📄 client.php
字号:
// authentication already done $this->setUser($_SESSION['phpCAS']['user']); phpCAS::trace('user = `'.$_SESSION['phpCAS']['user'].'\''); $auth = TRUE; } else { phpCAS::trace('no user found'); } } phpCAS::traceEnd($auth); return $auth; } /** * This method is used to redirect the client to the CAS server. * It is used by CASClient::forceAuthentication() and CASClient::checkAuthentication(). * @param $gateway true to check authentication, false to force it * @public */ function redirectToCas($gateway=false) { phpCAS::traceBegin(); $cas_url = $this->getServerLoginURL($gateway); header('Location: '.$cas_url); $this->printHTMLHeader($this->getString(CAS_STR_AUTHENTICATION_WANTED)); printf('<p>'.$this->getString(CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED).'</p>',$cas_url); $this->printHTMLFooter(); phpCAS::traceExit(); exit(); } /** * This method is used to logout from CAS. * @param $url a URL that will be transmitted to the CAS server (to come back to when logged out) * @public */ function logout($url = "") { phpCAS::traceBegin(); $cas_url = $this->getServerLogoutURL(); // v0.4.14 sebastien.gougeon at univ-rennes1.fr // header('Location: '.$cas_url); if ( $url != "" ) { $url = '?service=' . $url; } header('Location: '.$cas_url . $url); session_unset(); session_destroy(); $this->printHTMLHeader($this->getString(CAS_STR_LOGOUT)); printf('<p>'.$this->getString(CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED).'</p>',$cas_url); $this->printHTMLFooter(); phpCAS::traceExit(); exit(); } /** @} */ // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX // XX XX // XX BASIC CLIENT FEATURES (CAS 1.0) XX // XX XX // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX // ######################################################################## // ST // ######################################################################## /** * @addtogroup internalBasic * @{ */ /** * the Service Ticket provided in the URL of the request if present * (empty otherwise). Written by CASClient::CASClient(), read by * CASClient::getST() and CASClient::hasPGT(). * * @hideinitializer * @private */ var $_st = ''; /** * This method returns the Service Ticket provided in the URL of the request. * @return The service ticket. * @private */ function getST() { return $this->_st; } /** * This method stores the Service Ticket. * @param $st The Service Ticket. * @private */ function setST($st) { $this->_st = $st; } /** * This method tells if a Service Ticket was stored. * @return TRUE if a Service Ticket has been stored. * @private */ function hasST() { return !empty($this->_st); } /** @} */ // ######################################################################## // ST VALIDATION // ######################################################################## /** * @addtogroup internalBasic * @{ */ /** * This method is used to validate a ST; halt on failure, and sets $validate_url, * $text_reponse and $tree_response on success. These parameters are used later * by CASClient::validatePGT() for CAS proxies. * * @param $validate_url the URL of the request to the CAS server. * @param $text_response the response of the CAS server, as is (XML text). * @param $tree_response the response of the CAS server, as a DOM XML tree. * * @return bool TRUE when successfull, halt otherwise by calling CASClient::authError(). * * @private */ function validateST($validate_url,&$text_response,&$tree_response) { phpCAS::traceBegin(); // build the URL to validate the ticket $validate_url = $this->getServerServiceValidateURL().'&ticket='.$this->getST(); if ( $this->isProxy() ) { // pass the callback url for CAS proxies $validate_url .= '&pgtUrl='.$this->getCallbackURL(); } // open and read the URL if ( !$this->readURL($validate_url,''/*cookies*/,$headers,$text_response,$err_msg) ) { phpCAS::trace('could not open URL \''.$validate_url.'\' to validate ('.$err_msg.')'); $this->authError('ST not validated', $validate_url, TRUE/*$no_response*/); } // analyze the result depending on the version switch ($this->getServerVersion()) { case CAS_VERSION_1_0: if (preg_match('/^no\n/',$text_response)) { phpCAS::trace('ST has not been validated'); $this->authError('ST not validated', $validate_url, FALSE/*$no_response*/, FALSE/*$bad_response*/, $text_response); } if (!preg_match('/^yes\n/',$text_response)) { phpCAS::trace('ill-formed response'); $this->authError('ST not validated', $validate_url, FALSE/*$no_response*/, TRUE/*$bad_response*/, $text_response); } // ST has been validated, extract the user name $arr = preg_split('/\n/',$text_response); $this->setUser(trim($arr[1])); break; case CAS_VERSION_2_0: // read the response of the CAS server into a DOM object if ( !($dom = domxml_open_mem($text_response))) { phpCAS::trace('domxml_open_mem() failed'); $this->authError('ST not validated', $validate_url, FALSE/*$no_response*/, TRUE/*$bad_response*/, $text_response); } // read the root node of the XML tree if ( !($tree_response = $dom->document_element()) ) { phpCAS::trace('document_element() failed'); $this->authError('ST not validated', $validate_url, FALSE/*$no_response*/, TRUE/*$bad_response*/, $text_response); } // insure that tag name is 'serviceResponse' if ( $tree_response->node_name() != 'serviceResponse' ) { phpCAS::trace('bad XML root node (should be `serviceResponse\' instead of `'.$tree_response->node_name().'\''); $this->authError('ST not validated', $validate_url, FALSE/*$no_response*/, TRUE/*$bad_response*/, $text_response); } if ( sizeof($success_elements = $tree_response->get_elements_by_tagname("authenticationSuccess")) != 0) { // authentication succeded, extract the user name if ( sizeof($user_elements = $success_elements[0]->get_elements_by_tagname("user")) == 0) { phpCAS::trace('<authenticationSuccess> found, but no <user>'); $this->authError('ST not validated', $validate_url, FALSE/*$no_response*/, TRUE/*$bad_response*/, $text_response); } $user = trim($user_elements[0]->get_content()); phpCAS::trace('user = `'.$user); $this->setUser($user); } else if ( sizeof($failure_elements = $tree_response->get_elements_by_tagname("authenticationFailure")) != 0) { phpCAS::trace('<authenticationFailure> found'); // authentication failed, extract the error code and message $this->authError('ST not validated', $validate_url, FALSE/*$no_response*/, FALSE/*$bad_response*/, $text_response, $failure_elements[0]->get_attribute('code')/*$err_code*/, trim($failure_elements[0]->get_content())/*$err_msg*/); } else { phpCAS::trace('neither <authenticationSuccess> nor <authenticationFailure> found'); $this->authError('ST not validated', $validate_url, FALSE/*$no_response*/, TRUE/*$bad_response*/, $text_response); } break; } // at this step, ST has been validated and $this->_user has been set, phpCAS::traceEnd(TRUE); return TRUE; } /** @} */ // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX // XX XX // XX PROXY FEATURES (CAS 2.0) XX // XX XX // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX // ######################################################################## // PROXYING // ######################################################################## /** * @addtogroup internalProxy * @{ */ /** * A boolean telling if the client is a CAS proxy or not. Written by CASClient::CASClient(), * read by CASClient::isProxy(). * * @private */ var $_proxy; /** * Tells if a CAS client is a CAS proxy or not * * @return TRUE when the CAS client is a CAs proxy, FALSE otherwise * * @private */ function isProxy() { return $this->_proxy; } /** @} */ // ######################################################################## // PGT // ######################################################################## /** * @addtogroup internalProxy * @{ */ /** * the Proxy Grnting Ticket given by the CAS server (empty otherwise). * Written by CASClient::setPGT(), read by CASClient::getPGT() and CASClient::hasPGT(). * * @hideinitializer * @private */ var $_pgt = ''; /** * This method returns the Proxy Granting Ticket given by the CAS server. * @return The Proxy Granting Ticket. * @private */ function getPGT() { return $this->_pgt; } /** * This method stores the Proxy Granting Ticket. * @param $pgt The Proxy Granting Ticket. * @private */ function setPGT($pgt) { $this->_pgt = $pgt; } /** * This method tells if a Proxy Granting Ticket was stored. * @return TRUE if a Proxy Granting Ticket has been stored. * @private */ function hasPGT() { return !empty($this->_pgt); } /** @} */ // ######################################################################## // CALLBACK MODE // ######################################################################## /** * @addtogroup internalCallback * @{ */ /** * each PHP script using phpCAS in proxy mode is its own callback to get the * PGT back from the CAS server. callback_mode is detected by the constructor * thanks to the GET parameters. */ /** * a boolean to know if the CAS client is running in callback mode. Written by * CASClient::setCallBackMode(), read by CASClient::isCallbackMode(). * * @hideinitializer * @private */ var $_callback_mode = FALSE; /** * This method sets/unsets callback mode. * * @param $callback_mode TRUE to set callback mode, FALSE otherwise. * * @private */ function setCallbackMode($callback_mode) { $this->_callback_mode = $callback_mode; } /** * This method returns TRUE when the CAs client is running i callback mode, * FALSE otherwise. * * @return A boolean. * * @private */ function isCallbackMode() { return $this->_callback_mode; } /** * the URL that should be used for the PGT callback (in fact the URL of the * current request without any CGI parameter). Written and read by * CASClient::getCallbackURL(). * * @hideinitializer * @private */ var $_callback_url = ''; /** * This method returns the URL that should be used for the PGT callback (in * fact the URL of the current request without any CGI parameter, except if * phpCAS::setFixedCallbackURL() was used). * * @return The callback URL * * @private */ function getCallbackURL() { // the URL is built when needed only if ( empty($this->_callback_url) ) { $final_uri = ''; // remove the ticket if present in the URL $final_uri = 'https://'; /* replaced by Julien Marchal - v0.4.6 * $this->uri .= $_SERVER['SERVER_NAME']; */ if(empty($_SERVER['HTTP_X_FORWARDED_SERVER'])){ /* replaced by teedog - v0.4.12 * $final_uri .= $_SERVER['SERVER_NAME']; */ if (empty($_SERVER['SERVER_NAME'])) { $final_uri .= $_SERVER['HTTP_HOST']; } else { $final_uri .= $_SERVER['SERVER_NAME']; } } else { $final_uri .= $_SERVER['HTTP_X_FORWARDED_SERVER']; } if ( ($this->isHttps() && $_SERVER['SERVER_PORT']!=443) || (!$this->isHttps() && $_SERVER['SERVER_PORT']!=80) ) { $final_uri .= ':'; $final_uri .= $_SERVER['SERVER_PORT']; } $request_uri = $_SERVER['REQUEST_URI']; $request_uri = preg_replace('/\?.*$/','',$request_uri); $final_uri .= $request_uri; $this->setCallbackURL($final_uri); } return $this->_callback_url;⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -