d1/da5/serviceValidate_8php_source.html

<?php

require 'tickets.php';


# set manually if called directly - ie not included from validate.php or cas.php

if (!$function) $function = 'serviceValidate';


/*

 * Incoming parameters:

 *  service

 *  renew

 *  ticket

 *

 */


if (array_key_exists('service', $_GET)) {

        $service = $_GET['service'];

        $ticket = $_GET['ticket'];

        $forceAuthn = isset($_GET['renew']) && $_GET['renew'];

} else {

        throw new Exception('Required URL query parameter [service] not provided. (CAS Server)');

}


try {

// Load SimpleSAMLphp, configuration and metadata

        $casconfig = SimpleSAML_Configuration::getConfig('module_casserver.php');


        $path = $casconfig->resolvePath($casconfig->getValue('ticketcache', 'ticketcache'));

        $ticketcontent = retrieveTicket($ticket, $path);


        $usernamefield = $casconfig->getValue('attrname', 'eduPersonPrincipalName');

        $dosendattributes = $casconfig->getValue('attributes', FALSE);


        $attributes = $ticketcontent['attributes'];


        $pgtiouxml = "";


        if ($ticketcontent['service'] == $service

                        && $ticketcontent['forceAuthn'] == $forceAuthn

                        && array_key_exists($usernamefield, $attributes)

                        && $ticketcontent['validbefore'] > time()) {


                if (isset($_GET['pgtUrl'])) {

                        $pgtUrl = $_GET['pgtUrl'];

                        $pgtiou = str_replace( '_', 'PGTIOU-', SimpleSAML\Utils\Random::generateID());

                        $pgt = str_replace( '_', 'PGT-', SimpleSAML\Utils\Random::generateID());

                        $content = array(

                                'attributes' => $attributes,

                                'forceAuthn' => false,

                                'proxies' => array_merge(array($service), $ticketcontent['proxies']),

                                'validbefore' => time() + 60);

                        \SimpleSAML\Utils\HTTP::fetch($pgtUrl . '?pgtIou=' . $pgtiou . '&pgtId=' . $pgt);

                        storeTicket($pgt, $path, $content);

                        $pgtiouxml = "\n<cas:proxyGrantingTicket>$pgtiou</cas:proxyGrantingTicket>\n";

                }


                $proxiesxml = join("\n", array_map(create_function('$a', 'return "<cas:proxy>$a</cas:proxy>";'), $ticketcontent['proxies']));

                if ($proxiesxml) $proxiesxml = "<cas:proxies>\n$proxiesxml\n</cas:proxies>\n";

                returnResponse('YES', $function, $attributes[$usernamefield][0], $dosendattributes ? $attributes : array(), $pgtiouxml.$proxiesxml);

        } else {

                returnResponse('NO', $function);

        }


} catch (Exception $e) {

        returnResponse('NO', $function, $e->getMessage());

}


function returnResponse($value, $function, $usrname = '', $attributes = array(), $xtraxml = "") {

        if ($value === 'YES') {

                if ($function != 'validate') {

                        $attributesxml = "";

                        foreach ($attributes as $attributename => $attributelist) {

                                $attr = htmlspecialchars($attributename);

                                foreach ($attributelist as $attributevalue) {

                                        $attributesxml .= "<cas:$attr>" . htmlspecialchars($attributevalue) . "</cas:$attr>\n";

                                }

                        }

                        if (sizeof($attributes)) $attributesxml = "<cas:attributes>\n" . $attributesxml . "</cas:attributes>\n";

                        echo '<cas:serviceResponse xmlns:cas="http://www.yale.edu/tp/cas">

<cas:authenticationSuccess>

<cas:user>' . htmlspecialchars($usrname) . '</cas:user>' .

                $xtraxml .

                $attributesxml .

                '</cas:authenticationSuccess>

</cas:serviceResponse>';

                } else {

                        echo 'yes' . "\n" . $usrname;

                }

        } else {

                if ($function != 'validate') {

                        echo '<cas:serviceResponse xmlns:cas="http://www.yale.edu/tp/cas">

<cas:authenticationFailure code="">

</cas:authenticationFailure>

</cas:serviceResponse>';

                } else {

                        echo 'no';


                }

        }

}

$function
$function
Definition: cas.php:28

$_GET
$_GET["client_id"]
Definition: cfg.phpunit.template.php:12

php
An exception for terminatinating execution or to throw for unit testing.

SimpleSAML\Utils\HTTP\fetch
static fetch($url, $context=array(), $getHeaders=false)
Helper function to retrieve a file or URL with proxy support, also supporting proxy basic authorizati...
Definition: HTTP.php:409

SimpleSAML_Configuration\getConfig
static getConfig($filename='config.php', $configSet='simplesaml')
Load a configuration file from a configuration set.
Definition: Configuration.php:209

$casconfig
$casconfig
Definition: login.php:21

$service
$service
Definition: login.php:15

$forceAuthn
$forceAuthn
Definition: login.php:17

SimpleSAML
Attribute-related utility methods.

$path
$path
Definition: serviceValidate.php:27

$usernamefield
$usernamefield
Definition: serviceValidate.php:30

$ticketcontent
$ticketcontent
Definition: serviceValidate.php:28

returnResponse
catch(Exception $e) returnResponse($value, $function, $usrname='', $attributes=array(), $xtraxml="")
Definition: serviceValidate.php:67

$dosendattributes
$dosendattributes
Definition: serviceValidate.php:31

$pgtiouxml
$pgtiouxml
Definition: serviceValidate.php:35

$attributes
$attributes
Definition: serviceValidate.php:33

storeTicket
storeTicket($ticket, $path, $value)
Definition: tickets.php:3

retrieveTicket
retrieveTicket($ticket, $path, $unlink=true)
Definition: tickets.php:15