ILIAS  release_5-1 Revision 5.0.0-5477-g43f3e3fab5f
Modules | Data Structures | Functions | Variables
PGT storage
ImplementationImplementation » | CAS Basic client features (CAS 1.0, Service Tickets) » CAS Proxy features (CAS 2.0, Proxy Granting Tickets)
+ Collaboration diagram for PGT storage:

Modules

 PGT storage in a database
 
 PGT storage on the filesystem
 

Data Structures

class  PGTStorage
 The PGTStorage class is a generic class for PGT storage. More...
 

Functions

 CASClient::initPGTStorage ()
 This method is used to initialize the storage of PGT's. More...
 
 CASClient::storePGT ($pgt, $pgt_iou)
 This method stores a PGT. More...
 
 CASClient::loadPGT ($pgt_iou)
 This method reads a PGT from its Iou and deletes the corresponding storage entry. More...
 
 CASClient::setPGTStorageFile ($format='', $path='')
 This method is used to tell phpCAS to store the response of the CAS server to PGT requests onto the filesystem. More...
 
 CASClient::setPGTStorageDB ($user, $password, $database_type, $hostname, $port, $database, $table)
 This method is used to tell phpCAS to store the response of the CAS server to PGT requests into a database. More...
 
 CASClient::validatePGT (&$validate_url, $text_response, $tree_response)
 This method is used to validate a PGT; halt on failure. More...
 
 CASClient::retrievePT ($target_service, &$err_code, &$err_msg)
 This method is used to retrieve PT's from the CAS server thanks to a PGT. More...
 
 CASClient::readURL ($url, $cookies, &$headers, &$body, &$err_msg)
 This method is used to acces a remote URL. More...
 
 CASClient::buildSAMLPayload ()
 This method is used to build the SAML POST body sent to /samlValidate URL. More...
 
 CASClient::_curl_read_headers ($ch, $header)
 
 CASClient::serviceWeb ($url, &$err_code, &$output)
 This method is used to access an HTTP[S] service. More...
 
 CASClient::serviceMail ($url, $service, $flags, &$err_code, &$err_msg, &$pt)
 This method is used to access an IMAP/POP3/NNTP service. More...
 
 PGTStorage::PGTStorage ($cas_parent)
 The constructor of the class, should be called only by inherited classes. More...
 
 PGTStorage::getStorageType ()
 This virtual method returns an informational string giving the type of storage used by the object (used for debugging purposes). More...
 
 PGTStorage::getStorageInfo ()
 This virtual method returns an informational string giving informations on the parameters of the storage. More...
 
 PGTStorage::setErrorMessage ($error_message)
 This method sets en error message, which can be read later by PGTStorage::getErrorMessage(). More...
 
 PGTStorage::getErrorMessage ()
 This method returns an error message set by PGTStorage::setErrorMessage(). More...
 
 PGTStorage::isInitialized ()
 This method tells if the storage has already been intialized. More...
 
 PGTStorage::init ()
 This virtual method initializes the object. More...
 
 PGTStorage::write ($pgt, $pgt_iou)
 This virtual method stores a PGT and its corresponding PGT Iuo. More...
 
 PGTStorage::read ($pgt_iou)
 This virtual method reads a PGT corresponding to a PGT Iou and deletes the corresponding storage entry. More...
 
 CASClient::serviceMail ($url, $flags, &$err_code, &$err_msg, &$pt)
 This method is used to access an IMAP/POP3/NNTP service. More...
 

Variables

 CASClient::$_pgt_storage
 an instance of a class inheriting of PGTStorage, used to deal with PGT storage. More...
 
 CASClient::$_curl_headers = array()
 This method is the callback used by readURL method to request HTTP headers. More...
 
 PGTStorage::$_error_message
 string used to store an error message. More...
 
 PGTStorage::$_initialized
 a boolean telling if the storage has already been initialized. More...
 

Detailed Description

Function Documentation

◆ _curl_read_headers()

CASClient::_curl_read_headers (   $ch,
  $header 
)

Definition at line 2277 of file client.php.

References $header.

2278  {
2279  $this->_curl_headers[] = $header;
2280  return strlen($header);
2281  }
$header
$header
Definition: example_011.php:123

◆ buildSAMLPayload()

CASClient::buildSAMLPayload ( )
private

This method is used to build the SAML POST body sent to /samlValidate URL.

Returns
the SOAP-encased SAMLP artifact (the ticket).

Definition at line 2259 of file client.php.

References CASClient\getSA(), SAML_SOAP_ENV, phpCAS\traceBegin(), and phpCAS\traceEnd().

Referenced by CASClient\readURL().

2260  {
2261  phpCAS::traceBegin();
2262 
2263  //get the ticket
2264  $sa = $this->getSA();
2265  //phpCAS::trace("SA: ".$sa);
2266 
2267  $body=SAML_SOAP_ENV.SAML_SOAP_BODY.SAMLP_REQUEST.SAML_ASSERTION_ARTIFACT.$sa.SAML_ASSERTION_ARTIFACT_CLOSE.SAMLP_REQUEST_CLOSE.SAML_SOAP_BODY_CLOSE.SAML_SOAP_ENV_CLOSE;
2268 
2269  phpCAS::traceEnd($body);
2270  return ($body);
2271  }
SAML_SOAP_ENV
const SAML_SOAP_ENV
SOAP envelope for SAML POST.
Definition: CAS.php:100
phpCAS\traceEnd
traceEnd($res='')
This method is used to indicate the end of the execution of a function in debug mode.
Definition: CAS.php:604
phpCAS\traceBegin
traceBegin()
This method is used to indicate the start of the execution of a function in debug mode...
Definition: CAS.php:577
CASClient\getSA
getSA()
This method returns the SAML Ticket provided in the URL of the request.
Definition: client.php:2471
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getErrorMessage()

PGTStorage::getErrorMessage ( )

This method returns an error message set by PGTStorage::setErrorMessage().

Returns
an error message when set by PGTStorage::setErrorMessage(), FALSE otherwise.
Deprecated:
not used.

Definition at line 135 of file pgt-main.php.

References PGTStorage\$_error_message.

136  {
137  return $this->_error_message;
138  }
PGTStorage\$_error_message
$_error_message
string used to store an error message.
Definition: pgt-main.php:110

◆ getStorageInfo()

PGTStorage::getStorageInfo ( )

This virtual method returns an informational string giving informations on the parameters of the storage.

(used for debugging purposes).

Definition at line 93 of file pgt-main.php.

References phpCAS\error().

94  {
95  phpCAS::error(__CLASS__.'::'.__FUNCTION__.'() should never be called');
96  }
phpCAS\error
error($msg)
This method is used by interface methods to print an error and where the function was originally call...
Definition: CAS.php:544
+ Here is the call graph for this function:

◆ getStorageType()

PGTStorage::getStorageType ( )

This virtual method returns an informational string giving the type of storage used by the object (used for debugging purposes).

Definition at line 82 of file pgt-main.php.

References phpCAS\error().

83  {
84  phpCAS::error(__CLASS__.'::'.__FUNCTION__.'() should never be called');
85  }
phpCAS\error
error($msg)
This method is used by interface methods to print an error and where the function was originally call...
Definition: CAS.php:544
+ Here is the call graph for this function:

◆ init()

PGTStorage::init ( )
protected

This virtual method initializes the object.

Definition at line 170 of file pgt-main.php.

171  {
172  $this->_initialized = TRUE;
173  }

◆ initPGTStorage()

CASClient::initPGTStorage ( )
private

This method is used to initialize the storage of PGT's.

Halts on error.

Definition at line 1889 of file client.php.

References CASClient\setPGTStorageFile().

Referenced by CASClient\loadPGT(), and CASClient\storePGT().

1890  {
1891  // if no SetPGTStorageXxx() has been used, default to file
1892  if ( !is_object($this->_pgt_storage) ) {
1893  $this->setPGTStorageFile();
1894  }
1895 
1896  // initializes the storage
1897  $this->_pgt_storage->init();
1898  }
CASClient\setPGTStorageFile
setPGTStorageFile($format='', $path='')
This method is used to tell phpCAS to store the response of the CAS server to PGT requests onto the f...
Definition: client.php:1942
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ isInitialized()

PGTStorage::isInitialized ( )
protected

This method tells if the storage has already been intialized.

Returns
a boolean

Definition at line 160 of file pgt-main.php.

References PGTStorage\$_initialized.

Referenced by PGTStorageFile\init(), and PGTStorageDB\init().

161  {
162  return $this->_initialized;
163  }
PGTStorage\$_initialized
$_initialized
a boolean telling if the storage has already been initialized.
Definition: pgt-main.php:151
+ Here is the caller graph for this function:

◆ loadPGT()

CASClient::loadPGT (   $pgt_iou)
private

This method reads a PGT from its Iou and deletes the corresponding storage entry.

Parameters
$pgt_iouthe PGT Iou
Returns
The PGT corresponding to the Iou, FALSE when not found.

Definition at line 1925 of file client.php.

References CASClient\initPGTStorage().

Referenced by CASClient\validatePGT().

1926  {
1927  // ensure that storage is initialized
1928  $this->initPGTStorage();
1929  // read the PGT
1930  return $this->_pgt_storage->read($pgt_iou);
1931  }
CASClient\initPGTStorage
initPGTStorage()
This method is used to initialize the storage of PGT's.
Definition: client.php:1889
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ PGTStorage()

PGTStorage::PGTStorage (   $cas_parent)
protected

The constructor of the class, should be called only by inherited classes.

Parameters
$cas_parentthe CASclient instance that creates the current object.

Definition at line 63 of file pgt-main.php.

References phpCAS\error(), phpCAS\traceBegin(), and phpCAS\traceEnd().

Referenced by PGTStorageDB\PGTStorageDB(), and PGTStorageFile\PGTStorageFile().

64  {
65  phpCAS::traceBegin();
66  if ( !$cas_parent->isProxy() ) {
67  phpCAS::error('defining PGT storage makes no sense when not using a CAS proxy');
68  }
69  phpCAS::traceEnd();
70  }
phpCAS\traceEnd
traceEnd($res='')
This method is used to indicate the end of the execution of a function in debug mode.
Definition: CAS.php:604
phpCAS\traceBegin
traceBegin()
This method is used to indicate the start of the execution of a function in debug mode...
Definition: CAS.php:577
phpCAS\error
error($msg)
This method is used by interface methods to print an error and where the function was originally call...
Definition: CAS.php:544
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ read()

PGTStorage::read (   $pgt_iou)
protected

This virtual method reads a PGT corresponding to a PGT Iou and deletes the corresponding storage entry.

Note
Should never be called.
Parameters
$pgt_iouthe PGT iou

Definition at line 202 of file pgt-main.php.

References phpCAS\error().

203  {
204  phpCAS::error(__CLASS__.'::'.__FUNCTION__.'() should never be called');
205  }
phpCAS\error
error($msg)
This method is used by interface methods to print an error and where the function was originally call...
Definition: CAS.php:544
+ Here is the call graph for this function:

◆ readURL()

CASClient::readURL (   $url,
  $cookies,
$headers,
$body,
$err_msg 
)
private

This method is used to acces a remote URL.

Parameters
$urlthe URL to access.
$cookiesan array containing cookies strings such as 'name=val'
$headersan array containing the HTTP header lines of the response (an empty array on failure).
$bodythe body of the response, as a string (empty on failure).
$err_msgan error message, filled on failure.
Returns
TRUE on success, FALSE otherwise (in this later case, $err_msg contains an error message).

Definition at line 2163 of file client.php.

References CASClient\$_curl_headers, $data, $res, $url, CASClient\buildSAMLPayload(), phpCAS\error(), CASClient\hasSA(), phpCAS\trace(), phpCAS\traceBegin(), and phpCAS\traceEnd().

Referenced by CASClient\retrievePT(), CASClient\serviceWeb(), CASClient\validatePT(), CASClient\validateSA(), and CASClient\validateST().

2164  {
2165  phpCAS::traceBegin();
2166  $headers = '';
2167  $body = '';
2168  $err_msg = '';
2169 
2170  $res = TRUE;
2171 
2172  // initialize the CURL session
2173  $ch = curl_init($url);
2174 
2175  if (version_compare(PHP_VERSION,'5.1.3','>=')) {
2176  //only avaible in php5
2177  curl_setopt_array($ch, $this->_curl_options);
2178  } else {
2179  foreach ($this->_curl_options as $key => $value) {
2180  curl_setopt($ch, $key, $value);
2181  }
2182  }
2183 
2184  if ($this->_cas_server_cert == '' && $this->_cas_server_ca_cert == '' && !$this->_no_cas_server_validation) {
2185  phpCAS::error('one of the methods phpCAS::setCasServerCert(), phpCAS::setCasServerCACert() or phpCAS::setNoCasServerValidation() must be called.');
2186  }
2187  if ($this->_cas_server_cert != '' && $this->_cas_server_ca_cert != '') {
2188  // This branch added by IDMS. Seems phpCAS implementor got a bit confused about the curl options CURLOPT_SSLCERT and CURLOPT_CAINFO
2189  curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
2190  curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 1);
2191  curl_setopt($ch, CURLOPT_SSLCERT, $this->_cas_server_cert);
2192  curl_setopt($ch, CURLOPT_CAINFO, $this->_cas_server_ca_cert);
2193  curl_setopt($ch, CURLOPT_VERBOSE, '1');
2194  phpCAS::trace('CURL: Set all required opts for mutual authentication ------');
2195  } else if ($this->_cas_server_cert != '' ) {
2196  curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
2197  curl_setopt($ch, CURLOPT_SSLCERT, $this->_cas_server_cert);
2198  } else if ($this->_cas_server_ca_cert != '') {
2199  curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
2200  curl_setopt($ch, CURLOPT_CAINFO, $this->_cas_server_ca_cert);
2201  } else {
2202  curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 1);
2203  curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
2204  }
2205 
2206  // return the CURL output into a variable
2207  curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
2208  // get the HTTP header with a callback
2209  $this->_curl_headers = array(); // empty the headers array
2210  curl_setopt($ch, CURLOPT_HEADERFUNCTION, array($this, '_curl_read_headers'));
2211  // add cookies headers
2212  if ( is_array($cookies) ) {
2213  curl_setopt($ch,CURLOPT_COOKIE,implode(';',$cookies));
2214  }
2215  // add extra stuff if SAML
2216  if ($this->hasSA()) {
2217  $more_headers = array ("soapaction: http://www.oasis-open.org/committees/security",
2218  "cache-control: no-cache",
2219  "pragma: no-cache",
2220  "accept: text/xml",
2221  "connection: keep-alive",
2222  "content-type: text/xml");
2223 
2224  curl_setopt($ch, CURLOPT_HTTPHEADER, $more_headers);
2225  curl_setopt($ch, CURLOPT_POST, 1);
2226  $data = $this->buildSAMLPayload();
2227  //phpCAS::trace('SAML Payload: '.print_r($data, TRUE));
2228  curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
2229  }
2230  // perform the query
2231  $buf = curl_exec ($ch);
2232  //phpCAS::trace('CURL: Call completed. Response body is: \''.$buf.'\'');
2233  if ( $buf === FALSE ) {
2234  phpCAS::trace('curl_exec() failed');
2235  $err_msg = 'CURL error #'.curl_errno($ch).': '.curl_error($ch);
2236  //phpCAS::trace('curl error: '.$err_msg);
2237  // close the CURL session
2238  curl_close ($ch);
2239  $res = FALSE;
2240  } else {
2241  // close the CURL session
2242  curl_close ($ch);
2243 
2244  $headers = $this->_curl_headers;
2245  $body = $buf;
2246  }
2247 
2248  phpCAS::traceEnd($res);
2249  return $res;
2250  }
CASClient\hasSA
hasSA()
This method tells if a SAML Ticket was stored.
Definition: client.php:2487
phpCAS\traceEnd
traceEnd($res='')
This method is used to indicate the end of the execution of a function in debug mode.
Definition: CAS.php:604
$url
$url
Definition: shib_logout.php:72
$data
$data
Definition: example_011.php:126
phpCAS\traceBegin
traceBegin()
This method is used to indicate the start of the execution of a function in debug mode...
Definition: CAS.php:577
phpCAS\error
error($msg)
This method is used by interface methods to print an error and where the function was originally call...
Definition: CAS.php:544
CASClient\$_curl_headers
$_curl_headers
This method is the callback used by readURL method to request HTTP headers.
Definition: client.php:2276
CASClient\buildSAMLPayload
buildSAMLPayload()
This method is used to build the SAML POST body sent to /samlValidate URL.
Definition: client.php:2259
phpCAS\trace
trace($str)
This method is used to log something in debug mode.
Definition: CAS.php:569
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ retrievePT()

CASClient::retrievePT (   $target_service,
$err_code,
$err_msg 
)
private

This method is used to retrieve PT's from the CAS server thanks to a PGT.

Parameters
$target_servicethe service to ask for with the PT.
$err_codean error code (PHPCAS_SERVICE_OK on success).
$err_msgan error message (empty on success).
Returns
a Proxy Ticket, or FALSE on error.

Definition at line 2053 of file client.php.

References domxml_open_mem(), CASClient\getPGT(), CASClient\getServerProxyURL(), CASClient\readURL(), phpCAS\trace(), phpCAS\traceBegin(), and phpCAS\traceEnd().

Referenced by CASClient\serviceWeb().

2054  {
2055  phpCAS::traceBegin();
2056 
2057  // by default, $err_msg is set empty and $pt to TRUE. On error, $pt is
2058  // set to false and $err_msg to an error message. At the end, if $pt is FALSE
2059  // and $error_msg is still empty, it is set to 'invalid response' (the most
2060  // commonly encountered error).
2061  $err_msg = '';
2062 
2063  // build the URL to retrieve the PT
2064  // $cas_url = $this->getServerProxyURL().'?targetService='.preg_replace('/&/','%26',$target_service).'&pgt='.$this->getPGT();
2065  $cas_url = $this->getServerProxyURL().'?targetService='.urlencode($target_service).'&pgt='.$this->getPGT();
2066 
2067  // open and read the URL
2068  if ( !$this->readURL($cas_url,''/*cookies*/,$headers,$cas_response,$err_msg) ) {
2069  phpCAS::trace('could not open URL \''.$cas_url.'\' to validate ('.$err_msg.')');
2070  $err_code = PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE;
2071  $err_msg = 'could not retrieve PT (no response from the CAS server)';
2072  phpCAS::traceEnd(FALSE);
2073  return FALSE;
2074  }
2075 
2076  $bad_response = FALSE;
2077 
2078  if ( !$bad_response ) {
2079  // read the response of the CAS server into a DOM object
2080  if ( !($dom = @domxml_open_mem($cas_response))) {
2081  phpCAS::trace('domxml_open_mem() failed');
2082  // read failed
2083  $bad_response = TRUE;
2084  }
2085  }
2086 
2087  if ( !$bad_response ) {
2088  // read the root node of the XML tree
2089  if ( !($root = $dom->document_element()) ) {
2090  phpCAS::trace('document_element() failed');
2091  // read failed
2092  $bad_response = TRUE;
2093  }
2094  }
2095 
2096  if ( !$bad_response ) {
2097  // insure that tag name is 'serviceResponse'
2098  if ( $root->node_name() != 'serviceResponse' ) {
2099  phpCAS::trace('node_name() failed');
2100  // bad root node
2101  $bad_response = TRUE;
2102  }
2103  }
2104 
2105  if ( !$bad_response ) {
2106  // look for a proxySuccess tag
2107  if ( sizeof($arr = $root->get_elements_by_tagname("proxySuccess")) != 0) {
2108  // authentication succeded, look for a proxyTicket tag
2109  if ( sizeof($arr = $root->get_elements_by_tagname("proxyTicket")) != 0) {
2110  $err_code = PHPCAS_SERVICE_OK;
2111  $err_msg = '';
2112  phpCAS::trace('original PT: '.trim($arr[0]->get_content()));
2113  $pt = trim($arr[0]->get_content());
2114  phpCAS::traceEnd($pt);
2115  return $pt;
2116  } else {
2117  phpCAS::trace('<proxySuccess> was found, but not <proxyTicket>');
2118  }
2119  }
2120  // look for a proxyFailure tag
2121  else if ( sizeof($arr = $root->get_elements_by_tagname("proxyFailure")) != 0) {
2122  // authentication failed, extract the error
2123  $err_code = PHPCAS_SERVICE_PT_FAILURE;
2124  $err_msg = 'PT retrieving failed (code=`'
2125  .$arr[0]->get_attribute('code')
2126  .'\', message=`'
2127  .trim($arr[0]->get_content())
2128  .'\')';
2129  phpCAS::traceEnd(FALSE);
2130  return FALSE;
2131  } else {
2132  phpCAS::trace('neither <proxySuccess> nor <proxyFailure> found');
2133  }
2134  }
2135 
2136  // at this step, we are sure that the response of the CAS server was ill-formed
2137  $err_code = PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE;
2138  $err_msg = 'Invalid response from the CAS server (response=`'.$cas_response.'\')';
2139 
2140  phpCAS::traceEnd(FALSE);
2141  return FALSE;
2142  }
domxml_open_mem
domxml_open_mem($str, $mode=DOMXML_LOAD_PARSING, &$error=NULL)
Definition: inc.xml5compliance.php:43
phpCAS\traceEnd
traceEnd($res='')
This method is used to indicate the end of the execution of a function in debug mode.
Definition: CAS.php:604
CASClient\getServerProxyURL
getServerProxyURL()
This method is used to retrieve the proxy URL of the CAS server.
Definition: client.php:488
phpCAS\traceBegin
traceBegin()
This method is used to indicate the start of the execution of a function in debug mode...
Definition: CAS.php:577
CASClient\getPGT
getPGT()
This method returns the Proxy Granting Ticket given by the CAS server.
Definition: client.php:1709
CASClient\readURL
readURL($url, $cookies, &$headers, &$body, &$err_msg)
This method is used to acces a remote URL.
Definition: client.php:2163
phpCAS\trace
trace($str)
This method is used to log something in debug mode.
Definition: CAS.php:569
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ serviceMail() [1/2]

CASClient::serviceMail (   $url,
  $flags,
$err_code,
$err_msg,
$pt 
)

This method is used to access an IMAP/POP3/NNTP service.

Parameters
$urla string giving the URL of the service, including the mailing box for IMAP URLs, as accepted by imap_open().
$flagsoptions given to imap_open().
$err_codean error code Possible values are PHPCAS_SERVICE_OK (on success), PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE, PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE, PHPCAS_SERVICE_PT_FAILURE, PHPCAS_SERVICE_NOT AVAILABLE.
$err_msgan error message on failure
$ptthe Proxy Ticket (PT) retrieved from the CAS server to access the URL on success, FALSE on error).
Returns
an IMAP stream on success, FALSE otherwise (in this later case, $err_code gives the reason why it failed and $err_msg contains an error message).

Definition at line 1633 of file client.php.

1634  {
1635  phpCAS::traceBegin();
1636  // at first retrieve a PT
1637  $pt = $this->retrievePT($target_service,$err_code,$output);
1638 
1639  $stream = FALSE;
1640 
1641  // test if PT was retrieved correctly
1642  if ( !$pt ) {
1643  // note: $err_code and $err_msg are filled by CASClient::retrievePT()
1644  phpCAS::trace('PT was not retrieved correctly');
1645  } else {
1646  phpCAS::trace('opening IMAP URL `'.$url.'\'...');
1647  $stream = @imap_open($url,$this->getUser(),$pt,$flags);
1648  if ( !$stream ) {
1649  phpCAS::trace('could not open URL');
1650  $err_code = PHPCAS_SERVICE_NOT_AVAILABLE;
1651  // give an error message
1652  $err_msg = sprintf($this->getString(CAS_STR_SERVICE_UNAVAILABLE),
1653  $service_url,
1654  var_export(imap_errors(),TRUE));
1655  $pt = FALSE;
1656  $stream = FALSE;
1657  } else {
1658  phpCAS::trace('ok');
1659  }
1660  }
1661 
1662  phpCAS::traceEnd($stream);
1663  return $stream;
1664  }
$url
$url
Definition: shib_logout.php:72
phpCAS\traceBegin
traceBegin()
This method is used to indicate the start of the execution of a function in debug mode...
Definition: CAS.php:577
CASClient\retrievePT
retrievePT($target_service, &$err_code, &$err_msg)
This method is used to retrieve PT&#39;s from the CAS server thanks to a PGT.
Definition: client.php:2053
phpCAS\trace
trace($str)
This method is used to log something in debug mode.
Definition: CAS.php:569

◆ serviceMail() [2/2]

CASClient::serviceMail (   $url,
  $service,
  $flags,
$err_code,
$err_msg,
$pt 
)

This method is used to access an IMAP/POP3/NNTP service.

Parameters
$urla string giving the URL of the service, including the mailing box for IMAP URLs, as accepted by imap_open().
$servicea string giving for CAS retrieve Proxy ticket
$flagsoptions given to imap_open().
$err_codean error code Possible values are PHPCAS_SERVICE_OK (on success), PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE, PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE, PHPCAS_SERVICE_PT_FAILURE, PHPCAS_SERVICE_NOT AVAILABLE.
$err_msgan error message on failure
$ptthe Proxy Ticket (PT) retrieved from the CAS server to access the URL on success, FALSE on error).
Returns
an IMAP stream on success, FALSE otherwise (in this later case, $err_code gives the reason why it failed and $err_msg contains an error message).

Definition at line 2381 of file client.php.

2382  {
2383  phpCAS::traceBegin();
2384  // at first retrieve a PT
2385  $pt = $this->retrievePT($service,$err_code,$output);
2386 
2387  $stream = FALSE;
2388 
2389  // test if PT was retrieved correctly
2390  if ( !$pt ) {
2391  // note: $err_code and $err_msg are filled by CASClient::retrievePT()
2392  phpCAS::trace('PT was not retrieved correctly');
2393  } else {
2394  phpCAS::trace('opening IMAP URL `'.$url.'\'...');
2395  $stream = @imap_open($url,$this->getUser(),$pt,$flags);
2396  if ( !$stream ) {
2397  phpCAS::trace('could not open URL');
2398  $err_code = PHPCAS_SERVICE_NOT_AVAILABLE;
2399  // give an error message
2400  $err_msg = sprintf($this->getString(CAS_STR_SERVICE_UNAVAILABLE),
2401  $service_url,
2402  var_export(imap_errors(),TRUE));
2403  $pt = FALSE;
2404  $stream = FALSE;
2405  } else {
2406  phpCAS::trace('ok');
2407  }
2408  }
2409 
2410  phpCAS::traceEnd($stream);
2411  return $stream;
2412  }
$url
$url
Definition: shib_logout.php:72
phpCAS\traceBegin
traceBegin()
This method is used to indicate the start of the execution of a function in debug mode...
Definition: CAS.php:577
CASClient\retrievePT
retrievePT($target_service, &$err_code, &$err_msg)
This method is used to retrieve PT&#39;s from the CAS server thanks to a PGT.
Definition: client.php:2053
phpCAS\trace
trace($str)
This method is used to log something in debug mode.
Definition: CAS.php:569

◆ serviceWeb()

CASClient::serviceWeb (   $url,
$err_code,
$output 
)

This method is used to access an HTTP[S] service.

Parameters
$urlthe service to access.
$err_codean error code Possible values are PHPCAS_SERVICE_OK (on success), PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE, PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE, PHPCAS_SERVICE_PT_FAILURE, PHPCAS_SERVICE_NOT AVAILABLE.
$outputthe output of the service (also used to give an error message on failure).
Returns
TRUE on success, FALSE otherwise (in this later case, $err_code gives the reason why it failed and $output contains an error message).

Definition at line 2298 of file client.php.

References $_SESSION, $res, $url, CAS_STR_SERVICE_UNAVAILABLE, CASClient\getString(), CASClient\readURL(), CASClient\retrievePT(), phpCAS\trace(), and phpCAS\traceBegin().

2299  {
2300  phpCAS::traceBegin();
2301  $cookies = array();
2302  // at first retrieve a PT
2303  $pt = $this->retrievePT($url,$err_code,$output);
2304 
2305  $res = TRUE;
2306 
2307  // test if PT was retrieved correctly
2308  if ( !$pt ) {
2309  // note: $err_code and $err_msg are filled by CASClient::retrievePT()
2310  phpCAS::trace('PT was not retrieved correctly');
2311  $res = FALSE;
2312  } else {
2313  // add cookies if necessary
2314  if ( isset($_SESSION['phpCAS']['services'][$url]['cookies']) &&
2315  is_array($_SESSION['phpCAS']['services'][$url]['cookies']) ) {
2316  foreach ( $_SESSION['phpCAS']['services'][$url]['cookies'] as $name => $val ) {
2317  $cookies[] = $name.'='.$val;
2318  }
2319  }
2320 
2321  // build the URL including the PT
2322  if ( strstr($url,'?') === FALSE ) {
2323  $service_url = $url.'?ticket='.$pt;
2324  } else {
2325  $service_url = $url.'&ticket='.$pt;
2326  }
2327 
2328  phpCAS::trace('reading URL`'.$service_url.'\'');
2329  if ( !$this->readURL($service_url,$cookies,$headers,$output,$err_msg) ) {
2330  phpCAS::trace('could not read URL`'.$service_url.'\'');
2331  $err_code = PHPCAS_SERVICE_NOT_AVAILABLE;
2332  // give an error message
2333  $output = sprintf($this->getString(CAS_STR_SERVICE_UNAVAILABLE),
2334  $service_url,
2335  $err_msg);
2336  $res = FALSE;
2337  } else {
2338  // URL has been fetched, extract the cookies
2339  phpCAS::trace('URL`'.$service_url.'\' has been read, storing cookies:');
2340  foreach ( $headers as $header ) {
2341  // test if the header is a cookie
2342  if ( preg_match('/^Set-Cookie:/',$header) ) {
2343  // the header is a cookie, remove the beginning
2344  $header_val = preg_replace('/^Set-Cookie: */','',$header);
2345  // extract interesting information
2346  $name_val = strtok($header_val,'; ');
2347  // extract the name and the value of the cookie
2348  $cookie_name = strtok($name_val,'=');
2349  $cookie_val = strtok('=');
2350  // store the cookie
2351  $_SESSION['phpCAS']['services'][$url]['cookies'][$cookie_name] = $cookie_val;
2352  phpCAS::trace($cookie_name.' -> '.$cookie_val);
2353  }
2354  }
2355  }
2356  }
2357 
2358  phpCAS::traceEnd($res);
2359  return $res;
2360  }
$_SESSION
$_SESSION["AccountId"]
Definition: cfg.phpunit.template.php:10
phpCAS
The phpCAS class is a simple container for the phpCAS library.
Definition: CAS.php:341
$url
$url
Definition: shib_logout.php:72
CASClient\getString
getString($str)
This method returns a string depending on the language.
Definition: client.php:221
phpCAS\traceBegin
traceBegin()
This method is used to indicate the start of the execution of a function in debug mode...
Definition: CAS.php:577
CASClient\retrievePT
retrievePT($target_service, &$err_code, &$err_msg)
This method is used to retrieve PT&#39;s from the CAS server thanks to a PGT.
Definition: client.php:2053
CASClient\readURL
readURL($url, $cookies, &$headers, &$body, &$err_msg)
This method is used to acces a remote URL.
Definition: client.php:2163
phpCAS\trace
trace($str)
This method is used to log something in debug mode.
Definition: CAS.php:569
CAS_STR_SERVICE_UNAVAILABLE
const CAS_STR_SERVICE_UNAVAILABLE
Definition: languages.php:21
+ Here is the call graph for this function:

◆ setErrorMessage()

PGTStorage::setErrorMessage (   $error_message)
protected

This method sets en error message, which can be read later by PGTStorage::getErrorMessage().

Parameters
$error_messagean error message
Deprecated:
not used.

Definition at line 121 of file pgt-main.php.

122  {
123  $this->_error_message = $error_message;
124  }

◆ setPGTStorageDB()

CASClient::setPGTStorageDB (   $user,
  $password,
  $database_type,
  $hostname,
  $port,
  $database,
  $table 
)

This method is used to tell phpCAS to store the response of the CAS server to PGT requests into a database.

Note
The connection to the database is done only when needed. As a consequence, bad parameters are detected only when initializing PGT storage.
Parameters
$userthe user to access the data with
$passwordthe user's password
$database_typethe type of the database hosting the data
$hostnamethe server hosting the database
$portthe port the server is listening on
$databasethe name of the database
$tablethe name of the table storing the data

Definition at line 1971 of file client.php.

References phpCAS\error().

1978  {
1979  // check that the storage has not already been set
1980  if ( is_object($this->_pgt_storage) ) {
1981  phpCAS::error('PGT storage already defined');
1982  }
1983 
1984  // warn the user that he should use file storage...
1985  trigger_error('PGT storage into database is an experimental feature, use at your own risk',E_USER_WARNING);
1986 
1987  // create the storage object
1988  $this->_pgt_storage = new PGTStorageDB($this,$user,$password,$database_type,$hostname,$port,$database,$table);
1989  }
PGTStorageDB
The PGTStorageDB class is a class for PGT database storage.
Definition: pgt-db.php:46
phpCAS\error
error($msg)
This method is used by interface methods to print an error and where the function was originally call...
Definition: CAS.php:544
+ Here is the call graph for this function:

◆ setPGTStorageFile()

CASClient::setPGTStorageFile (   $format = '',
  $path = '' 
)

This method is used to tell phpCAS to store the response of the CAS server to PGT requests onto the filesystem.

Parameters
$formatthe format used to store the PGT's (`plain' and `xml' allowed)
$paththe path where the PGT's should be stored

Definition at line 1942 of file client.php.

References $path, and phpCAS\error().

Referenced by CASClient\initPGTStorage().

1944  {
1945  // check that the storage has not already been set
1946  if ( is_object($this->_pgt_storage) ) {
1947  phpCAS::error('PGT storage already defined');
1948  }
1949 
1950  // create the storage object
1951  $this->_pgt_storage = new PGTStorageFile($this,$format,$path);
1952  }
PGTStorageFile
The PGTStorageFile class is a class for PGT file storage.
Definition: pgt-file.php:45
phpCAS\error
error($msg)
This method is used by interface methods to print an error and where the function was originally call...
Definition: CAS.php:544
$path
$path
Definition: index.php:22
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ storePGT()

CASClient::storePGT (   $pgt,
  $pgt_iou 
)
private

This method stores a PGT.

Halts on error.

Parameters
$pgtthe PGT to store
$pgt_iouits corresponding Iou

Definition at line 1908 of file client.php.

References CASClient\initPGTStorage().

1909  {
1910  // ensure that storage is initialized
1911  $this->initPGTStorage();
1912  // writes the PGT
1913  $this->_pgt_storage->write($pgt,$pgt_iou);
1914  }
CASClient\initPGTStorage
initPGTStorage()
This method is used to initialize the storage of PGT&#39;s.
Definition: client.php:1889
+ Here is the call graph for this function:

◆ validatePGT()

CASClient::validatePGT ( $validate_url,
  $text_response,
  $tree_response 
)
private

This method is used to validate a PGT; halt on failure.

Parameters
$validate_urlthe URL of the request to the CAS server.
$text_responsethe response of the CAS server, as is (XML text); result of CASClient::validateST() or CASClient::validatePT().
$tree_responsethe response of the CAS server, as a DOM XML tree; result of CASClient::validateST() or CASClient::validatePT().
Returns
bool TRUE when successfull, halt otherwise by calling CASClient::authError().

Definition at line 2007 of file client.php.

References CASClient\authError(), CASClient\loadPGT(), phpCAS\log(), CASClient\setPGT(), and phpCAS\trace().

Referenced by CASClient\isAuthenticated().

2008  {
2009  // here cannot use phpCAS::traceBegin(); alongside domxml-php4-to-php5.php
2010  phpCAS::log('start validatePGT()');
2011  if ( sizeof($arr = $tree_response->get_elements_by_tagname("proxyGrantingTicket")) == 0) {
2012  phpCAS::trace('<proxyGrantingTicket> not found');
2013  // authentication succeded, but no PGT Iou was transmitted
2014  $this->authError('Ticket validated but no PGT Iou transmitted',
2015  $validate_url,
2016  FALSE/*$no_response*/,
2017  FALSE/*$bad_response*/,
2018  $text_response);
2019  } else {
2020  // PGT Iou transmitted, extract it
2021  $pgt_iou = trim($arr[0]->get_content());
2022  $pgt = $this->loadPGT($pgt_iou);
2023  if ( $pgt == FALSE ) {
2024  phpCAS::trace('could not load PGT');
2025  $this->authError('PGT Iou was transmitted but PGT could not be retrieved',
2026  $validate_url,
2027  FALSE/*$no_response*/,
2028  FALSE/*$bad_response*/,
2029  $text_response);
2030  }
2031  $this->setPGT($pgt);
2032  }
2033  // here, cannot use phpCAS::traceEnd(TRUE); alongside domxml-php4-to-php5.php
2034  phpCAS::log('end validatePGT()');
2035  return TRUE;
2036  }
CASClient\setPGT
setPGT($pgt)
This method stores the Proxy Granting Ticket.
Definition: client.php:1717
CASClient\loadPGT
loadPGT($pgt_iou)
This method reads a PGT from its Iou and deletes the corresponding storage entry. ...
Definition: client.php:1925
CASClient\authError
authError($failure, $cas_url, $no_response, $bad_response='', $cas_response='', $err_code='', $err_msg='')
This method is used to print the HTML output when the user was not authenticated. ...
Definition: client.php:2722
phpCAS\trace
trace($str)
This method is used to log something in debug mode.
Definition: CAS.php:569
phpCAS\log
log($str)
Logs a string in debug mode.
Definition: CAS.php:523
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ write()

PGTStorage::write (   $pgt,
  $pgt_iou 
)
protected

This virtual method stores a PGT and its corresponding PGT Iuo.

Note
Should never be called.
Parameters
$pgtthe PGT
$pgt_iouthe PGT iou

Definition at line 188 of file pgt-main.php.

References phpCAS\error().

189  {
190  phpCAS::error(__CLASS__.'::'.__FUNCTION__.'() should never be called');
191  }
phpCAS\error
error($msg)
This method is used by interface methods to print an error and where the function was originally call...
Definition: CAS.php:544
+ Here is the call graph for this function:

Variable Documentation

◆ $_curl_headers

CASClient::$_curl_headers = array()

This method is the callback used by readURL method to request HTTP headers.

Definition at line 2276 of file client.php.

Referenced by CASClient\readURL().

◆ $_error_message

PGTStorage::$_error_message
private

string used to store an error message.

Written by PGTStorage::setErrorMessage(), read by PGTStorage::getErrorMessage().

Deprecated:
not used.

Written by PGTStorage::setErrorMessage(), read by PGTStorage::getErrorMessage().

Deprecated:
not used.

Definition at line 110 of file pgt-main.php.

Referenced by PGTStorage\getErrorMessage(), and PGTStorage\getStorageInfo().

◆ $_initialized

PGTStorage::$_initialized
private

a boolean telling if the storage has already been initialized.

Written by PGTStorage::init(), read by PGTStorage::isInitialized().

Definition at line 151 of file pgt-main.php.

Referenced by PGTStorage\getErrorMessage(), and PGTStorage\isInitialized().

◆ $_pgt_storage

CASClient::$_pgt_storage
private

an instance of a class inheriting of PGTStorage, used to deal with PGT storage.

Created by CASClient::setPGTStorageFile() or CASClient::setPGTStorageDB(), used by CASClient::setPGTStorageFile(), CASClient::setPGTStorageDB() and CASClient::initPGTStorage().

Definition at line 1881 of file client.php.

Referenced by CASClient\callback().