ILIAS  release_5-0 Revision 5.0.0-1144-gc4397b1f87
CAS proxied client features (CAS 2.0, Proxy Tickets)
+ Collaboration diagram for CAS proxied client features (CAS 2.0, Proxy Tickets):

Functions

 CASClient::getPT ()
 This method returns the Proxy Ticket provided in the URL of the request. More...
 
 CASClient::setPT ($pt)
 This method stores the Proxy Ticket. More...
 
 CASClient::hasPT ()
 This method tells if a Proxy Ticket was stored. More...
 
 CASClient::getSA ()
 This method returns the SAML Ticket provided in the URL of the request. More...
 
 CASClient::setSA ($sa)
 This method stores the SAML Ticket. More...
 
 CASClient::hasSA ()
 This method tells if a SAML Ticket was stored. More...
 
 CASClient::validatePT (&$validate_url, &$text_response, &$tree_response)
 This method is used to validate a ST or PT; halt on failure Used for all CAS 2.0 validations. More...
 

Variables

 CASClient::$_pt
 the Proxy Ticket provided in the URL of the request if present (empty otherwise). More...
 

Detailed Description

Function Documentation

◆ getPT()

CASClient::getPT ( )
private

This method returns the Proxy Ticket provided in the URL of the request.

Returns
The proxy ticket.

Definition at line 2445 of file client.php.

References CASClient\$_pt.

Referenced by CASClient\isAuthenticated(), and CASClient\validatePT().

2446  {
2447  // return 'ST'.substr($this->_pt, 2);
2448  return $this->_pt;
2449  }
$_pt
the Proxy Ticket provided in the URL of the request if present (empty otherwise). ...
Definition: client.php:2438
+ Here is the caller graph for this function:

◆ getSA()

CASClient::getSA ( )
private

This method returns the SAML Ticket provided in the URL of the request.

Returns
The SAML ticket.

Definition at line 2471 of file client.php.

Referenced by CASClient\buildSAMLPayload(), CASClient\isAuthenticated(), and CASClient\validateSA().

2472  { return 'ST'.substr($this->_sa, 2); }
+ Here is the caller graph for this function:

◆ hasPT()

CASClient::hasPT ( )
private

This method tells if a Proxy Ticket was stored.

Returns
TRUE if a Proxy Ticket has been stored.

Definition at line 2464 of file client.php.

Referenced by CASClient\isAuthenticated().

2465  { return !empty($this->_pt); }
+ Here is the caller graph for this function:

◆ hasSA()

CASClient::hasSA ( )
private

This method tells if a SAML Ticket was stored.

Returns
TRUE if a SAML Ticket has been stored.

Definition at line 2487 of file client.php.

Referenced by CASClient\isAuthenticated(), and CASClient\readURL().

2488  { return !empty($this->_sa); }
+ Here is the caller graph for this function:

◆ setPT()

CASClient::setPT (   $pt)
private

This method stores the Proxy Ticket.

Parameters
$ptThe Proxy Ticket.

Definition at line 2456 of file client.php.

Referenced by CASClient\wasPreviouslyAuthenticated().

2457  { $this->_pt = $pt; }
+ Here is the caller graph for this function:

◆ setSA()

CASClient::setSA (   $sa)
private

This method stores the SAML Ticket.

Parameters
$saThe SAML Ticket.

Definition at line 2479 of file client.php.

2480  { $this->_sa = $sa; }

◆ validatePT()

CASClient::validatePT ( $validate_url,
$text_response,
$tree_response 
)
private

This method is used to validate a ST or PT; halt on failure Used for all CAS 2.0 validations.

Returns
bool TRUE when successfull, halt otherwise by calling CASClient::authError().

Definition at line 2506 of file client.php.

References CASClient\getCallbackURL(), CASClient\getPT(), CASClient\getServerProxyValidateURL(), CASClient\isProxy(), CASClient\readURL(), phpCAS\trace(), and phpCAS\traceBegin().

Referenced by CASClient\isAuthenticated().

2507  {
2509  // build the URL to validate the ticket
2510  $validate_url = $this->getServerProxyValidateURL().'&ticket='.$this->getPT();
2511 
2512  if ( $this->isProxy() ) {
2513  // pass the callback url for CAS proxies
2514  $validate_url .= '&pgtUrl='.urlencode($this->getCallbackURL());
2515  }
2516 
2517  // open and read the URL
2518  if ( !$this->readURL($validate_url,''/*cookies*/,$headers,$text_response,$err_msg) ) {
2519  phpCAS::trace('could not open URL \''.$validate_url.'\' to validate ('.$err_msg.')');
2520  $this->authError('PT not validated',
2521  $validate_url,
2522  TRUE/*$no_response*/);
2523  }
2524 
2525  // read the response of the CAS server into a DOM object
2526  if ( !($dom = domxml_open_mem($text_response))) {
2527  // read failed
2528  $this->authError('PT not validated',
2529  $validate_url,
2530  FALSE/*$no_response*/,
2531  TRUE/*$bad_response*/,
2532  $text_response);
2533  }
2534  // read the root node of the XML tree
2535  if ( !($tree_response = $dom->document_element()) ) {
2536  // read failed
2537  $this->authError('PT not validated',
2538  $validate_url,
2539  FALSE/*$no_response*/,
2540  TRUE/*$bad_response*/,
2541  $text_response);
2542  }
2543  // insure that tag name is 'serviceResponse'
2544  if ( $tree_response->node_name() != 'serviceResponse' ) {
2545  // bad root node
2546  $this->authError('PT not validated',
2547  $validate_url,
2548  FALSE/*$no_response*/,
2549  TRUE/*$bad_response*/,
2550  $text_response);
2551  }
2552  if ( sizeof($arr = $tree_response->get_elements_by_tagname("authenticationSuccess")) != 0) {
2553  // authentication succeded, extract the user name
2554  if ( sizeof($arr = $tree_response->get_elements_by_tagname("user")) == 0) {
2555  // no user specified => error
2556  $this->authError('PT not validated',
2557  $validate_url,
2558  FALSE/*$no_response*/,
2559  TRUE/*$bad_response*/,
2560  $text_response);
2561  }
2562  $this->setUser(trim($arr[0]->get_content()));
2563 
2564  } else if ( sizeof($arr = $tree_response->get_elements_by_tagname("authenticationFailure")) != 0) {
2565  // authentication succeded, extract the error code and message
2566  $this->authError('PT not validated',
2567  $validate_url,
2568  FALSE/*$no_response*/,
2569  FALSE/*$bad_response*/,
2570  $text_response,
2571  $arr[0]->get_attribute('code')/*$err_code*/,
2572  trim($arr[0]->get_content())/*$err_msg*/);
2573  } else {
2574  $this->authError('PT not validated',
2575  $validate_url,
2576  FALSE/*$no_response*/,
2577  TRUE/*$bad_response*/,
2578  $text_response);
2579  }
2580 
2581  $this->renameSession($this->getPT());
2582  // at this step, PT has been validated and $this->_user has been set,
2583 
2584  phpCAS::traceEnd(TRUE);
2585  return TRUE;
2586  }
getServerProxyValidateURL()
This method is used to retrieve the proxy validating URL of the CAS server.
Definition: client.php:466
getCallbackURL()
This method returns the URL that should be used for the PGT callback (in fact the URL of the current ...
Definition: client.php:1796
traceBegin()
This method is used to indicate the start of the execution of a function in debug mode...
Definition: CAS.php:577
readURL($url, $cookies, &$headers, &$body, &$err_msg)
This method is used to acces a remote URL.
Definition: client.php:2163
getPT()
This method returns the Proxy Ticket provided in the URL of the request.
Definition: client.php:2445
isProxy()
Tells if a CAS client is a CAS proxy or not.
Definition: client.php:1681
trace($str)
This method is used to log something in debug mode.
Definition: CAS.php:569
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

Variable Documentation

◆ $_pt

CASClient::$_pt
private

the Proxy Ticket provided in the URL of the request if present (empty otherwise).

Written by CASClient::CASClient(), read by CASClient::getPT() and CASClient::hasPGT().

Definition at line 2438 of file client.php.

Referenced by CASClient\getPT().