ILIAS  release_5-3 Revision v5.3.23-19-g915713cf615
serviceValidate.php
Go to the documentation of this file.
1<?php
2require 'tickets.php';
3
4# set manually if called directly - ie not included from validate.php or cas.php
5if (!$function) $function = 'serviceValidate';
6
7/*
8 * Incoming parameters:
9 * service
10 * renew
11 * ticket
12 *
13 */
14
15if (array_key_exists('service', $_GET)) {
16 $service = $_GET['service'];
17 $ticket = $_GET['ticket'];
18 $forceAuthn = isset($_GET['renew']) && $_GET['renew'];
19} else {
20 throw new Exception('Required URL query parameter [service] not provided. (CAS Server)');
21}
22
23try {
24// Load SimpleSAMLphp, configuration and metadata
25 $casconfig = SimpleSAML_Configuration::getConfig('module_casserver.php');
26
27 $path = $casconfig->resolvePath($casconfig->getValue('ticketcache', 'ticketcache'));
29
30 $usernamefield = $casconfig->getValue('attrname', 'eduPersonPrincipalName');
31 $dosendattributes = $casconfig->getValue('attributes', FALSE);
32
33 $attributes = $ticketcontent['attributes'];
34
36
37 if ($ticketcontent['service'] == $service
38 && $ticketcontent['forceAuthn'] == $forceAuthn
39 && array_key_exists($usernamefield, $attributes)
40 && $ticketcontent['validbefore'] > time()) {
41
42 if (isset($_GET['pgtUrl'])) {
43 $pgtUrl = $_GET['pgtUrl'];
44 $pgtiou = str_replace( '_', 'PGTIOU-', SimpleSAML\Utils\Random::generateID());
45 $pgt = str_replace( '_', 'PGT-', SimpleSAML\Utils\Random::generateID());
46 $content = array(
47 'attributes' => $attributes,
48 'forceAuthn' => false,
49 'proxies' => array_merge(array($service), $ticketcontent['proxies']),
50 'validbefore' => time() + 60);
51 \SimpleSAML\Utils\HTTP::fetch($pgtUrl . '?pgtIou=' . $pgtiou . '&pgtId=' . $pgt);
52 storeTicket($pgt, $path, $content);
53 $pgtiouxml = "\n<cas:proxyGrantingTicket>$pgtiou</cas:proxyGrantingTicket>\n";
54 }
55
56 $proxiesxml = join("\n", array_map(create_function('$a', 'return "<cas:proxy>$a</cas:proxy>";'), $ticketcontent['proxies']));
57 if ($proxiesxml) $proxiesxml = "<cas:proxies>\n$proxiesxml\n</cas:proxies>\n";
59 } else {
61 }
62
63} catch (Exception $e) {
64 returnResponse('NO', $function, $e->getMessage());
65}
66
67function returnResponse($value, $function, $usrname = '', $attributes = array(), $xtraxml = "") {
68 if ($value === 'YES') {
69 if ($function != 'validate') {
70 $attributesxml = "";
71 foreach ($attributes as $attributename => $attributelist) {
72 $attr = htmlspecialchars($attributename);
73 foreach ($attributelist as $attributevalue) {
74 $attributesxml .= "<cas:$attr>" . htmlspecialchars($attributevalue) . "</cas:$attr>\n";
75 }
76 }
77 if (sizeof($attributes)) $attributesxml = "<cas:attributes>\n" . $attributesxml . "</cas:attributes>\n";
78 echo '<cas:serviceResponse xmlns:cas="http://www.yale.edu/tp/cas">
79<cas:authenticationSuccess>
80<cas:user>' . htmlspecialchars($usrname) . '</cas:user>' .
81 $xtraxml .
82 $attributesxml .
83 '</cas:authenticationSuccess>
84</cas:serviceResponse>';
85 } else {
86 echo 'yes' . "\n" . $usrname;
87 }
88 } else {
89 if ($function != 'validate') {
90 echo '<cas:serviceResponse xmlns:cas="http://www.yale.edu/tp/cas">
91<cas:authenticationFailure code="">
92</cas:authenticationFailure>
93</cas:serviceResponse>';
94 } else {
95 echo 'no';
96
97 }
98 }
99}
$function
Definition: cas.php:28
$_GET["client_id"]
An exception for terminatinating execution or to throw for unit testing.
static fetch($url, $context=array(), $getHeaders=false)
Helper function to retrieve a file or URL with proxy support, also supporting proxy basic authorizati...
Definition: HTTP.php:409
static getConfig($filename='config.php', $configSet='simplesaml')
Load a configuration file from a configuration set.
$casconfig
Definition: login.php:21
$service
Definition: login.php:15
$forceAuthn
Definition: login.php:17
Attribute-related utility methods.
$usernamefield
$ticketcontent
catch(Exception $e) returnResponse($value, $function, $usrname='', $attributes=array(), $xtraxml="")
$dosendattributes
$pgtiouxml
$attributes
storeTicket($ticket, $path, $value)
Definition: tickets.php:3
retrieveTicket($ticket, $path, $unlink=true)
Definition: tickets.php:15