ILIAS  release_5-1 Revision 5.0.0-5477-g43f3e3fab5f
CASClient Class Reference

The CASClient class is a client interface that provides CAS authentication to PHP applications. More...

+ Collaboration diagram for CASClient:

Public Member Functions

 setHTMLHeader ($header)
 This method set the HTML header used for all outputs. More...
 
 setHTMLFooter ($footer)
 This method set the HTML footer used for all outputs. More...
 
 setLang ($lang)
 This method is used to set the language used by phpCAS. More...
 
 setExtraCurlOption ($key, $value)
 This method is used to set additional user curl options. More...
 
 CASClient ( $server_version, $proxy, $server_hostname, $server_port, $server_uri, $start_session=true)
 CASClient constructor. More...
 
 setStartSession ($session)
 
 getStartSession ($session)
 
 renameSession ($ticket)
 Renaming the session. More...
 
 getUser ()
 This method returns the CAS user's login name. More...
 
 setAttributes ($attributes)
 
 getAttributes ()
 
 hasAttributes ()
 
 hasAttribute ($key)
 
 getAttribute ($key)
 
 renewAuthentication ()
 This method is called to renew the authentication of the user If the user is authenticated, renew the connection If not, redirect to CAS. More...
 
 forceAuthentication ()
 This method is called to be sure that the user is authenticated. More...
 
 setCacheTimesForAuthRecheck ($n)
 Set the number of times authentication will be cached before rechecked. More...
 
 checkAuthentication ()
 This method is called to check whether the user is authenticated or not. More...
 
 isAuthenticated ()
 This method is called to check if the user is authenticated (previously or by tickets given in the URL). More...
 
 isSessionAuthenticated ()
 This method tells if the current session is authenticated. More...
 
 redirectToCas ($gateway=false, $renew=false)
 This method is used to redirect the client to the CAS server. More...
 
 logout ($params)
 This method is used to logout from CAS. More...
 
 handleLogoutRequests ($check_client=true, $allowed_clients=false)
 This method handles logout requests. More...
 
 setCasServerCert ($cert)
 Set the certificate of the CAS server. More...
 
 setCasServerCACert ($cert)
 Set the CA certificate of the CAS server. More...
 
 setNoCasServerValidation ()
 Set no SSL validation for the CAS server. More...
 
 setPGTStorageFile ($format='', $path='')
 This method is used to tell phpCAS to store the response of the CAS server to PGT requests onto the filesystem. More...
 
 setPGTStorageDB ($user, $password, $database_type, $hostname, $port, $database, $table)
 This method is used to tell phpCAS to store the response of the CAS server to PGT requests into a database. More...
 
 _curl_read_headers ($ch, $header)
 
 serviceWeb ($url, &$err_code, &$output)
 This method is used to access an HTTP[S] service. More...
 
 serviceMail ($url, $service, $flags, &$err_code, &$err_msg, &$pt)
 This method is used to access an IMAP/POP3/NNTP service. More...
 
 removeParameterFromQueryString ($parameterName, $queryString)
 Removes a parameter from a query string. More...
 
 setHTMLHeader ($header)
 This method set the HTML header used for all outputs. More...
 
 setHTMLFooter ($footer)
 This method set the HTML footer used for all outputs. More...
 
 setLang ($lang)
 This method is used to set the language used by phpCAS. More...
 
 CASClient ($server_version, $proxy, $server_hostname, $server_port, $server_uri, $start_session=true)
 CASClient constructor. More...
 
 getUser ()
 This method returns the CAS user's login name. More...
 
 forceAuthentication ()
 This method is called to be sure that the user is authenticated. More...
 
 checkAuthentication ()
 This method is called to check whether the ser is authenticated or not. More...
 
 isAuthenticated ()
 This method is called to check if the user is authenticated (previously or by tickets given in the URL. More...
 
 redirectToCas ($gateway)
 This method is used to redirect the client to the CAS server. More...
 
 logout ($url="")
 This method is used to logout from CAS. More...
 
 setPGTStorageFile ($format='', $path='')
 This method is used to tell phpCAS to store the response of the CAS server to PGT requests onto the filesystem. More...
 
 setPGTStorageDB ($user, $password, $database_type, $hostname, $port, $database, $table)
 This method is used to tell phpCAS to store the response of the CAS server to PGT requests into a database. More...
 
 serviceWeb ($url, &$err_code, &$output)
 This method is used to access an HTTP[S] service. More...
 
 serviceMail ($url, $flags, &$err_code, &$err_msg, &$pt)
 This method is used to access an IMAP/POP3/NNTP service. More...
 
 setHTMLHeader ($header)
 This method set the HTML header used for all outputs. More...
 
 setHTMLFooter ($footer)
 This method set the HTML footer used for all outputs. More...
 
 setLang ($lang)
 This method is used to set the language used by phpCAS. More...
 
 CASClient ($server_version, $proxy, $server_hostname, $server_port, $server_uri, $start_session=true)
 CASClient constructor. More...
 
 getUser ()
 This method returns the CAS user's login name. More...
 
 forceAuthentication ()
 This method is called to be sure that the user is authenticated. More...
 
 checkAuthentication ()
 This method is called to check whether the ser is authenticated or not. More...
 
 isAuthenticated ()
 This method is called to check if the user is authenticated (previously or by tickets given in the URL. More...
 
 redirectToCas ($gateway)
 This method is used to redirect the client to the CAS server. More...
 
 logout ($url="")
 This method is used to logout from CAS. More...
 
 setPGTStorageFile ($format='', $path='')
 This method is used to tell phpCAS to store the response of the CAS server to PGT requests onto the filesystem. More...
 
 setPGTStorageDB ($user, $password, $database_type, $hostname, $port, $database, $table)
 This method is used to tell phpCAS to store the response of the CAS server to PGT requests into a database. More...
 
 serviceWeb ($url, &$err_code, &$output)
 This method is used to access an HTTP[S] service. More...
 
 serviceMail ($url, $flags, &$err_code, &$err_msg, &$pt)
 This method is used to access an IMAP/POP3/NNTP service. More...
 

Data Fields

 $_curl_options = array()
 An array to store extra curl options. More...
 
 $_curl_headers = array()
 This method is the callback used by readURL method to request HTTP headers. More...
 

Private Member Functions

 HTMLFilterOutput ($str)
 This method filters a string by replacing special tokens by appropriate values and prints it. More...
 
 printHTMLHeader ($title)
 This method prints the header of the HTML output (after filtering). More...
 
 printHTMLFooter ()
 This method prints the footer of the HTML output (after filtering). More...
 
 getLang ()
 This method returns the language used by phpCAS. More...
 
 getString ($str)
 This method returns a string depending on the language. More...
 
 getServerVersion ()
 This method is used to retrieve the version of the CAS server. More...
 
 getServerHostname ()
 This method is used to retrieve the hostname of the CAS server. More...
 
 getServerPort ()
 This method is used to retrieve the port of the CAS server. More...
 
 getServerURI ()
 This method is used to retrieve the URI of the CAS server. More...
 
 getServerBaseURL ()
 This method is used to retrieve the base URL of the CAS server. More...
 
 getServerLoginURL ($gateway=false, $renew=false)
 This method is used to retrieve the login URL of the CAS server. More...
 
 setServerLoginURL ($url)
 This method sets the login URL of the CAS server. More...
 
 setServerServiceValidateURL ($url)
 This method sets the serviceValidate URL of the CAS server. More...
 
 setServerProxyValidateURL ($url)
 This method sets the proxyValidate URL of the CAS server. More...
 
 setServerSamlValidateURL ($url)
 This method sets the samlValidate URL of the CAS server. More...
 
 getServerServiceValidateURL ()
 This method is used to retrieve the service validating URL of the CAS server. More...
 
 getServerSamlValidateURL ()
 This method is used to retrieve the SAML validating URL of the CAS server. More...
 
 getServerProxyValidateURL ()
 This method is used to retrieve the proxy validating URL of the CAS server. More...
 
 getServerProxyURL ()
 This method is used to retrieve the proxy URL of the CAS server. More...
 
 getServerLogoutURL ()
 This method is used to retrieve the logout URL of the CAS server. More...
 
 setServerLogoutURL ($url)
 This method sets the logout URL of the CAS server. More...
 
 isHttps ()
 This method checks to see if the request is secured via HTTPS. More...
 
 setUser ($user)
 This method sets the CAS user's login name. More...
 
 wasPreviouslyAuthenticated ()
 This method tells if the user has already been (previously) authenticated by looking into the session variables. More...
 
 isLogoutRequest ()
 
 isLogoutRequestAllowed ()
 
 getST ()
 This method returns the Service Ticket provided in the URL of the request. More...
 
 setST ($st)
 This method stores the Service Ticket. More...
 
 hasST ()
 This method tells if a Service Ticket was stored. More...
 
 validateST ($validate_url, &$text_response, &$tree_response)
 This method is used to validate a ST; halt on failure, and sets $validate_url, $text_reponse and $tree_response on success. More...
 
 validateSA ($validate_url, &$text_response, &$tree_response)
 This method is used to validate a SAML TICKET; halt on failure, and sets $validate_url, $text_reponse and $tree_response on success. More...
 
 setSessionAttributes ($text_response)
 This method will parse the DOM and pull out the attributes from the SAML payload and put them into an array, then put the array into the session. More...
 
 isProxy ()
 Tells if a CAS client is a CAS proxy or not. More...
 
 getPGT ()
 This method returns the Proxy Granting Ticket given by the CAS server. More...
 
 setPGT ($pgt)
 This method stores the Proxy Granting Ticket. More...
 
 hasPGT ()
 This method tells if a Proxy Granting Ticket was stored. More...
 
 setCallbackMode ($callback_mode)
 This method sets/unsets callback mode. More...
 
 isCallbackMode ()
 This method returns TRUE when the CAs client is running i callback mode, FALSE otherwise. More...
 
 getCallbackURL ()
 This method returns the URL that should be used for the PGT callback (in fact the URL of the current request without any CGI parameter, except if phpCAS::setFixedCallbackURL() was used). More...
 
 setCallbackURL ($url)
 This method sets the callback url. More...
 
 callback ()
 This method is called by CASClient::CASClient() when running in callback mode. More...
 
 initPGTStorage ()
 This method is used to initialize the storage of PGT's. More...
 
 storePGT ($pgt, $pgt_iou)
 This method stores a PGT. More...
 
 loadPGT ($pgt_iou)
 This method reads a PGT from its Iou and deletes the corresponding storage entry. More...
 
 validatePGT (&$validate_url, $text_response, $tree_response)
 This method is used to validate a PGT; halt on failure. More...
 
 retrievePT ($target_service, &$err_code, &$err_msg)
 This method is used to retrieve PT's from the CAS server thanks to a PGT. More...
 
 readURL ($url, $cookies, &$headers, &$body, &$err_msg)
 This method is used to acces a remote URL. More...
 
 buildSAMLPayload ()
 This method is used to build the SAML POST body sent to /samlValidate URL. More...
 
 getPT ()
 This method returns the Proxy Ticket provided in the URL of the request. More...
 
 setPT ($pt)
 This method stores the Proxy Ticket. More...
 
 hasPT ()
 This method tells if a Proxy Ticket was stored. More...
 
 getSA ()
 This method returns the SAML Ticket provided in the URL of the request. More...
 
 setSA ($sa)
 This method stores the SAML Ticket. More...
 
 hasSA ()
 This method tells if a SAML Ticket was stored. More...
 
 validatePT (&$validate_url, &$text_response, &$tree_response)
 This method is used to validate a ST or PT; halt on failure Used for all CAS 2.0 validations. More...
 
 getURL ()
 This method returns the URL of the current request (without any ticket CGI parameter). More...
 
 setURL ($url)
 This method sets the URL of the current request. More...
 
 authError ($failure, $cas_url, $no_response, $bad_response='', $cas_response='', $err_code='', $err_msg='')
 This method is used to print the HTML output when the user was not authenticated. More...
 
 HTMLFilterOutput ($str)
 This method filters a string by replacing special tokens by appropriate values and prints it. More...
 
 printHTMLHeader ($title)
 This method prints the header of the HTML output (after filtering). More...
 
 printHTMLFooter ()
 This method prints the footer of the HTML output (after filtering). More...
 
 getLang ()
 This method returns the language used by phpCAS. More...
 
 getString ($str)
 This method returns a string depending on the language. More...
 
 getServerVersion ()
 This method is used to retrieve the version of the CAS server. More...
 
 getServerHostname ()
 This method is used to retrieve the hostname of the CAS server. More...
 
 getServerPort ()
 This method is used to retrieve the port of the CAS server. More...
 
 getServerURI ()
 This method is used to retrieve the URI of the CAS server. More...
 
 getServerBaseURL ()
 This method is used to retrieve the base URL of the CAS server. More...
 
 getServerLoginURL ($gateway)
 This method is used to retrieve the login URL of the CAS server. More...
 
 getServerServiceValidateURL ()
 This method is used to retrieve the service validating URL of the CAS server. More...
 
 getServerProxyValidateURL ()
 This method is used to retrieve the proxy validating URL of the CAS server. More...
 
 getServerProxyURL ()
 This method is used to retrieve the proxy URL of the CAS server. More...
 
 getServerLogoutURL ()
 This method is used to retrieve the logout URL of the CAS server. More...
 
 setUser ($user)
 This method sets the CAS user's login name. More...
 
 wasPreviouslyAuthenticated ()
 This method tells if the user has already been (previously) authenticated by looking into the session variables. More...
 
 getST ()
 This method returns the Service Ticket provided in the URL of the request. More...
 
 setST ($st)
 This method stores the Service Ticket. More...
 
 hasST ()
 This method tells if a Service Ticket was stored. More...
 
 validateST ($validate_url, &$text_response, &$tree_response)
 This method is used to validate a ST; halt on failure, and sets $validate_url, $text_reponse and $tree_response on success. More...
 
 isProxy ()
 Tells if a CAS client is a CAS proxy or not. More...
 
 getPGT ()
 This method returns the Proxy Granting Ticket given by the CAS server. More...
 
 setPGT ($pgt)
 This method stores the Proxy Granting Ticket. More...
 
 hasPGT ()
 This method tells if a Proxy Granting Ticket was stored. More...
 
 setCallbackMode ($callback_mode)
 This method sets/unsets callback mode. More...
 
 isCallbackMode ()
 This method returns TRUE when the CAs client is running i callback mode, FALSE otherwise. More...
 
 getCallbackURL ()
 This method returns the URL that should be used for the PGT callback (in fact the URL of the current request without any CGI parameter, except if phpCAS::setFixedCallbackURL() was used). More...
 
 setCallbackURL ($url)
 This method sets the callback url. More...
 
 callback ()
 This method is called by CASClient::CASClient() when running in callback mode. More...
 
 initPGTStorage ()
 This method is used to initialize the storage of PGT's. More...
 
 storePGT ($pgt, $pgt_iou)
 This method stores a PGT. More...
 
 loadPGT ($pgt_iou)
 This method reads a PGT from its Iou and deletes the corresponding storage entry. More...
 
 validatePGT (&$validate_url, $text_response, $tree_response)
 This method is used to validate a PGT; halt on failure. More...
 
 retrievePT ($target_service, &$err_code, &$err_msg)
 This method is used to retrieve PT's from the CAS server thanks to a PGT. More...
 
 readURL ($url, $cookies, &$headers, &$body, &$err_msg)
 This method is used to acces a remote URL. More...
 
 getPT ()
 This method returns the Proxy Ticket provided in the URL of the request. More...
 
 setPT ($pt)
 This method stores the Proxy Ticket. More...
 
 hasPT ()
 This method tells if a Proxy Ticket was stored. More...
 
 validatePT (&$validate_url, &$text_response, &$tree_response)
 This method is used to validate a PT; halt on failure. More...
 
 getURL ()
 This method returns the URL of the current request (without any ticket CGI parameter). More...
 
 setURL ($url)
 This method sets the URL of the current request. More...
 
 authError ($failure, $cas_url, $no_response, $bad_response='', $cas_response='', $err_code='', $err_msg='')
 This method is used to print the HTML output when the user was not authenticated. More...
 
 HTMLFilterOutput ($str)
 This method filters a string by replacing special tokens by appropriate values and prints it. More...
 
 printHTMLHeader ($title)
 This method prints the header of the HTML output (after filtering). More...
 
 printHTMLFooter ()
 This method prints the footer of the HTML output (after filtering). More...
 
 getLang ()
 This method returns the language used by phpCAS. More...
 
 getString ($str)
 This method returns a string depending on the language. More...
 
 getServerVersion ()
 This method is used to retrieve the version of the CAS server. More...
 
 getServerHostname ()
 This method is used to retrieve the hostname of the CAS server. More...
 
 getServerPort ()
 This method is used to retrieve the port of the CAS server. More...
 
 getServerURI ()
 This method is used to retrieve the URI of the CAS server. More...
 
 getServerBaseURL ()
 This method is used to retrieve the base URL of the CAS server. More...
 
 getServerLoginURL ($gateway)
 This method is used to retrieve the login URL of the CAS server. More...
 
 getServerServiceValidateURL ()
 This method is used to retrieve the service validating URL of the CAS server. More...
 
 getServerProxyValidateURL ()
 This method is used to retrieve the proxy validating URL of the CAS server. More...
 
 getServerProxyURL ()
 This method is used to retrieve the proxy URL of the CAS server. More...
 
 getServerLogoutURL ()
 This method is used to retrieve the logout URL of the CAS server. More...
 
 setUser ($user)
 This method sets the CAS user's login name. More...
 
 wasPreviouslyAuthenticated ()
 This method tells if the user has already been (previously) authenticated by looking into the session variables. More...
 
 getST ()
 This method returns the Service Ticket provided in the URL of the request. More...
 
 setST ($st)
 This method stores the Service Ticket. More...
 
 hasST ()
 This method tells if a Service Ticket was stored. More...
 
 validateST ($validate_url, &$text_response, &$tree_response)
 This method is used to validate a ST; halt on failure, and sets $validate_url, $text_reponse and $tree_response on success. More...
 
 isProxy ()
 Tells if a CAS client is a CAS proxy or not. More...
 
 getPGT ()
 This method returns the Proxy Granting Ticket given by the CAS server. More...
 
 setPGT ($pgt)
 This method stores the Proxy Granting Ticket. More...
 
 hasPGT ()
 This method tells if a Proxy Granting Ticket was stored. More...
 
 setCallbackMode ($callback_mode)
 This method sets/unsets callback mode. More...
 
 isCallbackMode ()
 This method returns TRUE when the CAs client is running i callback mode, FALSE otherwise. More...
 
 getCallbackURL ()
 This method returns the URL that should be used for the PGT callback (in fact the URL of the current request without any CGI parameter, except if phpCAS::setFixedCallbackURL() was used). More...
 
 setCallbackURL ($url)
 This method sets the callback url. More...
 
 callback ()
 This method is called by CASClient::CASClient() when running in callback mode. More...
 
 initPGTStorage ()
 This method is used to initialize the storage of PGT's. More...
 
 storePGT ($pgt, $pgt_iou)
 This method stores a PGT. More...
 
 loadPGT ($pgt_iou)
 This method reads a PGT from its Iou and deletes the corresponding storage entry. More...
 
 validatePGT (&$validate_url, $text_response, $tree_response)
 This method is used to validate a PGT; halt on failure. More...
 
 retrievePT ($target_service, &$err_code, &$err_msg)
 This method is used to retrieve PT's from the CAS server thanks to a PGT. More...
 
 readURL ($url, $cookies, &$headers, &$body, &$err_msg)
 This method is used to acces a remote URL. More...
 
 getPT ()
 This method returns the Proxy Ticket provided in the URL of the request. More...
 
 setPT ($pt)
 This method stores the Proxy Ticket. More...
 
 hasPT ()
 This method tells if a Proxy Ticket was stored. More...
 
 validatePT (&$validate_url, &$text_response, &$tree_response)
 This method is used to validate a PT; halt on failure. More...
 
 getURL ()
 This method returns the URL of the current request (without any ticket CGI parameter). More...
 
 setURL ($url)
 This method sets the URL of the current request. More...
 
 authError ($failure, $cas_url, $no_response, $bad_response='', $cas_response='', $err_code='', $err_msg='')
 This method is used to print the HTML output when the user was not authenticated. More...
 

Private Attributes

 $_output_header
 A string used to print the header of HTML pages. More...
 
 $_output_footer
 A string used to print the footer of HTML pages. More...
 
 $_lang
 A string corresponding to the language used by phpCAS. More...
 
 $_strings
 array containing the strings used by phpCAS. More...
 
 $_server
 a record to store information about the CAS server. More...
 
 $_start_session
 A variable to whether phpcas will use its own session handling. More...
 
 $_user
 The Authenticated user. More...
 
 $_attributes
 The Authenticated users attributes. More...
 
 $_cache_times_for_auth_recheck
 An integer that gives the number of times authentication will be cached before rechecked. More...
 
 $_st
 the Service Ticket provided in the URL of the request if present (empty otherwise). More...
 
 $_cas_server_cert
 the certificate of the CAS server. More...
 
 $_cas_server_ca_cert
 the certificate of the CAS server CA. More...
 
 $_no_cas_server_validation
 Set to true not to validate the CAS server. More...
 
 $_proxy
 A boolean telling if the client is a CAS proxy or not. More...
 
 $_pgt
 the Proxy Grnting Ticket given by the CAS server (empty otherwise). More...
 
 $_callback_mode
 each PHP script using phpCAS in proxy mode is its own callback to get the PGT back from the CAS server. More...
 
 $_callback_url
 the URL that should be used for the PGT callback (in fact the URL of the current request without any CGI parameter). More...
 
 $_pgt_storage
 an instance of a class inheriting of PGTStorage, used to deal with PGT storage. More...
 
 $_pt
 the Proxy Ticket provided in the URL of the request if present (empty otherwise). More...
 
 $_url
 the URL of the current request (without any ticket CGI parameter). More...
 

Detailed Description

The CASClient class is a client interface that provides CAS authentication to PHP applications.

Author
Pascal Aubry <pascal.aubry at univ-rennes1.fr>

Definition at line 51 of file client.php.

Member Function Documentation

◆ authError() [1/2]

CASClient::authError (   $failure,
  $cas_url,
  $no_response,
  $bad_response = '',
  $cas_response = '',
  $err_code = '',
  $err_msg = '' 
)
private

This method is used to print the HTML output when the user was not authenticated.

Parameters
$failurethe failure that occured
$cas_urlthe URL the CAS server was asked for
$no_responsethe response from the CAS server (other parameters are ignored if TRUE)
$bad_responsebad response from the CAS server ($err_code and $err_msg ignored if TRUE)
$cas_responsethe response of the CAS server
$err_codethe error code given by the CAS server
$err_msgthe error message given by the CAS server

Definition at line 1919 of file client.php.

1920 {
1922
1924 printf($this->getString(CAS_STR_YOU_WERE_NOT_AUTHENTICATED),$this->getURL(),$_SERVER['SERVER_ADMIN']);
1925 phpCAS::trace('CAS URL: '.$cas_url);
1926 phpCAS::trace('Authentication failure: '.$failure);
1927 if ( $no_response ) {
1928 phpCAS::trace('Reason: no response from the CAS server');
1929 } else {
1930 if ( $bad_response ) {
1931 phpCAS::trace('Reason: bad response from the CAS server');
1932 } else {
1933 switch ($this->getServerVersion()) {
1934 case CAS_VERSION_1_0:
1935 phpCAS::trace('Reason: CAS error');
1936 break;
1937 case CAS_VERSION_2_0:
1938 if ( empty($err_code) )
1939 phpCAS::trace('Reason: no CAS error');
1940 else
1941 phpCAS::trace('Reason: ['.$err_code.'] CAS error: '.$err_msg);
1942 break;
1943 }
1944 }
1945 phpCAS::trace('CAS response: '.$cas_response);
1946 }
1947 $this->printHTMLFooter();
1949 exit();
1950 }
$failure
getServerVersion()
This method is used to retrieve the version of the CAS server.
Definition: client.php:297
traceExit()
This method is used to indicate the end of the execution of the program.
Definition: CAS.php:617
trace($str)
This method is used to log something in debug mode.
Definition: CAS.php:569
traceBegin()
This method is used to indicate the start of the execution of a function in debug mode.
Definition: CAS.php:577
getString($str)
This method returns a string depending on the language.
Definition: client.php:221
getURL()
This method returns the URL of the current request (without any ticket CGI parameter).
Definition: client.php:2621
printHTMLHeader($title)
This method prints the header of the HTML output (after filtering).
Definition: client.php:108
printHTMLFooter()
This method prints the footer of the HTML output (after filtering).
Definition: client.php:136
const CAS_VERSION_1_0
CAS version 1.0.
Definition: CAS.php:77
const CAS_VERSION_2_0
Definition: CAS.php:81
const CAS_STR_AUTHENTICATION_FAILED
Definition: languages.php:19
const CAS_STR_YOU_WERE_NOT_AUTHENTICATED
Definition: languages.php:20
exit
Definition: login.php:54
if((!isset($_SERVER['DOCUMENT_ROOT'])) OR(empty($_SERVER['DOCUMENT_ROOT']))) $_SERVER['DOCUMENT_ROOT']

References $_SERVER, $failure, CAS_STR_AUTHENTICATION_FAILED, CAS_STR_YOU_WERE_NOT_AUTHENTICATED, CAS_VERSION_1_0, CAS_VERSION_2_0, exit, phpCAS\trace(), phpCAS\traceBegin(), and phpCAS\traceExit().

+ Here is the call graph for this function:

◆ authError() [2/2]

CASClient::authError (   $failure,
  $cas_url,
  $no_response,
  $bad_response = '',
  $cas_response = '',
  $err_code = '',
  $err_msg = '' 
)
private

This method is used to print the HTML output when the user was not authenticated.

Parameters
$failurethe failure that occured
$cas_urlthe URL the CAS server was asked for
$no_responsethe response from the CAS server (other parameters are ignored if TRUE)
$bad_responsebad response from the CAS server ($err_code and $err_msg ignored if TRUE)
$cas_responsethe response of the CAS server
$err_codethe error code given by the CAS server
$err_msgthe error message given by the CAS server

Definition at line 1927 of file client4.php.

1928 {
1930
1932 printf($this->getString(CAS_STR_YOU_WERE_NOT_AUTHENTICATED),$this->getURL(),$_SERVER['SERVER_ADMIN']);
1933 phpCAS::trace('CAS URL: '.$cas_url);
1934 phpCAS::trace('Authentication failure: '.$failure);
1935 if ( $no_response ) {
1936 phpCAS::trace('Reason: no response from the CAS server');
1937 } else {
1938 if ( $bad_response ) {
1939 phpCAS::trace('Reason: bad response from the CAS server');
1940 } else {
1941 switch ($this->getServerVersion()) {
1942 case CAS_VERSION_1_0:
1943 phpCAS::trace('Reason: CAS error');
1944 break;
1945 case CAS_VERSION_2_0:
1946 if ( empty($err_code) )
1947 phpCAS::trace('Reason: no CAS error');
1948 else
1949 phpCAS::trace('Reason: ['.$err_code.'] CAS error: '.$err_msg);
1950 break;
1951 }
1952 }
1953 phpCAS::trace('CAS response: '.$cas_response);
1954 }
1955 $this->printHTMLFooter();
1957 exit();
1958 }

References $_SERVER, $failure, CAS_STR_AUTHENTICATION_FAILED, CAS_STR_YOU_WERE_NOT_AUTHENTICATED, CAS_VERSION_1_0, CAS_VERSION_2_0, exit, phpCAS\trace(), phpCAS\traceBegin(), and phpCAS\traceExit().

+ Here is the call graph for this function:

◆ callback() [1/2]

CASClient::callback ( )
private

This method is called by CASClient::CASClient() when running in callback mode.

It stores the PGT and its PGT Iou, prints its output and halts.

Definition at line 1161 of file client.php.

1162 {
1164 $this->printHTMLHeader('phpCAS callback');
1165 $pgt_iou = $_GET['pgtIou'];
1166 $pgt = $_GET['pgtId'];
1167 phpCAS::trace('Storing PGT `'.$pgt.'\' (id=`'.$pgt_iou.'\')');
1168 echo '<p>Storing PGT `'.$pgt.'\' (id=`'.$pgt_iou.'\').</p>';
1169 $this->storePGT($pgt,$pgt_iou);
1170 $this->printHTMLFooter();
1172 }
$_GET["client_id"]

References $_GET, phpCAS\trace(), phpCAS\traceBegin(), and phpCAS\traceExit().

+ Here is the call graph for this function:

◆ callback() [2/2]

CASClient::callback ( )
private

This method is called by CASClient::CASClient() when running in callback mode.

It stores the PGT and its PGT Iou, prints its output and halts.

Definition at line 1169 of file client4.php.

1170 {
1172 $this->printHTMLHeader('phpCAS callback');
1173 $pgt_iou = $_GET['pgtIou'];
1174 $pgt = $_GET['pgtId'];
1175 phpCAS::trace('Storing PGT `'.$pgt.'\' (id=`'.$pgt_iou.'\')');
1176 echo '<p>Storing PGT `'.$pgt.'\' (id=`'.$pgt_iou.'\').</p>';
1177 $this->storePGT($pgt,$pgt_iou);
1178 $this->printHTMLFooter();
1180 }

References $_GET, phpCAS\trace(), phpCAS\traceBegin(), and phpCAS\traceExit().

+ Here is the call graph for this function:

◆ CASClient() [1/2]

CASClient::CASClient (   $server_version,
  $proxy,
  $server_hostname,
  $server_port,
  $server_uri,
  $start_session = true 
)

CASClient constructor.

Parameters
$server_versionthe version of the CAS server
$proxyTRUE if the CAS client is a CAS proxy, FALSE otherwise
$server_hostnamethe hostname of the CAS server
$server_portthe port the CAS server is running on
$server_urithe URI the CAS server is responding on
$start_sessionHave phpCAS start PHP sessions (default true)
Returns
a newly created CASClient object

Definition at line 435 of file client.php.

441 {
443
444 // activate session mechanism if desired
445 if ($start_session) {
446 session_start();
447 }
448
449 $this->_proxy = $proxy;
450
451 // check version
452 switch ($server_version) {
453 case CAS_VERSION_1_0:
454 if ( $this->isProxy() )
455 phpCAS::error('CAS proxies are not supported in CAS '
456 .$server_version);
457 break;
458 case CAS_VERSION_2_0:
459 break;
460 default:
461 phpCAS::error('this version of CAS (`'
462 .$server_version
463 .'\') is not supported by phpCAS '
464 .phpCAS::getVersion());
465 }
466 $this->_server['version'] = $server_version;
467
468 // check hostname
469 if ( empty($server_hostname)
470 || !preg_match('/[\.\d\-abcdefghijklmnopqrstuvwxyz]*/',$server_hostname) ) {
471 phpCAS::error('bad CAS server hostname (`'.$server_hostname.'\')');
472 }
473 $this->_server['hostname'] = $server_hostname;
474
475 // check port
476 if ( $server_port == 0
477 || !is_int($server_port) ) {
478 phpCAS::error('bad CAS server port (`'.$server_hostname.'\')');
479 }
480 $this->_server['port'] = $server_port;
481
482 // check URI
483 if ( !preg_match('/[\.\d\-_abcdefghijklmnopqrstuvwxyz\/]*/',$server_uri) ) {
484 phpCAS::error('bad CAS server URI (`'.$server_uri.'\')');
485 }
486 // add leading and trailing `/' and remove doubles
487 $server_uri = preg_replace('/\/\//','/','/'.$server_uri.'/');
488 $this->_server['uri'] = $server_uri;
489
490 // set to callback mode if PgtIou and PgtId CGI GET parameters are provided
491 if ( $this->isProxy() ) {
492 $this->setCallbackMode(!empty($_GET['pgtIou'])&&!empty($_GET['pgtId']));
493 }
494
495 if ( $this->isCallbackMode() ) {
496 // callback mode: check that phpCAS is secured
497 if ( $_SERVER['HTTPS'] != 'on' ) {
498 phpCAS::error('CAS proxies must be secured to use phpCAS; PGT\'s will not be received from the CAS server');
499 }
500 } else {
501 // normal mode: get ticket and remove it from CGI parameters for developpers
502 $ticket = $_GET['ticket'];
503 // at first check for a Service Ticket
504 if( preg_match('/^ST-/',$ticket)) {
505 phpCAS::trace('ST \''.$ticket.'\' found');
506 // ST present
507 $this->setST($ticket);
508 }
509 // in a second time check for a Proxy Ticket (CAS >= 2.0)
510 else if( ($this->getServerVersion()!=CAS_VERSION_1_0) && preg_match('/^PT-/',$ticket) ) {
511 phpCAS::trace('PT \''.$ticket.'\' found');
512 $this->setPT($ticket);
513 }
514 // ill-formed ticket, halt
515 else if ( !empty($ticket) ) {
516 phpCAS::error('ill-formed ticket found in the URL (ticket=`'.htmlentities($ticket).'\')');
517 }
518 // ticket has been taken into account, unset it to hide it to applications
519 unset($_GET['ticket']);
520 }
522 }
The phpCAS class is a simple container for the phpCAS library.
Definition: CAS.php:341
setCallbackMode($callback_mode)
This method sets/unsets callback mode.
Definition: client.php:1759
isCallbackMode()
This method returns TRUE when the CAs client is running i callback mode, FALSE otherwise.
Definition: client.php:1772
error($msg)
This method is used by interface methods to print an error and where the function was originally call...
Definition: CAS.php:544
traceEnd($res='')
This method is used to indicate the end of the execution of a function in debug mode.
Definition: CAS.php:604
isProxy()
Tells if a CAS client is a CAS proxy or not.
Definition: client.php:1681

References $_GET, $_SERVER, CAS_VERSION_1_0, CAS_VERSION_2_0, phpCAS\error(), isCallbackMode(), isProxy(), setCallbackMode(), phpCAS\trace(), phpCAS\traceBegin(), and phpCAS\traceEnd().

+ Here is the call graph for this function:

◆ CASClient() [2/2]

CASClient::CASClient (   $server_version,
  $proxy,
  $server_hostname,
  $server_port,
  $server_uri,
  $start_session = true 
)

CASClient constructor.

Parameters
$server_versionthe version of the CAS server
$proxyTRUE if the CAS client is a CAS proxy, FALSE otherwise
$server_hostnamethe hostname of the CAS server
$server_portthe port the CAS server is running on
$server_urithe URI the CAS server is responding on
$start_sessionHave phpCAS start PHP sessions (default true)
Returns
a newly created CASClient object

Definition at line 444 of file client4.php.

450 {
452
453 // activate session mechanism if desired
454 if ($start_session) {
455 session_start();
456 }
457
458 $this->_proxy = $proxy;
459
460 // check version
461 switch ($server_version) {
462 case CAS_VERSION_1_0:
463 if ( $this->isProxy() )
464 phpCAS::error('CAS proxies are not supported in CAS '
465 .$server_version);
466 break;
467 case CAS_VERSION_2_0:
468 break;
469 default:
470 phpCAS::error('this version of CAS (`'
471 .$server_version
472 .'\') is not supported by phpCAS '
473 .phpCAS::getVersion());
474 }
475 $this->_server['version'] = $server_version;
476
477 // check hostname
478 if ( empty($server_hostname)
479 || !preg_match('/[\.\d\-abcdefghijklmnopqrstuvwxyz]*/',$server_hostname) ) {
480 phpCAS::error('bad CAS server hostname (`'.$server_hostname.'\')');
481 }
482 $this->_server['hostname'] = $server_hostname;
483
484 // check port
485 if ( $server_port == 0
486 || !is_int($server_port) ) {
487 phpCAS::error('bad CAS server port (`'.$server_hostname.'\')');
488 }
489 $this->_server['port'] = $server_port;
490
491 // check URI
492 if ( !preg_match('/[\.\d\-_abcdefghijklmnopqrstuvwxyz\/]*/',$server_uri) ) {
493 phpCAS::error('bad CAS server URI (`'.$server_uri.'\')');
494 }
495 // add leading and trailing `/' and remove doubles
496 $server_uri = preg_replace('/\/\//','/','/'.$server_uri.'/');
497 $this->_server['uri'] = $server_uri;
498
499 // set to callback mode if PgtIou and PgtId CGI GET parameters are provided
500 if ( $this->isProxy() ) {
501 $this->setCallbackMode(!empty($_GET['pgtIou'])&&!empty($_GET['pgtId']));
502 }
503
504 if ( $this->isCallbackMode() ) {
505 // callback mode: check that phpCAS is secured
506 if ( $_SERVER['HTTPS'] != 'on' ) {
507 phpCAS::error('CAS proxies must be secured to use phpCAS; PGT\'s will not be received from the CAS server');
508 }
509 } else {
510 // normal mode: get ticket and remove it from CGI parameters for developpers
511 $ticket = $_GET['ticket'];
512 // at first check for a Service Ticket
513 if( preg_match('/^ST-/',$ticket)) {
514 phpCAS::trace('ST \''.$ticket.'\' found');
515 // ST present
516 $this->setST($ticket);
517 }
518 // in a second time check for a Proxy Ticket (CAS >= 2.0)
519 else if( ($this->getServerVersion()!=CAS_VERSION_1_0) && preg_match('/^PT-/',$ticket) ) {
520 phpCAS::trace('PT \''.$ticket.'\' found');
521 $this->setPT($ticket);
522 }
523 // ill-formed ticket, halt
524 else if ( !empty($ticket) ) {
525 phpCAS::error('ill-formed ticket found in the URL (ticket=`'.htmlentities($ticket).'\')');
526 }
527 // ticket has been taken into account, unset it to hide it to applications
528 unset($_GET['ticket']);
529 }
531 }

References $_GET, $_SERVER, CAS_VERSION_1_0, CAS_VERSION_2_0, phpCAS\error(), isCallbackMode(), isProxy(), setCallbackMode(), phpCAS\trace(), phpCAS\traceBegin(), and phpCAS\traceEnd().

+ Here is the call graph for this function:

◆ checkAuthentication() [1/2]

CASClient::checkAuthentication ( )

This method is called to check whether the ser is authenticated or not.

Returns
TRUE when the user is authenticated, FALSE otherwise.

Definition at line 603 of file client.php.

604 {
606
607 if ( $this->isAuthenticated() ) {
608 phpCAS::trace('user is authenticated');
609 $res = TRUE;
610 } else if (isset($_SESSION['phpCAS']['auth_checked'])) {
611 // the previous request has redirected the client to the CAS server with gateway=true
612 unset($_SESSION['phpCAS']['auth_checked']);
613 $res = FALSE;
614 } else {
615 $_SESSION['phpCAS']['auth_checked'] = true;
616 $this->redirectToCas(TRUE/* gateway */);
617 // never reached
618 $res = FALSE;
619 }
621 return $res;
622 }
$_SESSION["AccountId"]
isAuthenticated()
This method is called to check if the user is authenticated (previously or by tickets given in the UR...
Definition: client.php:981
redirectToCas($gateway=false, $renew=false)
This method is used to redirect the client to the CAS server.
Definition: client.php:1133

References $_SESSION, $res, isAuthenticated(), redirectToCas(), phpCAS\trace(), phpCAS\traceBegin(), and phpCAS\traceEnd().

+ Here is the call graph for this function:

◆ checkAuthentication() [2/2]

CASClient::checkAuthentication ( )

This method is called to check whether the ser is authenticated or not.

Returns
TRUE when the user is authenticated, FALSE otherwise.

Definition at line 612 of file client4.php.

613 {
615
616 if ( $this->isAuthenticated() ) {
617 phpCAS::trace('user is authenticated');
618 $res = TRUE;
619 } else if (isset($_SESSION['phpCAS']['auth_checked'])) {
620 // the previous request has redirected the client to the CAS server with gateway=true
621 unset($_SESSION['phpCAS']['auth_checked']);
622 $res = FALSE;
623 } else {
624 $_SESSION['phpCAS']['auth_checked'] = true;
625 $this->redirectToCas(TRUE/* gateway */);
626 // never reached
627 $res = FALSE;
628 }
630 return $res;
631 }

References $_SESSION, $res, isAuthenticated(), redirectToCas(), phpCAS\trace(), phpCAS\traceBegin(), and phpCAS\traceEnd().

+ Here is the call graph for this function:

◆ forceAuthentication() [1/2]

CASClient::forceAuthentication ( )

This method is called to be sure that the user is authenticated.

When not authenticated, halt by redirecting to the CAS server; otherwise return TRUE.

Returns
TRUE when the user is authenticated; otherwise halt.

Definition at line 579 of file client.php.

580 {
582
583 if ( $this->isAuthenticated() ) {
584 // the user is authenticated, nothing to be done.
585 phpCAS::trace('no need to authenticate');
586 $res = TRUE;
587 } else {
588 // the user is not authenticated, redirect to the CAS server
589 unset($_SESSION['phpCAS']['auth_checked']);
590 $this->redirectToCas(FALSE/* no gateway */);
591 // never reached
592 $res = FALSE;
593 }
595 return $res;
596 }

References $_SESSION, $res, isAuthenticated(), redirectToCas(), phpCAS\trace(), phpCAS\traceBegin(), and phpCAS\traceEnd().

+ Here is the call graph for this function:

◆ forceAuthentication() [2/2]

CASClient::forceAuthentication ( )

This method is called to be sure that the user is authenticated.

When not authenticated, halt by redirecting to the CAS server; otherwise return TRUE.

Returns
TRUE when the user is authenticated; otherwise halt.

Definition at line 588 of file client4.php.

589 {
591
592 if ( $this->isAuthenticated() ) {
593 // the user is authenticated, nothing to be done.
594 phpCAS::trace('no need to authenticate');
595 $res = TRUE;
596 } else {
597 // the user is not authenticated, redirect to the CAS server
598 unset($_SESSION['phpCAS']['auth_checked']);
599 $this->redirectToCas(FALSE/* no gateway */);
600 // never reached
601 $res = FALSE;
602 }
604 return $res;
605 }

References $_SESSION, $res, isAuthenticated(), redirectToCas(), phpCAS\trace(), phpCAS\traceBegin(), and phpCAS\traceEnd().

+ Here is the call graph for this function:

◆ getCallbackURL() [1/2]

CASClient::getCallbackURL ( )
private

This method returns the URL that should be used for the PGT callback (in fact the URL of the current request without any CGI parameter, except if phpCAS::setFixedCallbackURL() was used).

Returns
The callback URL

Definition at line 1107 of file client.php.

1108 {
1109 // the URL is built when needed only
1110 if ( empty($this->_callback_url) ) {
1111 $final_uri = '';
1112 // remove the ticket if present in the URL
1113 $final_uri = 'https://';
1114
1115 /* replaced by Julien Marchal - v0.4.6
1116 * $this->uri .= $_SERVER['SERVER_NAME'];
1117 */
1118 if(empty($_SERVER['HTTP_X_FORWARDED_SERVER'])){
1119 /* replaced by teedog - v0.4.12
1120 * $final_uri .= $_SERVER['SERVER_NAME'];
1121 */
1122 if (empty($_SERVER['SERVER_NAME'])) {
1123 $final_uri .= $_SERVER['HTTP_HOST'];
1124 } else {
1125 $final_uri .= $_SERVER['SERVER_NAME'];
1126 }
1127 } else {
1128 $final_uri .= $_SERVER['HTTP_X_FORWARDED_SERVER'];
1129 }
1130 if ( ($_SERVER['HTTPS']=='on' && $_SERVER['SERVER_PORT']!=443)
1131 || ($_SERVER['HTTPS']!='on' && $_SERVER['SERVER_PORT']!=80) ) {
1132 $final_uri .= ':';
1133 $final_uri .= $_SERVER['SERVER_PORT'];
1134 }
1135 $request_uri = $_SERVER['REQUEST_URI'];
1136 $request_uri = preg_replace('/\?.*$/','',$request_uri);
1137 $final_uri .= $request_uri;
1138 $this->setCallbackURL($final_uri);
1139 }
1140 return $this->_callback_url;
1141 }
$_callback_url
the URL that should be used for the PGT callback (in fact the URL of the current request without any ...
Definition: client.php:1785
setCallbackURL($url)
This method sets the callback url.
Definition: client.php:1838

References $_SERVER.

◆ getCallbackURL() [2/2]

CASClient::getCallbackURL ( )
private

This method returns the URL that should be used for the PGT callback (in fact the URL of the current request without any CGI parameter, except if phpCAS::setFixedCallbackURL() was used).

Returns
The callback URL

Definition at line 1116 of file client4.php.

1117 {
1118 // the URL is built when needed only
1119 if ( empty($this->_callback_url) ) {
1120 $final_uri = '';
1121 // remove the ticket if present in the URL
1122 $final_uri = 'https://';
1123 /* replaced by Julien Marchal - v0.4.6
1124 * $this->uri .= $_SERVER['SERVER_NAME'];
1125 */
1126 if(empty($_SERVER['HTTP_X_FORWARDED_SERVER'])){
1127 /* replaced by teedog - v0.4.12
1128 * $final_uri .= $_SERVER['SERVER_NAME'];
1129 */
1130 if (empty($_SERVER['SERVER_NAME'])) {
1131 $final_uri .= $_SERVER['HTTP_HOST'];
1132 } else {
1133 $final_uri .= $_SERVER['SERVER_NAME'];
1134 }
1135 } else {
1136 $final_uri .= $_SERVER['HTTP_X_FORWARDED_SERVER'];
1137 }
1138 if ( ($_SERVER['HTTPS']=='on' && $_SERVER['SERVER_PORT']!=443)
1139 || ($_SERVER['HTTPS']!='on' && $_SERVER['SERVER_PORT']!=80) ) {
1140 $final_uri .= ':';
1141 $final_uri .= $_SERVER['SERVER_PORT'];
1142 }
1143 $request_uri = $_SERVER['REQUEST_URI'];
1144 $request_uri = preg_replace('/\?.*$/','',$request_uri);
1145 $final_uri .= $request_uri;
1146 $this->setCallbackURL($final_uri);
1147 }
1148 return $this->_callback_url;
1149 }

References $_SERVER.

◆ getLang() [1/2]

CASClient::getLang ( )
private

This method returns the language used by phpCAS.

Returns
a string representing the language

Definition at line 165 of file client.php.

166 {
167 if ( empty($this->_lang) )
169 return $this->_lang;
170 }
$_lang
A string corresponding to the language used by phpCAS.
Definition: client.php:185
const PHPCAS_LANG_DEFAULT
phpCAS default language (when phpCAS::setLang() is not used)
Definition: CAS.php:246
setLang($lang)
This method is used to set the language used by phpCAS.
Definition: client.php:241

References $_lang, PHPCAS_LANG_DEFAULT, and setLang().

+ Here is the call graph for this function:

◆ getLang() [2/2]

CASClient::getLang ( )
private

This method returns the language used by phpCAS.

Returns
a string representing the language

Definition at line 178 of file client4.php.

179 {
180 if ( empty($this->_lang) )
182 return $this->_lang;
183 }

References $_lang, PHPCAS_LANG_DEFAULT, and setLang().

+ Here is the call graph for this function:

◆ getPGT() [1/2]

CASClient::getPGT ( )
private

This method returns the Proxy Granting Ticket given by the CAS server.

Returns
The Proxy Granting Ticket.

Definition at line 1020 of file client.php.

1021 { return $this->_pgt; }
$_pgt
the Proxy Grnting Ticket given by the CAS server (empty otherwise).
Definition: client.php:1702

◆ getPGT() [2/2]

CASClient::getPGT ( )
private

This method returns the Proxy Granting Ticket given by the CAS server.

Returns
The Proxy Granting Ticket.

Definition at line 1029 of file client4.php.

1030 { return $this->_pgt; }

◆ getPT() [1/2]

CASClient::getPT ( )
private

This method returns the Proxy Ticket provided in the URL of the request.

Returns
The proxy ticket.

Definition at line 1697 of file client.php.

1698 { return $this->_pt; }
$_pt
the Proxy Ticket provided in the URL of the request if present (empty otherwise).
Definition: client.php:2438

◆ getPT() [2/2]

CASClient::getPT ( )
private

This method returns the Proxy Ticket provided in the URL of the request.

Returns
The proxy ticket.

Definition at line 1705 of file client4.php.

1706 { return $this->_pt; }

◆ getServerBaseURL() [1/2]

CASClient::getServerBaseURL ( )
private

This method is used to retrieve the base URL of the CAS server.

Returns
a URL.

Definition at line 302 of file client.php.

303 {
304 // the URL is build only when needed
305 if ( empty($this->_server['base_url']) ) {
306
307 // to do: undo this
308 //$this->_server['base_url'] = 'https://'
309 $this->_server['base_url'] = 'https://'
310 .$this->getServerHostname()
311 .':'
312 .$this->getServerPort()
313 .$this->getServerURI();
314 }
315//echo "-".$this->_server['base_url']."-";
316 return $this->_server['base_url'];
317 }

◆ getServerBaseURL() [2/2]

CASClient::getServerBaseURL ( )
private

This method is used to retrieve the base URL of the CAS server.

Returns
a URL.

Definition at line 315 of file client4.php.

316 {
317 // the URL is build only when needed
318 if ( empty($this->_server['base_url']) ) {
319 $this->_server['base_url'] = 'https://'
320 .$this->getServerHostname()
321 .':'
322 .$this->getServerPort()
323 .$this->getServerURI();
324 }
325 return $this->_server['base_url'];
326 }

◆ getServerHostname() [1/2]

CASClient::getServerHostname ( )
private

This method is used to retrieve the hostname of the CAS server.

Returns
the hostname of the CAS server.

Definition at line 278 of file client.php.

279 { return $this->_server['hostname']; }

◆ getServerHostname() [2/2]

CASClient::getServerHostname ( )
private

This method is used to retrieve the hostname of the CAS server.

Returns
the hostname of the CAS server.

Definition at line 291 of file client4.php.

292 { return $this->_server['hostname']; }

◆ getServerLoginURL()

CASClient::getServerLoginURL (   $gateway)
private

This method is used to retrieve the login URL of the CAS server.

Parameters
$gatewaytrue to check authentication, false to force it
Returns
a URL.

Definition at line 334 of file client4.php.

335 {
337 // the URL is build only when needed
338 if ( empty($this->_server['login_url']) ) {
339 $this->_server['login_url'] = $this->getServerBaseURL();
340 $this->_server['login_url'] .= 'login?service=';
341 $this->_server['login_url'] .= preg_replace('/&/','%26',$this->getURL());
342 if ($gateway) {
343 $this->_server['login_url'] .= '&gateway=true';
344 }
345 }
346 phpCAS::traceEnd($this->_server['login_url']);
347 return $this->_server['login_url'];
348 }
getServerBaseURL()
This method is used to retrieve the base URL of the CAS server.
Definition: client.php:331

References getServerBaseURL(), getURL(), phpCAS\traceBegin(), and phpCAS\traceEnd().

+ Here is the call graph for this function:

◆ getServerLogoutURL() [1/2]

CASClient::getServerLogoutURL ( )
private

This method is used to retrieve the logout URL of the CAS server.

Returns
a URL.

Definition at line 409 of file client.php.

410 {
411 // the URL is build only when needed
412 if ( empty($this->_server['logout_url']) ) {
413 $this->_server['logout_url'] = $this->getServerBaseURL().'logout';
414 }
415 return $this->_server['logout_url'];
416 }

References getServerBaseURL().

+ Here is the call graph for this function:

◆ getServerLogoutURL() [2/2]

CASClient::getServerLogoutURL ( )
private

This method is used to retrieve the logout URL of the CAS server.

Returns
a URL.

Definition at line 418 of file client4.php.

419 {
420 // the URL is build only when needed
421 if ( empty($this->_server['logout_url']) ) {
422 $this->_server['logout_url'] = $this->getServerBaseURL().'logout';
423 }
424 return $this->_server['logout_url'];
425 }

References getServerBaseURL().

+ Here is the call graph for this function:

◆ getServerPort() [1/2]

CASClient::getServerPort ( )
private

This method is used to retrieve the port of the CAS server.

Returns
the port of the CAS server.

Definition at line 286 of file client.php.

287 { return $this->_server['port']; }

◆ getServerPort() [2/2]

CASClient::getServerPort ( )
private

This method is used to retrieve the port of the CAS server.

Returns
the port of the CAS server.

Definition at line 299 of file client4.php.

300 { return $this->_server['port']; }

◆ getServerProxyURL() [1/2]

CASClient::getServerProxyURL ( )
private

This method is used to retrieve the proxy URL of the CAS server.

Returns
a URL.

Definition at line 388 of file client.php.

389 {
390 // the URL is build only when needed
391 if ( empty($this->_server['proxy_url']) ) {
392 switch ($this->getServerVersion()) {
393 case CAS_VERSION_1_0:
394 $this->_server['proxy_url'] = '';
395 break;
396 case CAS_VERSION_2_0:
397 $this->_server['proxy_url'] = $this->getServerBaseURL().'proxy';
398 break;
399 }
400 }
401 return $this->_server['proxy_url'];
402 }

References CAS_VERSION_1_0, CAS_VERSION_2_0, getServerBaseURL(), and getServerVersion().

+ Here is the call graph for this function:

◆ getServerProxyURL() [2/2]

CASClient::getServerProxyURL ( )
private

This method is used to retrieve the proxy URL of the CAS server.

Returns
a URL.

Definition at line 397 of file client4.php.

398 {
399 // the URL is build only when needed
400 if ( empty($this->_server['proxy_url']) ) {
401 switch ($this->getServerVersion()) {
402 case CAS_VERSION_1_0:
403 $this->_server['proxy_url'] = '';
404 break;
405 case CAS_VERSION_2_0:
406 $this->_server['proxy_url'] = $this->getServerBaseURL().'proxy';
407 break;
408 }
409 }
410 return $this->_server['proxy_url'];
411 }

References CAS_VERSION_1_0, CAS_VERSION_2_0, getServerBaseURL(), and getServerVersion().

+ Here is the call graph for this function:

◆ getServerProxyValidateURL() [1/2]

CASClient::getServerProxyValidateURL ( )
private

This method is used to retrieve the proxy validating URL of the CAS server.

Returns
a URL.

Definition at line 367 of file client.php.

368 {
369 // the URL is build only when needed
370 if ( empty($this->_server['proxy_validate_url']) ) {
371 switch ($this->getServerVersion()) {
372 case CAS_VERSION_1_0:
373 $this->_server['proxy_validate_url'] = '';
374 break;
375 case CAS_VERSION_2_0:
376 $this->_server['proxy_validate_url'] = $this->getServerBaseURL().'proxyValidate';
377 break;
378 }
379 }
380 return $this->_server['proxy_validate_url'].'?service='.preg_replace('/&/','%26',$this->getURL());
381 }

References CAS_VERSION_1_0, CAS_VERSION_2_0, getServerBaseURL(), getServerVersion(), and getURL().

+ Here is the call graph for this function:

◆ getServerProxyValidateURL() [2/2]

CASClient::getServerProxyValidateURL ( )
private

This method is used to retrieve the proxy validating URL of the CAS server.

Returns
a URL.

Definition at line 376 of file client4.php.

377 {
378 // the URL is build only when needed
379 if ( empty($this->_server['proxy_validate_url']) ) {
380 switch ($this->getServerVersion()) {
381 case CAS_VERSION_1_0:
382 $this->_server['proxy_validate_url'] = '';
383 break;
384 case CAS_VERSION_2_0:
385 $this->_server['proxy_validate_url'] = $this->getServerBaseURL().'proxyValidate';
386 break;
387 }
388 }
389 return $this->_server['proxy_validate_url'].'?service='.preg_replace('/&/','%26',$this->getURL());
390 }

References CAS_VERSION_1_0, CAS_VERSION_2_0, getServerBaseURL(), getServerVersion(), and getURL().

+ Here is the call graph for this function:

◆ getServerServiceValidateURL() [1/2]

CASClient::getServerServiceValidateURL ( )
private

This method is used to retrieve the service validating URL of the CAS server.

Returns
a URL.

Definition at line 346 of file client.php.

347 {
348 // the URL is build only when needed
349 if ( empty($this->_server['service_validate_url']) ) {
350 switch ($this->getServerVersion()) {
351 case CAS_VERSION_1_0:
352 $this->_server['service_validate_url'] = $this->getServerBaseURL().'validate';
353 break;
354 case CAS_VERSION_2_0:
355 $this->_server['service_validate_url'] = $this->getServerBaseURL().'serviceValidate';
356 break;
357 }
358 }
359 return $this->_server['service_validate_url'].'?service='.preg_replace('/&/','%26',$this->getURL());
360 }

References CAS_VERSION_1_0, CAS_VERSION_2_0, getServerBaseURL(), getServerVersion(), and getURL().

+ Here is the call graph for this function:

◆ getServerServiceValidateURL() [2/2]

CASClient::getServerServiceValidateURL ( )
private

This method is used to retrieve the service validating URL of the CAS server.

Returns
a URL.

Definition at line 355 of file client4.php.

356 {
357 // the URL is build only when needed
358 if ( empty($this->_server['service_validate_url']) ) {
359 switch ($this->getServerVersion()) {
360 case CAS_VERSION_1_0:
361 $this->_server['service_validate_url'] = $this->getServerBaseURL().'validate';
362 break;
363 case CAS_VERSION_2_0:
364 $this->_server['service_validate_url'] = $this->getServerBaseURL().'serviceValidate';
365 break;
366 }
367 }
368 return $this->_server['service_validate_url'].'?service='.preg_replace('/&/','%26',$this->getURL());
369 }

References CAS_VERSION_1_0, CAS_VERSION_2_0, getServerBaseURL(), getServerVersion(), and getURL().

+ Here is the call graph for this function:

◆ getServerURI() [1/2]

CASClient::getServerURI ( )
private

This method is used to retrieve the URI of the CAS server.

Returns
a URI.

Definition at line 294 of file client.php.

295 { return $this->_server['uri']; }

◆ getServerURI() [2/2]

CASClient::getServerURI ( )
private

This method is used to retrieve the URI of the CAS server.

Returns
a URI.

Definition at line 307 of file client4.php.

308 { return $this->_server['uri']; }

◆ getServerVersion() [1/2]

CASClient::getServerVersion ( )
private

This method is used to retrieve the version of the CAS server.

Returns
the version of the CAS server.

Definition at line 268 of file client.php.

269 {
270 return $this->_server['version'];
271 }

◆ getServerVersion() [2/2]

CASClient::getServerVersion ( )
private

This method is used to retrieve the version of the CAS server.

Returns
the version of the CAS server.

Definition at line 281 of file client4.php.

282 {
283 return $this->_server['version'];
284 }

◆ getST() [1/2]

CASClient::getST ( )
private

This method returns the Service Ticket provided in the URL of the request.

Returns
The service ticket.

Definition at line 810 of file client.php.

811 { return $this->_st; }
$_st
the Service Ticket provided in the URL of the request if present (empty otherwise).
Definition: client.php:1291

References $_st.

◆ getST() [2/2]

CASClient::getST ( )
private

This method returns the Service Ticket provided in the URL of the request.

Returns
The service ticket.

Definition at line 819 of file client4.php.

820 { return $this->_st; }

References $_st.

◆ getStartSession()

CASClient::getStartSession (   $session)

Definition at line 725 of file client.php.

726 {
727 $this->_start_session = session;
728 }

◆ getString() [1/2]

CASClient::getString (   $str)
private

This method returns a string depending on the language.

Parameters
$strthe index of the string in $_string.
Returns
the string corresponding to $index in $string.

Definition at line 192 of file client.php.

193 {
194 // call CASclient::getLang() to be sure the language is initialized
195 $this->getLang();
196
197 if ( !isset($this->_strings[$str]) ) {
198 trigger_error('string `'.$str.'\' not defined for language `'.$this->getLang().'\'',E_USER_ERROR);
199 }
200 return $this->_strings[$str];
201 }
$this _strings
Definition: catalan.php:10
getLang()
This method returns the language used by phpCAS.
Definition: client.php:194

References _strings, and getLang().

+ Here is the call graph for this function:

◆ getString() [2/2]

CASClient::getString (   $str)
private

This method returns a string depending on the language.

Parameters
$strthe index of the string in $_string.
Returns
the string corresponding to $index in $string.

Definition at line 205 of file client4.php.

206 {
207 // call CASclient::getLang() to be sure the language is initialized
208 $this->getLang();
209
210 if ( !isset($this->_strings[$str]) ) {
211 trigger_error('string `'.$str.'\' not defined for language `'.$this->getLang().'\'',E_USER_ERROR);
212 }
213 return $this->_strings[$str];
214 }

References _strings, and getLang().

+ Here is the call graph for this function:

◆ getURL() [1/2]

CASClient::getURL ( )
private

This method returns the URL of the current request (without any ticket CGI parameter).

Returns
The URL

Definition at line 1846 of file client.php.

1847 {
1849 // the URL is built when needed only
1850 if ( empty($this->_url) ) {
1851 $final_uri = '';
1852 // remove the ticket if present in the URL
1853 $final_uri = ($_SERVER['HTTPS'] == 'on') ? 'https' : 'http';
1854 $final_uri .= '://';
1855 /* replaced by Julien Marchal - v0.4.6
1856 * $this->_url .= $_SERVER['SERVER_NAME'];
1857 */
1858 if(empty($_SERVER['HTTP_X_FORWARDED_SERVER'])){
1859 /* replaced by teedog - v0.4.12
1860 * $this->_url .= $_SERVER['SERVER_NAME'];
1861 */
1862 if (empty($_SERVER['SERVER_NAME'])) {
1863 $final_uri .= $_SERVER['HTTP_HOST'];
1864 } else {
1865 $final_uri .= $_SERVER['SERVER_NAME'];
1866 }
1867 } else {
1868 $final_uri .= $_SERVER['HTTP_X_FORWARDED_SERVER'];
1869 }
1870 if ( ($_SERVER['HTTPS']=='on' && $_SERVER['SERVER_PORT']!=443)
1871 || ($_SERVER['HTTPS']!='on' && $_SERVER['SERVER_PORT']!=80) ) {
1872 $final_uri .= ':';
1873 $final_uri .= $_SERVER['SERVER_PORT'];
1874 }
1875
1876 $final_uri .= strtok($_SERVER['REQUEST_URI'],"?");
1877 $cgi_params = '?'.strtok("?");
1878 // remove the ticket if present in the CGI parameters
1879 $cgi_params = preg_replace('/&ticket=[^&]*/','',$cgi_params);
1880 $cgi_params = preg_replace('/\?ticket=[^&;]*/','?',$cgi_params);
1881 $cgi_params = preg_replace('/\?$/','',$cgi_params);
1882 $final_uri .= $cgi_params;
1883 $this->setURL($final_uri);
1884 }
1885 phpCAS::traceEnd($this->_url);
1886 return $this->_url;
1887 }
setURL($url)
This method sets the URL of the current request.
Definition: client.php:2699
$_url
the URL of the current request (without any ticket CGI parameter).
Definition: client.php:2611

References $_SERVER.

◆ getURL() [2/2]

CASClient::getURL ( )
private

This method returns the URL of the current request (without any ticket CGI parameter).

Returns
The URL

Definition at line 1854 of file client4.php.

1855 {
1857 // the URL is built when needed only
1858 if ( empty($this->_url) ) {
1859 $final_uri = '';
1860 // remove the ticket if present in the URL
1861 $final_uri = ($_SERVER['HTTPS'] == 'on') ? 'https' : 'http';
1862 $final_uri .= '://';
1863 /* replaced by Julien Marchal - v0.4.6
1864 * $this->_url .= $_SERVER['SERVER_NAME'];
1865 */
1866 if(empty($_SERVER['HTTP_X_FORWARDED_SERVER'])){
1867 /* replaced by teedog - v0.4.12
1868 * $this->_url .= $_SERVER['SERVER_NAME'];
1869 */
1870 if (empty($_SERVER['SERVER_NAME'])) {
1871 $final_uri .= $_SERVER['HTTP_HOST'];
1872 } else {
1873 $final_uri .= $_SERVER['SERVER_NAME'];
1874 }
1875 } else {
1876 $final_uri .= $_SERVER['HTTP_X_FORWARDED_SERVER'];
1877 }
1878 if ( ($_SERVER['HTTPS']=='on' && $_SERVER['SERVER_PORT']!=443)
1879 || ($_SERVER['HTTPS']!='on' && $_SERVER['SERVER_PORT']!=80) ) {
1880 $final_uri .= ':';
1881 $final_uri .= $_SERVER['SERVER_PORT'];
1882 }
1883
1884 $final_uri .= strtok($_SERVER['REQUEST_URI'],"?");
1885 $cgi_params = '?'.strtok("?");
1886 // remove the ticket if present in the CGI parameters
1887 $cgi_params = preg_replace('/&ticket=[^&]*/','',$cgi_params);
1888 $cgi_params = preg_replace('/\?ticket=[^&;]*/','?',$cgi_params);
1889 $cgi_params = preg_replace('/\?$/','',$cgi_params);
1890 $final_uri .= $cgi_params;
1891 $this->setURL($final_uri);
1892 }
1893 phpCAS::traceEnd($this->_url);
1894 return $this->_url;
1895 }

References $_SERVER.

◆ getUser() [1/2]

CASClient::getUser ( )

This method returns the CAS user's login name.

Warning
should be called only after CASClient::forceAuthentication() or CASClient::isAuthenticated(), otherwise halt with an error.
Returns
the login name of the authenticated user

Definition at line 565 of file client.php.

566 {
567 if ( empty($this->_user) ) {
568 phpCAS::error('this method should be used only after '.__CLASS__.'::forceAuthentication() or '.__CLASS__.'::isAuthenticated()');
569 }
570 return $this->_user;
571 }
$_user
The Authenticated user.
Definition: client.php:784

References $_user, and phpCAS\error().

+ Here is the call graph for this function:

◆ getUser() [2/2]

CASClient::getUser ( )

This method returns the CAS user's login name.

Warning
should be called only after CASClient::forceAuthentication() or CASClient::isAuthenticated(), otherwise halt with an error.
Returns
the login name of the authenticated user

Definition at line 574 of file client4.php.

575 {
576 if ( empty($this->_user) ) {
577 phpCAS::error('this method should be used only after '.__CLASS__.'::forceAuthentication() or '.__CLASS__.'::isAuthenticated()');
578 }
579 return $this->_user;
580 }

References $_user, and phpCAS\error().

+ Here is the call graph for this function:

◆ hasPGT() [1/2]

CASClient::hasPGT ( )
private

This method tells if a Proxy Granting Ticket was stored.

Returns
TRUE if a Proxy Granting Ticket has been stored.

Definition at line 1036 of file client.php.

1037 { return !empty($this->_pgt); }

◆ hasPGT() [2/2]

CASClient::hasPGT ( )
private

This method tells if a Proxy Granting Ticket was stored.

Returns
TRUE if a Proxy Granting Ticket has been stored.

Definition at line 1045 of file client4.php.

1046 { return !empty($this->_pgt); }

◆ hasPT() [1/2]

CASClient::hasPT ( )
private

This method tells if a Proxy Ticket was stored.

Returns
TRUE if a Proxy Ticket has been stored.

Definition at line 1713 of file client.php.

1714 { return !empty($this->_pt); }

◆ hasPT() [2/2]

CASClient::hasPT ( )
private

This method tells if a Proxy Ticket was stored.

Returns
TRUE if a Proxy Ticket has been stored.

Definition at line 1721 of file client4.php.

1722 { return !empty($this->_pt); }

◆ hasST() [1/2]

CASClient::hasST ( )
private

This method tells if a Service Ticket was stored.

Returns
TRUE if a Service Ticket has been stored.

Definition at line 826 of file client.php.

827 { return !empty($this->_st); }

◆ hasST() [2/2]

CASClient::hasST ( )
private

This method tells if a Service Ticket was stored.

Returns
TRUE if a Service Ticket has been stored.

Definition at line 835 of file client4.php.

836 { return !empty($this->_st); }

◆ HTMLFilterOutput() [1/2]

CASClient::HTMLFilterOutput (   $str)
private

This method filters a string by replacing special tokens by appropriate values and prints it.

The corresponding tokens are taken into account:

  • CAS_VERSION
  • PHPCAS_VERSION
  • SERVER_BASE_URL

Used by CASClient::PrintHTMLHeader() and CASClient::printHTMLFooter().

Parameters
$strthe string to filter and output

Definition at line 52 of file client.php.

53 {
54 $str = str_replace('__CAS_VERSION__',$this->getServerVersion(),$str);
55 $str = str_replace('__PHPCAS_VERSION__',phpCAS::getVersion(),$str);
56 $str = str_replace('__SERVER_BASE_URL__',$this->getServerBaseURL(),$str);
57 echo $str;
58 }
getVersion()
This method returns the phpCAS version.
Definition: CAS.php:669

References getServerBaseURL(), getServerVersion(), and phpCAS\getVersion().

+ Here is the call graph for this function:

◆ HTMLFilterOutput() [2/2]

CASClient::HTMLFilterOutput (   $str)
private

This method filters a string by replacing special tokens by appropriate values and prints it.

The corresponding tokens are taken into account:

  • CAS_VERSION
  • PHPCAS_VERSION
  • SERVER_BASE_URL

Used by CASClient::PrintHTMLHeader() and CASClient::printHTMLFooter().

Parameters
$strthe string to filter and output

Definition at line 65 of file client4.php.

66 {
67 $str = str_replace('__CAS_VERSION__',$this->getServerVersion(),$str);
68 $str = str_replace('__PHPCAS_VERSION__',phpCAS::getVersion(),$str);
69 $str = str_replace('__SERVER_BASE_URL__',$this->getServerBaseURL(),$str);
70 echo $str;
71 }

References getServerBaseURL(), getServerVersion(), and phpCAS\getVersion().

+ Here is the call graph for this function:

◆ initPGTStorage() [1/2]

CASClient::initPGTStorage ( )
private

This method is used to initialize the storage of PGT's.

Halts on error.

Definition at line 1200 of file client.php.

1201 {
1202 // if no SetPGTStorageXxx() has been used, default to file
1203 if ( !is_object($this->_pgt_storage) ) {
1204 $this->setPGTStorageFile();
1205 }
1206
1207 // initializes the storage
1208 $this->_pgt_storage->init();
1209 }
setPGTStorageFile($format='', $path='')
This method is used to tell phpCAS to store the response of the CAS server to PGT requests onto the f...
Definition: client.php:1942

◆ initPGTStorage() [2/2]

CASClient::initPGTStorage ( )
private

This method is used to initialize the storage of PGT's.

Halts on error.

Definition at line 1208 of file client4.php.

1209 {
1210 // if no SetPGTStorageXxx() has been used, default to file
1211 if ( !is_object($this->_pgt_storage) ) {
1212 $this->setPGTStorageFile();
1213 }
1214
1215 // initializes the storage
1216 $this->_pgt_storage->init();
1217 }

◆ isAuthenticated() [1/2]

CASClient::isAuthenticated ( )

This method is called to check if the user is authenticated (previously or by tickets given in the URL.

Returns
TRUE when the user is authenticated; otherwise halt.

Definition at line 632 of file client.php.

633 {
635 $res = FALSE;
636 $validate_url = '';
637
638 if ( $this->wasPreviouslyAuthenticated() ) {
639 // the user has already (previously during the session) been
640 // authenticated, nothing to be done.
641 phpCAS::trace('user was already authenticated, no need to look for tickets');
642 $res = TRUE;
643 } elseif ( $this->hasST() ) {
644 // if a Service Ticket was given, validate it
645 phpCAS::trace('ST `'.$this->getST().'\' is present');
646 $this->validateST($validate_url,$text_response,$tree_response); // if it fails, it halts
647 phpCAS::trace('ST `'.$this->getST().'\' was validated');
648 if ( $this->isProxy() ) {
649 $this->validatePGT($validate_url,$text_response,$tree_response); // idem
650 phpCAS::trace('PGT `'.$this->getPGT().'\' was validated');
651 $_SESSION['phpCAS']['pgt'] = $this->getPGT();
652 }
653 $_SESSION['phpCAS']['user'] = $this->getUser();
654 $res = TRUE;
655 } elseif ( $this->hasPT() ) {
656 // if a Proxy Ticket was given, validate it
657 phpCAS::trace('PT `'.$this->getPT().'\' is present');
658 $this->validatePT($validate_url,$text_response,$tree_response); // note: if it fails, it halts
659 phpCAS::trace('PT `'.$this->getPT().'\' was validated');
660 if ( $this->isProxy() ) {
661 $this->validatePGT($validate_url,$text_response,$tree_response); // idem
662 phpCAS::trace('PGT `'.$this->getPGT().'\' was validated');
663 $_SESSION['phpCAS']['pgt'] = $this->getPGT();
664 }
665 $_SESSION['phpCAS']['user'] = $this->getUser();
666 $res = TRUE;
667 } else {
668 // no ticket given, not authenticated
669 phpCAS::trace('no ticket found');
670 }
671
673 return $res;
674 }
getUser()
This method returns the CAS user's login name.
Definition: client.php:805
wasPreviouslyAuthenticated()
This method tells if the user has already been (previously) authenticated by looking into the session...
Definition: client.php:1072
hasST()
This method tells if a Service Ticket was stored.
Definition: client.php:1314
getST()
This method returns the Service Ticket provided in the URL of the request.
Definition: client.php:1298
validatePGT(&$validate_url, $text_response, $tree_response)
This method is used to validate a PGT; halt on failure.
Definition: client.php:2007
validatePT(&$validate_url, &$text_response, &$tree_response)
This method is used to validate a ST or PT; halt on failure Used for all CAS 2.0 validations.
Definition: client.php:2506
getPT()
This method returns the Proxy Ticket provided in the URL of the request.
Definition: client.php:2445
getPGT()
This method returns the Proxy Granting Ticket given by the CAS server.
Definition: client.php:1709

References $_SESSION, $res, getPGT(), getPT(), getST(), getUser(), hasST(), isProxy(), phpCAS\trace(), phpCAS\traceBegin(), phpCAS\traceEnd(), validatePGT(), validatePT(), and wasPreviouslyAuthenticated().

+ Here is the call graph for this function:

◆ isAuthenticated() [2/2]

CASClient::isAuthenticated ( )

This method is called to check if the user is authenticated (previously or by tickets given in the URL.

Returns
TRUE when the user is authenticated; otherwise halt.

Definition at line 641 of file client4.php.

642 {
644 $res = FALSE;
645 $validate_url = '';
646
647 if ( $this->wasPreviouslyAuthenticated() ) {
648 // the user has already (previously during the session) been
649 // authenticated, nothing to be done.
650 phpCAS::trace('user was already authenticated, no need to look for tickets');
651 $res = TRUE;
652 } elseif ( $this->hasST() ) {
653 // if a Service Ticket was given, validate it
654 phpCAS::trace('ST `'.$this->getST().'\' is present');
655 $this->validateST($validate_url,$text_response,$tree_response); // if it fails, it halts
656 phpCAS::trace('ST `'.$this->getST().'\' was validated');
657 if ( $this->isProxy() ) {
658 $this->validatePGT($validate_url,$text_response,$tree_response); // idem
659 phpCAS::trace('PGT `'.$this->getPGT().'\' was validated');
660 $_SESSION['phpCAS']['pgt'] = $this->getPGT();
661 }
662 $_SESSION['phpCAS']['user'] = $this->getUser();
663 $res = TRUE;
664 } elseif ( $this->hasPT() ) {
665 // if a Proxy Ticket was given, validate it
666 phpCAS::trace('PT `'.$this->getPT().'\' is present');
667 $this->validatePT($validate_url,$text_response,$tree_response); // note: if it fails, it halts
668 phpCAS::trace('PT `'.$this->getPT().'\' was validated');
669 if ( $this->isProxy() ) {
670 $this->validatePGT($validate_url,$text_response,$tree_response); // idem
671 phpCAS::trace('PGT `'.$this->getPGT().'\' was validated');
672 $_SESSION['phpCAS']['pgt'] = $this->getPGT();
673 }
674 $_SESSION['phpCAS']['user'] = $this->getUser();
675 $res = TRUE;
676 } else {
677 // no ticket given, not authenticated
678 phpCAS::trace('no ticket found');
679 }
680
682 return $res;
683 }

References $_SESSION, $res, getPGT(), getPT(), getST(), getUser(), hasST(), isProxy(), phpCAS\trace(), phpCAS\traceBegin(), phpCAS\traceEnd(), validatePGT(), validatePT(), and wasPreviouslyAuthenticated().

+ Here is the call graph for this function:

◆ isCallbackMode() [1/2]

CASClient::isCallbackMode ( )
private

This method returns TRUE when the CAs client is running i callback mode, FALSE otherwise.

Returns
A boolean.

Definition at line 1083 of file client.php.

1084 {
1085 return $this->_callback_mode;
1086 }
$_callback_mode
each PHP script using phpCAS in proxy mode is its own callback to get the PGT back from the CAS serve...
Definition: client.php:1750

◆ isCallbackMode() [2/2]

CASClient::isCallbackMode ( )
private

This method returns TRUE when the CAs client is running i callback mode, FALSE otherwise.

Returns
A boolean.

Definition at line 1092 of file client4.php.

1093 {
1094 return $this->_callback_mode;
1095 }

◆ isProxy() [1/2]

CASClient::isProxy ( )
private

Tells if a CAS client is a CAS proxy or not.

Returns
TRUE when the CAS client is a CAs proxy, FALSE otherwise

Definition at line 992 of file client.php.

993 {
994 return $this->_proxy;
995 }
$_proxy
A boolean telling if the client is a CAS proxy or not.
Definition: client.php:1672

◆ isProxy() [2/2]

CASClient::isProxy ( )
private

Tells if a CAS client is a CAS proxy or not.

Returns
TRUE when the CAS client is a CAs proxy, FALSE otherwise

Definition at line 1001 of file client4.php.

1002 {
1003 return $this->_proxy;
1004 }

◆ loadPGT() [1/2]

CASClient::loadPGT (   $pgt_iou)
private

This method reads a PGT from its Iou and deletes the corresponding storage entry.

Parameters
$pgt_iouthe PGT Iou
Returns
The PGT corresponding to the Iou, FALSE when not found.

Definition at line 1236 of file client.php.

1237 {
1238 // ensure that storage is initialized
1239 $this->initPGTStorage();
1240 // read the PGT
1241 return $this->_pgt_storage->read($pgt_iou);
1242 }
initPGTStorage()
This method is used to initialize the storage of PGT's.
Definition: client.php:1889

◆ loadPGT() [2/2]

CASClient::loadPGT (   $pgt_iou)
private

This method reads a PGT from its Iou and deletes the corresponding storage entry.

Parameters
$pgt_iouthe PGT Iou
Returns
The PGT corresponding to the Iou, FALSE when not found.

Definition at line 1244 of file client4.php.

1245 {
1246 // ensure that storage is initialized
1247 $this->initPGTStorage();
1248 // read the PGT
1249 return $this->_pgt_storage->read($pgt_iou);
1250 }

◆ logout() [1/2]

CASClient::logout (   $url = "")

This method is used to logout from CAS.

Parameters
$urla URL that will be transmitted to the CAS server (to come back to when logged out)

Definition at line 760 of file client.php.

761 {
763 $cas_url = $this->getServerLogoutURL();
764 // v0.4.14 sebastien.gougeon at univ-rennes1.fr
765 // header('Location: '.$cas_url);
766 if ( $url != "" ) {
767 $url = '?service=' . $url;
768 }
769 header('Location: '.$cas_url . $url);
770 session_unset();
771 session_destroy();
773 printf('<p>'.$this->getString(CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED).'</p>',$cas_url);
774 $this->printHTMLFooter();
776 exit();
777 }
getServerLogoutURL()
This method is used to retrieve the logout URL of the CAS server.
Definition: client.php:509
const CAS_STR_LOGOUT
Definition: languages.php:17
const CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED
Definition: languages.php:18
$url
Definition: shib_logout.php:72

References $url, CAS_STR_LOGOUT, CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED, exit, getServerLogoutURL(), getString(), printHTMLFooter(), printHTMLHeader(), phpCAS\traceBegin(), and phpCAS\traceExit().

+ Here is the call graph for this function:

◆ logout() [2/2]

CASClient::logout (   $url = "")

This method is used to logout from CAS.

Parameters
$urla URL that will be transmitted to the CAS server (to come back to when logged out)

Definition at line 769 of file client4.php.

770 {
772 $cas_url = $this->getServerLogoutURL();
773 // v0.4.14 sebastien.gougeon at univ-rennes1.fr
774 // header('Location: '.$cas_url);
775 if ( $url != "" ) {
776 $url = '?service=' . $url;
777 }
778 header('Location: '.$cas_url . $url);
779 session_unset();
780 session_destroy();
782 printf('<p>'.$this->getString(CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED).'</p>',$cas_url);
783 $this->printHTMLFooter();
785 exit();
786 }

References $url, CAS_STR_LOGOUT, CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED, exit, getServerLogoutURL(), getString(), printHTMLFooter(), printHTMLHeader(), phpCAS\traceBegin(), and phpCAS\traceExit().

+ Here is the call graph for this function:

◆ printHTMLFooter() [1/2]

CASClient::printHTMLFooter ( )
private

This method prints the footer of the HTML output (after filtering).

If CASClient::setHTMLFooter() was not used, a default footer is output.

See also
HTMLFilterOutput()

Definition at line 107 of file client.php.

108 {
109 $this->HTMLFilterOutput(empty($this->_output_footer)
110 ?('<hr><address>phpCAS __PHPCAS_VERSION__ '.$this->getString(CAS_STR_USING_SERVER).' <a href="__SERVER_BASE_URL__">__SERVER_BASE_URL__</a> (CAS __CAS_VERSION__)</a></address></body></html>')
111 :$this->_output_footer);
112 }
HTMLFilterOutput($str)
This method filters a string by replacing special tokens by appropriate values and prints it.
Definition: client.php:81
const CAS_STR_USING_SERVER
a phpCAS string index
Definition: languages.php:15

References CAS_STR_USING_SERVER, getString(), and HTMLFilterOutput().

+ Here is the call graph for this function:

◆ printHTMLFooter() [2/2]

CASClient::printHTMLFooter ( )
private

This method prints the footer of the HTML output (after filtering).

If CASClient::setHTMLFooter() was not used, a default footer is output.

See also
HTMLFilterOutput()

Definition at line 120 of file client4.php.

121 {
122 $this->HTMLFilterOutput(empty($this->_output_footer)
123 ?('<hr><address>phpCAS __PHPCAS_VERSION__ '.$this->getString(CAS_STR_USING_SERVER).' <a href="__SERVER_BASE_URL__">__SERVER_BASE_URL__</a> (CAS __CAS_VERSION__)</a></address></body></html>')
124 :$this->_output_footer);
125 }

References CAS_STR_USING_SERVER, getString(), and HTMLFilterOutput().

+ Here is the call graph for this function:

◆ printHTMLHeader() [1/2]

CASClient::printHTMLHeader (   $title)
private

This method prints the header of the HTML output (after filtering).

If CASClient::setHTMLHeader() was not used, a default header is output.

Parameters
$titlethe title of the page
See also
HTMLFilterOutput()

Definition at line 79 of file client.php.

80 {
81 $this->HTMLFilterOutput(str_replace('__TITLE__',
82 $title,
83 (empty($this->_output_header)
84 ? '<html><head><title>__TITLE__</title></head><body><h1>__TITLE__</h1>'
85 : $this->output_header)
86 )
87 );
88 }

References HTMLFilterOutput().

+ Here is the call graph for this function:

◆ printHTMLHeader() [2/2]

CASClient::printHTMLHeader (   $title)
private

This method prints the header of the HTML output (after filtering).

If CASClient::setHTMLHeader() was not used, a default header is output.

Parameters
$titlethe title of the page
See also
HTMLFilterOutput()

Definition at line 92 of file client4.php.

93 {
94 $this->HTMLFilterOutput(str_replace('__TITLE__',
95 $title,
96 (empty($this->_output_header)
97 ? '<html><head><title>__TITLE__</title></head><body><h1>__TITLE__</h1>'
98 : $this->output_header)
99 )
100 );
101 }

References HTMLFilterOutput().

+ Here is the call graph for this function:

◆ readURL() [1/2]

CASClient::readURL (   $url,
  $cookies,
$headers,
$body,
$err_msg 
)
private

This method is used to acces a remote URL.

Parameters
$urlthe URL to access.
$cookiesan array containing cookies strings such as 'name=val'
$headersan array containing the HTTP header lines of the response (an empty array on failure).
$bodythe body of the response, as a string (empty on failure).
$err_msgan error message, filled on failure.
Returns
TRUE on success, FALSE otherwise (in this later case, $err_msg contains an error message).

Definition at line 1470 of file client.php.

1471 {
1473 $headers = '';
1474 $body = '';
1475 $err_msg = '';
1476
1477 $res = TRUE;
1478
1479 // initialize the CURL session
1480 $ch = curl_init($url);
1481
1482 // verify the the server's certificate corresponds to its name
1483 curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 1);
1484 // but do not verify the certificate itself
1485 curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
1486
1487 // return the CURL output into a variable
1488 curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
1489 // include the HTTP header with the body
1490 curl_setopt($ch, CURLOPT_HEADER, 1);
1491 // add cookies headers
1492 if ( is_array($cookies) ) {
1493 curl_setopt($ch,CURLOPT_COOKIE,implode(';',$cookies));
1494 }
1495 // perform the query
1496 $buf = curl_exec ($ch);
1497 if ( $buf === FALSE ) {
1498 phpCAS::trace('cur_exec() failed');
1499 $err_msg = 'CURL error #'.curl_errno($ch).': '.curl_error($ch);
1500 // close the CURL session
1501 curl_close ($ch);
1502 $res = FALSE;
1503 } else {
1504 // close the CURL session
1505 curl_close ($ch);
1506
1507 // find the end of the headers
1508 // note: strpos($str,"\n\r\n\r") does not work (?)
1509 $pos = FALSE;
1510 for ($i=0; $i<strlen($buf); $i++) {
1511 if ( $buf[$i] == chr(13) )
1512 if ( $buf[$i+1] == chr(10) )
1513 if ( $buf[$i+2] == chr(13) )
1514 if ( $buf[$i+3] == chr(10) ) {
1515 // header found
1516 $pos = $i;
1517 break;
1518 }
1519 }
1520
1521 if ( $pos === FALSE ) {
1522 // end of header not found
1523 $err_msg = 'no header found';
1524 phpCAS::trace($err_msg);
1525 $res = FALSE;
1526 } else {
1527 // extract headers into an array
1528 $headers = preg_split ("/[\n\r]+/",substr($buf,0,$pos));
1529 // extract body into a string
1530 $body = substr($buf,$pos+4);
1531 }
1532 }
1533
1535 return $res;
1536 }

References $res, $url, phpCAS\trace(), phpCAS\traceBegin(), and phpCAS\traceEnd().

+ Here is the call graph for this function:

◆ readURL() [2/2]

CASClient::readURL (   $url,
  $cookies,
$headers,
$body,
$err_msg 
)
private

This method is used to acces a remote URL.

Parameters
$urlthe URL to access.
$cookiesan array containing cookies strings such as 'name=val'
$headersan array containing the HTTP header lines of the response (an empty array on failure).
$bodythe body of the response, as a string (empty on failure).
$err_msgan error message, filled on failure.
Returns
TRUE on success, FALSE otherwise (in this later case, $err_msg contains an error message).

Definition at line 1478 of file client4.php.

1479 {
1481 $headers = '';
1482 $body = '';
1483 $err_msg = '';
1484
1485 $res = TRUE;
1486
1487 // initialize the CURL session
1488 $ch = curl_init($url);
1489
1490 // verify the the server's certificate corresponds to its name
1491 curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 1);
1492 // but do not verify the certificate itself
1493 curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
1494
1495 // return the CURL output into a variable
1496 curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
1497 // include the HTTP header with the body
1498 curl_setopt($ch, CURLOPT_HEADER, 1);
1499 // add cookies headers
1500 if ( is_array($cookies) ) {
1501 curl_setopt($ch,CURLOPT_COOKIE,implode(';',$cookies));
1502 }
1503 // perform the query
1504 $buf = curl_exec ($ch);
1505 if ( $buf === FALSE ) {
1506 phpCAS::trace('cur_exec() failed');
1507 $err_msg = 'CURL error #'.curl_errno($ch).': '.curl_error($ch);
1508 // close the CURL session
1509 curl_close ($ch);
1510 $res = FALSE;
1511 } else {
1512 // close the CURL session
1513 curl_close ($ch);
1514
1515 // find the end of the headers
1516 // note: strpos($str,"\n\r\n\r") does not work (?)
1517 $pos = FALSE;
1518 for ($i=0; $i<strlen($buf); $i++) {
1519 if ( $buf[$i] == chr(13) )
1520 if ( $buf[$i+1] == chr(10) )
1521 if ( $buf[$i+2] == chr(13) )
1522 if ( $buf[$i+3] == chr(10) ) {
1523 // header found
1524 $pos = $i;
1525 break;
1526 }
1527 }
1528
1529 if ( $pos === FALSE ) {
1530 // end of header not found
1531 $err_msg = 'no header found';
1532 phpCAS::trace($err_msg);
1533 $res = FALSE;
1534 } else {
1535 // extract headers into an array
1536 $headers = preg_split ("/[\n\r]+/",substr($buf,0,$pos));
1537 // extract body into a string
1538 $body = substr($buf,$pos+4);
1539 }
1540 }
1541
1543 return $res;
1544 }

References $res, $url, phpCAS\trace(), phpCAS\traceBegin(), and phpCAS\traceEnd().

+ Here is the call graph for this function:

◆ redirectToCas()

CASClient::redirectToCas (   $gateway)

This method is used to redirect the client to the CAS server.

It is used by CASClient::forceAuthentication() and CASClient::checkAuthentication().

Parameters
$gatewaytrue to check authentication, false to force it

Definition at line 752 of file client4.php.

753 {
755 $cas_url = $this->getServerLoginURL($gateway);
756 header('Location: '.$cas_url);
758 printf('<p>'.$this->getString(CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED).'</p>',$cas_url);
759 $this->printHTMLFooter();
761 exit();
762 }
getServerLoginURL($gateway=false, $renew=false)
This method is used to retrieve the login URL of the CAS server.
Definition: client.php:353
const CAS_STR_AUTHENTICATION_WANTED
Definition: languages.php:16

References CAS_STR_AUTHENTICATION_WANTED, CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED, exit, getServerLoginURL(), getString(), printHTMLFooter(), printHTMLHeader(), phpCAS\traceBegin(), and phpCAS\traceExit().

+ Here is the call graph for this function:

◆ renameSession()

CASClient::renameSession (   $ticket)

Renaming the session.

Definition at line 733 of file client.php.

734 {
736 if($this->_start_session){
737 if (!empty ($this->_user))
738 {
739 $old_session = $_SESSION;
740 session_destroy();
741
742 // Fix for http://bugs.php.net/bug.php?id=32330
743 if(version_compare(PHP_VERSION, '5.3.0', '<'))
744 {
745 include_once './Services/Init/classes/class.ilInitialisation.php';
747 }
748
749 // set up a new session, of name based on the ticket
750 $session_id = preg_replace('/[^\w]/', '', $ticket);
751 phpCAS :: trace("Session ID: ".$session_id);
752 session_id($session_id);
753 session_start();
754 phpCAS :: trace("Restoring old session vars");
755 $_SESSION = $old_session;
756 } else
757 {
758 phpCAS :: error('Session should only be renamed after successfull authentication');
759 }
760 }else{
761 phpCAS :: trace("Skipping session rename since phpCAS is not handling the session.");
762 }
764 }
static setSessionHandler()
set session handler to db

References $_SESSION, phpCAS\error(), ilInitialisation\setSessionHandler(), phpCAS\trace(), phpCAS\traceBegin(), and phpCAS\traceEnd().

+ Here is the call graph for this function:

◆ retrievePT() [1/2]

CASClient::retrievePT (   $target_service,
$err_code,
$err_msg 
)
private

This method is used to retrieve PT's from the CAS server thanks to a PGT.

Parameters
$target_servicethe service to ask for with the PT.
$err_codean error code (PHPCAS_SERVICE_OK on success).
$err_msgan error message (empty on success).
Returns
a Proxy Ticket, or FALSE on error.

Definition at line 1362 of file client.php.

1363 {
1365
1366 // by default, $err_msg is set empty and $pt to TRUE. On error, $pt is
1367 // set to false and $err_msg to an error message. At the end, if $pt is FALSE
1368 // and $error_msg is still empty, it is set to 'invalid response' (the most
1369 // commonly encountered error).
1370 $err_msg = '';
1371
1372 // build the URL to retrieve the PT
1373 $cas_url = $this->getServerProxyURL().'?targetService='.preg_replace('/&/','%26',$target_service).'&pgt='.$this->getPGT();
1374
1375 // open and read the URL
1376 if ( !$this->readURL($cas_url,''/*cookies*/,$headers,$cas_response,$err_msg) ) {
1377 phpCAS::trace('could not open URL \''.$cas_url.'\' to validate ('.$err_msg.')');
1378 $err_code = PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE;
1379 $err_msg = 'could not retrieve PT (no response from the CAS server)';
1380 phpCAS::traceEnd(FALSE);
1381 return FALSE;
1382 }
1383
1384 $bad_response = FALSE;
1385
1386 if ( !$bad_response ) {
1387 // read the response of the CAS server into a DOM object
1388 if ( !($dom = @domxml_open_mem($cas_response))) {
1389 phpCAS::trace('domxml_open_mem() failed');
1390 // read failed
1391 $bad_response = TRUE;
1392 }
1393 }
1394
1395 if ( !$bad_response ) {
1396 // read the root node of the XML tree
1397 if ( !($root = $dom->document_element()) ) {
1398 phpCAS::trace('document_element() failed');
1399 // read failed
1400 $bad_response = TRUE;
1401 }
1402 }
1403
1404 if ( !$bad_response ) {
1405 // insure that tag name is 'serviceResponse'
1406 if ( $root->node_name(true) != 'serviceResponse' ) {
1407 phpCAS::trace('node_name() failed');
1408 // bad root node
1409 $bad_response = TRUE;
1410 }
1411 }
1412
1413 if ( !$bad_response ) {
1414 // look for a proxySuccess tag
1415 if ( sizeof($arr = $root->get_elements_by_tagname("proxySuccess")) != 0) {
1416 // authentication succeded, look for a proxyTicket tag
1417 if ( sizeof($arr = $root->get_elements_by_tagname("proxyTicket")) != 0) {
1418 $err_code = PHPCAS_SERVICE_OK;
1419 $err_msg = '';
1420 $pt = trim($arr[0]->get_content());
1421 phpCAS::traceEnd($pt);
1422 return $pt;
1423 } else {
1424 phpCAS::trace('<proxySuccess> was found, but not <proxyTicket>');
1425 }
1426 }
1427 // look for a proxyFailure tag
1428 else if ( sizeof($arr = $root->get_elements_by_tagname("proxyFailure")) != 0) {
1429 // authentication failed, extract the error
1430 $err_code = PHPCAS_SERVICE_PT_FAILURE;
1431 $err_msg = 'PT retrieving failed (code=`'
1432 .$arr[0]->get_attribute('code')
1433 .'\', message=`'
1434 .trim($arr[0]->get_content())
1435 .'\')';
1436 phpCAS::traceEnd(FALSE);
1437 return FALSE;
1438 } else {
1439 phpCAS::trace('neither <proxySuccess> nor <proxyFailure> found');
1440 }
1441 }
1442
1443 // at this step, we are sure that the response of the CAS server was ill-formed
1444 $err_code = PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE;
1445 $err_msg = 'Invalid response from the CAS server (response=`'.$cas_response.'\')';
1446
1447 phpCAS::traceEnd(FALSE);
1448 return FALSE;
1449 }
getServerProxyURL()
This method is used to retrieve the proxy URL of the CAS server.
Definition: client.php:488
readURL($url, $cookies, &$headers, &$body, &$err_msg)
This method is used to acces a remote URL.
Definition: client.php:2163
domxml_open_mem($str, $mode=DOMXML_LOAD_PARSING, &$error=NULL)

References domxml_open_mem(), phpCAS\trace(), phpCAS\traceBegin(), and phpCAS\traceEnd().

+ Here is the call graph for this function:

◆ retrievePT() [2/2]

CASClient::retrievePT (   $target_service,
$err_code,
$err_msg 
)
private

This method is used to retrieve PT's from the CAS server thanks to a PGT.

Parameters
$target_servicethe service to ask for with the PT.
$err_codean error code (PHPCAS_SERVICE_OK on success).
$err_msgan error message (empty on success).
Returns
a Proxy Ticket, or FALSE on error.

Definition at line 1370 of file client4.php.

1371 {
1373
1374 // by default, $err_msg is set empty and $pt to TRUE. On error, $pt is
1375 // set to false and $err_msg to an error message. At the end, if $pt is FALSE
1376 // and $error_msg is still empty, it is set to 'invalid response' (the most
1377 // commonly encountered error).
1378 $err_msg = '';
1379
1380 // build the URL to retrieve the PT
1381 $cas_url = $this->getServerProxyURL().'?targetService='.preg_replace('/&/','%26',$target_service).'&pgt='.$this->getPGT();
1382
1383 // open and read the URL
1384 if ( !$this->readURL($cas_url,''/*cookies*/,$headers,$cas_response,$err_msg) ) {
1385 phpCAS::trace('could not open URL \''.$cas_url.'\' to validate ('.$err_msg.')');
1386 $err_code = PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE;
1387 $err_msg = 'could not retrieve PT (no response from the CAS server)';
1388 phpCAS::traceEnd(FALSE);
1389 return FALSE;
1390 }
1391
1392 $bad_response = FALSE;
1393
1394 if ( !$bad_response ) {
1395 // read the response of the CAS server into a DOM object
1396 if ( !($dom = @domxml_open_mem($cas_response))) {
1397 phpCAS::trace('domxml_open_mem() failed');
1398 // read failed
1399 $bad_response = TRUE;
1400 }
1401 }
1402
1403 if ( !$bad_response ) {
1404 // read the root node of the XML tree
1405 if ( !($root = $dom->document_element()) ) {
1406 phpCAS::trace('document_element() failed');
1407 // read failed
1408 $bad_response = TRUE;
1409 }
1410 }
1411
1412 if ( !$bad_response ) {
1413 // insure that tag name is 'serviceResponse'
1414 if ( hnodename($root->node_name()) != 'serviceResponse' ) {
1415 phpCAS::trace('node_name() failed');
1416 // bad root node
1417 $bad_response = TRUE;
1418 }
1419 }
1420
1421 if ( !$bad_response ) {
1422 // look for a proxySuccess tag
1423 if ( sizeof($arr = $root->get_elements_by_tagname("proxySuccess")) != 0) {
1424 // authentication succeded, look for a proxyTicket tag
1425 if ( sizeof($arr = $root->get_elements_by_tagname("proxyTicket")) != 0) {
1426 $err_code = PHPCAS_SERVICE_OK;
1427 $err_msg = '';
1428 $pt = trim($arr[0]->get_content());
1429 phpCAS::traceEnd($pt);
1430 return $pt;
1431 } else {
1432 phpCAS::trace('<proxySuccess> was found, but not <proxyTicket>');
1433 }
1434 }
1435 // look for a proxyFailure tag
1436 else if ( sizeof($arr = $root->get_elements_by_tagname("proxyFailure")) != 0) {
1437 // authentication failed, extract the error
1438 $err_code = PHPCAS_SERVICE_PT_FAILURE;
1439 $err_msg = 'PT retrieving failed (code=`'
1440 .$arr[0]->get_attribute('code')
1441 .'\', message=`'
1442 .trim($arr[0]->get_content())
1443 .'\')';
1444 phpCAS::traceEnd(FALSE);
1445 return FALSE;
1446 } else {
1447 phpCAS::trace('neither <proxySuccess> nor <proxyFailure> found');
1448 }
1449 }
1450
1451 // at this step, we are sure that the response of the CAS server was ill-formed
1452 $err_code = PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE;
1453 $err_msg = 'Invalid response from the CAS server (response=`'.$cas_response.'\')';
1454
1455 phpCAS::traceEnd(FALSE);
1456 return FALSE;
1457 }

References domxml_open_mem(), phpCAS\trace(), phpCAS\traceBegin(), and phpCAS\traceEnd().

+ Here is the call graph for this function:

◆ serviceMail()

CASClient::serviceMail (   $url,
  $flags,
$err_code,
$err_msg,
$pt 
)

This method is used to access an IMAP/POP3/NNTP service.

Parameters
$urla string giving the URL of the service, including the mailing box for IMAP URLs, as accepted by imap_open().
$flagsoptions given to imap_open().
$err_codean error code Possible values are PHPCAS_SERVICE_OK (on success), PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE, PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE, PHPCAS_SERVICE_PT_FAILURE, PHPCAS_SERVICE_NOT AVAILABLE.
$err_msgan error message on failure
$ptthe Proxy Ticket (PT) retrieved from the CAS server to access the URL on success, FALSE on error).
Returns
an IMAP stream on success, FALSE otherwise (in this later case, $err_code gives the reason why it failed and $err_msg contains an error message).

Definition at line 1641 of file client4.php.

1642 {
1644 // at first retrieve a PT
1645 $pt = $this->retrievePT($target_service,$err_code,$output);
1646
1647 $stream = FALSE;
1648
1649 // test if PT was retrieved correctly
1650 if ( !$pt ) {
1651 // note: $err_code and $err_msg are filled by CASClient::retrievePT()
1652 phpCAS::trace('PT was not retrieved correctly');
1653 } else {
1654 phpCAS::trace('opening IMAP URL `'.$url.'\'...');
1655 $stream = @imap_open($url,$this->getUser(),$pt,$flags);
1656 if ( !$stream ) {
1657 phpCAS::trace('could not open URL');
1658 $err_code = PHPCAS_SERVICE_NOT_AVAILABLE;
1659 // give an error message
1660 $err_msg = sprintf($this->getString(CAS_STR_SERVICE_UNAVAILABLE),
1661 $service_url,
1662 var_export(imap_errors(),TRUE));
1663 $pt = FALSE;
1664 $stream = FALSE;
1665 } else {
1666 phpCAS::trace('ok');
1667 }
1668 }
1669
1670 phpCAS::traceEnd($stream);
1671 return $stream;
1672 }
retrievePT($target_service, &$err_code, &$err_msg)
This method is used to retrieve PT's from the CAS server thanks to a PGT.
Definition: client.php:2053

◆ serviceWeb() [1/2]

CASClient::serviceWeb (   $url,
$err_code,
$output 
)

This method is used to access an HTTP[S] service.

Parameters
$urlthe service to access.
$err_codean error code Possible values are PHPCAS_SERVICE_OK (on success), PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE, PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE, PHPCAS_SERVICE_PT_FAILURE, PHPCAS_SERVICE_NOT AVAILABLE.
$outputthe output of the service (also used to give an error message on failure).
Returns
TRUE on success, FALSE otherwise (in this later case, $err_code gives the reason why it failed and $output contains an error message).

Definition at line 1553 of file client.php.

1554 {
1556 // at first retrieve a PT
1557 $pt = $this->retrievePT($url,$err_code,$output);
1558
1559 $res = TRUE;
1560
1561 // test if PT was retrieved correctly
1562 if ( !$pt ) {
1563 // note: $err_code and $err_msg are filled by CASClient::retrievePT()
1564 phpCAS::trace('PT was not retrieved correctly');
1565 $res = FALSE;
1566 } else {
1567 // add cookies if necessary
1568 if ( is_array($_SESSION['phpCAS']['services'][$url]['cookies']) ) {
1569 foreach ( $_SESSION['phpCAS']['services'][$url]['cookies'] as $name => $val ) {
1570 $cookies[] = $name.'='.$val;
1571 }
1572 }
1573
1574 // build the URL including the PT
1575 if ( strstr($url,'?') === FALSE ) {
1576 $service_url = $url.'?ticket='.$pt;
1577 } else {
1578 $service_url = $url.'&ticket='.$pt;
1579 }
1580
1581 phpCAS::trace('reading URL`'.$service_url.'\'');
1582 if ( !$this->readURL($service_url,$cookies,$headers,$output,$err_msg) ) {
1583 phpCAS::trace('could not read URL`'.$service_url.'\'');
1584 $err_code = PHPCAS_SERVICE_NOT_AVAILABLE;
1585 // give an error message
1586 $output = sprintf($this->getString(CAS_STR_SERVICE_UNAVAILABLE),
1587 $service_url,
1588 $err_msg);
1589 $res = FALSE;
1590 } else {
1591 // URL has been fetched, extract the cookies
1592 phpCAS::trace('URL`'.$service_url.'\' has been read, storing cookies:');
1593 foreach ( $headers as $header ) {
1594 // test if the header is a cookie
1595 if ( preg_match('/^Set-Cookie:/',$header) ) {
1596 // the header is a cookie, remove the beginning
1597 $header_val = preg_replace('/^Set-Cookie: */','',$header);
1598 // extract interesting information
1599 $name_val = strtok($header_val,'; ');
1600 // extract the name and the value of the cookie
1601 $cookie_name = strtok($name_val,'=');
1602 $cookie_val = strtok('=');
1603 // store the cookie
1604 $_SESSION['phpCAS']['services'][$url]['cookies'][$cookie_name] = $cookie_val;
1605 phpCAS::trace($cookie_name.' -> '.$cookie_val);
1606 }
1607 }
1608 }
1609 }
1610
1611 phpCAS::traceEnd($res);
1612 return $res;
1613 }
const CAS_STR_SERVICE_UNAVAILABLE
Definition: languages.php:21

References $_SESSION, $res, $url, CAS_STR_SERVICE_UNAVAILABLE, phpCAS\trace(), and phpCAS\traceBegin().

+ Here is the call graph for this function:

◆ serviceWeb() [2/2]

CASClient::serviceWeb (   $url,
$err_code,
$output 
)

This method is used to access an HTTP[S] service.

Parameters
$urlthe service to access.
$err_codean error code Possible values are PHPCAS_SERVICE_OK (on success), PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE, PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE, PHPCAS_SERVICE_PT_FAILURE, PHPCAS_SERVICE_NOT AVAILABLE.
$outputthe output of the service (also used to give an error message on failure).
Returns
TRUE on success, FALSE otherwise (in this later case, $err_code gives the reason why it failed and $output contains an error message).

Definition at line 1561 of file client4.php.

1562 {
1564 // at first retrieve a PT
1565 $pt = $this->retrievePT($url,$err_code,$output);
1566
1567 $res = TRUE;
1568
1569 // test if PT was retrieved correctly
1570 if ( !$pt ) {
1571 // note: $err_code and $err_msg are filled by CASClient::retrievePT()
1572 phpCAS::trace('PT was not retrieved correctly');
1573 $res = FALSE;
1574 } else {
1575 // add cookies if necessary
1576 if ( is_array($_SESSION['phpCAS']['services'][$url]['cookies']) ) {
1577 foreach ( $_SESSION['phpCAS']['services'][$url]['cookies'] as $name => $val ) {
1578 $cookies[] = $name.'='.$val;
1579 }
1580 }
1581
1582 // build the URL including the PT
1583 if ( strstr($url,'?') === FALSE ) {
1584 $service_url = $url.'?ticket='.$pt;
1585 } else {
1586 $service_url = $url.'&ticket='.$pt;
1587 }
1588
1589 phpCAS::trace('reading URL`'.$service_url.'\'');
1590 if ( !$this->readURL($service_url,$cookies,$headers,$output,$err_msg) ) {
1591 phpCAS::trace('could not read URL`'.$service_url.'\'');
1592 $err_code = PHPCAS_SERVICE_NOT_AVAILABLE;
1593 // give an error message
1594 $output = sprintf($this->getString(CAS_STR_SERVICE_UNAVAILABLE),
1595 $service_url,
1596 $err_msg);
1597 $res = FALSE;
1598 } else {
1599 // URL has been fetched, extract the cookies
1600 phpCAS::trace('URL`'.$service_url.'\' has been read, storing cookies:');
1601 foreach ( $headers as $header ) {
1602 // test if the header is a cookie
1603 if ( preg_match('/^Set-Cookie:/',$header) ) {
1604 // the header is a cookie, remove the beginning
1605 $header_val = preg_replace('/^Set-Cookie: */','',$header);
1606 // extract interesting information
1607 $name_val = strtok($header_val,'; ');
1608 // extract the name and the value of the cookie
1609 $cookie_name = strtok($name_val,'=');
1610 $cookie_val = strtok('=');
1611 // store the cookie
1612 $_SESSION['phpCAS']['services'][$url]['cookies'][$cookie_name] = $cookie_val;
1613 phpCAS::trace($cookie_name.' -> '.$cookie_val);
1614 }
1615 }
1616 }
1617 }
1618
1619 phpCAS::traceEnd($res);
1620 return $res;
1621 }

References $_SESSION, $res, $url, CAS_STR_SERVICE_UNAVAILABLE, phpCAS\trace(), and phpCAS\traceBegin().

+ Here is the call graph for this function:

◆ setCallbackMode() [1/2]

CASClient::setCallbackMode (   $callback_mode)
private

This method sets/unsets callback mode.

Parameters
$callback_modeTRUE to set callback mode, FALSE otherwise.

Definition at line 1070 of file client.php.

1071 {
1072 $this->_callback_mode = $callback_mode;
1073 }

◆ setCallbackMode() [2/2]

CASClient::setCallbackMode (   $callback_mode)
private

This method sets/unsets callback mode.

Parameters
$callback_modeTRUE to set callback mode, FALSE otherwise.

Definition at line 1079 of file client4.php.

1080 {
1081 $this->_callback_mode = $callback_mode;
1082 }

◆ setCallbackURL() [1/2]

CASClient::setCallbackURL (   $url)
private

This method sets the callback url.

Parameters
$callback_urlurl to set callback

Definition at line 1150 of file client.php.

1151 {
1152 return $this->_callback_url = $url;
1153 }

References $url.

◆ setCallbackURL() [2/2]

CASClient::setCallbackURL (   $url)
private

This method sets the callback url.

Parameters
$callback_urlurl to set callback

Definition at line 1158 of file client4.php.

1159 {
1160 return $this->_callback_url = $url;
1161 }

References $url.

◆ setHTMLFooter() [1/2]

CASClient::setHTMLFooter (   $footer)

This method set the HTML footer used for all outputs.

Parameters
$footerthe HTML footer.

Definition at line 133 of file client.php.

134 {
135 $this->_output_footer = $footer;
136 }

◆ setHTMLFooter() [2/2]

CASClient::setHTMLFooter (   $footer)

This method set the HTML footer used for all outputs.

Parameters
$footerthe HTML footer.

Definition at line 146 of file client4.php.

147 {
148 $this->_output_footer = $footer;
149 }

◆ setHTMLHeader() [1/2]

CASClient::setHTMLHeader (   $header)

This method set the HTML header used for all outputs.

Parameters
$headerthe HTML header.

Definition at line 121 of file client.php.

122 {
123 $this->_output_header = $header;
124 }
$header

References $header.

◆ setHTMLHeader() [2/2]

CASClient::setHTMLHeader (   $header)

This method set the HTML header used for all outputs.

Parameters
$headerthe HTML header.

Definition at line 134 of file client4.php.

135 {
136 $this->_output_header = $header;
137 }

References $header.

◆ setLang() [1/2]

CASClient::setLang (   $lang)

This method is used to set the language used by phpCAS.

Note
Can be called only once.
Parameters
$langa string representing the language.
See also
CAS_LANG_FRENCH, CAS_LANG_ENGLISH

Definition at line 212 of file client.php.

213 {
214 // include the corresponding language file
215 include_once(dirname(__FILE__).'/languages/'.$lang.'.php');
216
217 if ( !is_array($this->_strings) ) {
218 trigger_error('language `'.$lang.'\' is not implemented',E_USER_ERROR);
219 }
220 $this->_lang = $lang;
221 }

References $lang, and _strings.

◆ setLang() [2/2]

CASClient::setLang (   $lang)

This method is used to set the language used by phpCAS.

Note
Can be called only once.
Parameters
$langa string representing the language.
See also
CAS_LANG_FRENCH, CAS_LANG_ENGLISH

Definition at line 225 of file client4.php.

226 {
227 // include the corresponding language file
228 include_once(dirname(__FILE__).'/languages/'.$lang.'.php');
229
230 if ( !is_array($this->_strings) ) {
231 trigger_error('language `'.$lang.'\' is not implemented',E_USER_ERROR);
232 }
233 $this->_lang = $lang;
234 }

References $lang, and _strings.

◆ setPGT() [1/2]

CASClient::setPGT (   $pgt)
private

This method stores the Proxy Granting Ticket.

Parameters
$pgtThe Proxy Granting Ticket.

Definition at line 1028 of file client.php.

1029 { $this->_pgt = $pgt; }

◆ setPGT() [2/2]

CASClient::setPGT (   $pgt)
private

This method stores the Proxy Granting Ticket.

Parameters
$pgtThe Proxy Granting Ticket.

Definition at line 1037 of file client4.php.

1038 { $this->_pgt = $pgt; }

◆ setPGTStorageDB() [1/2]

CASClient::setPGTStorageDB (   $user,
  $password,
  $database_type,
  $hostname,
  $port,
  $database,
  $table 
)

This method is used to tell phpCAS to store the response of the CAS server to PGT requests into a database.

Note
The connection to the database is done only when needed. As a consequence, bad parameters are detected only when initializing PGT storage.
Parameters
$userthe user to access the data with
$passwordthe user's password
$database_typethe type of the database hosting the data
$hostnamethe server hosting the database
$portthe port the server is listening on
$databasethe name of the database
$tablethe name of the table storing the data

Definition at line 1282 of file client.php.

1289 {
1290 // check that the storage has not already been set
1291 if ( is_object($this->_pgt_storage) ) {
1292 phpCAS::error('PGT storage already defined');
1293 }
1294
1295 // warn the user that he should use file storage...
1296 trigger_error('PGT storage into database is an experimental feature, use at your own risk',E_USER_WARNING);
1297
1298 // create the storage object
1299 $this->_pgt_storage = & new PGTStorageDB($this,$user,$password,$database_type,$hostname,$port,$database,$table);
1300 }
The PGTStorageDB class is a class for PGT database storage.
Definition: pgt-db.php:47

References phpCAS\error().

+ Here is the call graph for this function:

◆ setPGTStorageDB() [2/2]

CASClient::setPGTStorageDB (   $user,
  $password,
  $database_type,
  $hostname,
  $port,
  $database,
  $table 
)

This method is used to tell phpCAS to store the response of the CAS server to PGT requests into a database.

Note
The connection to the database is done only when needed. As a consequence, bad parameters are detected only when initializing PGT storage.
Parameters
$userthe user to access the data with
$passwordthe user's password
$database_typethe type of the database hosting the data
$hostnamethe server hosting the database
$portthe port the server is listening on
$databasethe name of the database
$tablethe name of the table storing the data

Definition at line 1290 of file client4.php.

1297 {
1298 // check that the storage has not already been set
1299 if ( is_object($this->_pgt_storage) ) {
1300 phpCAS::error('PGT storage already defined');
1301 }
1302
1303 // warn the user that he should use file storage...
1304 trigger_error('PGT storage into database is an experimental feature, use at your own risk',E_USER_WARNING);
1305
1306 // create the storage object
1307 $this->_pgt_storage = & new PGTStorageDB($this,$user,$password,$database_type,$hostname,$port,$database,$table);
1308 }

References phpCAS\error().

+ Here is the call graph for this function:

◆ setPGTStorageFile() [1/2]

CASClient::setPGTStorageFile (   $format = '',
  $path = '' 
)

This method is used to tell phpCAS to store the response of the CAS server to PGT requests onto the filesystem.

Parameters
$formatthe format used to store the PGT's (‘plain’ and ‘xml’ allowed)
$paththe path where the PGT's should be stored

Definition at line 1253 of file client.php.

1255 {
1256 // check that the storage has not already been set
1257 if ( is_object($this->_pgt_storage) ) {
1258 phpCAS::error('PGT storage already defined');
1259 }
1260
1261 // create the storage object
1262 $this->_pgt_storage = &new PGTStorageFile($this,$format,$path);
1263 }
The PGTStorageFile class is a class for PGT file storage.
Definition: pgt-file.php:46
$path
Definition: index.php:22

References $path, and phpCAS\error().

+ Here is the call graph for this function:

◆ setPGTStorageFile() [2/2]

CASClient::setPGTStorageFile (   $format = '',
  $path = '' 
)

This method is used to tell phpCAS to store the response of the CAS server to PGT requests onto the filesystem.

Parameters
$formatthe format used to store the PGT's (‘plain’ and ‘xml’ allowed)
$paththe path where the PGT's should be stored

Definition at line 1261 of file client4.php.

1263 {
1264 // check that the storage has not already been set
1265 if ( is_object($this->_pgt_storage) ) {
1266 phpCAS::error('PGT storage already defined');
1267 }
1268
1269 // create the storage object
1270 $this->_pgt_storage = &new PGTStorageFile($this,$format,$path);
1271 }

References $path, and phpCAS\error().

+ Here is the call graph for this function:

◆ setPT() [1/2]

CASClient::setPT (   $pt)
private

This method stores the Proxy Ticket.

Parameters
$ptThe Proxy Ticket.

Definition at line 1705 of file client.php.

1706 { $this->_pt = $pt; }

◆ setPT() [2/2]

CASClient::setPT (   $pt)
private

This method stores the Proxy Ticket.

Parameters
$ptThe Proxy Ticket.

Definition at line 1713 of file client4.php.

1714 { $this->_pt = $pt; }

◆ setST() [1/2]

CASClient::setST (   $st)
private

This method stores the Service Ticket.

Parameters
$stThe Service Ticket.

Definition at line 818 of file client.php.

819 { $this->_st = $st; }

◆ setST() [2/2]

CASClient::setST (   $st)
private

This method stores the Service Ticket.

Parameters
$stThe Service Ticket.

Definition at line 827 of file client4.php.

828 { $this->_st = $st; }

◆ setStartSession()

CASClient::setStartSession (   $session)

Definition at line 720 of file client.php.

721 {
722 $this->_start_session = session;
723 }

◆ setURL() [1/2]

CASClient::setURL (   $url)
private

This method sets the URL of the current request.

Parameters
$urlurl to set for service

Definition at line 1896 of file client.php.

1897 {
1898 $this->_url = $url;
1899 }

References $url.

◆ setURL() [2/2]

CASClient::setURL (   $url)
private

This method sets the URL of the current request.

Parameters
$urlurl to set for service

Definition at line 1904 of file client4.php.

1905 {
1906 $this->_url = $url;
1907 }

References $url.

◆ setUser() [1/2]

CASClient::setUser (   $user)
private

This method sets the CAS user's login name.

Parameters
$userthe login name of the authenticated user.

Definition at line 553 of file client.php.

554 {
555 $this->_user = $user;
556 }

◆ setUser() [2/2]

CASClient::setUser (   $user)
private

This method sets the CAS user's login name.

Parameters
$userthe login name of the authenticated user.

Definition at line 562 of file client4.php.

563 {
564 $this->_user = $user;
565 }

◆ storePGT() [1/2]

CASClient::storePGT (   $pgt,
  $pgt_iou 
)
private

This method stores a PGT.

Halts on error.

Parameters
$pgtthe PGT to store
$pgt_iouits corresponding Iou

Definition at line 1219 of file client.php.

1220 {
1221 // ensure that storage is initialized
1222 $this->initPGTStorage();
1223 // writes the PGT
1224 $this->_pgt_storage->write($pgt,$pgt_iou);
1225 }

◆ storePGT() [2/2]

CASClient::storePGT (   $pgt,
  $pgt_iou 
)
private

This method stores a PGT.

Halts on error.

Parameters
$pgtthe PGT to store
$pgt_iouits corresponding Iou

Definition at line 1227 of file client4.php.

1228 {
1229 // ensure that storage is initialized
1230 $this->initPGTStorage();
1231 // writes the PGT
1232 $this->_pgt_storage->write($pgt,$pgt_iou);
1233 }

◆ validatePGT() [1/2]

CASClient::validatePGT ( $validate_url,
  $text_response,
  $tree_response 
)
private

This method is used to validate a PGT; halt on failure.

Parameters
$validate_urlthe URL of the request to the CAS server.
$text_responsethe response of the CAS server, as is (XML text); result of CASClient::validateST() or CASClient::validatePT().
$tree_responsethe response of the CAS server, as a DOM XML tree; result of CASClient::validateST() or CASClient::validatePT().
Returns
bool TRUE when successfull, halt otherwise by calling CASClient::authError().

Definition at line 1318 of file client.php.

1319 {
1321 if ( sizeof($arr = $tree_response->get_elements_by_tagname("proxyGrantingTicket")) == 0) {
1322 phpCAS::trace('<proxyGrantingTicket> not found');
1323 // authentication succeded, but no PGT Iou was transmitted
1324 $this->authError('Ticket validated but no PGT Iou transmitted',
1325 $validate_url,
1326 FALSE/*$no_response*/,
1327 FALSE/*$bad_response*/,
1328 $text_response);
1329 } else {
1330 // PGT Iou transmitted, extract it
1331 $pgt_iou = trim($arr[0]->get_content());
1332 $pgt = $this->loadPGT($pgt_iou);
1333 if ( $pgt == FALSE ) {
1334 phpCAS::trace('could not load PGT');
1335 $this->authError('PGT Iou was transmitted but PGT could not be retrieved',
1336 $validate_url,
1337 FALSE/*$no_response*/,
1338 FALSE/*$bad_response*/,
1339 $text_response);
1340 }
1341 $this->setPGT($pgt);
1342 }
1343 phpCAS::traceEnd(TRUE);
1344 return TRUE;
1345 }
authError($failure, $cas_url, $no_response, $bad_response='', $cas_response='', $err_code='', $err_msg='')
This method is used to print the HTML output when the user was not authenticated.
Definition: client.php:2722
loadPGT($pgt_iou)
This method reads a PGT from its Iou and deletes the corresponding storage entry.
Definition: client.php:1925
setPGT($pgt)
This method stores the Proxy Granting Ticket.
Definition: client.php:1717

References phpCAS\trace(), phpCAS\traceBegin(), and phpCAS\traceEnd().

+ Here is the call graph for this function:

◆ validatePGT() [2/2]

CASClient::validatePGT ( $validate_url,
  $text_response,
  $tree_response 
)
private

This method is used to validate a PGT; halt on failure.

Parameters
$validate_urlthe URL of the request to the CAS server.
$text_responsethe response of the CAS server, as is (XML text); result of CASClient::validateST() or CASClient::validatePT().
$tree_responsethe response of the CAS server, as a DOM XML tree; result of CASClient::validateST() or CASClient::validatePT().
Returns
bool TRUE when successfull, halt otherwise by calling CASClient::authError().

Definition at line 1326 of file client4.php.

1327 {
1329 if ( sizeof($arr = $tree_response->get_elements_by_tagname("proxyGrantingTicket")) == 0) {
1330 phpCAS::trace('<proxyGrantingTicket> not found');
1331 // authentication succeded, but no PGT Iou was transmitted
1332 $this->authError('Ticket validated but no PGT Iou transmitted',
1333 $validate_url,
1334 FALSE/*$no_response*/,
1335 FALSE/*$bad_response*/,
1336 $text_response);
1337 } else {
1338 // PGT Iou transmitted, extract it
1339 $pgt_iou = trim($arr[0]->get_content());
1340 $pgt = $this->loadPGT($pgt_iou);
1341 if ( $pgt == FALSE ) {
1342 phpCAS::trace('could not load PGT');
1343 $this->authError('PGT Iou was transmitted but PGT could not be retrieved',
1344 $validate_url,
1345 FALSE/*$no_response*/,
1346 FALSE/*$bad_response*/,
1347 $text_response);
1348 }
1349 $this->setPGT($pgt);
1350 }
1351 phpCAS::traceEnd(TRUE);
1352 return TRUE;
1353 }

References phpCAS\trace(), phpCAS\traceBegin(), and phpCAS\traceEnd().

+ Here is the call graph for this function:

◆ validatePT() [1/2]

CASClient::validatePT ( $validate_url,
$text_response,
$tree_response 
)
private

This method is used to validate a PT; halt on failure.

Returns
bool TRUE when successfull, halt otherwise by calling CASClient::authError().

Definition at line 1732 of file client.php.

1733 {
1735 // build the URL to validate the ticket
1736 $validate_url = $this->getServerProxyValidateURL().'&ticket='.$this->getPT();
1737
1738 if ( $this->isProxy() ) {
1739 // pass the callback url for CAS proxies
1740 $validate_url .= '&pgtUrl='.$this->getCallbackURL();
1741 }
1742
1743 // open and read the URL
1744 if ( !$this->readURL($validate_url,''/*cookies*/,$headers,$text_response,$err_msg) ) {
1745 phpCAS::trace('could not open URL \''.$validate_url.'\' to validate ('.$err_msg.')');
1746 $this->authError('PT not validated',
1747 $validate_url,
1748 TRUE/*$no_response*/);
1749 }
1750
1751 // read the response of the CAS server into a DOM object
1752 if ( !($dom = domxml_open_mem($text_response))) {
1753 // read failed
1754 $this->authError('PT not validated',
1755 $alidate_url,
1756 FALSE/*$no_response*/,
1757 TRUE/*$bad_response*/,
1758 $text_response);
1759 }
1760 // read the root node of the XML tree
1761 if ( !($tree_response = $dom->document_element()) ) {
1762 // read failed
1763 $this->authError('PT not validated',
1764 $validate_url,
1765 FALSE/*$no_response*/,
1766 TRUE/*$bad_response*/,
1767 $text_response);
1768 }
1769 // insure that tag name is 'serviceResponse'
1770 if ( $tree_response->node_name(true) != 'serviceResponse' ) {
1771 // bad root node
1772 $this->authError('PT not validated',
1773 $validate_url,
1774 FALSE/*$no_response*/,
1775 TRUE/*$bad_response*/,
1776 $text_response);
1777 }
1778 if ( sizeof($arr = $tree_response->get_elements_by_tagname("authenticationSuccess")) != 0) {
1779 // authentication succeded, extract the user name
1780 if ( sizeof($arr = $tree_response->get_elements_by_tagname("user")) == 0) {
1781 // no user specified => error
1782 $this->authError('PT not validated',
1783 $validate_url,
1784 FALSE/*$no_response*/,
1785 TRUE/*$bad_response*/,
1786 $text_response);
1787 }
1788 $this->setUser(trim($arr[0]->get_content()));
1789
1790 } else if ( sizeof($arr = $tree_response->get_elements_by_tagname("authenticationFailure")) != 0) {
1791 // authentication succeded, extract the error code and message
1792 $this->authError('PT not validated',
1793 $validate_url,
1794 FALSE/*$no_response*/,
1795 FALSE/*$bad_response*/,
1796 $text_response,
1797 $arr[0]->get_attribute('code')/*$err_code*/,
1798 trim($arr[0]->get_content())/*$err_msg*/);
1799 } else {
1800 $this->authError('PT not validated',
1801 $validate_url,
1802 FALSE/*$no_response*/,
1803 TRUE/*$bad_response*/,
1804 $text_response);
1805 }
1806
1807 // at this step, PT has been validated and $this->_user has been set,
1808
1809 phpCAS::traceEnd(TRUE);
1810 return TRUE;
1811 }
getServerProxyValidateURL()
This method is used to retrieve the proxy validating URL of the CAS server.
Definition: client.php:466

References phpCAS\trace(), and phpCAS\traceBegin().

+ Here is the call graph for this function:

◆ validatePT() [2/2]

CASClient::validatePT ( $validate_url,
$text_response,
$tree_response 
)
private

This method is used to validate a PT; halt on failure.

Returns
bool TRUE when successfull, halt otherwise by calling CASClient::authError().

Definition at line 1740 of file client4.php.

1741 {
1743 // build the URL to validate the ticket
1744 $validate_url = $this->getServerProxyValidateURL().'&ticket='.$this->getPT();
1745
1746 if ( $this->isProxy() ) {
1747 // pass the callback url for CAS proxies
1748 $validate_url .= '&pgtUrl='.$this->getCallbackURL();
1749 }
1750
1751 // open and read the URL
1752 if ( !$this->readURL($validate_url,''/*cookies*/,$headers,$text_response,$err_msg) ) {
1753 phpCAS::trace('could not open URL \''.$validate_url.'\' to validate ('.$err_msg.')');
1754 $this->authError('PT not validated',
1755 $validate_url,
1756 TRUE/*$no_response*/);
1757 }
1758
1759 // read the response of the CAS server into a DOM object
1760 if ( !($dom = domxml_open_mem($text_response))) {
1761 // read failed
1762 $this->authError('PT not validated',
1763 $alidate_url,
1764 FALSE/*$no_response*/,
1765 TRUE/*$bad_response*/,
1766 $text_response);
1767 }
1768 // read the root node of the XML tree
1769 if ( !($tree_response = $dom->document_element()) ) {
1770 // read failed
1771 $this->authError('PT not validated',
1772 $validate_url,
1773 FALSE/*$no_response*/,
1774 TRUE/*$bad_response*/,
1775 $text_response);
1776 }
1777 // insure that tag name is 'serviceResponse'
1778 if ( hnodename($tree_response->node_name()) != 'serviceResponse' ) {
1779 // bad root node
1780 $this->authError('PT not validated',
1781 $validate_url,
1782 FALSE/*$no_response*/,
1783 TRUE/*$bad_response*/,
1784 $text_response);
1785 }
1786 if ( sizeof($arr = $tree_response->get_elements_by_tagname("authenticationSuccess")) != 0) {
1787 // authentication succeded, extract the user name
1788 if ( sizeof($arr = $tree_response->get_elements_by_tagname("user")) == 0) {
1789 // no user specified => error
1790 $this->authError('PT not validated',
1791 $validate_url,
1792 FALSE/*$no_response*/,
1793 TRUE/*$bad_response*/,
1794 $text_response);
1795 }
1796 $this->setUser(trim($arr[0]->get_content()));
1797
1798 } else if ( sizeof($arr = $tree_response->get_elements_by_tagname("authenticationFailure")) != 0) {
1799 // authentication succeded, extract the error code and message
1800 $this->authError('PT not validated',
1801 $validate_url,
1802 FALSE/*$no_response*/,
1803 FALSE/*$bad_response*/,
1804 $text_response,
1805 $arr[0]->get_attribute('code')/*$err_code*/,
1806 trim($arr[0]->get_content())/*$err_msg*/);
1807 } else {
1808 $this->authError('PT not validated',
1809 $validate_url,
1810 FALSE/*$no_response*/,
1811 TRUE/*$bad_response*/,
1812 $text_response);
1813 }
1814
1815 // at this step, PT has been validated and $this->_user has been set,
1816
1817 phpCAS::traceEnd(TRUE);
1818 return TRUE;
1819 }

References phpCAS\trace(), and phpCAS\traceBegin().

+ Here is the call graph for this function:

◆ validateST() [1/2]

CASClient::validateST (   $validate_url,
$text_response,
$tree_response 
)
private

This method is used to validate a ST; halt on failure, and sets $validate_url, $text_reponse and $tree_response on success.

These parameters are used later by CASClient::validatePGT() for CAS proxies.

Parameters
$validate_urlthe URL of the request to the CAS server.
$text_responsethe response of the CAS server, as is (XML text).
$tree_responsethe response of the CAS server, as a DOM XML tree.
Returns
bool TRUE when successfull, halt otherwise by calling CASClient::authError().

Definition at line 852 of file client.php.

853 {
855 // build the URL to validate the ticket
856 $validate_url = $this->getServerServiceValidateURL().'&ticket='.$this->getST();
857 if ( $this->isProxy() ) {
858 // pass the callback url for CAS proxies
859 $validate_url .= '&pgtUrl='.$this->getCallbackURL();
860 }
861
862 // open and read the URL
863 if ( !$this->readURL($validate_url,''/*cookies*/,$headers,$text_response,$err_msg) ) {
864 phpCAS::trace('could not open URL \''.$validate_url.'\' to validate ('.$err_msg.')');
865 $this->authError('ST not validated',
866 $validate_url,
867 TRUE/*$no_response*/);
868 }
869
870 // analyze the result depending on the version
871 switch ($this->getServerVersion()) {
872 case CAS_VERSION_1_0:
873 if (preg_match('/^no\n/',$text_response)) {
874 phpCAS::trace('ST has not been validated');
875 $this->authError('ST not validated',
876 $validate_url,
877 FALSE/*$no_response*/,
878 FALSE/*$bad_response*/,
879 $text_response);
880 }
881 if (!preg_match('/^yes\n/',$text_response)) {
882 phpCAS::trace('ill-formed response');
883 $this->authError('ST not validated',
884 $validate_url,
885 FALSE/*$no_response*/,
886 TRUE/*$bad_response*/,
887 $text_response);
888 }
889 // ST has been validated, extract the user name
890 $arr = preg_split('/\n/',$text_response);
891 $this->setUser(trim($arr[1]));
892 break;
893 case CAS_VERSION_2_0:
894 // read the response of the CAS server into a DOM object
895 if ( !($dom = domxml_open_mem($text_response))) {
896 phpCAS::trace('domxml_open_mem() failed');
897 $this->authError('ST not validated',
898 $validate_url,
899 FALSE/*$no_response*/,
900 TRUE/*$bad_response*/,
901 $text_response);
902 }
903 // read the root node of the XML tree
904 if ( !($tree_response = $dom->document_element()) ) {
905 phpCAS::trace('document_element() failed');
906 $this->authError('ST not validated',
907 $validate_url,
908 FALSE/*$no_response*/,
909 TRUE/*$bad_response*/,
910 $text_response);
911 }
912 // insure that tag name is 'serviceResponse'
913 if ( $tree_response->node_name(true) != 'serviceResponse' ) {
914 phpCAS::trace('bad XML root node (should be `serviceResponse\' instead of `'.$tree_response->node_name(true).'\'');
915 $this->authError('ST not validated',
916 $validate_url,
917 FALSE/*$no_response*/,
918 TRUE/*$bad_response*/,
919 $text_response);
920 }
921 if ( sizeof($success_elements = $tree_response->get_elements_by_tagname("authenticationSuccess")) != 0) {
922 // authentication succeded, extract the user name
923 if ( sizeof($user_elements = $success_elements[0]->get_elements_by_tagname("user")) == 0) {
924 phpCAS::trace('<authenticationSuccess> found, but no <user>');
925 $this->authError('ST not validated',
926 $validate_url,
927 FALSE/*$no_response*/,
928 TRUE/*$bad_response*/,
929 $text_response);
930 }
931 $user = trim($user_elements[0]->get_content());
932 phpCAS::trace('user = `'.$user);
933 $this->setUser($user);
934
935 } else if ( sizeof($failure_elements = $tree_response->get_elements_by_tagname("authenticationFailure")) != 0) {
936 phpCAS::trace('<authenticationFailure> found');
937 // authentication failed, extract the error code and message
938 $this->authError('ST not validated',
939 $validate_url,
940 FALSE/*$no_response*/,
941 FALSE/*$bad_response*/,
942 $text_response,
943 $failure_elements[0]->get_attribute('code')/*$err_code*/,
944 trim($failure_elements[0]->get_content())/*$err_msg*/);
945 } else {
946 phpCAS::trace('neither <authenticationSuccess> nor <authenticationFailure> found');
947 $this->authError('ST not validated',
948 $validate_url,
949 FALSE/*$no_response*/,
950 TRUE/*$bad_response*/,
951 $text_response);
952 }
953 break;
954 }
955
956 // at this step, ST has been validated and $this->_user has been set,
957 phpCAS::traceEnd(TRUE);
958 return TRUE;
959 }
setUser($user)
This method sets the CAS user's login name.
Definition: client.php:793
getServerServiceValidateURL()
This method is used to retrieve the service validating URL of the CAS server.
Definition: client.php:426

References domxml_open_mem(), getServerServiceValidateURL(), getST(), isProxy(), readURL(), setUser(), phpCAS\trace(), and phpCAS\traceBegin().

+ Here is the call graph for this function:

◆ validateST() [2/2]

CASClient::validateST (   $validate_url,
$text_response,
$tree_response 
)
private

This method is used to validate a ST; halt on failure, and sets $validate_url, $text_reponse and $tree_response on success.

These parameters are used later by CASClient::validatePGT() for CAS proxies.

Parameters
$validate_urlthe URL of the request to the CAS server.
$text_responsethe response of the CAS server, as is (XML text).
$tree_responsethe response of the CAS server, as a DOM XML tree.
Returns
bool TRUE when successfull, halt otherwise by calling CASClient::authError().

Definition at line 861 of file client4.php.

862 {
864 // build the URL to validate the ticket
865 $validate_url = $this->getServerServiceValidateURL().'&ticket='.$this->getST();
866 if ( $this->isProxy() ) {
867 // pass the callback url for CAS proxies
868 $validate_url .= '&pgtUrl='.$this->getCallbackURL();
869 }
870
871 // open and read the URL
872 if ( !$this->readURL($validate_url,''/*cookies*/,$headers,$text_response,$err_msg) ) {
873 phpCAS::trace('could not open URL \''.$validate_url.'\' to validate ('.$err_msg.')');
874 $this->authError('ST not validated (1)',
875 $validate_url,
876 TRUE/*$no_response*/);
877 }
878
879 // analyze the result depending on the version
880 switch ($this->getServerVersion()) {
881 case CAS_VERSION_1_0:
882 if (preg_match('/^no\n/',$text_response)) {
883 phpCAS::trace('ST has not been validated');
884 $this->authError('ST not validated (2)',
885 $validate_url,
886 FALSE/*$no_response*/,
887 FALSE/*$bad_response*/,
888 $text_response);
889 }
890 if (!preg_match('/^yes\n/',$text_response)) {
891 phpCAS::trace('ill-formed response');
892 $this->authError('ST not validated (3)',
893 $validate_url,
894 FALSE/*$no_response*/,
895 TRUE/*$bad_response*/,
896 $text_response);
897 }
898 // ST has been validated, extract the user name
899 $arr = preg_split('/\n/',$text_response);
900 $this->setUser(trim($arr[1]));
901 break;
902 case CAS_VERSION_2_0:
903 // read the response of the CAS server into a DOM object
904 if ( !($dom = domxml_open_mem($text_response))) {
905 phpCAS::trace('domxml_open_mem() failed');
906 $this->authError('ST not validated (4)',
907 $validate_url,
908 FALSE/*$no_response*/,
909 TRUE/*$bad_response*/,
910 $text_response);
911 }
912 // read the root node of the XML tree
913 if ( !($tree_response = $dom->document_element()) ) {
914 phpCAS::trace('document_element() failed');
915 $this->authError('ST not validated (5)',
916 $validate_url,
917 FALSE/*$no_response*/,
918 TRUE/*$bad_response*/,
919 $text_response);
920 }
921 // insure that tag name is 'serviceResponse'
922 if ( hnodename($tree_response->node_name()) != 'serviceResponse' ) {
923 phpCAS::trace('bad XML root node (should be `serviceResponse\' instead of `'.hnodename($tree_response->node_name()).'\'');
924 $this->authError('ST not validated (6)',
925 $validate_url,
926 FALSE/*$no_response*/,
927 TRUE/*$bad_response*/,
928 $text_response);
929 }
930 if ( sizeof($success_elements = $tree_response->get_elements_by_tagname("authenticationSuccess")) != 0) {
931 // authentication succeded, extract the user name
932 if ( sizeof($user_elements = $success_elements[0]->get_elements_by_tagname("user")) == 0) {
933 phpCAS::trace('<authenticationSuccess> found, but no <user>');
934 $this->authError('ST not validated (7)',
935 $validate_url,
936 FALSE/*$no_response*/,
937 TRUE/*$bad_response*/,
938 $text_response);
939 }
940 $user = trim($user_elements[0]->get_content());
941 phpCAS::trace('user = `'.$user);
942 $this->setUser($user);
943
944 } else if ( sizeof($failure_elements = $tree_response->get_elements_by_tagname("authenticationFailure")) != 0) {
945 phpCAS::trace('<authenticationFailure> found');
946 // authentication failed, extract the error code and message
947 $this->authError('ST not validated (8)',
948 $validate_url,
949 FALSE/*$no_response*/,
950 FALSE/*$bad_response*/,
951 $text_response,
952 $failure_elements[0]->get_attribute('code')/*$err_code*/,
953 trim($failure_elements[0]->get_content())/*$err_msg*/);
954 } else {
955 phpCAS::trace('neither <authenticationSuccess> nor <authenticationFailure> found');
956 $this->authError('ST not validated (9)',
957 $validate_url,
958 FALSE/*$no_response*/,
959 TRUE/*$bad_response*/,
960 $text_response);
961 }
962 break;
963 }
964
965 // at this step, ST has been validated and $this->_user has been set,
966 phpCAS::traceEnd(TRUE);
967 return TRUE;
968 }
hnodename($name)
Definition: client4.php:15

References domxml_open_mem(), getServerServiceValidateURL(), getST(), hnodename(), isProxy(), readURL(), setUser(), phpCAS\trace(), and phpCAS\traceBegin().

+ Here is the call graph for this function:

◆ wasPreviouslyAuthenticated() [1/2]

CASClient::wasPreviouslyAuthenticated ( )
private

This method tells if the user has already been (previously) authenticated by looking into the session variables.

Note
This function switches to callback mode when needed.
Returns
TRUE when the user has already been authenticated; FALSE otherwise.

Definition at line 686 of file client.php.

687 {
689
690 if ( $this->isCallbackMode() ) {
691 $this->callback();
692 }
693
694 $auth = FALSE;
695
696 if ( $this->isProxy() ) {
697 // CAS proxy: username and PGT must be present
698 if ( !empty($_SESSION['phpCAS']['user']) && !empty($_SESSION['phpCAS']['pgt']) ) {
699 // authentication already done
700 $this->setUser($_SESSION['phpCAS']['user']);
701 $this->setPGT($_SESSION['phpCAS']['pgt']);
702 phpCAS::trace('user = `'.$_SESSION['phpCAS']['user'].'\', PGT = `'.$_SESSION['phpCAS']['pgt'].'\'');
703 $auth = TRUE;
704 } elseif ( !empty($_SESSION['phpCAS']['user']) && empty($_SESSION['phpCAS']['pgt']) ) {
705 // these two variables should be empty or not empty at the same time
706 phpCAS::trace('username found (`'.$_SESSION['phpCAS']['user'].'\') but PGT is empty');
707 // unset all tickets to enforce authentication
708 unset($_SESSION['phpCAS']);
709 $this->setST('');
710 $this->setPT('');
711 } elseif ( empty($_SESSION['phpCAS']['user']) && !empty($_SESSION['phpCAS']['pgt']) ) {
712 // these two variables should be empty or not empty at the same time
713 phpCAS::trace('PGT found (`'.$_SESSION['phpCAS']['pgt'].'\') but username is empty');
714 // unset all tickets to enforce authentication
715 unset($_SESSION['phpCAS']);
716 $this->setST('');
717 $this->setPT('');
718 } else {
719 phpCAS::trace('neither user not PGT found');
720 }
721 } else {
722 // `simple' CAS client (not a proxy): username must be present
723 if ( !empty($_SESSION['phpCAS']['user']) ) {
724 // authentication already done
725 $this->setUser($_SESSION['phpCAS']['user']);
726 phpCAS::trace('user = `'.$_SESSION['phpCAS']['user'].'\'');
727 $auth = TRUE;
728 } else {
729 phpCAS::trace('no user found');
730 }
731 }
732
734 return $auth;
735 }
setST($st)
This method stores the Service Ticket.
Definition: client.php:1306
callback()
This method is called by CASClient::CASClient() when running in callback mode.
Definition: client.php:1849
setPT($pt)
This method stores the Proxy Ticket.
Definition: client.php:2456

References $_SESSION, $auth, callback(), isCallbackMode(), isProxy(), setPGT(), setPT(), setST(), setUser(), phpCAS\trace(), phpCAS\traceBegin(), and phpCAS\traceEnd().

+ Here is the call graph for this function:

◆ wasPreviouslyAuthenticated() [2/2]

CASClient::wasPreviouslyAuthenticated ( )
private

This method tells if the user has already been (previously) authenticated by looking into the session variables.

Note
This function switches to callback mode when needed.
Returns
TRUE when the user has already been authenticated; FALSE otherwise.

Definition at line 695 of file client4.php.

696 {
698
699 if ( $this->isCallbackMode() ) {
700 $this->callback();
701 }
702
703 $auth = FALSE;
704
705 if ( $this->isProxy() ) {
706 // CAS proxy: username and PGT must be present
707 if ( !empty($_SESSION['phpCAS']['user']) && !empty($_SESSION['phpCAS']['pgt']) ) {
708 // authentication already done
709 $this->setUser($_SESSION['phpCAS']['user']);
710 $this->setPGT($_SESSION['phpCAS']['pgt']);
711 phpCAS::trace('user = `'.$_SESSION['phpCAS']['user'].'\', PGT = `'.$_SESSION['phpCAS']['pgt'].'\'');
712 $auth = TRUE;
713 } elseif ( !empty($_SESSION['phpCAS']['user']) && empty($_SESSION['phpCAS']['pgt']) ) {
714 // these two variables should be empty or not empty at the same time
715 phpCAS::trace('username found (`'.$_SESSION['phpCAS']['user'].'\') but PGT is empty');
716 // unset all tickets to enforce authentication
717 unset($_SESSION['phpCAS']);
718 $this->setST('');
719 $this->setPT('');
720 } elseif ( empty($_SESSION['phpCAS']['user']) && !empty($_SESSION['phpCAS']['pgt']) ) {
721 // these two variables should be empty or not empty at the same time
722 phpCAS::trace('PGT found (`'.$_SESSION['phpCAS']['pgt'].'\') but username is empty');
723 // unset all tickets to enforce authentication
724 unset($_SESSION['phpCAS']);
725 $this->setST('');
726 $this->setPT('');
727 } else {
728 phpCAS::trace('neither user not PGT found');
729 }
730 } else {
731 // `simple' CAS client (not a proxy): username must be present
732 if ( !empty($_SESSION['phpCAS']['user']) ) {
733 // authentication already done
734 $this->setUser($_SESSION['phpCAS']['user']);
735 phpCAS::trace('user = `'.$_SESSION['phpCAS']['user'].'\'');
736 $auth = TRUE;
737 } else {
738 phpCAS::trace('no user found');
739 }
740 }
741
743 return $auth;
744 }

References $_SESSION, $auth, callback(), isCallbackMode(), isProxy(), setPGT(), setPT(), setST(), setUser(), phpCAS\trace(), phpCAS\traceBegin(), and phpCAS\traceEnd().

+ Here is the call graph for this function:

Field Documentation

◆ $_start_session

CASClient::$_start_session
private

A variable to whether phpcas will use its own session handling.

Default = true

Definition at line 718 of file client.php.


The documentation for this class was generated from the following files: