ILIAS  Release_3_10_x_branch Revision 61812
 All Data Structures Namespaces Files Functions Variables Groups Pages
Public Member Functions | Private Member Functions | Private Attributes
CASClient Class Reference

The CASClient class is a client interface that provides CAS authentication to PHP applications. More...

+ Collaboration diagram for CASClient:

Public Member Functions

 setHTMLHeader ($header)
 This method set the HTML header used for all outputs.
 setHTMLFooter ($footer)
 This method set the HTML footer used for all outputs.
 setLang ($lang)
 This method is used to set the language used by phpCAS.
 CASClient ($server_version, $proxy, $server_hostname, $server_port, $server_uri, $start_session=true)
 CASClient constructor.
 getUser ()
 This method returns the CAS user's login name.
 forceAuthentication ()
 This method is called to be sure that the user is authenticated.
 checkAuthentication ()
 This method is called to check whether the ser is authenticated or not.
 isAuthenticated ()
 This method is called to check if the user is authenticated (previously or by tickets given in the URL.
 redirectToCas ($gateway)
 This method is used to redirect the client to the CAS server.
 logout ($url="")
 This method is used to logout from CAS.
 setPGTStorageFile ($format='', $path='')
 This method is used to tell phpCAS to store the response of the CAS server to PGT requests onto the filesystem.
 setPGTStorageDB ($user, $password, $database_type, $hostname, $port, $database, $table)
 This method is used to tell phpCAS to store the response of the CAS server to PGT requests into a database.
 serviceWeb ($url, &$err_code, &$output)
 This method is used to access an HTTP[S] service.
 serviceMail ($url, $flags, &$err_code, &$err_msg, &$pt)
 This method is used to access an IMAP/POP3/NNTP service.
 setHTMLHeader ($header)
 This method set the HTML header used for all outputs.
 setHTMLFooter ($footer)
 This method set the HTML footer used for all outputs.
 setLang ($lang)
 This method is used to set the language used by phpCAS.
 CASClient ($server_version, $proxy, $server_hostname, $server_port, $server_uri, $start_session=true)
 CASClient constructor.
 getUser ()
 This method returns the CAS user's login name.
 forceAuthentication ()
 This method is called to be sure that the user is authenticated.
 checkAuthentication ()
 This method is called to check whether the ser is authenticated or not.
 isAuthenticated ()
 This method is called to check if the user is authenticated (previously or by tickets given in the URL.
 redirectToCas ($gateway)
 This method is used to redirect the client to the CAS server.
 logout ($url="")
 This method is used to logout from CAS.
 setPGTStorageFile ($format='', $path='')
 This method is used to tell phpCAS to store the response of the CAS server to PGT requests onto the filesystem.
 setPGTStorageDB ($user, $password, $database_type, $hostname, $port, $database, $table)
 This method is used to tell phpCAS to store the response of the CAS server to PGT requests into a database.
 serviceWeb ($url, &$err_code, &$output)
 This method is used to access an HTTP[S] service.
 serviceMail ($url, $flags, &$err_code, &$err_msg, &$pt)
 This method is used to access an IMAP/POP3/NNTP service.

Private Member Functions

 HTMLFilterOutput ($str)
 This method filters a string by replacing special tokens by appropriate values and prints it.
 printHTMLHeader ($title)
 This method prints the header of the HTML output (after filtering).
 printHTMLFooter ()
 This method prints the footer of the HTML output (after filtering).
 getLang ()
 This method returns the language used by phpCAS.
 getString ($str)
 This method returns a string depending on the language.
 getServerVersion ()
 This method is used to retrieve the version of the CAS server.
 getServerHostname ()
 This method is used to retrieve the hostname of the CAS server.
 getServerPort ()
 This method is used to retrieve the port of the CAS server.
 getServerURI ()
 This method is used to retrieve the URI of the CAS server.
 getServerBaseURL ()
 This method is used to retrieve the base URL of the CAS server.
 getServerLoginURL ($gateway)
 This method is used to retrieve the login URL of the CAS server.
 getServerServiceValidateURL ()
 This method is used to retrieve the service validating URL of the CAS server.
 getServerProxyValidateURL ()
 This method is used to retrieve the proxy validating URL of the CAS server.
 getServerProxyURL ()
 This method is used to retrieve the proxy URL of the CAS server.
 getServerLogoutURL ()
 This method is used to retrieve the logout URL of the CAS server.
 setUser ($user)
 This method sets the CAS user's login name.
 wasPreviouslyAuthenticated ()
 This method tells if the user has already been (previously) authenticated by looking into the session variables.
 getST ()
 This method returns the Service Ticket provided in the URL of the request.
 setST ($st)
 This method stores the Service Ticket.
 hasST ()
 This method tells if a Service Ticket was stored.
 validateST ($validate_url, &$text_response, &$tree_response)
 This method is used to validate a ST; halt on failure, and sets $validate_url, $text_reponse and $tree_response on success.
 isProxy ()
 Tells if a CAS client is a CAS proxy or not.
 getPGT ()
 This method returns the Proxy Granting Ticket given by the CAS server.
 setPGT ($pgt)
 This method stores the Proxy Granting Ticket.
 hasPGT ()
 This method tells if a Proxy Granting Ticket was stored.
 setCallbackMode ($callback_mode)
 This method sets/unsets callback mode.
 isCallbackMode ()
 This method returns TRUE when the CAs client is running i callback mode, FALSE otherwise.
 getCallbackURL ()
 This method returns the URL that should be used for the PGT callback (in fact the URL of the current request without any CGI parameter, except if phpCAS::setFixedCallbackURL() was used).
 setCallbackURL ($url)
 This method sets the callback url.
 callback ()
 This method is called by CASClient::CASClient() when running in callback mode.
 initPGTStorage ()
 This method is used to initialize the storage of PGT's.
 storePGT ($pgt, $pgt_iou)
 This method stores a PGT.
 loadPGT ($pgt_iou)
 This method reads a PGT from its Iou and deletes the corresponding storage entry.
 validatePGT (&$validate_url, $text_response, $tree_response)
 This method is used to validate a PGT; halt on failure.
 retrievePT ($target_service, &$err_code, &$err_msg)
 This method is used to retrieve PT's from the CAS server thanks to a PGT.
 readURL ($url, $cookies, &$headers, &$body, &$err_msg)
 This method is used to acces a remote URL.
 getPT ()
 This method returns the Proxy Ticket provided in the URL of the request.
 setPT ($pt)
 This method stores the Proxy Ticket.
 hasPT ()
 This method tells if a Proxy Ticket was stored.
 validatePT (&$validate_url, &$text_response, &$tree_response)
 This method is used to validate a PT; halt on failure.
 getURL ()
 This method returns the URL of the current request (without any ticket CGI parameter).
 setURL ($url)
 This method sets the URL of the current request.
 authError ($failure, $cas_url, $no_response, $bad_response='', $cas_response='', $err_code='', $err_msg='')
 This method is used to print the HTML output when the user was not authenticated.
 HTMLFilterOutput ($str)
 This method filters a string by replacing special tokens by appropriate values and prints it.
 printHTMLHeader ($title)
 This method prints the header of the HTML output (after filtering).
 printHTMLFooter ()
 This method prints the footer of the HTML output (after filtering).
 getLang ()
 This method returns the language used by phpCAS.
 getString ($str)
 This method returns a string depending on the language.
 getServerVersion ()
 This method is used to retrieve the version of the CAS server.
 getServerHostname ()
 This method is used to retrieve the hostname of the CAS server.
 getServerPort ()
 This method is used to retrieve the port of the CAS server.
 getServerURI ()
 This method is used to retrieve the URI of the CAS server.
 getServerBaseURL ()
 This method is used to retrieve the base URL of the CAS server.
 getServerLoginURL ($gateway)
 This method is used to retrieve the login URL of the CAS server.
 getServerServiceValidateURL ()
 This method is used to retrieve the service validating URL of the CAS server.
 getServerProxyValidateURL ()
 This method is used to retrieve the proxy validating URL of the CAS server.
 getServerProxyURL ()
 This method is used to retrieve the proxy URL of the CAS server.
 getServerLogoutURL ()
 This method is used to retrieve the logout URL of the CAS server.
 setUser ($user)
 This method sets the CAS user's login name.
 wasPreviouslyAuthenticated ()
 This method tells if the user has already been (previously) authenticated by looking into the session variables.
 getST ()
 This method returns the Service Ticket provided in the URL of the request.
 setST ($st)
 This method stores the Service Ticket.
 hasST ()
 This method tells if a Service Ticket was stored.
 validateST ($validate_url, &$text_response, &$tree_response)
 This method is used to validate a ST; halt on failure, and sets $validate_url, $text_reponse and $tree_response on success.
 isProxy ()
 Tells if a CAS client is a CAS proxy or not.
 getPGT ()
 This method returns the Proxy Granting Ticket given by the CAS server.
 setPGT ($pgt)
 This method stores the Proxy Granting Ticket.
 hasPGT ()
 This method tells if a Proxy Granting Ticket was stored.
 setCallbackMode ($callback_mode)
 This method sets/unsets callback mode.
 isCallbackMode ()
 This method returns TRUE when the CAs client is running i callback mode, FALSE otherwise.
 getCallbackURL ()
 This method returns the URL that should be used for the PGT callback (in fact the URL of the current request without any CGI parameter, except if phpCAS::setFixedCallbackURL() was used).
 setCallbackURL ($url)
 This method sets the callback url.
 callback ()
 This method is called by CASClient::CASClient() when running in callback mode.
 initPGTStorage ()
 This method is used to initialize the storage of PGT's.
 storePGT ($pgt, $pgt_iou)
 This method stores a PGT.
 loadPGT ($pgt_iou)
 This method reads a PGT from its Iou and deletes the corresponding storage entry.
 validatePGT (&$validate_url, $text_response, $tree_response)
 This method is used to validate a PGT; halt on failure.
 retrievePT ($target_service, &$err_code, &$err_msg)
 This method is used to retrieve PT's from the CAS server thanks to a PGT.
 readURL ($url, $cookies, &$headers, &$body, &$err_msg)
 This method is used to acces a remote URL.
 getPT ()
 This method returns the Proxy Ticket provided in the URL of the request.
 setPT ($pt)
 This method stores the Proxy Ticket.
 hasPT ()
 This method tells if a Proxy Ticket was stored.
 validatePT (&$validate_url, &$text_response, &$tree_response)
 This method is used to validate a PT; halt on failure.
 getURL ()
 This method returns the URL of the current request (without any ticket CGI parameter).
 setURL ($url)
 This method sets the URL of the current request.
 authError ($failure, $cas_url, $no_response, $bad_response='', $cas_response='', $err_code='', $err_msg='')
 This method is used to print the HTML output when the user was not authenticated.

Private Attributes

 $_output_header
 A string used to print the header of HTML pages.
 $_output_footer
 A string used to print the footer of HTML pages.
 $_lang
 A string corresponding to the language used by phpCAS.
 $_strings
 array containing the strings used by phpCAS.
 $_server
 a record to store information about the CAS server.
 $_user
 The Authenticated user.
 $_st
 the Service Ticket provided in the URL of the request if present (empty otherwise).
 $_proxy
 A boolean telling if the client is a CAS proxy or not.
 $_pgt
 the Proxy Grnting Ticket given by the CAS server (empty otherwise).
 $_callback_mode
 each PHP script using phpCAS in proxy mode is its own callback to get the PGT back from the CAS server.
 $_callback_url
 the URL that should be used for the PGT callback (in fact the URL of the current request without any CGI parameter).
 $_pgt_storage
 an instance of a class inheriting of PGTStorage, used to deal with PGT storage.
 $_pt
 the Proxy Ticket provided in the URL of the request if present (empty otherwise).
 $_url
 the URL of the current request (without any ticket CGI parameter).

Detailed Description

The CASClient class is a client interface that provides CAS authentication to PHP applications.

Author
Pascal Aubry <pascal.aubry at univ-rennes1.fr>

Definition at line 22 of file client.php.

Member Function Documentation

CASClient::authError (   $failure,
  $cas_url,
  $no_response,
  $bad_response = '',
  $cas_response = '',
  $err_code = '',
  $err_msg = '' 
)
private

This method is used to print the HTML output when the user was not authenticated.

Parameters
$failurethe failure that occured
$cas_urlthe URL the CAS server was asked for
$no_responsethe response from the CAS server (other parameters are ignored if TRUE)
$bad_responsebad response from the CAS server ($err_code and $err_msg ignored if TRUE)
$cas_responsethe response of the CAS server
$err_codethe error code given by the CAS server
$err_msgthe error message given by the CAS server

Definition at line 1927 of file client4.php.

References $failure, CAS_STR_AUTHENTICATION_FAILED, CAS_STR_YOU_WERE_NOT_AUTHENTICATED, CAS_VERSION_1_0, CAS_VERSION_2_0, and exit.

{
phpCAS::traceBegin();
$this->printHTMLHeader($this->getString(CAS_STR_AUTHENTICATION_FAILED));
printf($this->getString(CAS_STR_YOU_WERE_NOT_AUTHENTICATED),$this->getURL(),$_SERVER['SERVER_ADMIN']);
phpCAS::trace('CAS URL: '.$cas_url);
phpCAS::trace('Authentication failure: '.$failure);
if ( $no_response ) {
phpCAS::trace('Reason: no response from the CAS server');
} else {
if ( $bad_response ) {
phpCAS::trace('Reason: bad response from the CAS server');
} else {
switch ($this->getServerVersion()) {
case CAS_VERSION_1_0:
phpCAS::trace('Reason: CAS error');
break;
case CAS_VERSION_2_0:
if ( empty($err_code) )
phpCAS::trace('Reason: no CAS error');
else
phpCAS::trace('Reason: ['.$err_code.'] CAS error: '.$err_msg);
break;
}
}
phpCAS::trace('CAS response: '.$cas_response);
}
$this->printHTMLFooter();
phpCAS::traceExit();
exit();
}
CASClient::callback ( )
private

This method is called by CASClient::CASClient() when running in callback mode.

It stores the PGT and its PGT Iou, prints its output and halts.

Definition at line 1169 of file client4.php.

References $_GET.

{
phpCAS::traceBegin();
$this->printHTMLHeader('phpCAS callback');
$pgt_iou = $_GET['pgtIou'];
$pgt = $_GET['pgtId'];
phpCAS::trace('Storing PGT `'.$pgt.'\' (id=`'.$pgt_iou.'\')');
echo '<p>Storing PGT `'.$pgt.'\' (id=`'.$pgt_iou.'\').</p>';
$this->storePGT($pgt,$pgt_iou);
$this->printHTMLFooter();
phpCAS::traceExit();
}
CASClient::CASClient (   $server_version,
  $proxy,
  $server_hostname,
  $server_port,
  $server_uri,
  $start_session = true 
)

CASClient constructor.

Parameters
$server_versionthe version of the CAS server
$proxyTRUE if the CAS client is a CAS proxy, FALSE otherwise
$server_hostnamethe hostname of the CAS server
$server_portthe port the CAS server is running on
$server_urithe URI the CAS server is responding on
$start_sessionHave phpCAS start PHP sessions (default true)
Returns
a newly created CASClient object

Definition at line 444 of file client4.php.

References $_GET, CAS_VERSION_1_0, CAS_VERSION_2_0, isCallbackMode(), isProxy(), and setCallbackMode().

{
phpCAS::traceBegin();
// activate session mechanism if desired
if ($start_session) {
session_start();
}
$this->_proxy = $proxy;
// check version
switch ($server_version) {
case CAS_VERSION_1_0:
if ( $this->isProxy() )
phpCAS::error('CAS proxies are not supported in CAS '
.$server_version);
break;
case CAS_VERSION_2_0:
break;
default:
phpCAS::error('this version of CAS (`'
.$server_version
.'\') is not supported by phpCAS '
.phpCAS::getVersion());
}
$this->_server['version'] = $server_version;
// check hostname
if ( empty($server_hostname)
|| !preg_match('/[\.\d\-abcdefghijklmnopqrstuvwxyz]*/',$server_hostname) ) {
phpCAS::error('bad CAS server hostname (`'.$server_hostname.'\')');
}
$this->_server['hostname'] = $server_hostname;
// check port
if ( $server_port == 0
|| !is_int($server_port) ) {
phpCAS::error('bad CAS server port (`'.$server_hostname.'\')');
}
$this->_server['port'] = $server_port;
// check URI
if ( !preg_match('/[\.\d\-_abcdefghijklmnopqrstuvwxyz\/]*/',$server_uri) ) {
phpCAS::error('bad CAS server URI (`'.$server_uri.'\')');
}
// add leading and trailing `/' and remove doubles
$server_uri = preg_replace('/\/\//','/','/'.$server_uri.'/');
$this->_server['uri'] = $server_uri;
// set to callback mode if PgtIou and PgtId CGI GET parameters are provided
if ( $this->isProxy() ) {
$this->setCallbackMode(!empty($_GET['pgtIou'])&&!empty($_GET['pgtId']));
}
if ( $this->isCallbackMode() ) {
// callback mode: check that phpCAS is secured
if ( $_SERVER['HTTPS'] != 'on' ) {
phpCAS::error('CAS proxies must be secured to use phpCAS; PGT\'s will not be received from the CAS server');
}
} else {
// normal mode: get ticket and remove it from CGI parameters for developpers
$ticket = $_GET['ticket'];
// at first check for a Service Ticket
if( preg_match('/^ST-/',$ticket)) {
phpCAS::trace('ST \''.$ticket.'\' found');
// ST present
$this->setST($ticket);
}
// in a second time check for a Proxy Ticket (CAS >= 2.0)
else if( ($this->getServerVersion()!=CAS_VERSION_1_0) && preg_match('/^PT-/',$ticket) ) {
phpCAS::trace('PT \''.$ticket.'\' found');
$this->setPT($ticket);
}
// ill-formed ticket, halt
else if ( !empty($ticket) ) {
phpCAS::error('ill-formed ticket found in the URL (ticket=`'.htmlentities($ticket).'\')');
}
// ticket has been taken into account, unset it to hide it to applications
unset($_GET['ticket']);
}
phpCAS::traceEnd();
}

+ Here is the call graph for this function:

CASClient::checkAuthentication ( )

This method is called to check whether the ser is authenticated or not.

Returns
TRUE when the user is authenticated, FALSE otherwise.

Definition at line 612 of file client4.php.

References $_SESSION, $res, isAuthenticated(), and redirectToCas().

{
phpCAS::traceBegin();
if ( $this->isAuthenticated() ) {
phpCAS::trace('user is authenticated');
$res = TRUE;
} else if (isset($_SESSION['phpCAS']['auth_checked'])) {
// the previous request has redirected the client to the CAS server with gateway=true
unset($_SESSION['phpCAS']['auth_checked']);
$res = FALSE;
} else {
$_SESSION['phpCAS']['auth_checked'] = true;
$this->redirectToCas(TRUE/* gateway */);
// never reached
$res = FALSE;
}
phpCAS::traceEnd($res);
return $res;
}

+ Here is the call graph for this function:

CASClient::forceAuthentication ( )

This method is called to be sure that the user is authenticated.

When not authenticated, halt by redirecting to the CAS server; otherwise return TRUE.

Returns
TRUE when the user is authenticated; otherwise halt.

Definition at line 588 of file client4.php.

References $_SESSION, $res, isAuthenticated(), and redirectToCas().

{
phpCAS::traceBegin();
if ( $this->isAuthenticated() ) {
// the user is authenticated, nothing to be done.
phpCAS::trace('no need to authenticate');
$res = TRUE;
} else {
// the user is not authenticated, redirect to the CAS server
unset($_SESSION['phpCAS']['auth_checked']);
$this->redirectToCas(FALSE/* no gateway */);
// never reached
$res = FALSE;
}
phpCAS::traceEnd($res);
return $res;
}

+ Here is the call graph for this function:

CASClient::getCallbackURL ( )
private

This method returns the URL that should be used for the PGT callback (in fact the URL of the current request without any CGI parameter, except if phpCAS::setFixedCallbackURL() was used).

Returns
The callback URL

Definition at line 1116 of file client4.php.

References $request_uri.

{
// the URL is built when needed only
if ( empty($this->_callback_url) ) {
$final_uri = '';
// remove the ticket if present in the URL
$final_uri = 'https://';
/* replaced by Julien Marchal - v0.4.6
* $this->uri .= $_SERVER['SERVER_NAME'];
*/
if(empty($_SERVER['HTTP_X_FORWARDED_SERVER'])){
/* replaced by teedog - v0.4.12
* $final_uri .= $_SERVER['SERVER_NAME'];
*/
if (empty($_SERVER['SERVER_NAME'])) {
$final_uri .= $_SERVER['HTTP_HOST'];
} else {
$final_uri .= $_SERVER['SERVER_NAME'];
}
} else {
$final_uri .= $_SERVER['HTTP_X_FORWARDED_SERVER'];
}
if ( ($_SERVER['HTTPS']=='on' && $_SERVER['SERVER_PORT']!=443)
|| ($_SERVER['HTTPS']!='on' && $_SERVER['SERVER_PORT']!=80) ) {
$final_uri .= ':';
$final_uri .= $_SERVER['SERVER_PORT'];
}
$request_uri = $_SERVER['REQUEST_URI'];
$request_uri = preg_replace('/\?.*$/','',$request_uri);
$final_uri .= $request_uri;
$this->setCallbackURL($final_uri);
}
return $this->_callback_url;
}
CASClient::getLang ( )
private

This method returns the language used by phpCAS.

Returns
a string representing the language

Definition at line 178 of file client4.php.

References $_lang, PHPCAS_LANG_DEFAULT, and setLang().

{
if ( empty($this->_lang) )
$this->setLang(PHPCAS_LANG_DEFAULT);
return $this->_lang;
}

+ Here is the call graph for this function:

CASClient::getPGT ( )
private

This method returns the Proxy Granting Ticket given by the CAS server.

Returns
The Proxy Granting Ticket.

Definition at line 1029 of file client4.php.

{ return $this->_pgt; }
CASClient::getPT ( )
private

This method returns the Proxy Ticket provided in the URL of the request.

Returns
The proxy ticket.

Definition at line 1705 of file client4.php.

{ return $this->_pt; }
CASClient::getServerBaseURL ( )
private

This method is used to retrieve the base URL of the CAS server.

Returns
a URL.

Definition at line 315 of file client4.php.

{
// the URL is build only when needed
if ( empty($this->_server['base_url']) ) {
$this->_server['base_url'] = 'https://'
.$this->getServerHostname()
.':'
.$this->getServerPort()
.$this->getServerURI();
}
return $this->_server['base_url'];
}
CASClient::getServerHostname ( )
private

This method is used to retrieve the hostname of the CAS server.

Returns
the hostname of the CAS server.

Definition at line 291 of file client4.php.

{ return $this->_server['hostname']; }
CASClient::getServerLoginURL (   $gateway)
private

This method is used to retrieve the login URL of the CAS server.

Parameters
$gatewaytrue to check authentication, false to force it
Returns
a URL.

Definition at line 334 of file client4.php.

References getServerBaseURL(), and getURL().

{
phpCAS::traceBegin();
// the URL is build only when needed
if ( empty($this->_server['login_url']) ) {
$this->_server['login_url'] = $this->getServerBaseURL();
$this->_server['login_url'] .= 'login?service=';
$this->_server['login_url'] .= preg_replace('/&/','%26',$this->getURL());
if ($gateway) {
$this->_server['login_url'] .= '&gateway=true';
}
}
phpCAS::traceEnd($this->_server['login_url']);
return $this->_server['login_url'];
}

+ Here is the call graph for this function:

CASClient::getServerLogoutURL ( )
private

This method is used to retrieve the logout URL of the CAS server.

Returns
a URL.

Definition at line 418 of file client4.php.

References getServerBaseURL().

{
// the URL is build only when needed
if ( empty($this->_server['logout_url']) ) {
$this->_server['logout_url'] = $this->getServerBaseURL().'logout';
}
return $this->_server['logout_url'];
}

+ Here is the call graph for this function:

CASClient::getServerPort ( )
private

This method is used to retrieve the port of the CAS server.

Returns
the port of the CAS server.

Definition at line 299 of file client4.php.

{ return $this->_server['port']; }
CASClient::getServerProxyURL ( )
private

This method is used to retrieve the proxy URL of the CAS server.

Returns
a URL.

Definition at line 397 of file client4.php.

References CAS_VERSION_1_0, CAS_VERSION_2_0, getServerBaseURL(), and getServerVersion().

{
// the URL is build only when needed
if ( empty($this->_server['proxy_url']) ) {
switch ($this->getServerVersion()) {
case CAS_VERSION_1_0:
$this->_server['proxy_url'] = '';
break;
case CAS_VERSION_2_0:
$this->_server['proxy_url'] = $this->getServerBaseURL().'proxy';
break;
}
}
return $this->_server['proxy_url'];
}

+ Here is the call graph for this function:

CASClient::getServerProxyValidateURL ( )
private

This method is used to retrieve the proxy validating URL of the CAS server.

Returns
a URL.

Definition at line 376 of file client4.php.

References CAS_VERSION_1_0, CAS_VERSION_2_0, getServerBaseURL(), getServerVersion(), and getURL().

{
// the URL is build only when needed
if ( empty($this->_server['proxy_validate_url']) ) {
switch ($this->getServerVersion()) {
case CAS_VERSION_1_0:
$this->_server['proxy_validate_url'] = '';
break;
case CAS_VERSION_2_0:
$this->_server['proxy_validate_url'] = $this->getServerBaseURL().'proxyValidate';
break;
}
}
return $this->_server['proxy_validate_url'].'?service='.preg_replace('/&/','%26',$this->getURL());
}

+ Here is the call graph for this function:

CASClient::getServerServiceValidateURL ( )
private

This method is used to retrieve the service validating URL of the CAS server.

Returns
a URL.

Definition at line 355 of file client4.php.

References CAS_VERSION_1_0, CAS_VERSION_2_0, getServerBaseURL(), getServerVersion(), and getURL().

{
// the URL is build only when needed
if ( empty($this->_server['service_validate_url']) ) {
switch ($this->getServerVersion()) {
case CAS_VERSION_1_0:
$this->_server['service_validate_url'] = $this->getServerBaseURL().'validate';
break;
case CAS_VERSION_2_0:
$this->_server['service_validate_url'] = $this->getServerBaseURL().'serviceValidate';
break;
}
}
return $this->_server['service_validate_url'].'?service='.preg_replace('/&/','%26',$this->getURL());
}

+ Here is the call graph for this function:

CASClient::getServerURI ( )
private

This method is used to retrieve the URI of the CAS server.

Returns
a URI.

Definition at line 307 of file client4.php.

{ return $this->_server['uri']; }
CASClient::getServerVersion ( )
private

This method is used to retrieve the version of the CAS server.

Returns
the version of the CAS server.

Definition at line 281 of file client4.php.

{
return $this->_server['version'];
}
CASClient::getST ( )
private

This method returns the Service Ticket provided in the URL of the request.

Returns
The service ticket.

Definition at line 819 of file client4.php.

References $_st.

{ return $this->_st; }
CASClient::getString (   $str)
private

This method returns a string depending on the language.

Parameters
$strthe index of the string in $_string.
Returns
the string corresponding to $index in $string.

Definition at line 205 of file client4.php.

References _strings, and getLang().

{
// call CASclient::getLang() to be sure the language is initialized
$this->getLang();
if ( !isset($this->_strings[$str]) ) {
trigger_error('string `'.$str.'\' not defined for language `'.$this->getLang().'\'',E_USER_ERROR);
}
return $this->_strings[$str];
}

+ Here is the call graph for this function:

CASClient::getURL ( )
private

This method returns the URL of the current request (without any ticket CGI parameter).

Returns
The URL

Definition at line 1854 of file client4.php.

{
phpCAS::traceBegin();
// the URL is built when needed only
if ( empty($this->_url) ) {
$final_uri = '';
// remove the ticket if present in the URL
$final_uri = ($_SERVER['HTTPS'] == 'on') ? 'https' : 'http';
$final_uri .= '://';
/* replaced by Julien Marchal - v0.4.6
* $this->_url .= $_SERVER['SERVER_NAME'];
*/
if(empty($_SERVER['HTTP_X_FORWARDED_SERVER'])){
/* replaced by teedog - v0.4.12
* $this->_url .= $_SERVER['SERVER_NAME'];
*/
if (empty($_SERVER['SERVER_NAME'])) {
$final_uri .= $_SERVER['HTTP_HOST'];
} else {
$final_uri .= $_SERVER['SERVER_NAME'];
}
} else {
$final_uri .= $_SERVER['HTTP_X_FORWARDED_SERVER'];
}
if ( ($_SERVER['HTTPS']=='on' && $_SERVER['SERVER_PORT']!=443)
|| ($_SERVER['HTTPS']!='on' && $_SERVER['SERVER_PORT']!=80) ) {
$final_uri .= ':';
$final_uri .= $_SERVER['SERVER_PORT'];
}
$final_uri .= strtok($_SERVER['REQUEST_URI'],"?");
$cgi_params = '?'.strtok("?");
// remove the ticket if present in the CGI parameters
$cgi_params = preg_replace('/&ticket=[^&]*/','',$cgi_params);
$cgi_params = preg_replace('/\?ticket=[^&;]*/','?',$cgi_params);
$cgi_params = preg_replace('/\?$/','',$cgi_params);
$final_uri .= $cgi_params;
$this->setURL($final_uri);
}
phpCAS::traceEnd($this->_url);
return $this->_url;
}
CASClient::getUser ( )

This method returns the CAS user's login name.

Warning
should be called only after CASClient::forceAuthentication() or CASClient::isAuthenticated(), otherwise halt with an error.
Returns
the login name of the authenticated user

Definition at line 574 of file client4.php.

References $_user.

{
if ( empty($this->_user) ) {
phpCAS::error('this method should be used only after '.__CLASS__.'::forceAuthentication() or '.__CLASS__.'::isAuthenticated()');
}
return $this->_user;
}
CASClient::hasPGT ( )
private

This method tells if a Proxy Granting Ticket was stored.

Returns
TRUE if a Proxy Granting Ticket has been stored.

Definition at line 1045 of file client4.php.

{ return !empty($this->_pgt); }
CASClient::hasPT ( )
private

This method tells if a Proxy Ticket was stored.

Returns
TRUE if a Proxy Ticket has been stored.

Definition at line 1721 of file client4.php.

{ return !empty($this->_pt); }
CASClient::hasST ( )
private

This method tells if a Service Ticket was stored.

Returns
TRUE if a Service Ticket has been stored.

Definition at line 835 of file client4.php.

{ return !empty($this->_st); }
CASClient::HTMLFilterOutput (   $str)
private

This method filters a string by replacing special tokens by appropriate values and prints it.

The corresponding tokens are taken into account:

  • CAS_VERSION
  • PHPCAS_VERSION
  • SERVER_BASE_URL

Used by CASClient::PrintHTMLHeader() and CASClient::printHTMLFooter().

Parameters
$strthe string to filter and output

Definition at line 65 of file client4.php.

References getServerBaseURL(), and getServerVersion().

{
$str = str_replace('__CAS_VERSION__',$this->getServerVersion(),$str);
$str = str_replace('__PHPCAS_VERSION__',phpCAS::getVersion(),$str);
$str = str_replace('__SERVER_BASE_URL__',$this->getServerBaseURL(),$str);
echo $str;
}

+ Here is the call graph for this function:

CASClient::initPGTStorage ( )
private

This method is used to initialize the storage of PGT's.

Halts on error.

Definition at line 1208 of file client4.php.

{
// if no SetPGTStorageXxx() has been used, default to file
if ( !is_object($this->_pgt_storage) ) {
$this->setPGTStorageFile();
}
// initializes the storage
$this->_pgt_storage->init();
}
CASClient::isAuthenticated ( )

This method is called to check if the user is authenticated (previously or by tickets given in the URL.

Returns
TRUE when the user is authenticated; otherwise halt.

Definition at line 641 of file client4.php.

References $_SESSION, $res, getPGT(), getPT(), getST(), getUser(), hasST(), isProxy(), validatePGT(), validatePT(), and wasPreviouslyAuthenticated().

{
phpCAS::traceBegin();
$res = FALSE;
$validate_url = '';
if ( $this->wasPreviouslyAuthenticated() ) {
// the user has already (previously during the session) been
// authenticated, nothing to be done.
phpCAS::trace('user was already authenticated, no need to look for tickets');
$res = TRUE;
} elseif ( $this->hasST() ) {
// if a Service Ticket was given, validate it
phpCAS::trace('ST `'.$this->getST().'\' is present');
$this->validateST($validate_url,$text_response,$tree_response); // if it fails, it halts
phpCAS::trace('ST `'.$this->getST().'\' was validated');
if ( $this->isProxy() ) {
$this->validatePGT($validate_url,$text_response,$tree_response); // idem
phpCAS::trace('PGT `'.$this->getPGT().'\' was validated');
$_SESSION['phpCAS']['pgt'] = $this->getPGT();
}
$_SESSION['phpCAS']['user'] = $this->getUser();
$res = TRUE;
} elseif ( $this->hasPT() ) {
// if a Proxy Ticket was given, validate it
phpCAS::trace('PT `'.$this->getPT().'\' is present');
$this->validatePT($validate_url,$text_response,$tree_response); // note: if it fails, it halts
phpCAS::trace('PT `'.$this->getPT().'\' was validated');
if ( $this->isProxy() ) {
$this->validatePGT($validate_url,$text_response,$tree_response); // idem
phpCAS::trace('PGT `'.$this->getPGT().'\' was validated');
$_SESSION['phpCAS']['pgt'] = $this->getPGT();
}
$_SESSION['phpCAS']['user'] = $this->getUser();
$res = TRUE;
} else {
// no ticket given, not authenticated
phpCAS::trace('no ticket found');
}
phpCAS::traceEnd($res);
return $res;
}

+ Here is the call graph for this function:

CASClient::isCallbackMode ( )
private

This method returns TRUE when the CAs client is running i callback mode, FALSE otherwise.

Returns
A boolean.

Definition at line 1092 of file client4.php.

{
return $this->_callback_mode;
}
CASClient::isProxy ( )
private

Tells if a CAS client is a CAS proxy or not.

Returns
TRUE when the CAS client is a CAs proxy, FALSE otherwise

Definition at line 1001 of file client4.php.

{
return $this->_proxy;
}
CASClient::loadPGT (   $pgt_iou)
private

This method reads a PGT from its Iou and deletes the corresponding storage entry.

Parameters
$pgt_iouthe PGT Iou
Returns
The PGT corresponding to the Iou, FALSE when not found.

Definition at line 1244 of file client4.php.

{
// ensure that storage is initialized
$this->initPGTStorage();
// read the PGT
return $this->_pgt_storage->read($pgt_iou);
}
CASClient::logout (   $url = "")

This method is used to logout from CAS.

Parameters
$urla URL that will be transmitted to the CAS server (to come back to when logged out)

Definition at line 769 of file client4.php.

References CAS_STR_LOGOUT, CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED, exit, getServerLogoutURL(), getString(), printHTMLFooter(), and printHTMLHeader().

{
phpCAS::traceBegin();
$cas_url = $this->getServerLogoutURL();
// v0.4.14 sebastien.gougeon at univ-rennes1.fr
// header('Location: '.$cas_url);
if ( $url != "" ) {
$url = '?service=' . $url;
}
header('Location: '.$cas_url . $url);
session_unset();
session_destroy();
$this->printHTMLHeader($this->getString(CAS_STR_LOGOUT));
printf('<p>'.$this->getString(CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED).'</p>',$cas_url);
$this->printHTMLFooter();
phpCAS::traceExit();
exit();
}

+ Here is the call graph for this function:

CASClient::printHTMLFooter ( )
private

This method prints the footer of the HTML output (after filtering).

If CASClient::setHTMLFooter() was not used, a default footer is output.

See Also
HTMLFilterOutput()

Definition at line 120 of file client4.php.

References CAS_STR_USING_SERVER, getString(), and HTMLFilterOutput().

{
$this->HTMLFilterOutput(empty($this->_output_footer)
?('<hr><address>phpCAS __PHPCAS_VERSION__ '.$this->getString(CAS_STR_USING_SERVER).' <a href="__SERVER_BASE_URL__">__SERVER_BASE_URL__</a> (CAS __CAS_VERSION__)</a></address></body></html>')
:$this->_output_footer);
}

+ Here is the call graph for this function:

CASClient::printHTMLHeader (   $title)
private

This method prints the header of the HTML output (after filtering).

If CASClient::setHTMLHeader() was not used, a default header is output.

Parameters
$titlethe title of the page
See Also
HTMLFilterOutput()

Definition at line 92 of file client4.php.

References $title, and HTMLFilterOutput().

{
$this->HTMLFilterOutput(str_replace('__TITLE__',
$title,
(empty($this->_output_header)
? '<html><head><title>__TITLE__</title></head><body><h1>__TITLE__</h1>'
: $this->output_header)
)
);
}

+ Here is the call graph for this function:

CASClient::readURL (   $url,
  $cookies,
$headers,
$body,
$err_msg 
)
private

This method is used to acces a remote URL.

Parameters
$urlthe URL to access.
$cookiesan array containing cookies strings such as 'name=val'
$headersan array containing the HTTP header lines of the response (an empty array on failure).
$bodythe body of the response, as a string (empty on failure).
$err_msgan error message, filled on failure.
Returns
TRUE on success, FALSE otherwise (in this later case, $err_msg contains an error message).

Definition at line 1478 of file client4.php.

References $res.

{
phpCAS::traceBegin();
$headers = '';
$body = '';
$err_msg = '';
$res = TRUE;
// initialize the CURL session
$ch = curl_init($url);
// verify the the server's certificate corresponds to its name
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 1);
// but do not verify the certificate itself
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
// return the CURL output into a variable
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
// include the HTTP header with the body
curl_setopt($ch, CURLOPT_HEADER, 1);
// add cookies headers
if ( is_array($cookies) ) {
curl_setopt($ch,CURLOPT_COOKIE,implode(';',$cookies));
}
// perform the query
$buf = curl_exec ($ch);
if ( $buf === FALSE ) {
phpCAS::trace('cur_exec() failed');
$err_msg = 'CURL error #'.curl_errno($ch).': '.curl_error($ch);
// close the CURL session
curl_close ($ch);
$res = FALSE;
} else {
// close the CURL session
curl_close ($ch);
// find the end of the headers
// note: strpos($str,"\n\r\n\r") does not work (?)
$pos = FALSE;
for ($i=0; $i<strlen($buf); $i++) {
if ( $buf[$i] == chr(13) )
if ( $buf[$i+1] == chr(10) )
if ( $buf[$i+2] == chr(13) )
if ( $buf[$i+3] == chr(10) ) {
// header found
$pos = $i;
break;
}
}
if ( $pos === FALSE ) {
// end of header not found
$err_msg = 'no header found';
phpCAS::trace($err_msg);
$res = FALSE;
} else {
// extract headers into an array
$headers = preg_split ("/[\n\r]+/",substr($buf,0,$pos));
// extract body into a string
$body = substr($buf,$pos+4);
}
}
phpCAS::traceEnd($res);
return $res;
}
CASClient::redirectToCas (   $gateway)

This method is used to redirect the client to the CAS server.

It is used by CASClient::forceAuthentication() and CASClient::checkAuthentication().

Parameters
$gatewaytrue to check authentication, false to force it

Definition at line 752 of file client4.php.

References CAS_STR_AUTHENTICATION_WANTED, CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED, exit, getServerLoginURL(), getString(), printHTMLFooter(), and printHTMLHeader().

{
phpCAS::traceBegin();
$cas_url = $this->getServerLoginURL($gateway);
header('Location: '.$cas_url);
$this->printHTMLHeader($this->getString(CAS_STR_AUTHENTICATION_WANTED));
printf('<p>'.$this->getString(CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED).'</p>',$cas_url);
$this->printHTMLFooter();
phpCAS::traceExit();
exit();
}

+ Here is the call graph for this function:

CASClient::retrievePT (   $target_service,
$err_code,
$err_msg 
)
private

This method is used to retrieve PT's from the CAS server thanks to a PGT.

Parameters
$target_servicethe service to ask for with the PT.
$err_codean error code (PHPCAS_SERVICE_OK on success).
$err_msgan error message (empty on success).
Returns
a Proxy Ticket, or FALSE on error.

Definition at line 1370 of file client4.php.

References domxml_open_mem().

{
phpCAS::traceBegin();
// by default, $err_msg is set empty and $pt to TRUE. On error, $pt is
// set to false and $err_msg to an error message. At the end, if $pt is FALSE
// and $error_msg is still empty, it is set to 'invalid response' (the most
// commonly encountered error).
$err_msg = '';
// build the URL to retrieve the PT
$cas_url = $this->getServerProxyURL().'?targetService='.preg_replace('/&/','%26',$target_service).'&pgt='.$this->getPGT();
// open and read the URL
if ( !$this->readURL($cas_url,''/*cookies*/,$headers,$cas_response,$err_msg) ) {
phpCAS::trace('could not open URL \''.$cas_url.'\' to validate ('.$err_msg.')');
$err_code = PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE;
$err_msg = 'could not retrieve PT (no response from the CAS server)';
phpCAS::traceEnd(FALSE);
return FALSE;
}
$bad_response = FALSE;
if ( !$bad_response ) {
// read the response of the CAS server into a DOM object
if ( !($dom = @domxml_open_mem($cas_response))) {
phpCAS::trace('domxml_open_mem() failed');
// read failed
$bad_response = TRUE;
}
}
if ( !$bad_response ) {
// read the root node of the XML tree
if ( !($root = $dom->document_element()) ) {
phpCAS::trace('document_element() failed');
// read failed
$bad_response = TRUE;
}
}
if ( !$bad_response ) {
// insure that tag name is 'serviceResponse'
if ( hnodename($root->node_name()) != 'serviceResponse' ) {
phpCAS::trace('node_name() failed');
// bad root node
$bad_response = TRUE;
}
}
if ( !$bad_response ) {
// look for a proxySuccess tag
if ( sizeof($arr = $root->get_elements_by_tagname("proxySuccess")) != 0) {
// authentication succeded, look for a proxyTicket tag
if ( sizeof($arr = $root->get_elements_by_tagname("proxyTicket")) != 0) {
$err_code = PHPCAS_SERVICE_OK;
$err_msg = '';
$pt = trim($arr[0]->get_content());
phpCAS::traceEnd($pt);
return $pt;
} else {
phpCAS::trace('<proxySuccess> was found, but not <proxyTicket>');
}
}
// look for a proxyFailure tag
else if ( sizeof($arr = $root->get_elements_by_tagname("proxyFailure")) != 0) {
// authentication failed, extract the error
$err_code = PHPCAS_SERVICE_PT_FAILURE;
$err_msg = 'PT retrieving failed (code=`'
.$arr[0]->get_attribute('code')
.'\', message=`'
.trim($arr[0]->get_content())
.'\')';
phpCAS::traceEnd(FALSE);
return FALSE;
} else {
phpCAS::trace('neither <proxySuccess> nor <proxyFailure> found');
}
}
// at this step, we are sure that the response of the CAS server was ill-formed
$err_code = PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE;
$err_msg = 'Invalid response from the CAS server (response=`'.$cas_response.'\')';
phpCAS::traceEnd(FALSE);
return FALSE;
}

+ Here is the call graph for this function:

CASClient::serviceMail (   $url,
  $flags,
$err_code,
$err_msg,
$pt 
)

This method is used to access an IMAP/POP3/NNTP service.

Parameters
$urla string giving the URL of the service, including the mailing box for IMAP URLs, as accepted by imap_open().
$flagsoptions given to imap_open().
$err_codean error code Possible values are PHPCAS_SERVICE_OK (on success), PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE, PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE, PHPCAS_SERVICE_PT_FAILURE, PHPCAS_SERVICE_NOT AVAILABLE.
$err_msgan error message on failure
$ptthe Proxy Ticket (PT) retrieved from the CAS server to access the URL on success, FALSE on error).
Returns
an IMAP stream on success, FALSE otherwise (in this later case, $err_code gives the reason why it failed and $err_msg contains an error message).

Definition at line 1641 of file client4.php.

{
phpCAS::traceBegin();
// at first retrieve a PT
$pt = $this->retrievePT($target_service,$err_code,$output);
$stream = FALSE;
// test if PT was retrieved correctly
if ( !$pt ) {
// note: $err_code and $err_msg are filled by CASClient::retrievePT()
phpCAS::trace('PT was not retrieved correctly');
} else {
phpCAS::trace('opening IMAP URL `'.$url.'\'...');
$stream = @imap_open($url,$this->getUser(),$pt,$flags);
if ( !$stream ) {
phpCAS::trace('could not open URL');
$err_code = PHPCAS_SERVICE_NOT_AVAILABLE;
// give an error message
$err_msg = sprintf($this->getString(CAS_STR_SERVICE_UNAVAILABLE),
$service_url,
var_export(imap_errors(),TRUE));
$pt = FALSE;
$stream = FALSE;
} else {
phpCAS::trace('ok');
}
}
phpCAS::traceEnd($stream);
return $stream;
}
CASClient::serviceWeb (   $url,
$err_code,
$output 
)

This method is used to access an HTTP[S] service.

Parameters
$urlthe service to access.
$err_codean error code Possible values are PHPCAS_SERVICE_OK (on success), PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE, PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE, PHPCAS_SERVICE_PT_FAILURE, PHPCAS_SERVICE_NOT AVAILABLE.
$outputthe output of the service (also used to give an error message on failure).
Returns
TRUE on success, FALSE otherwise (in this later case, $err_code gives the reason why it failed and $output contains an error message).

Definition at line 1561 of file client4.php.

References $_SESSION, $res, and CAS_STR_SERVICE_UNAVAILABLE.

{
phpCAS::traceBegin();
// at first retrieve a PT
$pt = $this->retrievePT($url,$err_code,$output);
$res = TRUE;
// test if PT was retrieved correctly
if ( !$pt ) {
// note: $err_code and $err_msg are filled by CASClient::retrievePT()
phpCAS::trace('PT was not retrieved correctly');
$res = FALSE;
} else {
// add cookies if necessary
if ( is_array($_SESSION['phpCAS']['services'][$url]['cookies']) ) {
foreach ( $_SESSION['phpCAS']['services'][$url]['cookies'] as $name => $val ) {
$cookies[] = $name.'='.$val;
}
}
// build the URL including the PT
if ( strstr($url,'?') === FALSE ) {
$service_url = $url.'?ticket='.$pt;
} else {
$service_url = $url.'&ticket='.$pt;
}
phpCAS::trace('reading URL`'.$service_url.'\'');
if ( !$this->readURL($service_url,$cookies,$headers,$output,$err_msg) ) {
phpCAS::trace('could not read URL`'.$service_url.'\'');
$err_code = PHPCAS_SERVICE_NOT_AVAILABLE;
// give an error message
$output = sprintf($this->getString(CAS_STR_SERVICE_UNAVAILABLE),
$service_url,
$err_msg);
$res = FALSE;
} else {
// URL has been fetched, extract the cookies
phpCAS::trace('URL`'.$service_url.'\' has been read, storing cookies:');
foreach ( $headers as $header ) {
// test if the header is a cookie
if ( preg_match('/^Set-Cookie:/',$header) ) {
// the header is a cookie, remove the beginning
$header_val = preg_replace('/^Set-Cookie: */','',$header);
// extract interesting information
$name_val = strtok($header_val,'; ');
// extract the name and the value of the cookie
$cookie_name = strtok($name_val,'=');
$cookie_val = strtok('=');
// store the cookie
$_SESSION['phpCAS']['services'][$url]['cookies'][$cookie_name] = $cookie_val;
phpCAS::trace($cookie_name.' -> '.$cookie_val);
}
}
}
}
phpCAS::traceEnd($res);
return $res;
}
CASClient::setCallbackMode (   $callback_mode)
private

This method sets/unsets callback mode.

Parameters
$callback_modeTRUE to set callback mode, FALSE otherwise.

Definition at line 1079 of file client4.php.

{
$this->_callback_mode = $callback_mode;
}
CASClient::setCallbackURL (   $url)
private

This method sets the callback url.

Parameters
$callback_urlurl to set callback

Definition at line 1158 of file client4.php.

{
return $this->_callback_url = $url;
}
CASClient::setHTMLFooter (   $footer)

This method set the HTML footer used for all outputs.

Parameters
$footerthe HTML footer.

Definition at line 146 of file client4.php.

{
$this->_output_footer = $footer;
}
CASClient::setHTMLHeader (   $header)

This method set the HTML header used for all outputs.

Parameters
$headerthe HTML header.

Definition at line 134 of file client4.php.

{
$this->_output_header = $header;
}
CASClient::setLang (   $lang)

This method is used to set the language used by phpCAS.

Note
Can be called only once.
Parameters
$langa string representing the language.
See Also
CAS_LANG_FRENCH, CAS_LANG_ENGLISH

Definition at line 225 of file client4.php.

References $lang, and _strings.

{
// include the corresponding language file
include_once(dirname(__FILE__).'/languages/'.$lang.'.php');
if ( !is_array($this->_strings) ) {
trigger_error('language `'.$lang.'\' is not implemented',E_USER_ERROR);
}
$this->_lang = $lang;
}
CASClient::setPGT (   $pgt)
private

This method stores the Proxy Granting Ticket.

Parameters
$pgtThe Proxy Granting Ticket.

Definition at line 1037 of file client4.php.

{ $this->_pgt = $pgt; }
CASClient::setPGTStorageDB (   $user,
  $password,
  $database_type,
  $hostname,
  $port,
  $database,
  $table 
)

This method is used to tell phpCAS to store the response of the CAS server to PGT requests into a database.

Note
The connection to the database is done only when needed. As a consequence, bad parameters are detected only when initializing PGT storage.
Parameters
$userthe user to access the data with
$passwordthe user's password
$database_typethe type of the database hosting the data
$hostnamethe server hosting the database
$portthe port the server is listening on
$databasethe name of the database
$tablethe name of the table storing the data

Definition at line 1290 of file client4.php.

References $user.

{
// check that the storage has not already been set
if ( is_object($this->_pgt_storage) ) {
phpCAS::error('PGT storage already defined');
}
// warn the user that he should use file storage...
trigger_error('PGT storage into database is an experimental feature, use at your own risk',E_USER_WARNING);
// create the storage object
$this->_pgt_storage = & new PGTStorageDB($this,$user,$password,$database_type,$hostname,$port,$database,$table);
}
CASClient::setPGTStorageFile (   $format = '',
  $path = '' 
)

This method is used to tell phpCAS to store the response of the CAS server to PGT requests onto the filesystem.

Parameters
$formatthe format used to store the PGT's (`plain' and `xml' allowed)
$paththe path where the PGT's should be stored

Definition at line 1261 of file client4.php.

{
// check that the storage has not already been set
if ( is_object($this->_pgt_storage) ) {
phpCAS::error('PGT storage already defined');
}
// create the storage object
$this->_pgt_storage = &new PGTStorageFile($this,$format,$path);
}
CASClient::setPT (   $pt)
private

This method stores the Proxy Ticket.

Parameters
$ptThe Proxy Ticket.

Definition at line 1713 of file client4.php.

{ $this->_pt = $pt; }
CASClient::setST (   $st)
private

This method stores the Service Ticket.

Parameters
$stThe Service Ticket.

Definition at line 827 of file client4.php.

{ $this->_st = $st; }
CASClient::setURL (   $url)
private

This method sets the URL of the current request.

Parameters
$urlurl to set for service

Definition at line 1904 of file client4.php.

{
$this->_url = $url;
}
CASClient::setUser (   $user)
private

This method sets the CAS user's login name.

Parameters
$userthe login name of the authenticated user.

Definition at line 562 of file client4.php.

References $user.

{
$this->_user = $user;
}
CASClient::storePGT (   $pgt,
  $pgt_iou 
)
private

This method stores a PGT.

Halts on error.

Parameters
$pgtthe PGT to store
$pgt_iouits corresponding Iou

Definition at line 1227 of file client4.php.

{
// ensure that storage is initialized
$this->initPGTStorage();
// writes the PGT
$this->_pgt_storage->write($pgt,$pgt_iou);
}
CASClient::validatePGT ( $validate_url,
  $text_response,
  $tree_response 
)
private

This method is used to validate a PGT; halt on failure.

Parameters
$validate_urlthe URL of the request to the CAS server.
$text_responsethe response of the CAS server, as is (XML text); result of CASClient::validateST() or CASClient::validatePT().
$tree_responsethe response of the CAS server, as a DOM XML tree; result of CASClient::validateST() or CASClient::validatePT().
Returns
bool TRUE when successfull, halt otherwise by calling CASClient::authError().

Definition at line 1326 of file client4.php.

{
phpCAS::traceBegin();
if ( sizeof($arr = $tree_response->get_elements_by_tagname("proxyGrantingTicket")) == 0) {
phpCAS::trace('<proxyGrantingTicket> not found');
// authentication succeded, but no PGT Iou was transmitted
$this->authError('Ticket validated but no PGT Iou transmitted',
$validate_url,
FALSE/*$no_response*/,
FALSE/*$bad_response*/,
$text_response);
} else {
// PGT Iou transmitted, extract it
$pgt_iou = trim($arr[0]->get_content());
$pgt = $this->loadPGT($pgt_iou);
if ( $pgt == FALSE ) {
phpCAS::trace('could not load PGT');
$this->authError('PGT Iou was transmitted but PGT could not be retrieved',
$validate_url,
FALSE/*$no_response*/,
FALSE/*$bad_response*/,
$text_response);
}
$this->setPGT($pgt);
}
phpCAS::traceEnd(TRUE);
return TRUE;
}
CASClient::validatePT ( $validate_url,
$text_response,
$tree_response 
)
private

This method is used to validate a PT; halt on failure.

Returns
bool TRUE when successfull, halt otherwise by calling CASClient::authError().

Definition at line 1740 of file client4.php.

{
phpCAS::traceBegin();
// build the URL to validate the ticket
$validate_url = $this->getServerProxyValidateURL().'&ticket='.$this->getPT();
if ( $this->isProxy() ) {
// pass the callback url for CAS proxies
$validate_url .= '&pgtUrl='.$this->getCallbackURL();
}
// open and read the URL
if ( !$this->readURL($validate_url,''/*cookies*/,$headers,$text_response,$err_msg) ) {
phpCAS::trace('could not open URL \''.$validate_url.'\' to validate ('.$err_msg.')');
$this->authError('PT not validated',
$validate_url,
TRUE/*$no_response*/);
}
// read the response of the CAS server into a DOM object
if ( !($dom = domxml_open_mem($text_response))) {
// read failed
$this->authError('PT not validated',
$alidate_url,
FALSE/*$no_response*/,
TRUE/*$bad_response*/,
$text_response);
}
// read the root node of the XML tree
if ( !($tree_response = $dom->document_element()) ) {
// read failed
$this->authError('PT not validated',
$validate_url,
FALSE/*$no_response*/,
TRUE/*$bad_response*/,
$text_response);
}
// insure that tag name is 'serviceResponse'
if ( hnodename($tree_response->node_name()) != 'serviceResponse' ) {
// bad root node
$this->authError('PT not validated',
$validate_url,
FALSE/*$no_response*/,
TRUE/*$bad_response*/,
$text_response);
}
if ( sizeof($arr = $tree_response->get_elements_by_tagname("authenticationSuccess")) != 0) {
// authentication succeded, extract the user name
if ( sizeof($arr = $tree_response->get_elements_by_tagname("user")) == 0) {
// no user specified => error
$this->authError('PT not validated',
$validate_url,
FALSE/*$no_response*/,
TRUE/*$bad_response*/,
$text_response);
}
$this->setUser(trim($arr[0]->get_content()));
} else if ( sizeof($arr = $tree_response->get_elements_by_tagname("authenticationFailure")) != 0) {
// authentication succeded, extract the error code and message
$this->authError('PT not validated',
$validate_url,
FALSE/*$no_response*/,
FALSE/*$bad_response*/,
$text_response,
$arr[0]->get_attribute('code')/*$err_code*/,
trim($arr[0]->get_content())/*$err_msg*/);
} else {
$this->authError('PT not validated',
$validate_url,
FALSE/*$no_response*/,
TRUE/*$bad_response*/,
$text_response);
}
// at this step, PT has been validated and $this->_user has been set,
phpCAS::traceEnd(TRUE);
return TRUE;
}
CASClient::validateST (   $validate_url,
$text_response,
$tree_response 
)
private

This method is used to validate a ST; halt on failure, and sets $validate_url, $text_reponse and $tree_response on success.

These parameters are used later by CASClient::validatePGT() for CAS proxies.

Parameters
$validate_urlthe URL of the request to the CAS server.
$text_responsethe response of the CAS server, as is (XML text).
$tree_responsethe response of the CAS server, as a DOM XML tree.
Returns
bool TRUE when successfull, halt otherwise by calling CASClient::authError().

Definition at line 861 of file client4.php.

References $user, authError(), domxml_open_mem(), getServerServiceValidateURL(), getST(), hnodename(), isProxy(), n, readURL(), and setUser().

{
phpCAS::traceBegin();
// build the URL to validate the ticket
$validate_url = $this->getServerServiceValidateURL().'&ticket='.$this->getST();
if ( $this->isProxy() ) {
// pass the callback url for CAS proxies
$validate_url .= '&pgtUrl='.$this->getCallbackURL();
}
// open and read the URL
if ( !$this->readURL($validate_url,''/*cookies*/,$headers,$text_response,$err_msg) ) {
phpCAS::trace('could not open URL \''.$validate_url.'\' to validate ('.$err_msg.')');
$this->authError('ST not validated (1)',
$validate_url,
TRUE/*$no_response*/);
}
// analyze the result depending on the version
switch ($this->getServerVersion()) {
case CAS_VERSION_1_0:
if (preg_match('/^no\n/',$text_response)) {
phpCAS::trace('ST has not been validated');
$this->authError('ST not validated (2)',
$validate_url,
FALSE/*$no_response*/,
FALSE/*$bad_response*/,
$text_response);
}
if (!preg_match('/^yes\n/',$text_response)) {
phpCAS::trace('ill-formed response');
$this->authError('ST not validated (3)',
$validate_url,
FALSE/*$no_response*/,
TRUE/*$bad_response*/,
$text_response);
}
// ST has been validated, extract the user name
$arr = preg_split('/\n/',$text_response);
$this->setUser(trim($arr[1]));
break;
case CAS_VERSION_2_0:
// read the response of the CAS server into a DOM object
if ( !($dom = domxml_open_mem($text_response))) {
phpCAS::trace('domxml_open_mem() failed');
$this->authError('ST not validated (4)',
$validate_url,
FALSE/*$no_response*/,
TRUE/*$bad_response*/,
$text_response);
}
// read the root node of the XML tree
if ( !($tree_response = $dom->document_element()) ) {
phpCAS::trace('document_element() failed');
$this->authError('ST not validated (5)',
$validate_url,
FALSE/*$no_response*/,
TRUE/*$bad_response*/,
$text_response);
}
// insure that tag name is 'serviceResponse'
if ( hnodename($tree_response->node_name()) != 'serviceResponse' ) {
phpCAS::trace('bad XML root node (should be `serviceResponse\' instead of `'.hnodename($tree_response->node_name()).'\'');
$this->authError('ST not validated (6)',
$validate_url,
FALSE/*$no_response*/,
TRUE/*$bad_response*/,
$text_response);
}
if ( sizeof($success_elements = $tree_response->get_elements_by_tagname("authenticationSuccess")) != 0) {
// authentication succeded, extract the user name
if ( sizeof($user_elements = $success_elements[0]->get_elements_by_tagname("user")) == 0) {
phpCAS::trace('<authenticationSuccess> found, but no <user>');
$this->authError('ST not validated (7)',
$validate_url,
FALSE/*$no_response*/,
TRUE/*$bad_response*/,
$text_response);
}
$user = trim($user_elements[0]->get_content());
phpCAS::trace('user = `'.$user);
$this->setUser($user);
} else if ( sizeof($failure_elements = $tree_response->get_elements_by_tagname("authenticationFailure")) != 0) {
phpCAS::trace('<authenticationFailure> found');
// authentication failed, extract the error code and message
$this->authError('ST not validated (8)',
$validate_url,
FALSE/*$no_response*/,
FALSE/*$bad_response*/,
$text_response,
$failure_elements[0]->get_attribute('code')/*$err_code*/,
trim($failure_elements[0]->get_content())/*$err_msg*/);
} else {
phpCAS::trace('neither <authenticationSuccess> nor <authenticationFailure> found');
$this->authError('ST not validated (9)',
$validate_url,
FALSE/*$no_response*/,
TRUE/*$bad_response*/,
$text_response);
}
break;
}
// at this step, ST has been validated and $this->_user has been set,
phpCAS::traceEnd(TRUE);
return TRUE;
}

+ Here is the call graph for this function:

CASClient::wasPreviouslyAuthenticated ( )
private

This method tells if the user has already been (previously) authenticated by looking into the session variables.

Note
This function switches to callback mode when needed.
Returns
TRUE when the user has already been authenticated; FALSE otherwise.

Definition at line 695 of file client4.php.

References $_SESSION, $auth, callback(), isCallbackMode(), isProxy(), setPGT(), setPT(), setST(), and setUser().

{
phpCAS::traceBegin();
if ( $this->isCallbackMode() ) {
$this->callback();
}
$auth = FALSE;
if ( $this->isProxy() ) {
// CAS proxy: username and PGT must be present
if ( !empty($_SESSION['phpCAS']['user']) && !empty($_SESSION['phpCAS']['pgt']) ) {
// authentication already done
$this->setUser($_SESSION['phpCAS']['user']);
$this->setPGT($_SESSION['phpCAS']['pgt']);
phpCAS::trace('user = `'.$_SESSION['phpCAS']['user'].'\', PGT = `'.$_SESSION['phpCAS']['pgt'].'\'');
$auth = TRUE;
} elseif ( !empty($_SESSION['phpCAS']['user']) && empty($_SESSION['phpCAS']['pgt']) ) {
// these two variables should be empty or not empty at the same time
phpCAS::trace('username found (`'.$_SESSION['phpCAS']['user'].'\') but PGT is empty');
// unset all tickets to enforce authentication
unset($_SESSION['phpCAS']);
$this->setST('');
$this->setPT('');
} elseif ( empty($_SESSION['phpCAS']['user']) && !empty($_SESSION['phpCAS']['pgt']) ) {
// these two variables should be empty or not empty at the same time
phpCAS::trace('PGT found (`'.$_SESSION['phpCAS']['pgt'].'\') but username is empty');
// unset all tickets to enforce authentication
unset($_SESSION['phpCAS']);
$this->setST('');
$this->setPT('');
} else {
phpCAS::trace('neither user not PGT found');
}
} else {
// `simple' CAS client (not a proxy): username must be present
if ( !empty($_SESSION['phpCAS']['user']) ) {
// authentication already done
$this->setUser($_SESSION['phpCAS']['user']);
phpCAS::trace('user = `'.$_SESSION['phpCAS']['user'].'\'');
$auth = TRUE;
} else {
phpCAS::trace('no user found');
}
}
phpCAS::traceEnd($auth);
return $auth;
}

+ Here is the call graph for this function:

The documentation for this class was generated from the following files: