Public Member Functions |
Data Fields |
Protected Member Functions |
Private Member Functions |
Private Attributes
sspmod_cas_Auth_Source_CAS Class Reference
Inheritance diagram for sspmod_cas_Auth_Source_CAS:
Collaboration diagram for sspmod_cas_Auth_Source_CAS:
Public Member Functions | |
| __construct ($info, $config) | |
| Constructor for this authentication source. More... | |
| finalStep (&$state) | |
| Called by linkback, to finish validate/ finish logging in. More... | |
| authenticate (&$state) | |
| Log-in using cas. More... | |
| logout (&$state) | |
| Log out from this authentication source. More... | |
| Public Member Functions inherited from SimpleSAML_Auth_Source | |
| __construct ($info, &$config) | |
| Constructor for an authentication source. More... | |
| getAuthId () | |
| Retrieve the ID of this authentication source. More... | |
| authenticate (&$state) | |
| Process a request. More... | |
| reauthenticate (array &$state) | |
| Reauthenticate an user. More... | |
| initLogin ($return, $errorURL=null, array $params=array()) | |
| Start authentication. More... | |
| logout (&$state) | |
| Log out from this authentication source. More... | |
Data Fields | |
| const | STAGE_INIT = 'sspmod_cas_Auth_Source_CAS.state' |
| The string used to identify our states. More... | |
| const | AUTHID = 'sspmod_cas_Auth_Source_CAS.AuthId' |
| The key of the AuthId field in the state. More... | |
Protected Member Functions | |
| casValidation ($ticket, $service) | |
| Main validation method, redirects to correct method (keeps finalStep clean) More... | |
| Protected Member Functions inherited from SimpleSAML_Auth_Source | |
| addLogoutCallback ($assoc, $state) | |
| Add a logout callback association. More... | |
| callLogoutCallback ($assoc) | |
| Call a logout callback based on association. More... | |
Private Member Functions | |
| casValidate ($ticket, $service) | |
| This the most simple version of validating, this provides only authentication validation. More... | |
| casServiceValidate ($ticket, $service) | |
| Uses the cas service validate, this provides additional attributes. More... | |
Private Attributes | |
| $_ldapConfig | |
| $_casConfig | |
| $_validationMethod | |
| $_loginMethod | |
Additional Inherited Members | |
| Static Public Member Functions inherited from SimpleSAML_Auth_Source | |
| static | getSourcesOfType ($type) |
| Get sources of a specific type. More... | |
| static | completeAuth (&$state) |
| Complete authentication. More... | |
| static | loginCompleted ($state) |
| Called when a login operation has finished. More... | |
| static | completeLogout (&$state) |
| Complete logout. More... | |
| static | getById ($authId, $type=null) |
| Retrieve authentication source. More... | |
| static | logoutCallback ($state) |
| Called when the authentication source receives an external logout request. More... | |
| static | getSources () |
| Retrieve list of authentication sources. More... | |
| Static Protected Member Functions inherited from SimpleSAML_Auth_Source | |
| static | validateSource ($source, $id) |
| Make sure that the first element of an auth source is its identifier. More... | |
| Protected Attributes inherited from SimpleSAML_Auth_Source | |
| $authId | |
Detailed Description
Constructor & Destructor Documentation
◆ __construct()
| sspmod_cas_Auth_Source_CAS::__construct | ( | $info, | |
| $config | |||
| ) |
Constructor for this authentication source.
- Parameters
-
array $info Information about this authentication source. array $config Configuration.
Definition at line 50 of file CAS.php.
51 {
52 assert(is_array($info));
53 assert(is_array($config));
54
55 // Call the parent constructor first, as required by the interface
57
59 throw new Exception('cas authentication source is not properly configured: missing [cas]');
60 }
61
63 throw new Exception('ldap authentication source is not properly configured: missing [ldap]');
64 }
65
68
69 if (isset($this->_casConfig['serviceValidate'])) {
70 $this->_validationMethod = 'serviceValidate';
71 } elseif(isset($this->_casConfig['validate'])) {
72 $this->_validationMethod = 'validate';
73 } else {
74 throw new Exception("validate or serviceValidate not specified");
75 }
76
77 if (isset($this->_casConfig['login'])) {
78 $this->_loginMethod = $this->_casConfig['login'];
79 } else {
80 throw new Exception("cas login URL not specified");
81 }
82 }
Member Function Documentation
◆ authenticate()
| sspmod_cas_Auth_Source_CAS::authenticate | ( | & | $state | ) |
Log-in using cas.
- Parameters
-
array &$state Information about the current authentication.
Reimplemented from SimpleSAML_Auth_Source.
Definition at line 215 of file CAS.php.
216 {
217 assert(is_array($state));
218
219 // We are going to need the authId in order to retrieve this authentication source later
221
223
224 $serviceUrl = SimpleSAML\Module::getModuleURL('cas/linkback.php', array('stateID' => $stateID));
225
226 \SimpleSAML\Utils\HTTP::redirectTrustedURL($this->_loginMethod, array('service' => $serviceUrl));
227 }
if(!array_key_exists('stateid', $_REQUEST)) $state
Handle linkback() response from LinkedIn.
Definition: linkback.php:10
static getModuleURL($resource, array $parameters=array())
Get absolute URL to a specified module resource.
Definition: Module.php:220
static redirectTrustedURL($url, $parameters=array())
This function redirects to the specified URL without performing any security checks.
Definition: HTTP.php:959
References SimpleSAML_Auth_Source\$authId, $state, AUTHID, SimpleSAML\Module\getModuleURL(), SimpleSAML\Utils\HTTP\redirectTrustedURL(), and SimpleSAML_Auth_State\saveState().
Here is the call graph for this function:
◆ casServiceValidate()
|
private |
Uses the cas service validate, this provides additional attributes.
- Parameters
-
string $ticket string $service
- Returns
- list username and attributes
Definition at line 118 of file CAS.php.
119 {
120 $url = \SimpleSAML\Utils\HTTP::addURLParameters(
121 $this->_casConfig['serviceValidate'],
122 array(
123 'ticket' => $ticket,
124 'service' => $service,
125 )
126 );
128
130 $xPath = new DOMXpath($dom);
131 $xPath->registerNamespace("cas", 'http://www.yale.edu/tp/cas');
135 throw new Exception("Error when validating CAS service ticket: " . $failure->item(0)->textContent);
136 } else {
137 $attributes = array();
138 if ($casattributes = $this->_casConfig['attributes']) { # some has attributes in the xml - attributes is a list of XPath expressions to get them
140 $attrs = $xPath->query($query);
141 foreach ($attrs as $attrvalue) {
143 }
144 }
145 }
146 $casusername = $success->item(0)->textContent;
147
149 }
150 }
static fetch($url, $context=array(), $getHeaders=false)
Helper function to retrieve a file or URL with proxy support, also supporting proxy basic authorizati...
Definition: HTTP.php:408
References $attributes, $failure, $name, $query, $result, $success, $url, SimpleSAML\Utils\HTTP\fetch(), and SAML2\DOMDocumentFactory\fromString().
Referenced by casValidation().
Here is the call graph for this function:
Here is the caller graph for this function:
◆ casValidate()
|
private |
This the most simple version of validating, this provides only authentication validation.
- Parameters
-
string $ticket string $service
- Returns
- list username and attributes
Definition at line 93 of file CAS.php.
94 {
96 'ticket' => $ticket,
97 'service' => $service,
98 ));
101
104 } else {
105 throw new Exception("Failed to validate CAS service ticket: $ticket");
106 }
107 }
References $res, $result, $url, and SimpleSAML\Utils\HTTP\fetch().
Referenced by casValidation().
Here is the call graph for this function:
Here is the caller graph for this function:
◆ casValidation()
|
protected |
Main validation method, redirects to correct method (keeps finalStep clean)
- Parameters
-
string $ticket string $service
- Returns
- list username and attributes
Definition at line 161 of file CAS.php.
162 {
163 switch ($this->_validationMethod)
164 {
165 case 'validate':
167 break;
168 case 'serviceValidate':
170 break;
171 default:
172 throw new Exception("validate or serviceValidate not specified");
173 }
174 }
casServiceValidate($ticket, $service)
Uses the cas service validate, this provides additional attributes.
Definition: CAS.php:118
casValidate($ticket, $service)
This the most simple version of validating, this provides only authentication validation.
Definition: CAS.php:93
References casServiceValidate(), and casValidate().
Referenced by finalStep().
Here is the call graph for this function:
Here is the caller graph for this function:
◆ finalStep()
| sspmod_cas_Auth_Source_CAS::finalStep | ( | & | $state | ) |
Called by linkback, to finish validate/ finish logging in.
- Parameters
-
state $state
- Returns
- list username, casattributes/ldap attributes
Definition at line 182 of file CAS.php.
183 {
187 list($username, $casattributes) = $this->casValidation($ticket, $service);
188 $ldapattributes = array();
189
191 'Authentication source ' . var_export($this->authId, true));
192 if ($this->_ldapConfig['servers']) {
200 );
201 $ldapattributes = $ldap->validate($this->_ldapConfig, $username);
202 }
203 $attributes = array_merge_recursive($casattributes, $ldapattributes);
205
207 }
Definition: LDAP.php:26
static loadFromArray($config, $location='[ARRAY]', $instance=null)
Loads a configuration from the given array.
Definition: Configuration.php:297
casValidation($ticket, $service)
Main validation method, redirects to correct method (keeps finalStep clean)
Definition: CAS.php:161
References $attributes, $config, $state, casValidation(), SimpleSAML_Auth_Source\completeAuth(), SimpleSAML\Module\getModuleURL(), SimpleSAML_Configuration\loadFromArray(), and SimpleSAML_Auth_State\saveState().
Here is the call graph for this function:
◆ logout()
| sspmod_cas_Auth_Source_CAS::logout | ( | & | $state | ) |
Log out from this authentication source.
This function should be overridden if the authentication source requires special steps to complete a logout operation.
If the logout process requires a redirect, the state should be saved. Once the logout operation is completed, the state should be restored, and completeLogout should be called with the state. If this operation can be completed without showing the user a page, or redirecting, this function should return.
- Parameters
-
array &$state Information about the current logout operation.
Reimplemented from SimpleSAML_Auth_Source.
Definition at line 243 of file CAS.php.
244 {
245 assert(is_array($state));
246 $logoutUrl = $this->_casConfig['logout'];
247
249 // we want cas to log us out
250 \SimpleSAML\Utils\HTTP::redirectTrustedURL($logoutUrl);
251 }
References $state, SimpleSAML_Auth_State\deleteState(), and SimpleSAML\Utils\HTTP\redirectTrustedURL().
Here is the call graph for this function:
Field Documentation
◆ $_casConfig
◆ $_ldapConfig
◆ $_loginMethod
◆ $_validationMethod
◆ AUTHID
| const sspmod_cas_Auth_Source_CAS::AUTHID = 'sspmod_cas_Auth_Source_CAS.AuthId' |
The key of the AuthId field in the state.
Definition at line 22 of file CAS.php.
Referenced by authenticate().
◆ STAGE_INIT
| const sspmod_cas_Auth_Source_CAS::STAGE_INIT = 'sspmod_cas_Auth_Source_CAS.state' |
The documentation for this class was generated from the following file:
- libs/composer/vendor/simplesamlphp/simplesamlphp/modules/cas/lib/Auth/Source/CAS.php
