ILIAS  release_5-1 Revision 5.0.0-5477-g43f3e3fab5f
+ Collaboration diagram for PGT storage:

Modules

 PGT storage in a database
 
 PGT storage on the filesystem
 

Data Structures

class  PGTStorage
 The PGTStorage class is a generic class for PGT storage. More...
 

Functions

 CASClient::initPGTStorage ()
 This method is used to initialize the storage of PGT's. More...
 
 CASClient::storePGT ($pgt, $pgt_iou)
 This method stores a PGT. More...
 
 CASClient::loadPGT ($pgt_iou)
 This method reads a PGT from its Iou and deletes the corresponding storage entry. More...
 
 CASClient::setPGTStorageFile ($format='', $path='')
 This method is used to tell phpCAS to store the response of the CAS server to PGT requests onto the filesystem. More...
 
 CASClient::setPGTStorageDB ($user, $password, $database_type, $hostname, $port, $database, $table)
 This method is used to tell phpCAS to store the response of the CAS server to PGT requests into a database. More...
 
 CASClient::validatePGT (&$validate_url, $text_response, $tree_response)
 This method is used to validate a PGT; halt on failure. More...
 
 CASClient::retrievePT ($target_service, &$err_code, &$err_msg)
 This method is used to retrieve PT's from the CAS server thanks to a PGT. More...
 
 CASClient::readURL ($url, $cookies, &$headers, &$body, &$err_msg)
 This method is used to acces a remote URL. More...
 
 CASClient::buildSAMLPayload ()
 This method is used to build the SAML POST body sent to /samlValidate URL. More...
 
 CASClient::_curl_read_headers ($ch, $header)
 
 CASClient::serviceWeb ($url, &$err_code, &$output)
 This method is used to access an HTTP[S] service. More...
 
 CASClient::serviceMail ($url, $service, $flags, &$err_code, &$err_msg, &$pt)
 This method is used to access an IMAP/POP3/NNTP service. More...
 
 PGTStorage::PGTStorage ($cas_parent)
 The constructor of the class, should be called only by inherited classes. More...
 
 PGTStorage::getStorageType ()
 This virtual method returns an informational string giving the type of storage used by the object (used for debugging purposes). More...
 
 PGTStorage::getStorageInfo ()
 This virtual method returns an informational string giving informations on the parameters of the storage. More...
 
 PGTStorage::setErrorMessage ($error_message)
 This method sets en error message, which can be read later by PGTStorage::getErrorMessage(). More...
 
 PGTStorage::getErrorMessage ()
 This method returns an error message set by PGTStorage::setErrorMessage(). More...
 
 PGTStorage::isInitialized ()
 This method tells if the storage has already been intialized. More...
 
 PGTStorage::init ()
 This virtual method initializes the object. More...
 
 PGTStorage::write ($pgt, $pgt_iou)
 This virtual method stores a PGT and its corresponding PGT Iuo. More...
 
 PGTStorage::read ($pgt_iou)
 This virtual method reads a PGT corresponding to a PGT Iou and deletes the corresponding storage entry. More...
 
 CASClient::serviceMail ($url, $flags, &$err_code, &$err_msg, &$pt)
 This method is used to access an IMAP/POP3/NNTP service. More...
 

Variables

 CASClient::$_pgt_storage
 an instance of a class inheriting of PGTStorage, used to deal with PGT storage. More...
 
 CASClient::$_curl_headers = array()
 This method is the callback used by readURL method to request HTTP headers. More...
 
 PGTStorage::$_error_message
 string used to store an error message. More...
 
 PGTStorage::$_initialized
 a boolean telling if the storage has already been initialized. More...
 

Detailed Description

Function Documentation

◆ _curl_read_headers()

CASClient::_curl_read_headers (   $ch,
  $header 
)

Definition at line 2277 of file client.php.

2278 {
2279 $this->_curl_headers[] = $header;
2280 return strlen($header);
2281 }
$header

References $header.

◆ buildSAMLPayload()

CASClient::buildSAMLPayload ( )
private

This method is used to build the SAML POST body sent to /samlValidate URL.

Returns
the SOAP-encased SAMLP artifact (the ticket).

Definition at line 2259 of file client.php.

2260 {
2262
2263 //get the ticket
2264 $sa = $this->getSA();
2265 //phpCAS::trace("SA: ".$sa);
2266
2267 $body=SAML_SOAP_ENV.SAML_SOAP_BODY.SAMLP_REQUEST.SAML_ASSERTION_ARTIFACT.$sa.SAML_ASSERTION_ARTIFACT_CLOSE.SAMLP_REQUEST_CLOSE.SAML_SOAP_BODY_CLOSE.SAML_SOAP_ENV_CLOSE;
2268
2269 phpCAS::traceEnd($body);
2270 return ($body);
2271 }
traceBegin()
This method is used to indicate the start of the execution of a function in debug mode.
Definition: CAS.php:577
traceEnd($res='')
This method is used to indicate the end of the execution of a function in debug mode.
Definition: CAS.php:604
getSA()
This method returns the SAML Ticket provided in the URL of the request.
Definition: client.php:2471
const SAML_SOAP_ENV
SOAP envelope for SAML POST.
Definition: CAS.php:100

References SAML_SOAP_ENV, phpCAS\traceBegin(), and phpCAS\traceEnd().

+ Here is the call graph for this function:

◆ getErrorMessage()

PGTStorage::getErrorMessage ( )

This method returns an error message set by PGTStorage::setErrorMessage().

Returns
an error message when set by PGTStorage::setErrorMessage(), FALSE otherwise.
Deprecated:
not used.

Definition at line 135 of file pgt-main.php.

136 {
138 }
$_error_message
string used to store an error message.
Definition: pgt-main.php:110

References PGTStorage\$_error_message.

◆ getStorageInfo()

PGTStorage::getStorageInfo ( )

This virtual method returns an informational string giving informations on the parameters of the storage.

(used for debugging purposes).

Reimplemented in PGTStorageDB, PGTStorageFile, PGTStorageDB, and PGTStorageFile.

Definition at line 93 of file pgt-main.php.

94 {
95 phpCAS::error(__CLASS__.'::'.__FUNCTION__.'() should never be called');
96 }
error($msg)
This method is used by interface methods to print an error and where the function was originally call...
Definition: CAS.php:544

References phpCAS\error().

+ Here is the call graph for this function:

◆ getStorageType()

PGTStorage::getStorageType ( )

This virtual method returns an informational string giving the type of storage used by the object (used for debugging purposes).

Reimplemented in PGTStorageDB, PGTStorageFile, PGTStorageDB, and PGTStorageFile.

Definition at line 82 of file pgt-main.php.

83 {
84 phpCAS::error(__CLASS__.'::'.__FUNCTION__.'() should never be called');
85 }

References phpCAS\error().

+ Here is the call graph for this function:

◆ init()

PGTStorage::init ( )
protected

This virtual method initializes the object.

Reimplemented in PGTStorageDB, PGTStorageFile, PGTStorageDB, and PGTStorageFile.

Definition at line 170 of file pgt-main.php.

171 {
172 $this->_initialized = TRUE;
173 }

◆ initPGTStorage()

CASClient::initPGTStorage ( )
private

This method is used to initialize the storage of PGT's.

Halts on error.

Definition at line 1889 of file client.php.

1890 {
1891 // if no SetPGTStorageXxx() has been used, default to file
1892 if ( !is_object($this->_pgt_storage) ) {
1893 $this->setPGTStorageFile();
1894 }
1895
1896 // initializes the storage
1897 $this->_pgt_storage->init();
1898 }
setPGTStorageFile($format='', $path='')
This method is used to tell phpCAS to store the response of the CAS server to PGT requests onto the f...
Definition: client.php:1942

◆ isInitialized()

PGTStorage::isInitialized ( )
protected

This method tells if the storage has already been intialized.

Returns
a boolean

Definition at line 160 of file pgt-main.php.

161 {
162 return $this->_initialized;
163 }
$_initialized
a boolean telling if the storage has already been initialized.
Definition: pgt-main.php:151

References PGTStorage\$_initialized.

Referenced by PGTStorageDB\init(), and PGTStorageFile\init().

+ Here is the caller graph for this function:

◆ loadPGT()

CASClient::loadPGT (   $pgt_iou)
private

This method reads a PGT from its Iou and deletes the corresponding storage entry.

Parameters
$pgt_iouthe PGT Iou
Returns
The PGT corresponding to the Iou, FALSE when not found.

Definition at line 1925 of file client.php.

1926 {
1927 // ensure that storage is initialized
1928 $this->initPGTStorage();
1929 // read the PGT
1930 return $this->_pgt_storage->read($pgt_iou);
1931 }
initPGTStorage()
This method is used to initialize the storage of PGT's.
Definition: client.php:1889

◆ PGTStorage()

PGTStorage::PGTStorage (   $cas_parent)
protected

The constructor of the class, should be called only by inherited classes.

Parameters
$cas_parentthe CASclient instance that creates the current object.

Definition at line 63 of file pgt-main.php.

64 {
66 if ( !$cas_parent->isProxy() ) {
67 phpCAS::error('defining PGT storage makes no sense when not using a CAS proxy');
68 }
70 }

References phpCAS\error(), phpCAS\traceBegin(), and phpCAS\traceEnd().

Referenced by PGTStorageDB\PGTStorageDB(), and PGTStorageFile\PGTStorageFile().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ read()

PGTStorage::read (   $pgt_iou)
protected

This virtual method reads a PGT corresponding to a PGT Iou and deletes the corresponding storage entry.

Note
Should never be called.
Parameters
$pgt_iouthe PGT iou

Reimplemented in PGTStorageFile, and PGTStorageFile.

Definition at line 202 of file pgt-main.php.

203 {
204 phpCAS::error(__CLASS__.'::'.__FUNCTION__.'() should never be called');
205 }

References phpCAS\error().

+ Here is the call graph for this function:

◆ readURL()

CASClient::readURL (   $url,
  $cookies,
$headers,
$body,
$err_msg 
)
private

This method is used to acces a remote URL.

Parameters
$urlthe URL to access.
$cookiesan array containing cookies strings such as 'name=val'
$headersan array containing the HTTP header lines of the response (an empty array on failure).
$bodythe body of the response, as a string (empty on failure).
$err_msgan error message, filled on failure.
Returns
TRUE on success, FALSE otherwise (in this later case, $err_msg contains an error message).

Definition at line 2163 of file client.php.

2164 {
2166 $headers = '';
2167 $body = '';
2168 $err_msg = '';
2169
2170 $res = TRUE;
2171
2172 // initialize the CURL session
2173 $ch = curl_init($url);
2174
2175 if (version_compare(PHP_VERSION,'5.1.3','>=')) {
2176 //only avaible in php5
2177 curl_setopt_array($ch, $this->_curl_options);
2178 } else {
2179 foreach ($this->_curl_options as $key => $value) {
2180 curl_setopt($ch, $key, $value);
2181 }
2182 }
2183
2184 if ($this->_cas_server_cert == '' && $this->_cas_server_ca_cert == '' && !$this->_no_cas_server_validation) {
2185 phpCAS::error('one of the methods phpCAS::setCasServerCert(), phpCAS::setCasServerCACert() or phpCAS::setNoCasServerValidation() must be called.');
2186 }
2187 if ($this->_cas_server_cert != '' && $this->_cas_server_ca_cert != '') {
2188 // This branch added by IDMS. Seems phpCAS implementor got a bit confused about the curl options CURLOPT_SSLCERT and CURLOPT_CAINFO
2189 curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
2190 curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 1);
2191 curl_setopt($ch, CURLOPT_SSLCERT, $this->_cas_server_cert);
2192 curl_setopt($ch, CURLOPT_CAINFO, $this->_cas_server_ca_cert);
2193 curl_setopt($ch, CURLOPT_VERBOSE, '1');
2194 phpCAS::trace('CURL: Set all required opts for mutual authentication ------');
2195 } else if ($this->_cas_server_cert != '' ) {
2196 curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
2197 curl_setopt($ch, CURLOPT_SSLCERT, $this->_cas_server_cert);
2198 } else if ($this->_cas_server_ca_cert != '') {
2199 curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
2200 curl_setopt($ch, CURLOPT_CAINFO, $this->_cas_server_ca_cert);
2201 } else {
2202 curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 1);
2203 curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
2204 }
2205
2206 // return the CURL output into a variable
2207 curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
2208 // get the HTTP header with a callback
2209 $this->_curl_headers = array(); // empty the headers array
2210 curl_setopt($ch, CURLOPT_HEADERFUNCTION, array($this, '_curl_read_headers'));
2211 // add cookies headers
2212 if ( is_array($cookies) ) {
2213 curl_setopt($ch,CURLOPT_COOKIE,implode(';',$cookies));
2214 }
2215 // add extra stuff if SAML
2216 if ($this->hasSA()) {
2217 $more_headers = array ("soapaction: http://www.oasis-open.org/committees/security",
2218 "cache-control: no-cache",
2219 "pragma: no-cache",
2220 "accept: text/xml",
2221 "connection: keep-alive",
2222 "content-type: text/xml");
2223
2224 curl_setopt($ch, CURLOPT_HTTPHEADER, $more_headers);
2225 curl_setopt($ch, CURLOPT_POST, 1);
2226 $data = $this->buildSAMLPayload();
2227 //phpCAS::trace('SAML Payload: '.print_r($data, TRUE));
2228 curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
2229 }
2230 // perform the query
2231 $buf = curl_exec ($ch);
2232 //phpCAS::trace('CURL: Call completed. Response body is: \''.$buf.'\'');
2233 if ( $buf === FALSE ) {
2234 phpCAS::trace('curl_exec() failed');
2235 $err_msg = 'CURL error #'.curl_errno($ch).': '.curl_error($ch);
2236 //phpCAS::trace('curl error: '.$err_msg);
2237 // close the CURL session
2238 curl_close ($ch);
2239 $res = FALSE;
2240 } else {
2241 // close the CURL session
2242 curl_close ($ch);
2243
2244 $headers = $this->_curl_headers;
2245 $body = $buf;
2246 }
2247
2249 return $res;
2250 }
$data
trace($str)
This method is used to log something in debug mode.
Definition: CAS.php:569
buildSAMLPayload()
This method is used to build the SAML POST body sent to /samlValidate URL.
Definition: client.php:2259
$_curl_headers
This method is the callback used by readURL method to request HTTP headers.
Definition: client.php:2276
hasSA()
This method tells if a SAML Ticket was stored.
Definition: client.php:2487
$url
Definition: shib_logout.php:72

References $data, $res, $url, phpCAS\error(), phpCAS\trace(), phpCAS\traceBegin(), and phpCAS\traceEnd().

Referenced by CASClient\validateST().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ retrievePT()

CASClient::retrievePT (   $target_service,
$err_code,
$err_msg 
)
private

This method is used to retrieve PT's from the CAS server thanks to a PGT.

Parameters
$target_servicethe service to ask for with the PT.
$err_codean error code (PHPCAS_SERVICE_OK on success).
$err_msgan error message (empty on success).
Returns
a Proxy Ticket, or FALSE on error.

Definition at line 2053 of file client.php.

2054 {
2056
2057 // by default, $err_msg is set empty and $pt to TRUE. On error, $pt is
2058 // set to false and $err_msg to an error message. At the end, if $pt is FALSE
2059 // and $error_msg is still empty, it is set to 'invalid response' (the most
2060 // commonly encountered error).
2061 $err_msg = '';
2062
2063 // build the URL to retrieve the PT
2064 // $cas_url = $this->getServerProxyURL().'?targetService='.preg_replace('/&/','%26',$target_service).'&pgt='.$this->getPGT();
2065 $cas_url = $this->getServerProxyURL().'?targetService='.urlencode($target_service).'&pgt='.$this->getPGT();
2066
2067 // open and read the URL
2068 if ( !$this->readURL($cas_url,''/*cookies*/,$headers,$cas_response,$err_msg) ) {
2069 phpCAS::trace('could not open URL \''.$cas_url.'\' to validate ('.$err_msg.')');
2070 $err_code = PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE;
2071 $err_msg = 'could not retrieve PT (no response from the CAS server)';
2072 phpCAS::traceEnd(FALSE);
2073 return FALSE;
2074 }
2075
2076 $bad_response = FALSE;
2077
2078 if ( !$bad_response ) {
2079 // read the response of the CAS server into a DOM object
2080 if ( !($dom = @domxml_open_mem($cas_response))) {
2081 phpCAS::trace('domxml_open_mem() failed');
2082 // read failed
2083 $bad_response = TRUE;
2084 }
2085 }
2086
2087 if ( !$bad_response ) {
2088 // read the root node of the XML tree
2089 if ( !($root = $dom->document_element()) ) {
2090 phpCAS::trace('document_element() failed');
2091 // read failed
2092 $bad_response = TRUE;
2093 }
2094 }
2095
2096 if ( !$bad_response ) {
2097 // insure that tag name is 'serviceResponse'
2098 if ( $root->node_name() != 'serviceResponse' ) {
2099 phpCAS::trace('node_name() failed');
2100 // bad root node
2101 $bad_response = TRUE;
2102 }
2103 }
2104
2105 if ( !$bad_response ) {
2106 // look for a proxySuccess tag
2107 if ( sizeof($arr = $root->get_elements_by_tagname("proxySuccess")) != 0) {
2108 // authentication succeded, look for a proxyTicket tag
2109 if ( sizeof($arr = $root->get_elements_by_tagname("proxyTicket")) != 0) {
2110 $err_code = PHPCAS_SERVICE_OK;
2111 $err_msg = '';
2112 phpCAS::trace('original PT: '.trim($arr[0]->get_content()));
2113 $pt = trim($arr[0]->get_content());
2114 phpCAS::traceEnd($pt);
2115 return $pt;
2116 } else {
2117 phpCAS::trace('<proxySuccess> was found, but not <proxyTicket>');
2118 }
2119 }
2120 // look for a proxyFailure tag
2121 else if ( sizeof($arr = $root->get_elements_by_tagname("proxyFailure")) != 0) {
2122 // authentication failed, extract the error
2123 $err_code = PHPCAS_SERVICE_PT_FAILURE;
2124 $err_msg = 'PT retrieving failed (code=`'
2125 .$arr[0]->get_attribute('code')
2126 .'\', message=`'
2127 .trim($arr[0]->get_content())
2128 .'\')';
2129 phpCAS::traceEnd(FALSE);
2130 return FALSE;
2131 } else {
2132 phpCAS::trace('neither <proxySuccess> nor <proxyFailure> found');
2133 }
2134 }
2135
2136 // at this step, we are sure that the response of the CAS server was ill-formed
2137 $err_code = PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE;
2138 $err_msg = 'Invalid response from the CAS server (response=`'.$cas_response.'\')';
2139
2140 phpCAS::traceEnd(FALSE);
2141 return FALSE;
2142 }
getServerProxyURL()
This method is used to retrieve the proxy URL of the CAS server.
Definition: client.php:488
readURL($url, $cookies, &$headers, &$body, &$err_msg)
This method is used to acces a remote URL.
Definition: client.php:2163
getPGT()
This method returns the Proxy Granting Ticket given by the CAS server.
Definition: client.php:1709
domxml_open_mem($str, $mode=DOMXML_LOAD_PARSING, &$error=NULL)

References domxml_open_mem(), phpCAS\trace(), phpCAS\traceBegin(), and phpCAS\traceEnd().

+ Here is the call graph for this function:

◆ serviceMail() [1/2]

CASClient::serviceMail (   $url,
  $flags,
$err_code,
$err_msg,
$pt 
)

This method is used to access an IMAP/POP3/NNTP service.

Parameters
$urla string giving the URL of the service, including the mailing box for IMAP URLs, as accepted by imap_open().
$flagsoptions given to imap_open().
$err_codean error code Possible values are PHPCAS_SERVICE_OK (on success), PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE, PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE, PHPCAS_SERVICE_PT_FAILURE, PHPCAS_SERVICE_NOT AVAILABLE.
$err_msgan error message on failure
$ptthe Proxy Ticket (PT) retrieved from the CAS server to access the URL on success, FALSE on error).
Returns
an IMAP stream on success, FALSE otherwise (in this later case, $err_code gives the reason why it failed and $err_msg contains an error message).

Definition at line 1633 of file client.php.

1634 {
1636 // at first retrieve a PT
1637 $pt = $this->retrievePT($target_service,$err_code,$output);
1638
1639 $stream = FALSE;
1640
1641 // test if PT was retrieved correctly
1642 if ( !$pt ) {
1643 // note: $err_code and $err_msg are filled by CASClient::retrievePT()
1644 phpCAS::trace('PT was not retrieved correctly');
1645 } else {
1646 phpCAS::trace('opening IMAP URL `'.$url.'\'...');
1647 $stream = @imap_open($url,$this->getUser(),$pt,$flags);
1648 if ( !$stream ) {
1649 phpCAS::trace('could not open URL');
1650 $err_code = PHPCAS_SERVICE_NOT_AVAILABLE;
1651 // give an error message
1652 $err_msg = sprintf($this->getString(CAS_STR_SERVICE_UNAVAILABLE),
1653 $service_url,
1654 var_export(imap_errors(),TRUE));
1655 $pt = FALSE;
1656 $stream = FALSE;
1657 } else {
1658 phpCAS::trace('ok');
1659 }
1660 }
1661
1662 phpCAS::traceEnd($stream);
1663 return $stream;
1664 }
retrievePT($target_service, &$err_code, &$err_msg)
This method is used to retrieve PT's from the CAS server thanks to a PGT.
Definition: client.php:2053

◆ serviceMail() [2/2]

CASClient::serviceMail (   $url,
  $service,
  $flags,
$err_code,
$err_msg,
$pt 
)

This method is used to access an IMAP/POP3/NNTP service.

Parameters
$urla string giving the URL of the service, including the mailing box for IMAP URLs, as accepted by imap_open().
$servicea string giving for CAS retrieve Proxy ticket
$flagsoptions given to imap_open().
$err_codean error code Possible values are PHPCAS_SERVICE_OK (on success), PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE, PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE, PHPCAS_SERVICE_PT_FAILURE, PHPCAS_SERVICE_NOT AVAILABLE.
$err_msgan error message on failure
$ptthe Proxy Ticket (PT) retrieved from the CAS server to access the URL on success, FALSE on error).
Returns
an IMAP stream on success, FALSE otherwise (in this later case, $err_code gives the reason why it failed and $err_msg contains an error message).

Definition at line 2381 of file client.php.

2382 {
2384 // at first retrieve a PT
2385 $pt = $this->retrievePT($service,$err_code,$output);
2386
2387 $stream = FALSE;
2388
2389 // test if PT was retrieved correctly
2390 if ( !$pt ) {
2391 // note: $err_code and $err_msg are filled by CASClient::retrievePT()
2392 phpCAS::trace('PT was not retrieved correctly');
2393 } else {
2394 phpCAS::trace('opening IMAP URL `'.$url.'\'...');
2395 $stream = @imap_open($url,$this->getUser(),$pt,$flags);
2396 if ( !$stream ) {
2397 phpCAS::trace('could not open URL');
2398 $err_code = PHPCAS_SERVICE_NOT_AVAILABLE;
2399 // give an error message
2400 $err_msg = sprintf($this->getString(CAS_STR_SERVICE_UNAVAILABLE),
2401 $service_url,
2402 var_export(imap_errors(),TRUE));
2403 $pt = FALSE;
2404 $stream = FALSE;
2405 } else {
2406 phpCAS::trace('ok');
2407 }
2408 }
2409
2410 phpCAS::traceEnd($stream);
2411 return $stream;
2412 }

◆ serviceWeb()

CASClient::serviceWeb (   $url,
$err_code,
$output 
)

This method is used to access an HTTP[S] service.

Parameters
$urlthe service to access.
$err_codean error code Possible values are PHPCAS_SERVICE_OK (on success), PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE, PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE, PHPCAS_SERVICE_PT_FAILURE, PHPCAS_SERVICE_NOT AVAILABLE.
$outputthe output of the service (also used to give an error message on failure).
Returns
TRUE on success, FALSE otherwise (in this later case, $err_code gives the reason why it failed and $output contains an error message).

Definition at line 2298 of file client.php.

2299 {
2301 $cookies = array();
2302 // at first retrieve a PT
2303 $pt = $this->retrievePT($url,$err_code,$output);
2304
2305 $res = TRUE;
2306
2307 // test if PT was retrieved correctly
2308 if ( !$pt ) {
2309 // note: $err_code and $err_msg are filled by CASClient::retrievePT()
2310 phpCAS::trace('PT was not retrieved correctly');
2311 $res = FALSE;
2312 } else {
2313 // add cookies if necessary
2314 if ( isset($_SESSION['phpCAS']['services'][$url]['cookies']) &&
2315 is_array($_SESSION['phpCAS']['services'][$url]['cookies']) ) {
2316 foreach ( $_SESSION['phpCAS']['services'][$url]['cookies'] as $name => $val ) {
2317 $cookies[] = $name.'='.$val;
2318 }
2319 }
2320
2321 // build the URL including the PT
2322 if ( strstr($url,'?') === FALSE ) {
2323 $service_url = $url.'?ticket='.$pt;
2324 } else {
2325 $service_url = $url.'&ticket='.$pt;
2326 }
2327
2328 phpCAS::trace('reading URL`'.$service_url.'\'');
2329 if ( !$this->readURL($service_url,$cookies,$headers,$output,$err_msg) ) {
2330 phpCAS::trace('could not read URL`'.$service_url.'\'');
2331 $err_code = PHPCAS_SERVICE_NOT_AVAILABLE;
2332 // give an error message
2333 $output = sprintf($this->getString(CAS_STR_SERVICE_UNAVAILABLE),
2334 $service_url,
2335 $err_msg);
2336 $res = FALSE;
2337 } else {
2338 // URL has been fetched, extract the cookies
2339 phpCAS::trace('URL`'.$service_url.'\' has been read, storing cookies:');
2340 foreach ( $headers as $header ) {
2341 // test if the header is a cookie
2342 if ( preg_match('/^Set-Cookie:/',$header) ) {
2343 // the header is a cookie, remove the beginning
2344 $header_val = preg_replace('/^Set-Cookie: */','',$header);
2345 // extract interesting information
2346 $name_val = strtok($header_val,'; ');
2347 // extract the name and the value of the cookie
2348 $cookie_name = strtok($name_val,'=');
2349 $cookie_val = strtok('=');
2350 // store the cookie
2351 $_SESSION['phpCAS']['services'][$url]['cookies'][$cookie_name] = $cookie_val;
2352 phpCAS::trace($cookie_name.' -> '.$cookie_val);
2353 }
2354 }
2355 }
2356 }
2357
2358 phpCAS::traceEnd($res);
2359 return $res;
2360 }
$_SESSION["AccountId"]
The phpCAS class is a simple container for the phpCAS library.
Definition: CAS.php:341
getString($str)
This method returns a string depending on the language.
Definition: client.php:221
const CAS_STR_SERVICE_UNAVAILABLE
Definition: languages.php:21

References $_SESSION, $res, $url, CAS_STR_SERVICE_UNAVAILABLE, phpCAS\trace(), and phpCAS\traceBegin().

+ Here is the call graph for this function:

◆ setErrorMessage()

PGTStorage::setErrorMessage (   $error_message)
protected

This method sets en error message, which can be read later by PGTStorage::getErrorMessage().

Parameters
$error_messagean error message
Deprecated:
not used.

Definition at line 121 of file pgt-main.php.

122 {
123 $this->_error_message = $error_message;
124 }

◆ setPGTStorageDB()

CASClient::setPGTStorageDB (   $user,
  $password,
  $database_type,
  $hostname,
  $port,
  $database,
  $table 
)

This method is used to tell phpCAS to store the response of the CAS server to PGT requests into a database.

Note
The connection to the database is done only when needed. As a consequence, bad parameters are detected only when initializing PGT storage.
Parameters
$userthe user to access the data with
$passwordthe user's password
$database_typethe type of the database hosting the data
$hostnamethe server hosting the database
$portthe port the server is listening on
$databasethe name of the database
$tablethe name of the table storing the data

Definition at line 1971 of file client.php.

1978 {
1979 // check that the storage has not already been set
1980 if ( is_object($this->_pgt_storage) ) {
1981 phpCAS::error('PGT storage already defined');
1982 }
1983
1984 // warn the user that he should use file storage...
1985 trigger_error('PGT storage into database is an experimental feature, use at your own risk',E_USER_WARNING);
1986
1987 // create the storage object
1988 $this->_pgt_storage = new PGTStorageDB($this,$user,$password,$database_type,$hostname,$port,$database,$table);
1989 }
The PGTStorageDB class is a class for PGT database storage.
Definition: pgt-db.php:47

References phpCAS\error().

+ Here is the call graph for this function:

◆ setPGTStorageFile()

CASClient::setPGTStorageFile (   $format = '',
  $path = '' 
)

This method is used to tell phpCAS to store the response of the CAS server to PGT requests onto the filesystem.

Parameters
$formatthe format used to store the PGT's (‘plain’ and ‘xml’ allowed)
$paththe path where the PGT's should be stored

Definition at line 1942 of file client.php.

1944 {
1945 // check that the storage has not already been set
1946 if ( is_object($this->_pgt_storage) ) {
1947 phpCAS::error('PGT storage already defined');
1948 }
1949
1950 // create the storage object
1951 $this->_pgt_storage = new PGTStorageFile($this,$format,$path);
1952 }
The PGTStorageFile class is a class for PGT file storage.
Definition: pgt-file.php:46
$path
Definition: index.php:22

References $path, and phpCAS\error().

+ Here is the call graph for this function:

◆ storePGT()

CASClient::storePGT (   $pgt,
  $pgt_iou 
)
private

This method stores a PGT.

Halts on error.

Parameters
$pgtthe PGT to store
$pgt_iouits corresponding Iou

Definition at line 1908 of file client.php.

1909 {
1910 // ensure that storage is initialized
1911 $this->initPGTStorage();
1912 // writes the PGT
1913 $this->_pgt_storage->write($pgt,$pgt_iou);
1914 }

◆ validatePGT()

CASClient::validatePGT ( $validate_url,
  $text_response,
  $tree_response 
)
private

This method is used to validate a PGT; halt on failure.

Parameters
$validate_urlthe URL of the request to the CAS server.
$text_responsethe response of the CAS server, as is (XML text); result of CASClient::validateST() or CASClient::validatePT().
$tree_responsethe response of the CAS server, as a DOM XML tree; result of CASClient::validateST() or CASClient::validatePT().
Returns
bool TRUE when successfull, halt otherwise by calling CASClient::authError().

Definition at line 2007 of file client.php.

2008 {
2009 // here cannot use phpCAS::traceBegin(); alongside domxml-php4-to-php5.php
2010 phpCAS::log('start validatePGT()');
2011 if ( sizeof($arr = $tree_response->get_elements_by_tagname("proxyGrantingTicket")) == 0) {
2012 phpCAS::trace('<proxyGrantingTicket> not found');
2013 // authentication succeded, but no PGT Iou was transmitted
2014 $this->authError('Ticket validated but no PGT Iou transmitted',
2015 $validate_url,
2016 FALSE/*$no_response*/,
2017 FALSE/*$bad_response*/,
2018 $text_response);
2019 } else {
2020 // PGT Iou transmitted, extract it
2021 $pgt_iou = trim($arr[0]->get_content());
2022 $pgt = $this->loadPGT($pgt_iou);
2023 if ( $pgt == FALSE ) {
2024 phpCAS::trace('could not load PGT');
2025 $this->authError('PGT Iou was transmitted but PGT could not be retrieved',
2026 $validate_url,
2027 FALSE/*$no_response*/,
2028 FALSE/*$bad_response*/,
2029 $text_response);
2030 }
2031 $this->setPGT($pgt);
2032 }
2033 // here, cannot use phpCAS::traceEnd(TRUE); alongside domxml-php4-to-php5.php
2034 phpCAS::log('end validatePGT()');
2035 return TRUE;
2036 }
log($str)
Logs a string in debug mode.
Definition: CAS.php:523
authError($failure, $cas_url, $no_response, $bad_response='', $cas_response='', $err_code='', $err_msg='')
This method is used to print the HTML output when the user was not authenticated.
Definition: client.php:2722
loadPGT($pgt_iou)
This method reads a PGT from its Iou and deletes the corresponding storage entry.
Definition: client.php:1925
setPGT($pgt)
This method stores the Proxy Granting Ticket.
Definition: client.php:1717

References phpCAS\log(), and phpCAS\trace().

Referenced by CASClient\isAuthenticated().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ write()

PGTStorage::write (   $pgt,
  $pgt_iou 
)
protected

This virtual method stores a PGT and its corresponding PGT Iuo.

Note
Should never be called.
Parameters
$pgtthe PGT
$pgt_iouthe PGT iou

Reimplemented in PGTStorageFile, and PGTStorageFile.

Definition at line 188 of file pgt-main.php.

189 {
190 phpCAS::error(__CLASS__.'::'.__FUNCTION__.'() should never be called');
191 }

References phpCAS\error().

+ Here is the call graph for this function:

Variable Documentation

◆ $_curl_headers

CASClient::$_curl_headers = array()

This method is the callback used by readURL method to request HTTP headers.

Definition at line 2276 of file client.php.

◆ $_error_message

PGTStorage::$_error_message
private

string used to store an error message.

Written by PGTStorage::setErrorMessage(), read by PGTStorage::getErrorMessage().

Deprecated:
not used.

Written by PGTStorage::setErrorMessage(), read by PGTStorage::getErrorMessage().

Deprecated:
not used.

Definition at line 110 of file pgt-main.php.

Referenced by PGTStorage\getErrorMessage().

◆ $_initialized

PGTStorage::$_initialized
private

a boolean telling if the storage has already been initialized.

Written by PGTStorage::init(), read by PGTStorage::isInitialized().

Definition at line 151 of file pgt-main.php.

Referenced by PGTStorage\isInitialized().

◆ $_pgt_storage

CASClient::$_pgt_storage
private

an instance of a class inheriting of PGTStorage, used to deal with PGT storage.

Created by CASClient::setPGTStorageFile() or CASClient::setPGTStorageDB(), used by CASClient::setPGTStorageFile(), CASClient::setPGTStorageDB() and CASClient::initPGTStorage().

Definition at line 1881 of file client.php.