ILIAS  release_5-2 Revision v5.2.25-18-g3f80b828510
Modules | Namespaces | Functions | Variables
PGT storage
Implementation » CAS Proxy features (CAS 2.0, Proxy Granting Tickets)
+ Collaboration diagram for PGT storage:

Modules

 PGT storage in a database
 
 PGT storage on the filesystem
 

Namespaces

namespace  PhpCAS
 

Functions

 CAS_Client::_initPGTStorage ()
 This method is used to initialize the storage of PGT's. More...
 
 CAS_Client::_storePGT ($pgt, $pgt_iou)
 This method stores a PGT. More...
 
 CAS_Client::_loadPGT ($pgt_iou)
 This method reads a PGT from its Iou and deletes the corresponding storage entry. More...
 
 CAS_Client::setPGTStorage ($storage)
 This method can be used to set a custom PGT storage object. More...
 
 CAS_Client::setPGTStorageDb ( $dsn_or_pdo, $username='', $password='', $table='', $driver_options=null)
 This method is used to tell phpCAS to store the response of the CAS server to PGT requests in a database. More...
 
 CAS_Client::setPGTStorageFile ($path='')
 This method is used to tell phpCAS to store the response of the CAS server to PGT requests onto the filesystem. More...
 
 CAS_Client::_validatePGT (&$validate_url, $text_response, $tree_response)
 This method is used to validate a PGT; halt on failure. More...
 
 CAS_Client::retrievePT ($target_service, &$err_code, &$err_msg)
 This method is used to retrieve PT's from the CAS server thanks to a PGT. More...
 
 CAS_PGTStorage_AbstractStorage::__construct ($cas_parent)
 The constructor of the class, should be called only by inherited classes. More...
 
 CAS_PGTStorage_AbstractStorage::getStorageType ()
 This virtual method returns an informational string giving the type of storage used by the object (used for debugging purposes). More...
 
 CAS_PGTStorage_AbstractStorage::getStorageInfo ()
 This virtual method returns an informational string giving informations on the parameters of the storage. More...
 
 CAS_PGTStorage_AbstractStorage::setErrorMessage ($error_message)
 This method sets en error message, which can be read later by PGTStorage::getErrorMessage(). More...
 
 CAS_PGTStorage_AbstractStorage::getErrorMessage ()
 This method returns an error message set by PGTStorage::setErrorMessage(). More...
 
 CAS_PGTStorage_AbstractStorage::isInitialized ()
 This method tells if the storage has already been intialized. More...
 
 CAS_PGTStorage_AbstractStorage::init ()
 This virtual method initializes the object. More...
 
 CAS_PGTStorage_AbstractStorage::write ($pgt, $pgt_iou)
 This virtual method stores a PGT and its corresponding PGT Iuo. More...
 
 CAS_PGTStorage_AbstractStorage::read ($pgt_iou)
 This virtual method reads a PGT corresponding to a PGT Iou and deletes the corresponding storage entry. More...
 

Variables

 CAS_Client::$_pgt_storage
 an instance of a class inheriting of PGTStorage, used to deal with PGT storage. More...
 
 CAS_PGTStorage_AbstractStorage::$_error_message
 string used to store an error message. More...
 
 CAS_PGTStorage_AbstractStorage::$_initialized
 a boolean telling if the storage has already been initialized. More...
 

Detailed Description

Function Documentation

◆ __construct()

CAS_PGTStorage_AbstractStorage::__construct (   $cas_parent)
protected

The constructor of the class, should be called only by inherited classes.

Parameters
CAS_Client$cas_parentthe CAS _client instance that creates the current object.
Returns
void

Definition at line 67 of file AbstractStorage.php.

68 {
69 phpCAS::traceBegin();
70 if ( !$cas_parent->isProxy() ) {
71 phpCAS::error(
72 'defining PGT storage makes no sense when not using a CAS proxy'
73 );
74 }
75 phpCAS::traceEnd();
76 }
phpCAS\traceEnd
static traceEnd($res='')
This method is used to indicate the end of the execution of a function in debug mode.
Definition: CAS.php:638
phpCAS\traceBegin
static traceBegin()
This method is used to indicate the start of the execution of a function in debug mode.
Definition: CAS.php:591
phpCAS\error
static error($msg)
This method is used by interface methods to print an error and where the function was originally call...
Definition: CAS.php:543

References phpCAS\error(), phpCAS\traceBegin(), and phpCAS\traceEnd().

+ Here is the call graph for this function:

◆ _initPGTStorage()

CAS_Client::_initPGTStorage ( )
private

This method is used to initialize the storage of PGT's.

Halts on error.

Returns
void

Definition at line 2455 of file Client.php.

2456 {
2457 // if no SetPGTStorageXxx() has been used, default to file
2458 if ( !is_object($this->_pgt_storage) ) {
2459 $this->setPGTStorageFile();
2460 }
2461
2462 // initializes the storage
2463 $this->_pgt_storage->init();
2464 }
CAS_Client\setPGTStorageFile
setPGTStorageFile($path='')
This method is used to tell phpCAS to store the response of the CAS server to PGT requests onto the f...
Definition: Client.php:2573

References CAS_Client\setPGTStorageFile().

Referenced by CAS_Client\_loadPGT(), and CAS_Client\_storePGT().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ _loadPGT()

CAS_Client::_loadPGT (   $pgt_iou)
private

This method reads a PGT from its Iou and deletes the corresponding storage entry.

Parameters
string$pgt_iouthe PGT Iou
Returns
mul The PGT corresponding to the Iou, false when not found.

Definition at line 2490 of file Client.php.

2491 {
2492 // ensure that storage is initialized
2493 $this->_initPGTStorage();
2494 // read the PGT
2495 return $this->_pgt_storage->read($pgt_iou);
2496 }
CAS_Client\_initPGTStorage
_initPGTStorage()
This method is used to initialize the storage of PGT's.
Definition: Client.php:2455

References CAS_Client\_initPGTStorage().

Referenced by CAS_Client\_validatePGT().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ _storePGT()

CAS_Client::_storePGT (   $pgt,
  $pgt_iou 
)
private

This method stores a PGT.

Halts on error.

Parameters
string$pgtthe PGT to store
string$pgt_iouits corresponding Iou
Returns
void

Definition at line 2474 of file Client.php.

2475 {
2476 // ensure that storage is initialized
2477 $this->_initPGTStorage();
2478 // writes the PGT
2479 $this->_pgt_storage->write($pgt, $pgt_iou);
2480 }

References CAS_Client\_initPGTStorage().

+ Here is the call graph for this function:

◆ _validatePGT()

CAS_Client::_validatePGT ( $validate_url,
  $text_response,
  $tree_response 
)
private

This method is used to validate a PGT; halt on failure.

Parameters
string&$validate_urlthe URL of the request to the CAS server.
string$text_responsethe response of the CAS server, as is (XML text); result of CAS_Client::validateCAS10() or CAS_Client::validateCAS20().
string$tree_responsethe response of the CAS server, as a DOM XML tree; result of CAS_Client::validateCAS10() or CAS_Client::validateCAS20().
Returns
bool true when successfull and issue a CAS_AuthenticationException and false on an error

Definition at line 2604 of file Client.php.

2605 {
2606 phpCAS::traceBegin();
2607 if ( $tree_response->getElementsByTagName("proxyGrantingTicket")->length == 0) {
2608 phpCAS::trace('<proxyGrantingTicket> not found');
2609 // authentication succeded, but no PGT Iou was transmitted
2610 throw new CAS_AuthenticationException(
2611 $this, 'Ticket validated but no PGT Iou transmitted',
2612 $validate_url, false/*$no_response*/, false/*$bad_response*/,
2613 $text_response
2614 );
2615 } else {
2616 // PGT Iou transmitted, extract it
2617 $pgt_iou = trim(
2618 $tree_response->getElementsByTagName("proxyGrantingTicket")->item(0)->nodeValue
2619 );
2620 if (preg_match('/PGTIOU-[\.\-\w]/', $pgt_iou)) {
2621 $pgt = $this->_loadPGT($pgt_iou);
2622 if ( $pgt == false ) {
2623 phpCAS::trace('could not load PGT');
2624 throw new CAS_AuthenticationException(
2625 $this,
2626 'PGT Iou was transmitted but PGT could not be retrieved',
2627 $validate_url, false/*$no_response*/,
2628 false/*$bad_response*/, $text_response
2629 );
2630 }
2631 $this->_setPGT($pgt);
2632 } else {
2633 phpCAS::trace('PGTiou format error');
2634 throw new CAS_AuthenticationException(
2635 $this, 'PGT Iou was transmitted but has wrong format',
2636 $validate_url, false/*$no_response*/, false/*$bad_response*/,
2637 $text_response
2638 );
2639 }
2640 }
2641 phpCAS::traceEnd(true);
2642 return true;
2643 }
CAS_AuthenticationException
This interface defines methods that allow proxy-authenticated service handlers to interact with phpCA...
Definition: AuthenticationException.php:51
CAS_Client\_loadPGT
_loadPGT($pgt_iou)
This method reads a PGT from its Iou and deletes the corresponding storage entry.
Definition: Client.php:2490
CAS_Client\_setPGT
_setPGT($pgt)
This method stores the Proxy Granting Ticket.
Definition: Client.php:2283
phpCAS\trace
static trace($str)
This method is used to log something in debug mode.
Definition: CAS.php:579

References CAS_Client\_loadPGT(), CAS_Client\_setPGT(), phpCAS\trace(), phpCAS\traceBegin(), and phpCAS\traceEnd().

Referenced by CAS_Client\isAuthenticated().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ getErrorMessage()

CAS_PGTStorage_AbstractStorage::getErrorMessage ( )

This method returns an error message set by PGTStorage::setErrorMessage().

Returns
an error message when set by PGTStorage::setErrorMessage(), FALSE otherwise.
Deprecated:
not used.

Definition at line 144 of file AbstractStorage.php.

145 {
146 return $this->_error_message;
147 }
CAS_PGTStorage_AbstractStorage\$_error_message
$_error_message
string used to store an error message.
Definition: AbstractStorage.php:119

References CAS_PGTStorage_AbstractStorage\$_error_message.

◆ getStorageInfo()

CAS_PGTStorage_AbstractStorage::getStorageInfo ( )

This virtual method returns an informational string giving informations on the parameters of the storage.

(used for debugging purposes).

Returns
void

Reimplemented in CAS_PGTStorage_Db, and CAS_PGTStorage_File.

Definition at line 103 of file AbstractStorage.php.

104 {
105 phpCAS::error(__CLASS__.'::'.__FUNCTION__.'() should never be called');
106 }

References phpCAS\error().

+ Here is the call graph for this function:

◆ getStorageType()

CAS_PGTStorage_AbstractStorage::getStorageType ( )

This virtual method returns an informational string giving the type of storage used by the object (used for debugging purposes).

Returns
void

Reimplemented in CAS_PGTStorage_Db, and CAS_PGTStorage_File.

Definition at line 90 of file AbstractStorage.php.

91 {
92 phpCAS::error(__CLASS__.'::'.__FUNCTION__.'() should never be called');
93 }

References phpCAS\error().

+ Here is the call graph for this function:

◆ init()

CAS_PGTStorage_AbstractStorage::init ( )

This virtual method initializes the object.

Returns
void

Reimplemented in CAS_PGTStorage_Db, and CAS_PGTStorage_File.

Definition at line 178 of file AbstractStorage.php.

179 {
180 $this->_initialized = true;
181 }

◆ isInitialized()

CAS_PGTStorage_AbstractStorage::isInitialized ( )
protected

This method tells if the storage has already been intialized.

Returns
a boolean

Definition at line 168 of file AbstractStorage.php.

169 {
170 return $this->_initialized;
171 }
CAS_PGTStorage_AbstractStorage\$_initialized
$_initialized
a boolean telling if the storage has already been initialized.
Definition: AbstractStorage.php:159

References CAS_PGTStorage_AbstractStorage\$_initialized.

Referenced by CAS_PGTStorage_Db\createTable(), CAS_PGTStorage_Db\init(), and CAS_PGTStorage_File\init().

+ Here is the caller graph for this function:

◆ read()

CAS_PGTStorage_AbstractStorage::read (   $pgt_iou)

This virtual method reads a PGT corresponding to a PGT Iou and deletes the corresponding storage entry.

Parameters
string$pgt_iouthe PGT iou
Returns
void
Note
Should never be called.

Reimplemented in CAS_PGTStorage_Db, and CAS_PGTStorage_File.

Definition at line 213 of file AbstractStorage.php.

214 {
215 phpCAS::error(__CLASS__.'::'.__FUNCTION__.'() should never be called');
216 }

References phpCAS\error().

+ Here is the call graph for this function:

◆ retrievePT()

CAS_Client::retrievePT (   $target_service,
$err_code,
$err_msg 
)

This method is used to retrieve PT's from the CAS server thanks to a PGT.

Parameters
string$target_servicethe service to ask for with the PT.
string&$err_codean error code (PHPCAS_SERVICE_OK on success).
string&$err_msgan error message (empty on success).
Returns
a Proxy Ticket, or false on error.

Definition at line 2658 of file Client.php.

2659 {
2660 // Argument validation
2661 if (gettype($target_service) != 'string')
2662 throw new CAS_TypeMismatchException($target_service, '$target_service', 'string');
2663
2664 phpCAS::traceBegin();
2665
2666 // by default, $err_msg is set empty and $pt to true. On error, $pt is
2667 // set to false and $err_msg to an error message. At the end, if $pt is false
2668 // and $error_msg is still empty, it is set to 'invalid response' (the most
2669 // commonly encountered error).
2670 $err_msg = '';
2671
2672 // build the URL to retrieve the PT
2673 $cas_url = $this->getServerProxyURL().'?targetService='
2674 .urlencode($target_service).'&pgt='.$this->_getPGT();
2675
2676 // open and read the URL
2677 if ( !$this->_readURL($cas_url, $headers, $cas_response, $err_msg) ) {
2678 phpCAS::trace(
2679 'could not open URL \''.$cas_url.'\' to validate ('.$err_msg.')'
2680 );
2681 $err_code = PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE;
2682 $err_msg = 'could not retrieve PT (no response from the CAS server)';
2683 phpCAS::traceEnd(false);
2684 return false;
2685 }
2686
2687 $bad_response = false;
2688
2689 if ( !$bad_response ) {
2690 // create new DOMDocument object
2691 $dom = new DOMDocument();
2692 // Fix possible whitspace problems
2693 $dom->preserveWhiteSpace = false;
2694 // read the response of the CAS server into a DOM object
2695 if ( !($dom->loadXML($cas_response))) {
2696 phpCAS::trace('dom->loadXML() failed');
2697 // read failed
2698 $bad_response = true;
2699 }
2700 }
2701
2702 if ( !$bad_response ) {
2703 // read the root node of the XML tree
2704 if ( !($root = $dom->documentElement) ) {
2705 phpCAS::trace('documentElement failed');
2706 // read failed
2707 $bad_response = true;
2708 }
2709 }
2710
2711 if ( !$bad_response ) {
2712 // insure that tag name is 'serviceResponse'
2713 if ( $root->localName != 'serviceResponse' ) {
2714 phpCAS::trace('localName failed');
2715 // bad root node
2716 $bad_response = true;
2717 }
2718 }
2719
2720 if ( !$bad_response ) {
2721 // look for a proxySuccess tag
2722 if ( $root->getElementsByTagName("proxySuccess")->length != 0) {
2723 $proxy_success_list = $root->getElementsByTagName("proxySuccess");
2724
2725 // authentication succeded, look for a proxyTicket tag
2726 if ( $proxy_success_list->item(0)->getElementsByTagName("proxyTicket")->length != 0) {
2727 $err_code = PHPCAS_SERVICE_OK;
2728 $err_msg = '';
2729 $pt = trim(
2730 $proxy_success_list->item(0)->getElementsByTagName("proxyTicket")->item(0)->nodeValue
2731 );
2732 phpCAS::trace('original PT: '.trim($pt));
2733 phpCAS::traceEnd($pt);
2734 return $pt;
2735 } else {
2736 phpCAS::trace('<proxySuccess> was found, but not <proxyTicket>');
2737 }
2738 } else if ($root->getElementsByTagName("proxyFailure")->length != 0) {
2739 // look for a proxyFailure tag
2740 $proxy_failure_list = $root->getElementsByTagName("proxyFailure");
2741
2742 // authentication failed, extract the error
2743 $err_code = PHPCAS_SERVICE_PT_FAILURE;
2744 $err_msg = 'PT retrieving failed (code=`'
2745 .$proxy_failure_list->item(0)->getAttribute('code')
2746 .'\', message=`'
2747 .trim($proxy_failure_list->item(0)->nodeValue)
2748 .'\')';
2749 phpCAS::traceEnd(false);
2750 return false;
2751 } else {
2752 phpCAS::trace('neither <proxySuccess> nor <proxyFailure> found');
2753 }
2754 }
2755
2756 // at this step, we are sure that the response of the CAS server was
2757 // illformed
2758 $err_code = PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE;
2759 $err_msg = 'Invalid response from the CAS server (response=`'
2760 .$cas_response.'\')';
2761
2762 phpCAS::traceEnd(false);
2763 return false;
2764 }
CAS_TypeMismatchException
Definition: TypeMismatchException.php:42
CAS
Licensed to Jasig under one or more contributor license agreements.
CAS_Client\getServerProxyURL
getServerProxyURL()
This method is used to retrieve the proxy URL of the CAS server.
Definition: Client.php:519
CAS_Client\_readURL
_readURL($url, &$headers, &$body, &$err_msg)
This method is used to acces a remote URL.
Definition: Client.php:2790
CAS_Client\_getPGT
_getPGT()
This method returns the Proxy Granting Ticket given by the CAS server.
Definition: Client.php:2271

References CAS_Client\_getPGT(), CAS_Client\_readURL(), CAS_Client\getServerProxyURL(), phpCAS\trace(), phpCAS\traceBegin(), and phpCAS\traceEnd().

Referenced by CAS_Client\initializeProxiedService().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ setErrorMessage()

CAS_PGTStorage_AbstractStorage::setErrorMessage (   $error_message)

This method sets en error message, which can be read later by PGTStorage::getErrorMessage().

Parameters
string$error_messagean error message
Returns
void
Deprecated:
not used.

Definition at line 131 of file AbstractStorage.php.

132 {
133 $this->_error_message = $error_message;
134 }

◆ setPGTStorage()

CAS_Client::setPGTStorage (   $storage)

This method can be used to set a custom PGT storage object.

Parameters
CAS_PGTStorage_AbstractStorage$storagea PGT storage object that inherits from the CAS_PGTStorage_AbstractStorage class
Returns
void

Definition at line 2506 of file Client.php.

2507 {
2508 // Sequence validation
2509 $this->ensureIsProxy();
2510
2511 // check that the storage has not already been set
2512 if ( is_object($this->_pgt_storage) ) {
2513 phpCAS::error('PGT storage already defined');
2514 }
2515
2516 // check to make sure a valid storage object was specified
2517 if ( !($storage instanceof CAS_PGTStorage_AbstractStorage) )
2518 throw new CAS_TypeMismatchException($storage, '$storage', 'CAS_PGTStorage_AbstractStorage object');
2519
2520 // store the PGTStorage object
2521 $this->_pgt_storage = $storage;
2522 }
CAS_PGTStorage_AbstractStorage
Basic class for PGT storage The CAS_PGTStorage_AbstractStorage class is a generic class for PGT stora...
Definition: AbstractStorage.php:47
CAS_Client\ensureIsProxy
ensureIsProxy()
Ensure that this is actually a proxy object or fail with an exception.
Definition: Client.php:745

References CAS_Client\ensureIsProxy(), and phpCAS\error().

Referenced by CAS_Client\setPGTStorageDb(), and CAS_Client\setPGTStorageFile().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ setPGTStorageDb()

CAS_Client::setPGTStorageDb (   $dsn_or_pdo,
  $username = '',
  $password = '',
  $table = '',
  $driver_options = null 
)

This method is used to tell phpCAS to store the response of the CAS server to PGT requests in a database.

Parameters
string$dsn_or_pdoa dsn string to use for creating a PDO object or a PDO object
string$usernamethe username to use when connecting to the database
string$passwordthe password to use when connecting to the database
string$tablethe table to use for storing and retrieving PGTs
string$driver_optionsany driver options to use when connecting to the database
Returns
void

Definition at line 2541 of file Client.php.

2543 {
2544 // Sequence validation
2545 $this->ensureIsProxy();
2546
2547 // Argument validation
2548 if ((is_object($dsn_or_pdo) && !($dsn_or_pdo instanceof PDO)) || gettype($dsn_or_pdo) != 'string')
2549 throw new CAS_TypeMismatchException($dsn_or_pdo, '$dsn_or_pdo', 'string or PDO object');
2550 if (gettype($username) != 'string')
2551 throw new CAS_TypeMismatchException($username, '$username', 'string');
2552 if (gettype($password) != 'string')
2553 throw new CAS_TypeMismatchException($password, '$password', 'string');
2554 if (gettype($table) != 'string')
2555 throw new CAS_TypeMismatchException($table, '$password', 'string');
2556
2557 // create the storage object
2558 $this->setPGTStorage(
2559 new CAS_PGTStorage_Db(
2560 $this, $dsn_or_pdo, $username, $password, $table, $driver_options
2561 )
2562 );
2563 }
CAS_PGTStorage_Db
Basic class for PGT database storage The CAS_PGTStorage_Db class is a class for PGT database storage.
Definition: Db.php:47
CAS_Client\setPGTStorage
setPGTStorage($storage)
This method can be used to set a custom PGT storage object.
Definition: Client.php:2506

References CAS_Client\ensureIsProxy(), and CAS_Client\setPGTStorage().

+ Here is the call graph for this function:

◆ setPGTStorageFile()

CAS_Client::setPGTStorageFile (   $path = '')

This method is used to tell phpCAS to store the response of the CAS server to PGT requests onto the filesystem.

Parameters
string$paththe path where the PGT's should be stored
Returns
void

Definition at line 2573 of file Client.php.

2574 {
2575 // Sequence validation
2576 $this->ensureIsProxy();
2577
2578 // Argument validation
2579 if (gettype($path) != 'string')
2580 throw new CAS_TypeMismatchException($path, '$path', 'string');
2581
2582 // create the storage object
2583 $this->setPGTStorage(new CAS_PGTStorage_File($this, $path));
2584 }
$path
$path
Definition: aliased.php:25
CAS_PGTStorage_File
The CAS_PGTStorage_File class is a class for PGT file storage.
Definition: File.php:46

References $path, CAS_Client\ensureIsProxy(), and CAS_Client\setPGTStorage().

Referenced by CAS_Client\_initPGTStorage().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ write()

CAS_PGTStorage_AbstractStorage::write (   $pgt,
  $pgt_iou 
)

This virtual method stores a PGT and its corresponding PGT Iuo.

Parameters
string$pgtthe PGT
string$pgt_iouthe PGT iou
Returns
void
Note
Should never be called.

Reimplemented in CAS_PGTStorage_Db, and CAS_PGTStorage_File.

Definition at line 198 of file AbstractStorage.php.

199 {
200 phpCAS::error(__CLASS__.'::'.__FUNCTION__.'() should never be called');
201 }

References phpCAS\error().

+ Here is the call graph for this function:

Variable Documentation

◆ $_error_message

CAS_PGTStorage_AbstractStorage::$_error_message

string used to store an error message.

Written by PGTStorage::setErrorMessage(), read by PGTStorage::getErrorMessage().

Deprecated:
not used.

Definition at line 119 of file AbstractStorage.php.

Referenced by CAS_PGTStorage_AbstractStorage\getErrorMessage().

◆ $_initialized

CAS_PGTStorage_AbstractStorage::$_initialized

a boolean telling if the storage has already been initialized.

Written by PGTStorage::init(), read by PGTStorage::isInitialized().

Definition at line 159 of file AbstractStorage.php.

Referenced by CAS_PGTStorage_AbstractStorage\isInitialized().

◆ $_pgt_storage

CAS_Client::$_pgt_storage
private

an instance of a class inheriting of PGTStorage, used to deal with PGT storage.

Created by CAS_Client::setPGTStorageFile(), used by CAS_Client::setPGTStorageFile() and CAS_Client::_initPGTStorage().

Definition at line 2447 of file Client.php.