ILIAS  release_5-1 Revision 5.0.0-5477-g43f3e3fab5f
CAS.php
Go to the documentation of this file.
1<?php
2
3/*
4 * Copyright © 2003-2010, The ESUP-Portail consortium & the JA-SIG Collaborative.
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions are met:
9 *
10 * * Redistributions of source code must retain the above copyright notice,
11 * this list of conditions and the following disclaimer.
12 * * Redistributions in binary form must reproduce the above copyright notice,
13 * this list of conditions and the following disclaimer in the documentation
14 * and/or other materials provided with the distribution.
15 * * Neither the name of the ESUP-Portail consortium & the JA-SIG
16 * Collaborative nor the names of its contributors may be used to endorse or
17 * promote products derived from this software without specific prior
18 * written permission.
19
20 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
22 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
23 * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
24 * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
25 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
26 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
27 * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
28 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
29 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
30 */
31
32//
33// hack by Vangelis Haniotakis to handle the absence of $_SERVER['REQUEST_URI'] in IIS
34//
35if (!$_SERVER['REQUEST_URI']) {
36 $_SERVER['REQUEST_URI'] = $_SERVER['SCRIPT_NAME'] . '?' . $_SERVER['QUERY_STRING'];
37}
38
39//
40// another one by Vangelis Haniotakis also to make phpCAS work with PHP5
41// patch smeyer (not required)
42if (version_compare(PHP_VERSION, '5', '>=') && !(function_exists('domxml_new_doc'))) {
43 require_once (dirname(__FILE__) . '/CAS/domxml-php4-to-php5.php');
44}
45
53// ########################################################################
54// CONSTANTS
55// ########################################################################
56
57// ------------------------------------------------------------------------
58// CAS VERSIONS
59// ------------------------------------------------------------------------
60
64define('PHPCAS_VERSION', '1.1.2');
65
66// ------------------------------------------------------------------------
67// CAS VERSIONS
68// ------------------------------------------------------------------------
77define("CAS_VERSION_1_0", '1.0');
81define("CAS_VERSION_2_0", '2.0');
82
83// ------------------------------------------------------------------------
84// SAML defines
85// ------------------------------------------------------------------------
86
90define("SAML_VERSION_1_1", 'S1');
91
95define("SAML_XML_HEADER", '<?xml version="1.0" encoding="UTF-8"?>');
96
100define("SAML_SOAP_ENV", '<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"><SOAP-ENV:Header/>');
101
105define("SAML_SOAP_BODY", '<SOAP-ENV:Body>');
106
110define("SAMLP_REQUEST", '<samlp:Request xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" MajorVersion="1" MinorVersion="1" RequestID="_192.168.16.51.1024506224022" IssueInstant="2002-06-19T17:03:44.022Z">');
111define("SAMLP_REQUEST_CLOSE", '</samlp:Request>');
112
116define("SAML_ASSERTION_ARTIFACT", '<samlp:AssertionArtifact>');
117
121define("SAML_ASSERTION_ARTIFACT_CLOSE", '</samlp:AssertionArtifact>');
122
126define("SAML_SOAP_BODY_CLOSE", '</SOAP-ENV:Body>');
127
131define("SAML_SOAP_ENV_CLOSE", '</SOAP-ENV:Envelope>');
132
136define("SAML_ATTRIBUTES", 'SAMLATTRIBS');
137
143// ------------------------------------------------------------------------
144// FILE PGT STORAGE
145// ------------------------------------------------------------------------
149define("CAS_PGT_STORAGE_FILE_DEFAULT_PATH", '/tmp');
153define("CAS_PGT_STORAGE_FILE_FORMAT_PLAIN", 'plain');
157define("CAS_PGT_STORAGE_FILE_FORMAT_XML", 'xml');
161define("CAS_PGT_STORAGE_FILE_DEFAULT_FORMAT", CAS_PGT_STORAGE_FILE_FORMAT_PLAIN);
162// ------------------------------------------------------------------------
163// DATABASE PGT STORAGE
164// ------------------------------------------------------------------------
168define("CAS_PGT_STORAGE_DB_DEFAULT_DATABASE_TYPE", 'mysql');
172define("CAS_PGT_STORAGE_DB_DEFAULT_HOSTNAME", 'localhost');
176define("CAS_PGT_STORAGE_DB_DEFAULT_PORT", '');
180define("CAS_PGT_STORAGE_DB_DEFAULT_DATABASE", 'phpCAS');
184define("CAS_PGT_STORAGE_DB_DEFAULT_TABLE", 'pgt');
185
187// ------------------------------------------------------------------------
188// SERVICE ACCESS ERRORS
189// ------------------------------------------------------------------------
198define("PHPCAS_SERVICE_OK", 0);
203define("PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE", 1);
208define("PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE", 2);
213define("PHPCAS_SERVICE_PT_FAILURE", 3);
217define("PHPCAS_SERVICE_NOT AVAILABLE", 4);
218
220// ------------------------------------------------------------------------
221// LANGUAGES
222// ------------------------------------------------------------------------
228define("PHPCAS_LANG_ENGLISH", 'english');
229define("PHPCAS_LANG_FRENCH", 'french');
230define("PHPCAS_LANG_GREEK", 'greek');
231define("PHPCAS_LANG_GERMAN", 'german');
232define("PHPCAS_LANG_JAPANESE", 'japanese');
233define("PHPCAS_LANG_SPANISH", 'spanish');
234define("PHPCAS_LANG_CATALAN", 'catalan');
235
246define("PHPCAS_LANG_DEFAULT", PHPCAS_LANG_ENGLISH);
247
249// ------------------------------------------------------------------------
250// DEBUG
251// ------------------------------------------------------------------------
260define('DEFAULT_DEBUG_DIR', '/tmp/');
261
263// ------------------------------------------------------------------------
264// MISC
265// ------------------------------------------------------------------------
276$GLOBALS['PHPCAS_CLIENT'] = null;
277
284$GLOBALS['PHPCAS_INIT_CALL'] = array (
285 'done' => FALSE,
286 'file' => '?',
287 'line' => -1,
288 'method' => '?'
289);
290
297$GLOBALS['PHPCAS_AUTH_CHECK_CALL'] = array (
298 'done' => FALSE,
299 'file' => '?',
300 'line' => -1,
301 'method' => '?',
302 'result' => FALSE
303);
304
310$GLOBALS['PHPCAS_DEBUG'] = array (
311 'filename' => FALSE,
312 'indent' => 0,
313 'unique_id' => ''
314);
315
318// ########################################################################
319// CLIENT CLASS
320// ########################################################################
321
322// include client class
323include_once (dirname(__FILE__) . '/CAS/client.php');
324
325// ########################################################################
326// INTERFACE CLASS
327// ########################################################################
328
341class phpCAS {
342
343 // ########################################################################
344 // INITIALIZATION
345 // ########################################################################
346
366 function client($server_version, $server_hostname, $server_port, $server_uri, $start_session = true) {
368
370 if (is_object($PHPCAS_CLIENT)) {
371 phpCAS :: error($PHPCAS_INIT_CALL['method'] . '() has already been called (at ' . $PHPCAS_INIT_CALL['file'] . ':' . $PHPCAS_INIT_CALL['line'] . ')');
372 }
373 if (gettype($server_version) != 'string') {
374 phpCAS :: error('type mismatched for parameter $server_version (should be `string\')');
375 }
376 if (gettype($server_hostname) != 'string') {
377 phpCAS :: error('type mismatched for parameter $server_hostname (should be `string\')');
378 }
379 if (gettype($server_port) != 'integer') {
380 phpCAS :: error('type mismatched for parameter $server_port (should be `integer\')');
381 }
382 if (gettype($server_uri) != 'string') {
383 phpCAS :: error('type mismatched for parameter $server_uri (should be `string\')');
384 }
385
386 // store where the initializer is called from
387 $dbg = phpCAS :: backtrace();
388 $PHPCAS_INIT_CALL = array (
389 'done' => TRUE,
390 'file' => $dbg[0]['file'],
391 'line' => $dbg[0]['line'],
392 'method' => __CLASS__ . '::' . __FUNCTION__
393 );
394
395 // initialize the global object $PHPCAS_CLIENT
396 $PHPCAS_CLIENT = new CASClient($server_version, FALSE /*proxy*/
397 , $server_hostname, $server_port, $server_uri, $start_session);
399 }
400
415 function proxy($server_version, $server_hostname, $server_port, $server_uri, $start_session = true) {
417
419 if (is_object($PHPCAS_CLIENT)) {
420 phpCAS :: error($PHPCAS_INIT_CALL['method'] . '() has already been called (at ' . $PHPCAS_INIT_CALL['file'] . ':' . $PHPCAS_INIT_CALL['line'] . ')');
421 }
422 if (gettype($server_version) != 'string') {
423 phpCAS :: error('type mismatched for parameter $server_version (should be `string\')');
424 }
425 if (gettype($server_hostname) != 'string') {
426 phpCAS :: error('type mismatched for parameter $server_hostname (should be `string\')');
427 }
428 if (gettype($server_port) != 'integer') {
429 phpCAS :: error('type mismatched for parameter $server_port (should be `integer\')');
430 }
431 if (gettype($server_uri) != 'string') {
432 phpCAS :: error('type mismatched for parameter $server_uri (should be `string\')');
433 }
434
435 // store where the initialzer is called from
436 $dbg = phpCAS :: backtrace();
437 $PHPCAS_INIT_CALL = array (
438 'done' => TRUE,
439 'file' => $dbg[0]['file'],
440 'line' => $dbg[0]['line'],
441 'method' => __CLASS__ . '::' . __FUNCTION__
442 );
443
444 // initialize the global object $PHPCAS_CLIENT
445 $PHPCAS_CLIENT = new CASClient($server_version, TRUE /*proxy*/
446 , $server_hostname, $server_port, $server_uri, $start_session);
448 }
449
451 // ########################################################################
452 // DEBUGGING
453 // ########################################################################
454
465 function setDebug($filename = '') {
466 global $PHPCAS_DEBUG;
467
468 if ($filename != FALSE && gettype($filename) != 'string') {
469 phpCAS :: error('type mismatched for parameter $dbg (should be FALSE or the name of the log file)');
470 }
471
472 if (empty ($filename)) {
473 if (preg_match('/^Win.*/', getenv('OS'))) {
474 if (isset ($_ENV['TMP'])) {
475 $debugDir = $_ENV['TMP'] . '/';
476 } else
477 if (isset ($_ENV['TEMP'])) {
478 $debugDir = $_ENV['TEMP'] . '/';
479 } else {
480 $debugDir = '';
481 }
482 } else {
483 $debugDir = DEFAULT_DEBUG_DIR;
484 }
485 $filename = $debugDir . 'phpCAS.log';
486 }
487
488 if (empty ($PHPCAS_DEBUG['unique_id'])) {
489 $PHPCAS_DEBUG['unique_id'] = substr(strtoupper(md5(uniqid(''))), 0, 4);
490 }
491
492 $PHPCAS_DEBUG['filename'] = $filename;
493
494 phpCAS :: trace('START phpCAS-' . PHPCAS_VERSION . ' ******************');
495 }
496
507 function backtrace() {
508 if (function_exists('debug_backtrace')) {
509 return debug_backtrace();
510 } else {
511 // poor man's hack ... but it does work ...
512 return array ();
513 }
514 }
515
523 function log($str) {
524 $indent_str = ".";
525 global $PHPCAS_DEBUG;
526
527 if ($PHPCAS_DEBUG['filename']) {
528 for ($i = 0; $i < $PHPCAS_DEBUG['indent']; $i++) {
529 $indent_str .= '| ';
530 }
531 error_log($PHPCAS_DEBUG['unique_id'] . ' ' . $indent_str . $str . "\n", 3, $PHPCAS_DEBUG['filename']);
532 }
533
534 }
535
544 function error($msg) {
545 $dbg = phpCAS :: backtrace();
546 $function = '?';
547 $file = '?';
548 $line = '?';
549 if (is_array($dbg)) {
550 for ($i = 1; $i < sizeof($dbg); $i++) {
551 if (is_array($dbg[$i])) {
552 if ($dbg[$i]['class'] == __CLASS__) {
553 $function = $dbg[$i]['function'];
554 $file = $dbg[$i]['file'];
555 $line = $dbg[$i]['line'];
556 }
557 }
558 }
559 }
560 echo "<br />\n<b>phpCAS error</b>: <font color=\"FF0000\"><b>" . __CLASS__ . "::" . $function . '(): ' . htmlentities($msg) . "</b></font> in <b>" . $file . "</b> on line <b>" . $line . "</b><br />\n";
561 phpCAS :: trace($msg);
563 exit ();
564 }
565
569 function trace($str) {
570 $dbg = phpCAS :: backtrace();
571 phpCAS :: log($str . ' [' . basename($dbg[1]['file']) . ':' . $dbg[1]['line'] . ']');
572 }
573
577 function traceBegin() {
578 global $PHPCAS_DEBUG;
579
580 $dbg = phpCAS :: backtrace();
581 $str = '=> ';
582 if (!empty ($dbg[2]['class'])) {
583 $str .= $dbg[2]['class'] . '::';
584 }
585 $str .= $dbg[2]['function'] . '(';
586 if (is_array($dbg[2]['args'])) {
587 foreach ($dbg[2]['args'] as $index => $arg) {
588 if ($index != 0) {
589 $str .= ', ';
590 }
591 $str .= str_replace("\n", "", var_export($arg, TRUE));
592 }
593 }
594 $str .= ') [' . basename($dbg[2]['file']) . ':' . $dbg[2]['line'] . ']';
595 phpCAS :: log($str);
596 $PHPCAS_DEBUG['indent']++;
597 }
598
604 function traceEnd($res = '') {
605 global $PHPCAS_DEBUG;
606
607 $PHPCAS_DEBUG['indent']--;
608 $dbg = phpCAS :: backtrace();
609 $str = '';
610 $str .= '<= ' . str_replace("\n", "", var_export($res, TRUE));
611 phpCAS :: log($str);
612 }
613
617 function traceExit() {
618 global $PHPCAS_DEBUG;
619
620 phpCAS :: log('exit()');
621 while ($PHPCAS_DEBUG['indent'] > 0) {
622 phpCAS :: log('-');
623 $PHPCAS_DEBUG['indent']--;
624 }
625 }
626
628 // ########################################################################
629 // INTERNATIONALIZATION
630 // ########################################################################
644 function setLang($lang) {
645 global $PHPCAS_CLIENT;
646 if (!is_object($PHPCAS_CLIENT)) {
647 phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
648 }
649 if (gettype($lang) != 'string') {
650 phpCAS :: error('type mismatched for parameter $lang (should be `string\')');
651 }
652 $PHPCAS_CLIENT->setLang($lang);
653 }
654
656 // ########################################################################
657 // VERSION
658 // ########################################################################
669 function getVersion() {
670 return PHPCAS_VERSION;
671 }
672
674 // ########################################################################
675 // HTML OUTPUT
676 // ########################################################################
688 global $PHPCAS_CLIENT;
689 if (!is_object($PHPCAS_CLIENT)) {
690 phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
691 }
692 if (gettype($header) != 'string') {
693 phpCAS :: error('type mismatched for parameter $header (should be `string\')');
694 }
695 $PHPCAS_CLIENT->setHTMLHeader($header);
696 }
697
703 function setHTMLFooter($footer) {
704 global $PHPCAS_CLIENT;
705 if (!is_object($PHPCAS_CLIENT)) {
706 phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
707 }
708 if (gettype($footer) != 'string') {
709 phpCAS :: error('type mismatched for parameter $footer (should be `string\')');
710 }
711 $PHPCAS_CLIENT->setHTMLFooter($footer);
712 }
713
715 // ########################################################################
716 // PGT STORAGE
717 // ########################################################################
730 function setPGTStorageFile($format = '', $path = '') {
732
734 if (!is_object($PHPCAS_CLIENT)) {
735 phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');
736 }
737 if (!$PHPCAS_CLIENT->isProxy()) {
738 phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');
739 }
740 if ($PHPCAS_AUTH_CHECK_CALL['done']) {
741 phpCAS :: error('this method should only be called before ' . $PHPCAS_AUTH_CHECK_CALL['method'] . '() (called at ' . $PHPCAS_AUTH_CHECK_CALL['file'] . ':' . $PHPCAS_AUTH_CHECK_CALL['line'] . ')');
742 }
743 if (gettype($format) != 'string') {
744 phpCAS :: error('type mismatched for parameter $format (should be `string\')');
745 }
746 if (gettype($path) != 'string') {
747 phpCAS :: error('type mismatched for parameter $format (should be `string\')');
748 }
749 $PHPCAS_CLIENT->setPGTStorageFile($format, $path);
751 }
752
768 function setPGTStorageDB($user, $password, $database_type = '', $hostname = '', $port = 0, $database = '', $table = '') {
770
772 if (!is_object($PHPCAS_CLIENT)) {
773 phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');
774 }
775 if (!$PHPCAS_CLIENT->isProxy()) {
776 phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');
777 }
778 if ($PHPCAS_AUTH_CHECK_CALL['done']) {
779 phpCAS :: error('this method should only be called before ' . $PHPCAS_AUTH_CHECK_CALL['method'] . '() (called at ' . $PHPCAS_AUTH_CHECK_CALL['file'] . ':' . $PHPCAS_AUTH_CHECK_CALL['line'] . ')');
780 }
781 if (gettype($user) != 'string') {
782 phpCAS :: error('type mismatched for parameter $user (should be `string\')');
783 }
784 if (gettype($password) != 'string') {
785 phpCAS :: error('type mismatched for parameter $password (should be `string\')');
786 }
787 if (gettype($database_type) != 'string') {
788 phpCAS :: error('type mismatched for parameter $database_type (should be `string\')');
789 }
790 if (gettype($hostname) != 'string') {
791 phpCAS :: error('type mismatched for parameter $hostname (should be `string\')');
792 }
793 if (gettype($port) != 'integer') {
794 phpCAS :: error('type mismatched for parameter $port (should be `integer\')');
795 }
796 if (gettype($database) != 'string') {
797 phpCAS :: error('type mismatched for parameter $database (should be `string\')');
798 }
799 if (gettype($table) != 'string') {
800 phpCAS :: error('type mismatched for parameter $table (should be `string\')');
801 }
802 $PHPCAS_CLIENT->setPGTStorageDB($user, $password, $database_type, $hostname, $port, $database, $table);
804 }
805
807 // ########################################################################
808 // ACCESS TO EXTERNAL SERVICES
809 // ########################################################################
828 function serviceWeb($url, & $err_code, & $output) {
830
832 if (!is_object($PHPCAS_CLIENT)) {
833 phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');
834 }
835 if (!$PHPCAS_CLIENT->isProxy()) {
836 phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');
837 }
838 if (!$PHPCAS_AUTH_CHECK_CALL['done']) {
839 phpCAS :: error('this method should only be called after the programmer is sure the user has been authenticated (by calling ' . __CLASS__ . '::checkAuthentication() or ' . __CLASS__ . '::forceAuthentication()');
840 }
841 if (!$PHPCAS_AUTH_CHECK_CALL['result']) {
842 phpCAS :: error('authentication was checked (by ' . $PHPCAS_AUTH_CHECK_CALL['method'] . '() at ' . $PHPCAS_AUTH_CHECK_CALL['file'] . ':' . $PHPCAS_AUTH_CHECK_CALL['line'] . ') but the method returned FALSE');
843 }
844 if (gettype($url) != 'string') {
845 phpCAS :: error('type mismatched for parameter $url (should be `string\')');
846 }
847
848 $res = $PHPCAS_CLIENT->serviceWeb($url, $err_code, $output);
849
851 return $res;
852 }
853
871 function serviceMail($url, $service, $flags, & $err_code, & $err_msg, & $pt) {
873
875 if (!is_object($PHPCAS_CLIENT)) {
876 phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');
877 }
878 if (!$PHPCAS_CLIENT->isProxy()) {
879 phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');
880 }
881 if (!$PHPCAS_AUTH_CHECK_CALL['done']) {
882 phpCAS :: error('this method should only be called after the programmer is sure the user has been authenticated (by calling ' . __CLASS__ . '::checkAuthentication() or ' . __CLASS__ . '::forceAuthentication()');
883 }
884 if (!$PHPCAS_AUTH_CHECK_CALL['result']) {
885 phpCAS :: error('authentication was checked (by ' . $PHPCAS_AUTH_CHECK_CALL['method'] . '() at ' . $PHPCAS_AUTH_CHECK_CALL['file'] . ':' . $PHPCAS_AUTH_CHECK_CALL['line'] . ') but the method returned FALSE');
886 }
887 if (gettype($url) != 'string') {
888 phpCAS :: error('type mismatched for parameter $url (should be `string\')');
889 }
890
891 if (gettype($flags) != 'integer') {
892 phpCAS :: error('type mismatched for parameter $flags (should be `integer\')');
893 }
894
895 $res = $PHPCAS_CLIENT->serviceMail($url, $service, $flags, $err_code, $err_msg, $pt);
896
898 return $res;
899 }
900
902 // ########################################################################
903 // AUTHENTICATION
904 // ########################################################################
919 global $PHPCAS_CLIENT;
920 if (!is_object($PHPCAS_CLIENT)) {
921 phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
922 }
923 if (gettype($n) != 'integer') {
924 phpCAS :: error('type mismatched for parameter $header (should be `string\')');
925 }
926 $PHPCAS_CLIENT->setCacheTimesForAuthRecheck($n);
927 }
928
935
937 if (!is_object($PHPCAS_CLIENT)) {
938 phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
939 }
940
941 $auth = $PHPCAS_CLIENT->checkAuthentication();
942
943 // store where the authentication has been checked and the result
944 $dbg = phpCAS :: backtrace();
946 'done' => TRUE,
947 'file' => $dbg[0]['file'],
948 'line' => $dbg[0]['line'],
949 'method' => __CLASS__ . '::' . __FUNCTION__,
950 'result' => $auth
951 );
953 return $auth;
954 }
955
963
965 if (!is_object($PHPCAS_CLIENT)) {
966 phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
967 }
968
969 $auth = $PHPCAS_CLIENT->forceAuthentication();
970
971 // store where the authentication has been checked and the result
972 $dbg = phpCAS :: backtrace();
974 'done' => TRUE,
975 'file' => $dbg[0]['file'],
976 'line' => $dbg[0]['line'],
977 'method' => __CLASS__ . '::' . __FUNCTION__,
978 'result' => $auth
979 );
980
981 if (!$auth) {
982 phpCAS :: trace('user is not authenticated, redirecting to the CAS server');
983 $PHPCAS_CLIENT->forceAuthentication();
984 } else {
985 phpCAS :: trace('no need to authenticate (user `' . phpCAS :: getUser() . '\' is already authenticated)');
986 }
987
988 phpCAS :: traceEnd();
989 return $auth;
990 }
991
995 function renewAuthentication() {
996 global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;
997
998 phpCAS :: traceBegin();
999 if (!is_object($PHPCAS_CLIENT)) {
1000 phpCAS :: error('this method should not be called before' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
1001 }
1002
1003 // store where the authentication has been checked and the result
1004 $dbg = phpCAS :: backtrace();
1005 $PHPCAS_AUTH_CHECK_CALL = array (
1006 'done' => TRUE,
1007 'file' => $dbg[0]['file'],
1008 'line' => $dbg[0]['line'],
1009 'method' => __CLASS__ . '::' . __FUNCTION__,
1010 'result' => $auth
1011 );
1012
1014 phpCAS :: traceEnd();
1015 }
1016
1020 function authenticate() {
1021 phpCAS :: error('this method is deprecated. You should use ' . __CLASS__ . '::forceAuthentication() instead');
1022 }
1023
1030 function isAuthenticated() {
1032
1034 if (!is_object($PHPCAS_CLIENT)) {
1035 phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
1036 }
1037
1038 // call the isAuthenticated method of the global $PHPCAS_CLIENT object
1039 $auth = $PHPCAS_CLIENT->isAuthenticated();
1040
1041 // store where the authentication has been checked and the result
1042 $dbg = phpCAS :: backtrace();
1043 $PHPCAS_AUTH_CHECK_CALL = array (
1044 'done' => TRUE,
1045 'file' => $dbg[0]['file'],
1046 'line' => $dbg[0]['line'],
1047 'method' => __CLASS__ . '::' . __FUNCTION__,
1048 'result' => $auth
1049 );
1051 return $auth;
1052 }
1053
1061 global $PHPCAS_CLIENT;
1062 if (!is_object($PHPCAS_CLIENT)) {
1063 phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
1064 }
1065 return ($PHPCAS_CLIENT->isSessionAuthenticated());
1066 }
1067
1075 function getUser() {
1077 if (!is_object($PHPCAS_CLIENT)) {
1078 phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
1079 }
1080 if (!$PHPCAS_AUTH_CHECK_CALL['done']) {
1081 phpCAS :: error('this method should only be called after ' . __CLASS__ . '::forceAuthentication() or ' . __CLASS__ . '::isAuthenticated()');
1082 }
1083 if (!$PHPCAS_AUTH_CHECK_CALL['result']) {
1084 phpCAS :: error('authentication was checked (by ' . $PHPCAS_AUTH_CHECK_CALL['method'] . '() at ' . $PHPCAS_AUTH_CHECK_CALL['file'] . ':' . $PHPCAS_AUTH_CHECK_CALL['line'] . ') but the method returned FALSE');
1085 }
1086 return $PHPCAS_CLIENT->getUser();
1087 }
1088
1096 function getAttributes() {
1098 if (!is_object($PHPCAS_CLIENT)) {
1099 phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
1100 }
1101 if (!$PHPCAS_AUTH_CHECK_CALL['done']) {
1102 phpCAS :: error('this method should only be called after ' . __CLASS__ . '::forceAuthentication() or ' . __CLASS__ . '::isAuthenticated()');
1103 }
1104 if (!$PHPCAS_AUTH_CHECK_CALL['result']) {
1105 phpCAS :: error('authentication was checked (by ' . $PHPCAS_AUTH_CHECK_CALL['method'] . '() at ' . $PHPCAS_AUTH_CHECK_CALL['file'] . ':' . $PHPCAS_AUTH_CHECK_CALL['line'] . ') but the method returned FALSE');
1106 }
1107 return $PHPCAS_CLIENT->getAttributes();
1108 }
1112 function handleLogoutRequests($check_client = true, $allowed_clients = false) {
1113 global $PHPCAS_CLIENT;
1114 if (!is_object($PHPCAS_CLIENT)) {
1115 phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
1116 }
1117 return ($PHPCAS_CLIENT->handleLogoutRequests($check_client, $allowed_clients));
1118 }
1119
1127 global $PHPCAS_CLIENT;
1128 if (!is_object($PHPCAS_CLIENT)) {
1129 phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
1130 }
1131 return $PHPCAS_CLIENT->getServerLoginURL();
1132 }
1133
1139 function setServerLoginURL($url = '') {
1140 global $PHPCAS_CLIENT;
1142 if (!is_object($PHPCAS_CLIENT)) {
1143 phpCAS :: error('this method should only be called after
1144 ' . __CLASS__ . '::client()');
1145 }
1146 if (gettype($url) != 'string') {
1147 phpCAS :: error('type mismatched for parameter $url (should be
1148 `string\')');
1149 }
1150 $PHPCAS_CLIENT->setServerLoginURL($url);
1152 }
1153
1161 global $PHPCAS_CLIENT;
1163 if (!is_object($PHPCAS_CLIENT)) {
1164 phpCAS :: error('this method should only be called after
1165 ' . __CLASS__ . '::client()');
1166 }
1167 if (gettype($url) != 'string') {
1168 phpCAS :: error('type mismatched for parameter $url (should be
1169 `string\')');
1170 }
1171 $PHPCAS_CLIENT->setServerServiceValidateURL($url);
1173 }
1174
1182 global $PHPCAS_CLIENT;
1184 if (!is_object($PHPCAS_CLIENT)) {
1185 phpCAS :: error('this method should only be called after
1186 ' . __CLASS__ . '::client()');
1187 }
1188 if (gettype($url) != 'string') {
1189 phpCAS :: error('type mismatched for parameter $url (should be
1190 `string\')');
1191 }
1192 $PHPCAS_CLIENT->setServerProxyValidateURL($url);
1194 }
1195
1202 global $PHPCAS_CLIENT;
1204 if (!is_object($PHPCAS_CLIENT)) {
1205 phpCAS :: error('this method should only be called after
1206 ' . __CLASS__ . '::client()');
1207 }
1208 if (gettype($url) != 'string') {
1209 phpCAS :: error('type mismatched for parameter $url (should be
1210 `string\')');
1211 }
1212 $PHPCAS_CLIENT->setServerSamlValidateURL($url);
1214 }
1215
1223 global $PHPCAS_CLIENT;
1224 if (!is_object($PHPCAS_CLIENT)) {
1225 phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');
1226 }
1227 return $PHPCAS_CLIENT->getServerLogoutURL();
1228 }
1229
1235 function setServerLogoutURL($url = '') {
1236 global $PHPCAS_CLIENT;
1238 if (!is_object($PHPCAS_CLIENT)) {
1239 phpCAS :: error('this method should only be called after
1240 ' . __CLASS__ . '::client()');
1241 }
1242 if (gettype($url) != 'string') {
1243 phpCAS :: error('type mismatched for parameter $url (should be
1244 `string\')');
1245 }
1246 $PHPCAS_CLIENT->setServerLogoutURL($url);
1248 }
1249
1255 function logout($params = "") {
1256 global $PHPCAS_CLIENT;
1258 if (!is_object($PHPCAS_CLIENT)) {
1259 phpCAS :: error('this method should only be called after ' . __CLASS__ . '::client() or' . __CLASS__ . '::proxy()');
1260 }
1261 $parsedParams = array ();
1262 if ($params != "") {
1263 if (is_string($params)) {
1264 phpCAS :: error('method `phpCAS::logout($url)\' is now deprecated, use `phpCAS::logoutWithUrl($url)\' instead');
1265 }
1266 if (!is_array($params)) {
1267 phpCAS :: error('type mismatched for parameter $params (should be `array\')');
1268 }
1269 foreach ($params as $key => $value) {
1270 if ($key != "service" && $key != "url") {
1271 phpCAS :: error('only `url\' and `service\' parameters are allowed for method `phpCAS::logout($params)\'');
1272 }
1273 $parsedParams[$key] = $value;
1274 }
1275 }
1276 $PHPCAS_CLIENT->logout($parsedParams);
1277 // never reached
1279 }
1280
1285 function logoutWithRedirectService($service) {
1286 global $PHPCAS_CLIENT;
1288 if (!is_object($PHPCAS_CLIENT)) {
1289 phpCAS :: error('this method should only be called after ' . __CLASS__ . '::client() or' . __CLASS__ . '::proxy()');
1290 }
1291 if (!is_string($service)) {
1292 phpCAS :: error('type mismatched for parameter $service (should be `string\')');
1293 }
1294 $PHPCAS_CLIENT->logout(array (
1295 "service" => $service
1296 ));
1297 // never reached
1299 }
1300
1306 global $PHPCAS_CLIENT;
1308 if (!is_object($PHPCAS_CLIENT)) {
1309 phpCAS :: error('this method should only be called after ' . __CLASS__ . '::client() or' . __CLASS__ . '::proxy()');
1310 }
1311 if (!is_string($url)) {
1312 phpCAS :: error('type mismatched for parameter $url (should be `string\')');
1313 }
1314 $PHPCAS_CLIENT->logout(array (
1315 "url" => $url
1316 ));
1317 // never reached
1319 }
1320
1327 global $PHPCAS_CLIENT;
1329 if (!is_object($PHPCAS_CLIENT)) {
1330 phpCAS :: error('this method should only be called after ' . __CLASS__ . '::client() or' . __CLASS__ . '::proxy()');
1331 }
1332 if (!is_string($service)) {
1333 phpCAS :: error('type mismatched for parameter $service (should be `string\')');
1334 }
1335 if (!is_string($url)) {
1336 phpCAS :: error('type mismatched for parameter $url (should be `string\')');
1337 }
1338 $PHPCAS_CLIENT->logout(array (
1339 "service" => $service,
1340 "url" => $url
1341 ));
1342 // never reached
1344 }
1345
1352 function setFixedCallbackURL($url = '') {
1353 global $PHPCAS_CLIENT;
1355 if (!is_object($PHPCAS_CLIENT)) {
1356 phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');
1357 }
1358 if (!$PHPCAS_CLIENT->isProxy()) {
1359 phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');
1360 }
1361 if (gettype($url) != 'string') {
1362 phpCAS :: error('type mismatched for parameter $url (should be `string\')');
1363 }
1364 $PHPCAS_CLIENT->setCallbackURL($url);
1366 }
1367
1375 global $PHPCAS_CLIENT;
1377 if (!is_object($PHPCAS_CLIENT)) {
1378 phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');
1379 }
1380 if (gettype($url) != 'string') {
1381 phpCAS :: error('type mismatched for parameter $url (should be `string\')');
1382 }
1383 $PHPCAS_CLIENT->setURL($url);
1385 }
1386
1390 function getServiceURL() {
1391 global $PHPCAS_CLIENT;
1392 if (!is_object($PHPCAS_CLIENT)) {
1393 phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');
1394 }
1395 return ($PHPCAS_CLIENT->getURL());
1396 }
1397
1401 function retrievePT($target_service, & $err_code, & $err_msg) {
1402 global $PHPCAS_CLIENT;
1403 if (!is_object($PHPCAS_CLIENT)) {
1404 phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');
1405 }
1406 if (gettype($target_service) != 'string') {
1407 phpCAS :: error('type mismatched for parameter $target_service(should be `string\')');
1408 }
1409 return ($PHPCAS_CLIENT->retrievePT($target_service, $err_code, $err_msg));
1410 }
1411
1417 function setCasServerCert($cert) {
1418 global $PHPCAS_CLIENT;
1420 if (!is_object($PHPCAS_CLIENT)) {
1421 phpCAS :: error('this method should only be called after ' . __CLASS__ . '::client() or' . __CLASS__ . '::proxy()');
1422 }
1423 if (gettype($cert) != 'string') {
1424 phpCAS :: error('type mismatched for parameter $cert (should be `string\')');
1425 }
1426 $PHPCAS_CLIENT->setCasServerCert($cert);
1428 }
1429
1435 function setCasServerCACert($cert) {
1436 global $PHPCAS_CLIENT;
1438 if (!is_object($PHPCAS_CLIENT)) {
1439 phpCAS :: error('this method should only be called after ' . __CLASS__ . '::client() or' . __CLASS__ . '::proxy()');
1440 }
1441 if (gettype($cert) != 'string') {
1442 phpCAS :: error('type mismatched for parameter $cert (should be `string\')');
1443 }
1444 $PHPCAS_CLIENT->setCasServerCACert($cert);
1446 }
1447
1452 global $PHPCAS_CLIENT;
1454 if (!is_object($PHPCAS_CLIENT)) {
1455 phpCAS :: error('this method should only be called after ' . __CLASS__ . '::client() or' . __CLASS__ . '::proxy()');
1456 }
1457 $PHPCAS_CLIENT->setNoCasServerValidation();
1459 }
1460
1469 function setExtraCurlOption($key, $value) {
1470 global $PHPCAS_CLIENT;
1472 if (!is_object($PHPCAS_CLIENT)) {
1473 phpCAS :: error('this method should only be called after ' . __CLASS__ . '::client() or' . __CLASS__ . '::proxy()');
1474 }
1475 $PHPCAS_CLIENT->setExtraCurlOption($key, $value);
1477 }
1478
1479}
1480
1481// ########################################################################
1482// DOCUMENTATION
1483// ########################################################################
1484
1485// ########################################################################
1486// MAIN PAGE
1487
1495// ########################################################################
1496// MODULES DEFINITION
1497
1571// ########################################################################
1572// EXAMPLES
1573
1610?>
print $file
$n
Definition: RandomTest.php:80
$filename
Definition: buildRTE.php:89
The CASClient class is a client interface that provides CAS authentication to PHP applications.
Definition: client.php:52
The phpCAS class is a simple container for the phpCAS library.
Definition: CAS.php:341
setExtraCurlOption($key, $value)
Change CURL options.
Definition: CAS.php:1469
$header
$params
Definition: example_049.php:96
error($msg)
This method is used by interface methods to print an error and where the function was originally call...
Definition: CAS.php:544
backtrace()
This method is a wrapper for debug_backtrace() that is not available in all PHP versions (>= 4....
Definition: CAS.php:507
traceExit()
This method is used to indicate the end of the execution of the program.
Definition: CAS.php:617
trace($str)
This method is used to log something in debug mode.
Definition: CAS.php:569
log($str)
Logs a string in debug mode.
Definition: CAS.php:523
traceBegin()
This method is used to indicate the start of the execution of a function in debug mode.
Definition: CAS.php:577
traceEnd($res='')
This method is used to indicate the end of the execution of a function in debug mode.
Definition: CAS.php:604
$PHPCAS_DEBUG
This global variable is used to store phpCAS debug mode.
Definition: CAS.php:206
$PHPCAS_INIT_CALL
This global variable is used to store where the initializer is called from (to print a comprehensive ...
Definition: CAS.php:184
$GLOBALS['PHPCAS_CLIENT']
This global variable is used by the interface class phpCAS.
Definition: CAS.php:276
$PHPCAS_AUTH_CHECK_CALL
This global variable is used to store where the method checking the authentication is called from (to...
Definition: CAS.php:195
$PHPCAS_CLIENT
This global variable is used by the interface class phpCAS.
Definition: CAS.php:176
handleLogoutRequests($check_client=true, $allowed_clients=false)
Handle logout requests.
Definition: CAS.php:1112
setCacheTimesForAuthRecheck($n)
Set the times authentication will be cached before really accessing the CAS server in gateway mode:
Definition: CAS.php:918
getAttributes()
This method returns the CAS user's login name.
Definition: CAS.php:1096
logout($params="")
This method is used to logout from CAS.
Definition: CAS.php:1255
setServerProxyValidateURL($url='')
Set the proxyValidate URL of the CAS server.
Definition: CAS.php:1181
setServerSamlValidateURL($url='')
Set the samlValidate URL of the CAS server.
Definition: CAS.php:1201
isAuthenticated()
This method is called to check if the user is authenticated (previously or by tickets given in the UR...
Definition: CAS.php:1030
setServerLoginURL($url='')
Set the login URL of the CAS server.
Definition: CAS.php:1139
renewAuthentication()
This method is called to renew the authentication.
Definition: CAS.php:995
setServerLogoutURL($url='')
Set the logout URL of the CAS server.
Definition: CAS.php:1235
setServerServiceValidateURL($url='')
Set the serviceValidate URL of the CAS server.
Definition: CAS.php:1160
getServerLoginURL()
This method returns the URL to be used to login.
Definition: CAS.php:1126
retrievePT($target_service, & $err_code, & $err_msg)
Retrieve a Proxy Ticket from the CAS server.
Definition: CAS.php:1401
setCasServerCert($cert)
Set the certificate of the CAS server.
Definition: CAS.php:1417
logoutWithRedirectService($service)
This method is used to logout from CAS.
Definition: CAS.php:1285
getServiceURL()
Get the URL that is set as the CAS service parameter.
Definition: CAS.php:1390
getServerLogoutURL()
This method returns the URL to be used to login.
Definition: CAS.php:1222
setFixedCallbackURL($url='')
Set the fixed URL that will be used by the CAS server to transmit the PGT.
Definition: CAS.php:1352
authenticate()
This method has been left from version 0.4.1 for compatibility reasons.
Definition: CAS.php:1020
logoutWithRedirectServiceAndUrl($service, $url)
This method is used to logout from CAS.
Definition: CAS.php:1326
checkAuthentication()
This method is called to check if the user is authenticated (use the gateway feature).
Definition: CAS.php:933
forceAuthentication()
This method is called to force authentication if the user was not already authenticated.
Definition: CAS.php:961
setNoCasServerValidation()
Set no SSL validation for the CAS server.
Definition: CAS.php:1451
getUser()
This method returns the CAS user's login name.
Definition: CAS.php:1075
setCasServerCACert($cert)
Set the certificate of the CAS server CA.
Definition: CAS.php:1435
isSessionAuthenticated()
Checks whether authenticated based on $_SESSION.
Definition: CAS.php:1060
setFixedServiceURL($url)
Set the fixed URL that will be set as the CAS service parameter.
Definition: CAS.php:1374
logoutWithUrl($url)
This method is used to logout from CAS.
Definition: CAS.php:1305
const DEFAULT_DEBUG_DIR
The default directory for the debug file under Unix.
Definition: CAS.php:260
setDebug($filename='')
Set/unset debug mode.
Definition: CAS.php:465
proxy($server_version, $server_hostname, $server_port, $server_uri, $start_session=true)
phpCAS proxy initializer.
Definition: CAS.php:415
client($server_version, $server_hostname, $server_port, $server_uri, $start_session=true)
phpCAS client initializer.
Definition: CAS.php:366
setLang($lang)
This method is used to set the language used by phpCAS.
Definition: CAS.php:644
const PHPCAS_LANG_ENGLISH
Definition: CAS.php:228
setHTMLHeader($header)
This method sets the HTML header used for all outputs.
Definition: CAS.php:687
setHTMLFooter($footer)
This method sets the HTML footer used for all outputs.
Definition: CAS.php:703
setPGTStorageDB($user, $password, $database_type='', $hostname='', $port=0, $database='', $table='')
This method is used to tell phpCAS to store the response of the CAS server to PGT requests into a dat...
Definition: CAS.php:768
setPGTStorageFile($format='', $path='')
This method is used to tell phpCAS to store the response of the CAS server to PGT requests onto the f...
Definition: CAS.php:730
const CAS_PGT_STORAGE_FILE_FORMAT_PLAIN
phpCAS::setPGTStorageFile()'s 2nd parameter to write plain text files
Definition: CAS.php:153
serviceWeb($url, & $err_code, & $output)
This method is used to access an HTTP[S] service.
Definition: CAS.php:828
serviceMail($url, $service, $flags, & $err_code, & $err_msg, & $pt)
This method is used to access an IMAP/POP3/NNTP service.
Definition: CAS.php:871
getVersion()
This method returns the phpCAS version.
Definition: CAS.php:669
const PHPCAS_VERSION
phpCAS version.
Definition: CAS.php:64
exit
Definition: login.php:54
$url
Definition: shib_logout.php:72
$path
Definition: index.php:22
if((!isset($_SERVER['DOCUMENT_ROOT'])) OR(empty($_SERVER['DOCUMENT_ROOT']))) $_SERVER['DOCUMENT_ROOT']