters:
-
$callback_mode TRUE to set callback mode, FALSE otherwise.
Definition at line 1079 of file client4.php.
{
$this->_callback_mode = $callback_mode;
}
| CASClient::setCallbackURL | ( | $ | url | ) | [private] |
This method sets the callback url.
- Parameters:
-
$callback_url url to set callback
Definition at line 1158 of file client4.php.
{
return $this->_callback_url = $url;
}
| CASClient::setHTMLFooter | ( | $ | footer | ) |
This method set the HTML footer used for all outputs.
- Parameters:
-
$footer the HTML footer.
Definition at line 146 of file client4.php.
{
$this->_output_footer = $footer;
}
| CASClient::setHTMLHeader | ( | $ | header | ) |
This method set the HTML header used for all outputs.
- Parameters:
-
$header the HTML header.
Definition at line 134 of file client4.php.
{
$this->_output_header = $header;
}
| CASClient::setLang | ( | $ | lang | ) |
This method is used to set the language used by phpCAS.
- Note:
- Can be called only once.
- Parameters:
-
$lang a string representing the language.
- See also:
- CAS_LANG_FRENCH, CAS_LANG_ENGLISH
Definition at line 225 of file client4.php.
| CASClient::setPGT | ( | $ | pgt | ) | [private] |
This method stores the Proxy Granting Ticket.
- Parameters:
-
$pgt The Proxy Granting Ticket.
Definition at line 1037 of file client4.php.
{ $this->_pgt = $pgt; }
| CASClient::setPGTStorageDB | ( | $ | user, | |
| $ | password, | |||
| $ | database_type, | |||
| $ | hostname, | |||
| $ | port, | |||
| $ | database, | |||
| $ | table | |||
| ) |
This method is used to tell phpCAS to store the response of the CAS server to PGT requests into a database.
- Note:
- The connection to the database is done only when needed. As a consequence, bad parameters are detected only when initializing PGT storage.
- Parameters:
-
$user the user to access the data with $password the user's password $database_type the type of the database hosting the data $hostname the server hosting the database $port the port the server is listening on $database the name of the database $table the name of the table storing the data
Definition at line 1290 of file client4.php.
{
// check that the storage has not already been set
if ( is_object($this->_pgt_storage) ) {
phpCAS::error('PGT storage already defined');
}
// warn the user that he should use file storage...
trigger_error('PGT storage into database is an experimental feature, use at your own risk',E_USER_WARNING);
// create the storage object
$this->_pgt_storage = & new PGTStorageDB($this,$user,$password,$database_type,$hostname,$port,$database,$table);
}
| CASClient::setPGTStorageFile | ( | $ | format = '', |
|
| $ | path = '' | |||
| ) |
This method is used to tell phpCAS to store the response of the CAS server to PGT requests onto the filesystem.
- Parameters:
-
$format the format used to store the PGT's (`plain' and `xml' allowed) $path the path where the PGT's should be stored
Definition at line 1261 of file client4.php.
{
// check that the storage has not already been set
if ( is_object($this->_pgt_storage) ) {
phpCAS::error('PGT storage already defined');
}
// create the storage object
$this->_pgt_storage = &new PGTStorageFile($this,$format,$path);
}
| CASClient::setPT | ( | $ | pt | ) | [private] |
This method stores the Proxy Ticket.
- Parameters:
-
$pt The Proxy Ticket.
Definition at line 1713 of file client4.php.
{ $this->_pt = $pt; }
| CASClient::setST | ( | $ | st | ) | [private] |
This method stores the Service Ticket.
- Parameters:
-
$st The Service Ticket.
Definition at line 827 of file client4.php.
{ $this->_st = $st; }
| CASClient::setURL | ( | $ | url | ) | [private] |
This method sets the URL of the current request.
- Parameters:
-
$url url to set for service
Definition at line 1904 of file client4.php.
{
$this->_url = $url;
}
| CASClient::setUser | ( | $ | user | ) | [private] |
This method sets the CAS user's login name.
- Parameters:
-
$user the login name of the authenticated user.
Definition at line 562 of file client4.php.
References $user.
{
$this->_user = $user;
}
| CASClient::storePGT | ( | $ | pgt, | |
| $ | pgt_iou | |||
| ) | [private] |
This method stores a PGT.
Halts on error.
- Parameters:
-
$pgt the PGT to store $pgt_iou its corresponding Iou
Definition at line 1227 of file client4.php.
{
// ensure that storage is initialized
$this->initPGTStorage();
// writes the PGT
$this->_pgt_storage->write($pgt,$pgt_iou);
}
| CASClient::validatePGT | ( | &$ | validate_url, | |
| $ | text_response, | |||
| $ | tree_response | |||
| ) | [private] |
This method is used to validate a PGT; halt on failure.
- Parameters:
-
$validate_url the URL of the request to the CAS server. $text_response the response of the CAS server, as is (XML text); result of CASClient::validateST() or CASClient::validatePT(). $tree_response the response of the CAS server, as a DOM XML tree; result of CASClient::validateST() or CASClient::validatePT().
- Returns:
- bool TRUE when successfull, halt otherwise by calling CASClient::authError().
Definition at line 1326 of file client4.php.
{
phpCAS::traceBegin();
if ( sizeof($arr = $tree_response->get_elements_by_tagname("proxyGrantingTicket")) == 0) {
phpCAS::trace('<proxyGrantingTicket> not found');
// authentication succeded, but no PGT Iou was transmitted
$this->authError('Ticket validated but no PGT Iou transmitted',
$validate_url,
FALSE/*$no_response*/,
FALSE/*$bad_response*/,
$text_response);
} else {
// PGT Iou transmitted, extract it
$pgt_iou = trim($arr[0]->get_content());
$pgt = $this->loadPGT($pgt_iou);
if ( $pgt == FALSE ) {
phpCAS::trace('could not load PGT');
$this->authError('PGT Iou was transmitted but PGT could not be retrieved',
$validate_url,
FALSE/*$no_response*/,
FALSE/*$bad_response*/,
$text_response);
}
$this->setPGT($pgt);
}
phpCAS::traceEnd(TRUE);
return TRUE;
}
| CASClient::validatePT | ( | &$ | validate_url, | |
| &$ | text_response, | |||
| &$ | tree_response | |||
| ) | [private] |
This method is used to validate a PT; halt on failure.
- Returns:
- bool TRUE when successfull, halt otherwise by calling CASClient::authError().
Definition at line 1740 of file client4.php.
{
phpCAS::traceBegin();
// build the URL to validate the ticket
$validate_url = $this->getServerProxyValidateURL().'&ticket='.$this->getPT();
if ( $this->isProxy() ) {
// pass the callback url for CAS proxies
$validate_url .= '&pgtUrl='.$this->getCallbackURL();
}
// open and read the URL
if ( !$this->readURL($validate_url,''/*cookies*/,$headers,$text_response,$err_msg) ) {
phpCAS::trace('could not open URL \''.$validate_url.'\' to validate ('.$err_msg.')');
$this->authError('PT not validated',
$validate_url,
TRUE/*$no_response*/);
}
// read the response of the CAS server into a DOM object
if ( !($dom = domxml_open_mem($text_response))) {
// read failed
$this->authError('PT not validated',
$alidate_url,
FALSE/*$no_response*/,
TRUE/*$bad_response*/,
$text_response);
}
// read the root node of the XML tree
if ( !($tree_response = $dom->document_element()) ) {
// read failed
$this->authError('PT not validated',
$validate_url,
FALSE/*$no_response*/,
TRUE/*$bad_response*/,
$text_response);
}
// insure that tag name is 'serviceResponse'
if ( hnodename($tree_response->node_name()) != 'serviceResponse' ) {
// bad root node
$this->authError('PT not validated',
$validate_url,
FALSE/*$no_response*/,
TRUE/*$bad_response*/,
$text_response);
}
if ( sizeof($arr = $tree_response->get_elements_by_tagname("authenticationSuccess")) != 0) {
// authentication succeded, extract the user name
if ( sizeof($arr = $tree_response->get_elements_by_tagname("user")) == 0) {
// no user specified => error
$this->authError('PT not validated',
$validate_url,
FALSE/*$no_response*/,
TRUE/*$bad_response*/,
$text_response);
}
$this->setUser(trim($arr[0]->get_content()));
} else if ( sizeof($arr = $tree_response->get_elements_by_tagname("authenticationFailure")) != 0) {
// authentication succeded, extract the error code and message
$this->authError('PT not validated',
$validate_url,
FALSE/*$no_response*/,
FALSE/*$bad_response*/,
$text_response,
$arr[0]->get_attribute('code')/*$err_code*/,
trim($arr[0]->get_content())/*$err_msg*/);
} else {
$this->authError('PT not validated',
$validate_url,
FALSE/*$no_response*/,
TRUE/*$bad_response*/,
$text_response);
}
// at this step, PT has been validated and $this->_user has been set,
phpCAS::traceEnd(TRUE);
return TRUE;
}
| CASClient::validateST | ( | $ | validate_url, | |
| &$ | text_response, | |||
| &$ | tree_response | |||
| ) | [private] |
This method is used to validate a ST; halt on failure, and sets $validate_url, $text_reponse and $tree_response on success.
These parameters are used later by CASClient::validatePGT() for CAS proxies.
- Parameters:
-
$validate_url the URL of the request to the CAS server. $text_response the response of the CAS server, as is (XML text). $tree_response the response of the CAS server, as a DOM XML tree.
- Returns:
- bool TRUE when successfull, halt otherwise by calling CASClient::authError().
Definition at line 861 of file client4.php.
References $user, authError(), domxml_open_mem(), getServerServiceValidateURL(), getST(), hnodename(), isProxy(), n, readURL(), and setUser().
{
phpCAS::traceBegin();
// build the URL to validate the ticket
$validate_url = $this->getServerServiceValidateURL().'&ticket='.$this->getST();
if ( $this->isProxy() ) {
// pass the callback url for CAS proxies
$validate_url .= '&pgtUrl='.$this->getCallbackURL();
}
// open and read the URL
if ( !$this->readURL($validate_url,''/*cookies*/,$headers,$text_response,$err_msg) ) {
phpCAS::trace('could not open URL \''.$validate_url.'\' to validate ('.$err_msg.')');
$this->authError('ST not validated (1)',
$validate_url,
TRUE/*$no_response*/);
}
// analyze the result depending on the version
switch ($this->getServerVersion()) {
case CAS_VERSION_1_0:
if (preg_match('/^no\n/',$text_response)) {
phpCAS::trace('ST has not been validated');
$this->authError('ST not validated (2)',
$validate_url,
FALSE/*$no_response*/,
FALSE/*$bad_response*/,
$text_response);
}
if (!preg_match('/^yes\n/',$text_response)) {
phpCAS::trace('ill-formed response');
$this->authError('ST not validated (3)',
$validate_url,
FALSE/*$no_response*/,
TRUE/*$bad_response*/,
$text_response);
}
// ST has been validated, extract the user name
$arr = preg_split('/\n/',$text_response);
$this->setUser(trim($arr[1]));
break;
case CAS_VERSION_2_0:
// read the response of the CAS server into a DOM object
if ( !($dom = domxml_open_mem($text_response))) {
phpCAS::trace('domxml_open_mem() failed');
$this->authError('ST not validated (4)',
$validate_url,
FALSE/*$no_response*/,
TRUE/*$bad_response*/,
$text_response);
}
// read the root node of the XML tree
if ( !($tree_response = $dom->document_element()) ) {
phpCAS::trace('document_element() failed');
$this->authError('ST not validated (5)',
$validate_url,
FALSE/*$no_response*/,
TRUE/*$bad_response*/,
$text_response);
}
// insure that tag name is 'serviceResponse'
if ( hnodename($tree_response->node_name()) != 'serviceResponse' ) {
phpCAS::trace('bad XML root node (should be `serviceResponse\' instead of `'.hnodename($tree_response->node_name()).'\'');
$this->authError('ST not validated (6)',
$validate_url,
FALSE/*$no_response*/,
TRUE/*$bad_response*/,
$text_response);
}
if ( sizeof($success_elements = $tree_response->get_elements_by_tagname("authenticationSuccess")) != 0) {
// authentication succeded, extract the user name
if ( sizeof($user_elements = $success_elements[0]->get_elements_by_tagname("user")) == 0) {
phpCAS::trace('<authenticationSuccess> found, but no <user>');
$this->authError('ST not validated (7)',
$validate_url,
FALSE/*$no_response*/,
TRUE/*$bad_response*/,
$text_response);
}
$user = trim($user_elements[0]->get_content());
phpCAS::trace('user = `'.$user);
$this->setUser($user);
} else if ( sizeof($failure_elements = $tree_response->get_elements_by_tagname("authenticationFailure")) != 0) {
phpCAS::trace('<authenticationFailure> found');
// authentication failed, extract the error code and message
$this->authError('ST not validated (8)',
$validate_url,
FALSE/*$no_response*/,
FALSE/*$bad_response*/,
$text_response,
$failure_elements[0]->get_attribute('code')/*$err_code*/,
trim($failure_elements[0]->get_content())/*$err_msg*/);
} else {
phpCAS::trace('neither <authenticationSuccess> nor <authenticationFailure> found');
$this->authError('ST not validated (9)',
$validate_url,
FALSE/*$no_response*/,
TRUE/*$bad_response*/,
$text_response);
}
break;
}
// at this step, ST has been validated and $this->_user has been set,
phpCAS::traceEnd(TRUE);
return TRUE;
}
Here is the call graph for this function:
| CASClient::wasPreviouslyAuthenticated | ( | ) | [private] |
This method tells if the user has already been (previously) authenticated by looking into the session variables.
- Note:
- This function switches to callback mode when needed.
- Returns:
- TRUE when the user has already been authenticated; FALSE otherwise.
Definition at line 695 of file client4.php.
References $_SESSION, $auth, callback(), isCallbackMode(), isProxy(), setPGT(), setPT(), setST(), and setUser().
{
phpCAS::traceBegin();
if ( $this->isCallbackMode() ) {
$this->callback();
}
$auth = FALSE;
if ( $this->isProxy() ) {
// CAS proxy: username and PGT must be present
if ( !empty($_SESSION['phpCAS']['user']) && !empty($_SESSION['phpCAS']['pgt']) ) {
// authentication already done
$this->setUser($_SESSION['phpCAS']['user']);
$this->setPGT($_SESSION['phpCAS']['pgt']);
phpCAS::trace('user = `'.$_SESSION['phpCAS']['user'].'\', PGT = `'.$_SESSION['phpCAS']['pgt'].'\'');
$auth = TRUE;
} elseif ( !empty($_SESSION['phpCAS']['user']) && empty($_SESSION['phpCAS']['pgt']) ) {
// these two variables should be empty or not empty at the same time
phpCAS::trace('username found (`'.$_SESSION['phpCAS']['user'].'\') but PGT is empty');
// unset all tickets to enforce authentication
unset($_SESSION['phpCAS']);
$this->setST('');
$this->setPT('');
} elseif ( empty($_SESSION['phpCAS']['user']) && !empty($_SESSION['phpCAS']['pgt']) ) {
// these two variables should be empty or not empty at the same time
phpCAS::trace('PGT found (`'.$_SESSION['phpCAS']['pgt'].'\') but username is empty');
// unset all tickets to enforce authentication
unset($_SESSION['phpCAS']);
$this->setST('');
$this->setPT('');
} else {
phpCAS::trace('neither user not PGT found');
}
} else {
// `simple' CAS client (not a proxy): username must be present
if ( !empty($_SESSION['phpCAS']['user']) ) {
// authentication already done
$this->setUser($_SESSION['phpCAS']['user']);
phpCAS::trace('user = `'.$_SESSION['phpCAS']['user'].'\'');
$auth = TRUE;
} else {
phpCAS::trace('no user found');
}
}
phpCAS::traceEnd($auth);
return $auth;
}
Here is the call graph for this function:
The documentation for this class was generated from the following files:
- Services/CAS/phpcas/source/CAS/client.php
- Services/CAS/phpcas/source/CAS/client4.php
