ILIAS  Release_4_0_x_branch Revision 61816
 All Data Structures Namespaces Files Functions Variables Groups Pages
CAS.php
Go to the documentation of this file.
1 <?php
2 
3 /*
4  * Copyright © 2003-2010, The ESUP-Portail consortium & the JA-SIG Collaborative.
5  * All rights reserved.
6  *
7  * Redistribution and use in source and binary forms, with or without
8  * modification, are permitted provided that the following conditions are met:
9  *
10  * * Redistributions of source code must retain the above copyright notice,
11  * this list of conditions and the following disclaimer.
12  * * Redistributions in binary form must reproduce the above copyright notice,
13  * this list of conditions and the following disclaimer in the documentation
14  * and/or other materials provided with the distribution.
15  * * Neither the name of the ESUP-Portail consortium & the JA-SIG
16  * Collaborative nor the names of its contributors may be used to endorse or
17  * promote products derived from this software without specific prior
18  * written permission.
19 
20  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
21  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
22  * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
23  * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
24  * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
25  * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
26  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
27  * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
28  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
29  * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
30  */
31 
32 //
33 // hack by Vangelis Haniotakis to handle the absence of $_SERVER['REQUEST_URI'] in IIS
34 //
35 if (!$_SERVER['REQUEST_URI']) {
36  $_SERVER['REQUEST_URI'] = $_SERVER['SCRIPT_NAME'] . '?' . $_SERVER['QUERY_STRING'];
37 }
38 
39 //
40 // another one by Vangelis Haniotakis also to make phpCAS work with PHP5
41 //
42 if (version_compare(PHP_VERSION, '5', '>=') && !(function_exists('domxml_new_doc'))) {
43  require_once (dirname(__FILE__) . '/CAS/domxml-php4-to-php5.php');
44 }
45 
53 // ########################################################################
54 // CONSTANTS
55 // ########################################################################
56 
57 // ------------------------------------------------------------------------
58 // CAS VERSIONS
59 // ------------------------------------------------------------------------
60 
64 define('PHPCAS_VERSION', '1.1.2');
65 
66 // ------------------------------------------------------------------------
67 // CAS VERSIONS
68 // ------------------------------------------------------------------------
77 define("CAS_VERSION_1_0", '1.0');
81 define("CAS_VERSION_2_0", '2.0');
82 
83 // ------------------------------------------------------------------------
84 // SAML defines
85 // ------------------------------------------------------------------------
86 
90 define("SAML_VERSION_1_1", 'S1');
91 
95 define("SAML_XML_HEADER", '<?xml version="1.0" encoding="UTF-8"?>');
96 
100 define("SAML_SOAP_ENV", '<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"><SOAP-ENV:Header/>');
101 
105 define("SAML_SOAP_BODY", '<SOAP-ENV:Body>');
106 
110 define("SAMLP_REQUEST", '<samlp:Request xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" MajorVersion="1" MinorVersion="1" RequestID="_192.168.16.51.1024506224022" IssueInstant="2002-06-19T17:03:44.022Z">');
111 define("SAMLP_REQUEST_CLOSE", '</samlp:Request>');
112 
116 define("SAML_ASSERTION_ARTIFACT", '<samlp:AssertionArtifact>');
117 
121 define("SAML_ASSERTION_ARTIFACT_CLOSE", '</samlp:AssertionArtifact>');
122 
126 define("SAML_SOAP_BODY_CLOSE", '</SOAP-ENV:Body>');
127 
131 define("SAML_SOAP_ENV_CLOSE", '</SOAP-ENV:Envelope>');
132 
136 define("SAML_ATTRIBUTES", 'SAMLATTRIBS');
137 
143 // ------------------------------------------------------------------------
144 // FILE PGT STORAGE
145 // ------------------------------------------------------------------------
149 define("CAS_PGT_STORAGE_FILE_DEFAULT_PATH", '/tmp');
153 define("CAS_PGT_STORAGE_FILE_FORMAT_PLAIN", 'plain');
157 define("CAS_PGT_STORAGE_FILE_FORMAT_XML", 'xml');
161 define("CAS_PGT_STORAGE_FILE_DEFAULT_FORMAT", CAS_PGT_STORAGE_FILE_FORMAT_PLAIN);
162 // ------------------------------------------------------------------------
163 // DATABASE PGT STORAGE
164 // ------------------------------------------------------------------------
168 define("CAS_PGT_STORAGE_DB_DEFAULT_DATABASE_TYPE", 'mysql');
172 define("CAS_PGT_STORAGE_DB_DEFAULT_HOSTNAME", 'localhost');
176 define("CAS_PGT_STORAGE_DB_DEFAULT_PORT", '');
180 define("CAS_PGT_STORAGE_DB_DEFAULT_DATABASE", 'phpCAS');
184 define("CAS_PGT_STORAGE_DB_DEFAULT_TABLE", 'pgt');
185 
187 // ------------------------------------------------------------------------
188 // SERVICE ACCESS ERRORS
189 // ------------------------------------------------------------------------
198 define("PHPCAS_SERVICE_OK", 0);
203 define("PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE", 1);
208 define("PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE", 2);
213 define("PHPCAS_SERVICE_PT_FAILURE", 3);
217 define("PHPCAS_SERVICE_NOT AVAILABLE", 4);
218 
220 // ------------------------------------------------------------------------
221 // LANGUAGES
222 // ------------------------------------------------------------------------
228 define("PHPCAS_LANG_ENGLISH", 'english');
229 define("PHPCAS_LANG_FRENCH", 'french');
230 define("PHPCAS_LANG_GREEK", 'greek');
231 define("PHPCAS_LANG_GERMAN", 'german');
232 define("PHPCAS_LANG_JAPANESE", 'japanese');
233 define("PHPCAS_LANG_SPANISH", 'spanish');
234 define("PHPCAS_LANG_CATALAN", 'catalan');
235 
246 define("PHPCAS_LANG_DEFAULT", PHPCAS_LANG_ENGLISH);
247 
249 // ------------------------------------------------------------------------
250 // DEBUG
251 // ------------------------------------------------------------------------
260 define('DEFAULT_DEBUG_DIR', '/tmp/');
261 
263 // ------------------------------------------------------------------------
264 // MISC
265 // ------------------------------------------------------------------------
276 $GLOBALS['PHPCAS_CLIENT'] = null;
277 
284 $GLOBALS['PHPCAS_INIT_CALL'] = array (
285  'done' => FALSE,
286  'file' => '?',
287  'line' => -1,
288  'method' => '?'
289 );
290 
297 $GLOBALS['PHPCAS_AUTH_CHECK_CALL'] = array (
298  'done' => FALSE,
299  'file' => '?',
300  'line' => -1,
301  'method' => '?',
302  'result' => FALSE
303 );
304 
310 $GLOBALS['PHPCAS_DEBUG'] = array (
311  'filename' => FALSE,
312  'indent' => 0,
313  'unique_id' => ''
314 );
315 
318 // ########################################################################
319 // CLIENT CLASS
320 // ########################################################################
321 
322 // include client class
323 include_once (dirname(__FILE__) . '/CAS/client.php');
324 
325 // ########################################################################
326 // INTERFACE CLASS
327 // ########################################################################
328 
341 class phpCAS {
342 
343  // ########################################################################
344  // INITIALIZATION
345  // ########################################################################
346 
366  function client($server_version, $server_hostname, $server_port, $server_uri, $start_session = true) {
367  global $PHPCAS_CLIENT, $PHPCAS_INIT_CALL;
368 
369  phpCAS :: traceBegin();
370  if (is_object($PHPCAS_CLIENT)) {
371  phpCAS :: error($PHPCAS_INIT_CALL['method'] . '() has already been called (at ' . $PHPCAS_INIT_CALL['file'] . ':' . $PHPCAS_INIT_CALL['line'] . ')');
372  }
373  if (gettype($server_version) != 'string') {
374  phpCAS :: error('type mismatched for parameter $server_version (should be `string\')');
375  }
376  if (gettype($server_hostname) != 'string') {
377  phpCAS :: error('type mismatched for parameter $server_hostname (should be `string\')');
378  }
379  if (gettype($server_port) != 'integer') {
380  phpCAS :: error('type mismatched for parameter $server_port (should be `integer\')');
381  }
382  if (gettype($server_uri) != 'string') {
383  phpCAS :: error('type mismatched for parameter $server_uri (should be `string\')');
384  }
385 
386  // store where the initializer is called from
387  $dbg = phpCAS :: backtrace();
388  $PHPCAS_INIT_CALL = array (
389  'done' => TRUE,
390  'file' => $dbg[0]['file'],
391  'line' => $dbg[0]['line'],
392  'method' => __CLASS__ . '::' . __FUNCTION__
393  );
394 
395  // initialize the global object $PHPCAS_CLIENT
396  $PHPCAS_CLIENT = new CASClient($server_version, FALSE /*proxy*/
397  , $server_hostname, $server_port, $server_uri, $start_session);
398  phpCAS :: traceEnd();
399  }
400 
415  function proxy($server_version, $server_hostname, $server_port, $server_uri, $start_session = true) {
416  global $PHPCAS_CLIENT, $PHPCAS_INIT_CALL;
417 
418  phpCAS :: traceBegin();
419  if (is_object($PHPCAS_CLIENT)) {
420  phpCAS :: error($PHPCAS_INIT_CALL['method'] . '() has already been called (at ' . $PHPCAS_INIT_CALL['file'] . ':' . $PHPCAS_INIT_CALL['line'] . ')');
421  }
422  if (gettype($server_version) != 'string') {
423  phpCAS :: error('type mismatched for parameter $server_version (should be `string\')');
424  }
425  if (gettype($server_hostname) != 'string') {
426  phpCAS :: error('type mismatched for parameter $server_hostname (should be `string\')');
427  }
428  if (gettype($server_port) != 'integer') {
429  phpCAS :: error('type mismatched for parameter $server_port (should be `integer\')');
430  }
431  if (gettype($server_uri) != 'string') {
432  phpCAS :: error('type mismatched for parameter $server_uri (should be `string\')');
433  }
434 
435  // store where the initialzer is called from
436  $dbg = phpCAS :: backtrace();
437  $PHPCAS_INIT_CALL = array (
438  'done' => TRUE,
439  'file' => $dbg[0]['file'],
440  'line' => $dbg[0]['line'],
441  'method' => __CLASS__ . '::' . __FUNCTION__
442  );
443 
444  // initialize the global object $PHPCAS_CLIENT
445  $PHPCAS_CLIENT = new CASClient($server_version, TRUE /*proxy*/
446  , $server_hostname, $server_port, $server_uri, $start_session);
447  phpCAS :: traceEnd();
448  }
449 
451  // ########################################################################
452  // DEBUGGING
453  // ########################################################################
454 
465  function setDebug($filename = '') {
466  global $PHPCAS_DEBUG;
467 
468  if ($filename != FALSE && gettype($filename) != 'string') {
469  phpCAS :: error('type mismatched for parameter $dbg (should be FALSE or the name of the log file)');
470  }
471 
472  if (empty ($filename)) {
473  if (preg_match('/^Win.*/', getenv('OS'))) {
474  if (isset ($_ENV['TMP'])) {
475  $debugDir = $_ENV['TMP'] . '/';
476  } else
477  if (isset ($_ENV['TEMP'])) {
478  $debugDir = $_ENV['TEMP'] . '/';
479  } else {
480  $debugDir = '';
481  }
482  } else {
483  $debugDir = DEFAULT_DEBUG_DIR;
484  }
485  $filename = $debugDir . 'phpCAS.log';
486  }
487 
488  if (empty ($PHPCAS_DEBUG['unique_id'])) {
489  $PHPCAS_DEBUG['unique_id'] = substr(strtoupper(md5(uniqid(''))), 0, 4);
490  }
491 
492  $PHPCAS_DEBUG['filename'] = $filename;
493 
494  phpCAS :: trace('START phpCAS-' . PHPCAS_VERSION . ' ******************');
495  }
496 
507  function backtrace() {
508  if (function_exists('debug_backtrace')) {
509  return debug_backtrace();
510  } else {
511  // poor man's hack ... but it does work ...
512  return array ();
513  }
514  }
515 
523  function log($str) {
524  $indent_str = ".";
525  global $PHPCAS_DEBUG;
526 
527  if ($PHPCAS_DEBUG['filename']) {
528  for ($i = 0; $i < $PHPCAS_DEBUG['indent']; $i++) {
529  $indent_str .= '| ';
530  }
531  error_log($PHPCAS_DEBUG['unique_id'] . ' ' . $indent_str . $str . "\n", 3, $PHPCAS_DEBUG['filename']);
532  }
533 
534  }
535 
544  function error($msg) {
545  $dbg = phpCAS :: backtrace();
546  $function = '?';
547  $file = '?';
548  $line = '?';
549  if (is_array($dbg)) {
550  for ($i = 1; $i < sizeof($dbg); $i++) {
551  if (is_array($dbg[$i])) {
552  if ($dbg[$i]['class'] == __CLASS__) {
553  $function = $dbg[$i]['function'];
554  $file = $dbg[$i]['file'];
555  $line = $dbg[$i]['line'];
556  }
557  }
558  }
559  }
560  echo "<br />\n<b>phpCAS error</b>: <font color=\"FF0000\"><b>" . __CLASS__ . "::" . $function . '(): ' . htmlentities($msg) . "</b></font> in <b>" . $file . "</b> on line <b>" . $line . "</b><br />\n";
561  phpCAS :: trace($msg);
562  phpCAS :: traceExit();
563  exit ();
564  }
565 
569  function trace($str) {
570  $dbg = phpCAS :: backtrace();
571  phpCAS :: log($str . ' [' . basename($dbg[1]['file']) . ':' . $dbg[1]['line'] . ']');
572  }
573 
577  function traceBegin() {
578  global $PHPCAS_DEBUG;
579 
580  $dbg = phpCAS :: backtrace();
581  $str = '=> ';
582  if (!empty ($dbg[2]['class'])) {
583  $str .= $dbg[2]['class'] . '::';
584  }
585  $str .= $dbg[2]['function'] . '(';
586  if (is_array($dbg[2]['args'])) {
587  foreach ($dbg[2]['args'] as $index => $arg) {
588  if ($index != 0) {
589  $str .= ', ';
590  }
591  $str .= str_replace("\n", "", var_export($arg, TRUE));
592  }
593  }
594  $str .= ') [' . basename($dbg[2]['file']) . ':' . $dbg[2]['line'] . ']';
595  phpCAS :: log($str);
596  $PHPCAS_DEBUG['indent']++;
597  }
598 
604  function traceEnd($res = '') {
605  global $PHPCAS_DEBUG;
606 
607  $PHPCAS_DEBUG['indent']--;
608  $dbg = phpCAS :: backtrace();
609  $str = '';
610  $str .= '<= ' . str_replace("\n", "", var_export($res, TRUE));
611  phpCAS :: log($str);
612  }
613 
617  function traceExit() {
618  global $PHPCAS_DEBUG;
619 
620  phpCAS :: log('exit()');
621  while ($PHPCAS_DEBUG['indent'] > 0) {
622  phpCAS :: log('-');
623  $PHPCAS_DEBUG['indent']--;
624  }
625  }
626 
628  // ########################################################################
629  // INTERNATIONALIZATION
630  // ########################################################################
644  function setLang($lang) {
645  global $PHPCAS_CLIENT;
646  if (!is_object($PHPCAS_CLIENT)) {
647  phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
648  }
649  if (gettype($lang) != 'string') {
650  phpCAS :: error('type mismatched for parameter $lang (should be `string\')');
651  }
652  $PHPCAS_CLIENT->setLang($lang);
653  }
654 
656  // ########################################################################
657  // VERSION
658  // ########################################################################
669  function getVersion() {
670  return PHPCAS_VERSION;
671  }
672 
674  // ########################################################################
675  // HTML OUTPUT
676  // ########################################################################
687  function setHTMLHeader($header) {
688  global $PHPCAS_CLIENT;
689  if (!is_object($PHPCAS_CLIENT)) {
690  phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
691  }
692  if (gettype($header) != 'string') {
693  phpCAS :: error('type mismatched for parameter $header (should be `string\')');
694  }
695  $PHPCAS_CLIENT->setHTMLHeader($header);
696  }
697 
703  function setHTMLFooter($footer) {
704  global $PHPCAS_CLIENT;
705  if (!is_object($PHPCAS_CLIENT)) {
706  phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
707  }
708  if (gettype($footer) != 'string') {
709  phpCAS :: error('type mismatched for parameter $footer (should be `string\')');
710  }
711  $PHPCAS_CLIENT->setHTMLFooter($footer);
712  }
713 
715  // ########################################################################
716  // PGT STORAGE
717  // ########################################################################
730  function setPGTStorageFile($format = '', $path = '') {
731  global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;
732 
733  phpCAS :: traceBegin();
734  if (!is_object($PHPCAS_CLIENT)) {
735  phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');
736  }
737  if (!$PHPCAS_CLIENT->isProxy()) {
738  phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');
739  }
740  if ($PHPCAS_AUTH_CHECK_CALL['done']) {
741  phpCAS :: error('this method should only be called before ' . $PHPCAS_AUTH_CHECK_CALL['method'] . '() (called at ' . $PHPCAS_AUTH_CHECK_CALL['file'] . ':' . $PHPCAS_AUTH_CHECK_CALL['line'] . ')');
742  }
743  if (gettype($format) != 'string') {
744  phpCAS :: error('type mismatched for parameter $format (should be `string\')');
745  }
746  if (gettype($path) != 'string') {
747  phpCAS :: error('type mismatched for parameter $format (should be `string\')');
748  }
749  $PHPCAS_CLIENT->setPGTStorageFile($format, $path);
750  phpCAS :: traceEnd();
751  }
752 
768  function setPGTStorageDB($user, $password, $database_type = '', $hostname = '', $port = 0, $database = '', $table = '') {
769  global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;
770 
771  phpCAS :: traceBegin();
772  if (!is_object($PHPCAS_CLIENT)) {
773  phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');
774  }
775  if (!$PHPCAS_CLIENT->isProxy()) {
776  phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');
777  }
778  if ($PHPCAS_AUTH_CHECK_CALL['done']) {
779  phpCAS :: error('this method should only be called before ' . $PHPCAS_AUTH_CHECK_CALL['method'] . '() (called at ' . $PHPCAS_AUTH_CHECK_CALL['file'] . ':' . $PHPCAS_AUTH_CHECK_CALL['line'] . ')');
780  }
781  if (gettype($user) != 'string') {
782  phpCAS :: error('type mismatched for parameter $user (should be `string\')');
783  }
784  if (gettype($password) != 'string') {
785  phpCAS :: error('type mismatched for parameter $password (should be `string\')');
786  }
787  if (gettype($database_type) != 'string') {
788  phpCAS :: error('type mismatched for parameter $database_type (should be `string\')');
789  }
790  if (gettype($hostname) != 'string') {
791  phpCAS :: error('type mismatched for parameter $hostname (should be `string\')');
792  }
793  if (gettype($port) != 'integer') {
794  phpCAS :: error('type mismatched for parameter $port (should be `integer\')');
795  }
796  if (gettype($database) != 'string') {
797  phpCAS :: error('type mismatched for parameter $database (should be `string\')');
798  }
799  if (gettype($table) != 'string') {
800  phpCAS :: error('type mismatched for parameter $table (should be `string\')');
801  }
802  $PHPCAS_CLIENT->setPGTStorageDB($user, $password, $database_type, $hostname, $port, $database, $table);
803  phpCAS :: traceEnd();
804  }
805 
807  // ########################################################################
808  // ACCESS TO EXTERNAL SERVICES
809  // ########################################################################
828  function serviceWeb($url, & $err_code, & $output) {
829  global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;
830 
831  phpCAS :: traceBegin();
832  if (!is_object($PHPCAS_CLIENT)) {
833  phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');
834  }
835  if (!$PHPCAS_CLIENT->isProxy()) {
836  phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');
837  }
838  if (!$PHPCAS_AUTH_CHECK_CALL['done']) {
839  phpCAS :: error('this method should only be called after the programmer is sure the user has been authenticated (by calling ' . __CLASS__ . '::checkAuthentication() or ' . __CLASS__ . '::forceAuthentication()');
840  }
841  if (!$PHPCAS_AUTH_CHECK_CALL['result']) {
842  phpCAS :: error('authentication was checked (by ' . $PHPCAS_AUTH_CHECK_CALL['method'] . '() at ' . $PHPCAS_AUTH_CHECK_CALL['file'] . ':' . $PHPCAS_AUTH_CHECK_CALL['line'] . ') but the method returned FALSE');
843  }
844  if (gettype($url) != 'string') {
845  phpCAS :: error('type mismatched for parameter $url (should be `string\')');
846  }
847 
848  $res = $PHPCAS_CLIENT->serviceWeb($url, $err_code, $output);
849 
850  phpCAS :: traceEnd($res);
851  return $res;
852  }
853 
871  function serviceMail($url, $service, $flags, & $err_code, & $err_msg, & $pt) {
872  global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;
873 
874  phpCAS :: traceBegin();
875  if (!is_object($PHPCAS_CLIENT)) {
876  phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');
877  }
878  if (!$PHPCAS_CLIENT->isProxy()) {
879  phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');
880  }
881  if (!$PHPCAS_AUTH_CHECK_CALL['done']) {
882  phpCAS :: error('this method should only be called after the programmer is sure the user has been authenticated (by calling ' . __CLASS__ . '::checkAuthentication() or ' . __CLASS__ . '::forceAuthentication()');
883  }
884  if (!$PHPCAS_AUTH_CHECK_CALL['result']) {
885  phpCAS :: error('authentication was checked (by ' . $PHPCAS_AUTH_CHECK_CALL['method'] . '() at ' . $PHPCAS_AUTH_CHECK_CALL['file'] . ':' . $PHPCAS_AUTH_CHECK_CALL['line'] . ') but the method returned FALSE');
886  }
887  if (gettype($url) != 'string') {
888  phpCAS :: error('type mismatched for parameter $url (should be `string\')');
889  }
890 
891  if (gettype($flags) != 'integer') {
892  phpCAS :: error('type mismatched for parameter $flags (should be `integer\')');
893  }
894 
895  $res = $PHPCAS_CLIENT->serviceMail($url, $service, $flags, $err_code, $err_msg, $pt);
896 
897  phpCAS :: traceEnd($res);
898  return $res;
899  }
900 
902  // ########################################################################
903  // AUTHENTICATION
904  // ########################################################################
918  function setCacheTimesForAuthRecheck($n) {
919  global $PHPCAS_CLIENT;
920  if (!is_object($PHPCAS_CLIENT)) {
921  phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
922  }
923  if (gettype($n) != 'integer') {
924  phpCAS :: error('type mismatched for parameter $header (should be `string\')');
925  }
926  $PHPCAS_CLIENT->setCacheTimesForAuthRecheck($n);
927  }
928 
933  function checkAuthentication() {
934  global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;
935 
936  phpCAS :: traceBegin();
937  if (!is_object($PHPCAS_CLIENT)) {
938  phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
939  }
940 
941  $auth = $PHPCAS_CLIENT->checkAuthentication();
942 
943  // store where the authentication has been checked and the result
944  $dbg = phpCAS :: backtrace();
945  $PHPCAS_AUTH_CHECK_CALL = array (
946  'done' => TRUE,
947  'file' => $dbg[0]['file'],
948  'line' => $dbg[0]['line'],
949  'method' => __CLASS__ . '::' . __FUNCTION__,
950  'result' => $auth
951  );
952  phpCAS :: traceEnd($auth);
953  return $auth;
954  }
955 
961  function forceAuthentication() {
962  global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;
963 
964  phpCAS :: traceBegin();
965  if (!is_object($PHPCAS_CLIENT)) {
966  phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
967  }
968 
969  $auth = $PHPCAS_CLIENT->forceAuthentication();
970 
971  // store where the authentication has been checked and the result
972  $dbg = phpCAS :: backtrace();
973  $PHPCAS_AUTH_CHECK_CALL = array (
974  'done' => TRUE,
975  'file' => $dbg[0]['file'],
976  'line' => $dbg[0]['line'],
977  'method' => __CLASS__ . '::' . __FUNCTION__,
978  'result' => $auth
979  );
980 
981  if (!$auth) {
982  phpCAS :: trace('user is not authenticated, redirecting to the CAS server');
983  $PHPCAS_CLIENT->forceAuthentication();
984  } else {
985  phpCAS :: trace('no need to authenticate (user `' . phpCAS :: getUser() . '\' is already authenticated)');
986  }
987 
988  phpCAS :: traceEnd();
989  return $auth;
990  }
991 
995  function renewAuthentication() {
996  global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;
997 
998  phpCAS :: traceBegin();
999  if (!is_object($PHPCAS_CLIENT)) {
1000  phpCAS :: error('this method should not be called before' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
1001  }
1002 
1003  // store where the authentication has been checked and the result
1004  $dbg = phpCAS :: backtrace();
1005  $PHPCAS_AUTH_CHECK_CALL = array (
1006  'done' => TRUE,
1007  'file' => $dbg[0]['file'],
1008  'line' => $dbg[0]['line'],
1009  'method' => __CLASS__ . '::' . __FUNCTION__,
1010  'result' => $auth
1011  );
1012 
1013  $PHPCAS_CLIENT->renewAuthentication();
1014  phpCAS :: traceEnd();
1015  }
1016 
1020  function authenticate() {
1021  phpCAS :: error('this method is deprecated. You should use ' . __CLASS__ . '::forceAuthentication() instead');
1022  }
1023 
1030  function isAuthenticated() {
1031  global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;
1032 
1033  phpCAS :: traceBegin();
1034  if (!is_object($PHPCAS_CLIENT)) {
1035  phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
1036  }
1037 
1038  // call the isAuthenticated method of the global $PHPCAS_CLIENT object
1039  $auth = $PHPCAS_CLIENT->isAuthenticated();
1040 
1041  // store where the authentication has been checked and the result
1042  $dbg = phpCAS :: backtrace();
1043  $PHPCAS_AUTH_CHECK_CALL = array (
1044  'done' => TRUE,
1045  'file' => $dbg[0]['file'],
1046  'line' => $dbg[0]['line'],
1047  'method' => __CLASS__ . '::' . __FUNCTION__,
1048  'result' => $auth
1049  );
1050  phpCAS :: traceEnd($auth);
1051  return $auth;
1052  }
1053 
1060  function isSessionAuthenticated() {
1061  global $PHPCAS_CLIENT;
1062  if (!is_object($PHPCAS_CLIENT)) {
1063  phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
1064  }
1065  return ($PHPCAS_CLIENT->isSessionAuthenticated());
1066  }
1067 
1075  function getUser() {
1076  global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;
1077  if (!is_object($PHPCAS_CLIENT)) {
1078  phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
1079  }
1080  if (!$PHPCAS_AUTH_CHECK_CALL['done']) {
1081  phpCAS :: error('this method should only be called after ' . __CLASS__ . '::forceAuthentication() or ' . __CLASS__ . '::isAuthenticated()');
1082  }
1083  if (!$PHPCAS_AUTH_CHECK_CALL['result']) {
1084  phpCAS :: error('authentication was checked (by ' . $PHPCAS_AUTH_CHECK_CALL['method'] . '() at ' . $PHPCAS_AUTH_CHECK_CALL['file'] . ':' . $PHPCAS_AUTH_CHECK_CALL['line'] . ') but the method returned FALSE');
1085  }
1086  return $PHPCAS_CLIENT->getUser();
1087  }
1088 
1096  function getAttributes() {
1097  global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;
1098  if (!is_object($PHPCAS_CLIENT)) {
1099  phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
1100  }
1101  if (!$PHPCAS_AUTH_CHECK_CALL['done']) {
1102  phpCAS :: error('this method should only be called after ' . __CLASS__ . '::forceAuthentication() or ' . __CLASS__ . '::isAuthenticated()');
1103  }
1104  if (!$PHPCAS_AUTH_CHECK_CALL['result']) {
1105  phpCAS :: error('authentication was checked (by ' . $PHPCAS_AUTH_CHECK_CALL['method'] . '() at ' . $PHPCAS_AUTH_CHECK_CALL['file'] . ':' . $PHPCAS_AUTH_CHECK_CALL['line'] . ') but the method returned FALSE');
1106  }
1107  return $PHPCAS_CLIENT->getAttributes();
1108  }
1112  function handleLogoutRequests($check_client = true, $allowed_clients = false) {
1113  global $PHPCAS_CLIENT;
1114  if (!is_object($PHPCAS_CLIENT)) {
1115  phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
1116  }
1117  return ($PHPCAS_CLIENT->handleLogoutRequests($check_client, $allowed_clients));
1118  }
1119 
1126  function getServerLoginURL() {
1127  global $PHPCAS_CLIENT;
1128  if (!is_object($PHPCAS_CLIENT)) {
1129  phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
1130  }
1131  return $PHPCAS_CLIENT->getServerLoginURL();
1132  }
1133 
1139  function setServerLoginURL($url = '') {
1140  global $PHPCAS_CLIENT;
1141  phpCAS :: traceBegin();
1142  if (!is_object($PHPCAS_CLIENT)) {
1143  phpCAS :: error('this method should only be called after
1144  ' . __CLASS__ . '::client()');
1145  }
1146  if (gettype($url) != 'string') {
1147  phpCAS :: error('type mismatched for parameter $url (should be
1148  `string\')');
1149  }
1150  $PHPCAS_CLIENT->setServerLoginURL($url);
1151  phpCAS :: traceEnd();
1152  }
1153 
1160  function setServerServiceValidateURL($url = '') {
1161  global $PHPCAS_CLIENT;
1162  phpCAS :: traceBegin();
1163  if (!is_object($PHPCAS_CLIENT)) {
1164  phpCAS :: error('this method should only be called after
1165  ' . __CLASS__ . '::client()');
1166  }
1167  if (gettype($url) != 'string') {
1168  phpCAS :: error('type mismatched for parameter $url (should be
1169  `string\')');
1170  }
1171  $PHPCAS_CLIENT->setServerServiceValidateURL($url);
1172  phpCAS :: traceEnd();
1173  }
1174 
1181  function setServerProxyValidateURL($url = '') {
1182  global $PHPCAS_CLIENT;
1183  phpCAS :: traceBegin();
1184  if (!is_object($PHPCAS_CLIENT)) {
1185  phpCAS :: error('this method should only be called after
1186  ' . __CLASS__ . '::client()');
1187  }
1188  if (gettype($url) != 'string') {
1189  phpCAS :: error('type mismatched for parameter $url (should be
1190  `string\')');
1191  }
1192  $PHPCAS_CLIENT->setServerProxyValidateURL($url);
1193  phpCAS :: traceEnd();
1194  }
1195 
1201  function setServerSamlValidateURL($url = '') {
1202  global $PHPCAS_CLIENT;
1203  phpCAS :: traceBegin();
1204  if (!is_object($PHPCAS_CLIENT)) {
1205  phpCAS :: error('this method should only be called after
1206  ' . __CLASS__ . '::client()');
1207  }
1208  if (gettype($url) != 'string') {
1209  phpCAS :: error('type mismatched for parameter $url (should be
1210  `string\')');
1211  }
1212  $PHPCAS_CLIENT->setServerSamlValidateURL($url);
1213  phpCAS :: traceEnd();
1214  }
1215 
1222  function getServerLogoutURL() {
1223  global $PHPCAS_CLIENT;
1224  if (!is_object($PHPCAS_CLIENT)) {
1225  phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
1226  }
1227  return $PHPCAS_CLIENT->getServerLogoutURL();
1228  }
1229 
1235  function setServerLogoutURL($url = '') {
1236  global $PHPCAS_CLIENT;
1237  phpCAS :: traceBegin();
1238  if (!is_object($PHPCAS_CLIENT)) {
1239  phpCAS :: error('this method should only be called after
1240  ' . __CLASS__ . '::client()');
1241  }
1242  if (gettype($url) != 'string') {
1243  phpCAS :: error('type mismatched for parameter $url (should be
1244  `string\')');
1245  }
1246  $PHPCAS_CLIENT->setServerLogoutURL($url);
1247  phpCAS :: traceEnd();
1248  }
1249 
1255  function logout($params = "") {
1256  global $PHPCAS_CLIENT;
1257  phpCAS :: traceBegin();
1258  if (!is_object($PHPCAS_CLIENT)) {
1259  phpCAS :: error('this method should only be called after ' . __CLASS__ . '::client() or' . __CLASS__ . '::proxy()');
1260  }
1261  $parsedParams = array ();
1262  if ($params != "") {
1263  if (is_string($params)) {
1264  phpCAS :: error('method `phpCAS::logout($url)\' is now deprecated, use `phpCAS::logoutWithUrl($url)\' instead');
1265  }
1266  if (!is_array($params)) {
1267  phpCAS :: error('type mismatched for parameter $params (should be `array\')');
1268  }
1269  foreach ($params as $key => $value) {
1270  if ($key != "service" && $key != "url") {
1271  phpCAS :: error('only `url\' and `service\' parameters are allowed for method `phpCAS::logout($params)\'');
1272  }
1273  $parsedParams[$key] = $value;
1274  }
1275  }
1276  $PHPCAS_CLIENT->logout($parsedParams);
1277  // never reached
1278  phpCAS :: traceEnd();
1279  }
1280 
1285  function logoutWithRedirectService($service) {
1286  global $PHPCAS_CLIENT;
1287  phpCAS :: traceBegin();
1288  if (!is_object($PHPCAS_CLIENT)) {
1289  phpCAS :: error('this method should only be called after ' . __CLASS__ . '::client() or' . __CLASS__ . '::proxy()');
1290  }
1291  if (!is_string($service)) {
1292  phpCAS :: error('type mismatched for parameter $service (should be `string\')');
1293  }
1294  $PHPCAS_CLIENT->logout(array (
1295  "service" => $service
1296  ));
1297  // never reached
1298  phpCAS :: traceEnd();
1299  }
1300 
1305  function logoutWithUrl($url) {
1306  global $PHPCAS_CLIENT;
1307  phpCAS :: traceBegin();
1308  if (!is_object($PHPCAS_CLIENT)) {
1309  phpCAS :: error('this method should only be called after ' . __CLASS__ . '::client() or' . __CLASS__ . '::proxy()');
1310  }
1311  if (!is_string($url)) {
1312  phpCAS :: error('type mismatched for parameter $url (should be `string\')');
1313  }
1314  $PHPCAS_CLIENT->logout(array (
1315  "url" => $url
1316  ));
1317  // never reached
1318  phpCAS :: traceEnd();
1319  }
1320 
1326  function logoutWithRedirectServiceAndUrl($service, $url) {
1327  global $PHPCAS_CLIENT;
1328  phpCAS :: traceBegin();
1329  if (!is_object($PHPCAS_CLIENT)) {
1330  phpCAS :: error('this method should only be called after ' . __CLASS__ . '::client() or' . __CLASS__ . '::proxy()');
1331  }
1332  if (!is_string($service)) {
1333  phpCAS :: error('type mismatched for parameter $service (should be `string\')');
1334  }
1335  if (!is_string($url)) {
1336  phpCAS :: error('type mismatched for parameter $url (should be `string\')');
1337  }
1338  $PHPCAS_CLIENT->logout(array (
1339  "service" => $service,
1340  "url" => $url
1341  ));
1342  // never reached
1343  phpCAS :: traceEnd();
1344  }
1345 
1352  function setFixedCallbackURL($url = '') {
1353  global $PHPCAS_CLIENT;
1354  phpCAS :: traceBegin();
1355  if (!is_object($PHPCAS_CLIENT)) {
1356  phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');
1357  }
1358  if (!$PHPCAS_CLIENT->isProxy()) {
1359  phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');
1360  }
1361  if (gettype($url) != 'string') {
1362  phpCAS :: error('type mismatched for parameter $url (should be `string\')');
1363  }
1364  $PHPCAS_CLIENT->setCallbackURL($url);
1365  phpCAS :: traceEnd();
1366  }
1367 
1374  function setFixedServiceURL($url) {
1375  global $PHPCAS_CLIENT;
1376  phpCAS :: traceBegin();
1377  if (!is_object($PHPCAS_CLIENT)) {
1378  phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');
1379  }
1380  if (gettype($url) != 'string') {
1381  phpCAS :: error('type mismatched for parameter $url (should be `string\')');
1382  }
1383  $PHPCAS_CLIENT->setURL($url);
1384  phpCAS :: traceEnd();
1385  }
1386 
1390  function getServiceURL() {
1391  global $PHPCAS_CLIENT;
1392  if (!is_object($PHPCAS_CLIENT)) {
1393  phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');
1394  }
1395  return ($PHPCAS_CLIENT->getURL());
1396  }
1397 
1401  function retrievePT($target_service, & $err_code, & $err_msg) {
1402  global $PHPCAS_CLIENT;
1403  if (!is_object($PHPCAS_CLIENT)) {
1404  phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');
1405  }
1406  if (gettype($target_service) != 'string') {
1407  phpCAS :: error('type mismatched for parameter $target_service(should be `string\')');
1408  }
1409  return ($PHPCAS_CLIENT->retrievePT($target_service, $err_code, $err_msg));
1410  }
1411 
1417  function setCasServerCert($cert) {
1418  global $PHPCAS_CLIENT;
1419  phpCAS :: traceBegin();
1420  if (!is_object($PHPCAS_CLIENT)) {
1421  phpCAS :: error('this method should only be called after ' . __CLASS__ . '::client() or' . __CLASS__ . '::proxy()');
1422  }
1423  if (gettype($cert) != 'string') {
1424  phpCAS :: error('type mismatched for parameter $cert (should be `string\')');
1425  }
1426  $PHPCAS_CLIENT->setCasServerCert($cert);
1427  phpCAS :: traceEnd();
1428  }
1429 
1435  function setCasServerCACert($cert) {
1436  global $PHPCAS_CLIENT;
1437  phpCAS :: traceBegin();
1438  if (!is_object($PHPCAS_CLIENT)) {
1439  phpCAS :: error('this method should only be called after ' . __CLASS__ . '::client() or' . __CLASS__ . '::proxy()');
1440  }
1441  if (gettype($cert) != 'string') {
1442  phpCAS :: error('type mismatched for parameter $cert (should be `string\')');
1443  }
1444  $PHPCAS_CLIENT->setCasServerCACert($cert);
1445  phpCAS :: traceEnd();
1446  }
1447 
1451  function setNoCasServerValidation() {
1452  global $PHPCAS_CLIENT;
1453  phpCAS :: traceBegin();
1454  if (!is_object($PHPCAS_CLIENT)) {
1455  phpCAS :: error('this method should only be called after ' . __CLASS__ . '::client() or' . __CLASS__ . '::proxy()');
1456  }
1457  $PHPCAS_CLIENT->setNoCasServerValidation();
1458  phpCAS :: traceEnd();
1459  }
1460 
1469  function setExtraCurlOption($key, $value) {
1470  global $PHPCAS_CLIENT;
1471  phpCAS :: traceBegin();
1472  if (!is_object($PHPCAS_CLIENT)) {
1473  phpCAS :: error('this method should only be called after ' . __CLASS__ . '::client() or' . __CLASS__ . '::proxy()');
1474  }
1475  $PHPCAS_CLIENT->setExtraCurlOption($key, $value);
1476  phpCAS :: traceEnd();
1477  }
1478 
1479 }
1480 
1481 // ########################################################################
1482 // DOCUMENTATION
1483 // ########################################################################
1484 
1485 // ########################################################################
1486 // MAIN PAGE
1487 
1495 // ########################################################################
1496 // MODULES DEFINITION
1497 
1571 // ########################################################################
1572 // EXAMPLES
1573 
1610 ?>