diff options
author | Evan Prodromou <evan@status.net> | 2010-01-11 16:28:27 -0800 |
---|---|---|
committer | Evan Prodromou <evan@status.net> | 2010-01-11 16:28:27 -0800 |
commit | ecb3abf84c8b6e868a523b8e721484cb7a4e0f63 (patch) | |
tree | c27d9b8c427e0e64b0cabe9419c640ac8b382c3b /plugins | |
parent | a180658a3bfcf2b7b312058e3aa76e0e2467c2f8 (diff) | |
parent | 7e5c15fa80e23d1fb22744553156bcebad716ae8 (diff) |
Merge branch '0.9.x' into inblob
Diffstat (limited to 'plugins')
35 files changed, 5186 insertions, 4850 deletions
diff --git a/plugins/APCPlugin.php b/plugins/APCPlugin.php index 18409e29e..666f64b14 100644 --- a/plugins/APCPlugin.php +++ b/plugins/APCPlugin.php @@ -104,5 +104,16 @@ class APCPlugin extends Plugin Event::handle('EndCacheDelete', array($key)); return false; } + + function onPluginVersion(&$versions) + { + $versions[] = array('name' => 'APC', + 'version' => STATUSNET_VERSION, + 'author' => 'Evan Prodromou', + 'homepage' => 'http://status.net/wiki/Plugin:APC', + 'rawdescription' => + _m('Use the <a href="http://pecl.php.net/package/apc">APC</a> variable cache to cache query results.')); + return true; + } } diff --git a/plugins/Autocomplete/AutocompletePlugin.php b/plugins/Autocomplete/AutocompletePlugin.php index baaec73c1..d586631a4 100644 --- a/plugins/Autocomplete/AutocompletePlugin.php +++ b/plugins/Autocomplete/AutocompletePlugin.php @@ -61,5 +61,16 @@ class AutocompletePlugin extends Plugin } } + function onPluginVersion(&$versions) + { + $versions[] = array('name' => 'Autocomplete', + 'version' => STATUSNET_VERSION, + 'author' => 'Craig Andrews', + 'homepage' => 'http://status.net/wiki/Plugin:Autocomplete', + 'rawdescription' => + _m('The autocomplete plugin allows users to autocomplete screen names in @ replies. When an "@" is typed into the notice text area, an autocomplete box is displayed populated with the user\'s friend\' screen names.')); + return true; + } + } ?> diff --git a/plugins/Autocomplete/readme.txt b/plugins/Autocomplete/README index 1db4c6565..1db4c6565 100644 --- a/plugins/Autocomplete/readme.txt +++ b/plugins/Autocomplete/README diff --git a/plugins/CasAuthentication/CasAuthenticationPlugin.php b/plugins/CasAuthentication/CasAuthenticationPlugin.php index 818a11f77..483b060ab 100644 --- a/plugins/CasAuthentication/CasAuthenticationPlugin.php +++ b/plugins/CasAuthentication/CasAuthenticationPlugin.php @@ -138,4 +138,15 @@ class CasAuthenticationPlugin extends AuthenticationPlugin $casSettings['port']=$this->port; $casSettings['path']=$this->path; } + + function onPluginVersion(&$versions) + { + $versions[] = array('name' => 'CAS Authentication', + 'version' => STATUSNET_VERSION, + 'author' => 'Craig Andrews', + 'homepage' => 'http://status.net/wiki/Plugin:CasAuthentication', + 'rawdescription' => + _m('The CAS Authentication plugin allows for StatusNet to handle authentication through CAS (Central Authentication Service).')); + return true; + } } diff --git a/plugins/CasAuthentication/extlib/CAS.php b/plugins/CasAuthentication/extlib/CAS.php index 59238eb81..f5ea0b12a 100644 --- a/plugins/CasAuthentication/extlib/CAS.php +++ b/plugins/CasAuthentication/extlib/CAS.php @@ -1,1471 +1,1471 @@ -<?php
-
-// commented in 0.4.22-RC2 for Sylvain Derosiaux
-// error_reporting(E_ALL ^ E_NOTICE);
-
-//
-// hack by Vangelis Haniotakis to handle the absence of $_SERVER['REQUEST_URI'] in IIS
-//
-if (!$_SERVER['REQUEST_URI']) {
- $_SERVER['REQUEST_URI'] = $_SERVER['SCRIPT_NAME'].'?'.$_SERVER['QUERY_STRING'];
-}
-
-//
-// another one by Vangelis Haniotakis also to make phpCAS work with PHP5
-//
-if (version_compare(PHP_VERSION,'5','>=')) {
- require_once(dirname(__FILE__).'/CAS/domxml-php4-php5.php');
-}
-
-/**
- * @file CAS/CAS.php
- * Interface class of the phpCAS library
- *
- * @ingroup public
- */
-
-// ########################################################################
-// CONSTANTS
-// ########################################################################
-
-// ------------------------------------------------------------------------
-// CAS VERSIONS
-// ------------------------------------------------------------------------
-
-/**
- * phpCAS version. accessible for the user by phpCAS::getVersion().
- */
-define('PHPCAS_VERSION','1.0.1');
-
-// ------------------------------------------------------------------------
-// CAS VERSIONS
-// ------------------------------------------------------------------------
- /**
- * @addtogroup public
- * @{
- */
-
-/**
- * CAS version 1.0
- */
-define("CAS_VERSION_1_0",'1.0');
-/*!
- * CAS version 2.0
- */
-define("CAS_VERSION_2_0",'2.0');
-
-/** @} */
- /**
- * @addtogroup publicPGTStorage
- * @{
- */
-// ------------------------------------------------------------------------
-// FILE PGT STORAGE
-// ------------------------------------------------------------------------
- /**
- * Default path used when storing PGT's to file
- */
-define("CAS_PGT_STORAGE_FILE_DEFAULT_PATH",'/tmp');
-/**
- * phpCAS::setPGTStorageFile()'s 2nd parameter to write plain text files
- */
-define("CAS_PGT_STORAGE_FILE_FORMAT_PLAIN",'plain');
-/**
- * phpCAS::setPGTStorageFile()'s 2nd parameter to write xml files
- */
-define("CAS_PGT_STORAGE_FILE_FORMAT_XML",'xml');
-/**
- * Default format used when storing PGT's to file
- */
-define("CAS_PGT_STORAGE_FILE_DEFAULT_FORMAT",CAS_PGT_STORAGE_FILE_FORMAT_PLAIN);
-// ------------------------------------------------------------------------
-// DATABASE PGT STORAGE
-// ------------------------------------------------------------------------
- /**
- * default database type when storing PGT's to database
- */
-define("CAS_PGT_STORAGE_DB_DEFAULT_DATABASE_TYPE",'mysql');
-/**
- * default host when storing PGT's to database
- */
-define("CAS_PGT_STORAGE_DB_DEFAULT_HOSTNAME",'localhost');
-/**
- * default port when storing PGT's to database
- */
-define("CAS_PGT_STORAGE_DB_DEFAULT_PORT",'');
-/**
- * default database when storing PGT's to database
- */
-define("CAS_PGT_STORAGE_DB_DEFAULT_DATABASE",'phpCAS');
-/**
- * default table when storing PGT's to database
- */
-define("CAS_PGT_STORAGE_DB_DEFAULT_TABLE",'pgt');
-
-/** @} */
-// ------------------------------------------------------------------------
-// SERVICE ACCESS ERRORS
-// ------------------------------------------------------------------------
- /**
- * @addtogroup publicServices
- * @{
- */
-
-/**
- * phpCAS::service() error code on success
- */
-define("PHPCAS_SERVICE_OK",0);
-/**
- * phpCAS::service() error code when the PT could not retrieve because
- * the CAS server did not respond.
- */
-define("PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE",1);
-/**
- * phpCAS::service() error code when the PT could not retrieve because
- * the response of the CAS server was ill-formed.
- */
-define("PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE",2);
-/**
- * phpCAS::service() error code when the PT could not retrieve because
- * the CAS server did not want to.
- */
-define("PHPCAS_SERVICE_PT_FAILURE",3);
-/**
- * phpCAS::service() error code when the service was not available.
- */
-define("PHPCAS_SERVICE_NOT AVAILABLE",4);
-
-/** @} */
-// ------------------------------------------------------------------------
-// LANGUAGES
-// ------------------------------------------------------------------------
- /**
- * @addtogroup publicLang
- * @{
- */
-
-define("PHPCAS_LANG_ENGLISH", 'english');
-define("PHPCAS_LANG_FRENCH", 'french');
-define("PHPCAS_LANG_GREEK", 'greek');
-define("PHPCAS_LANG_GERMAN", 'german');
-define("PHPCAS_LANG_JAPANESE", 'japanese');
-define("PHPCAS_LANG_SPANISH", 'spanish');
-define("PHPCAS_LANG_CATALAN", 'catalan');
-
-/** @} */
-
-/**
- * @addtogroup internalLang
- * @{
- */
-
-/**
- * phpCAS default language (when phpCAS::setLang() is not used)
- */
-define("PHPCAS_LANG_DEFAULT", PHPCAS_LANG_ENGLISH);
-
-/** @} */
-// ------------------------------------------------------------------------
-// DEBUG
-// ------------------------------------------------------------------------
- /**
- * @addtogroup publicDebug
- * @{
- */
-
-/**
- * The default directory for the debug file under Unix.
- */
-define('DEFAULT_DEBUG_DIR','/tmp/');
-
-/** @} */
-// ------------------------------------------------------------------------
-// MISC
-// ------------------------------------------------------------------------
- /**
- * @addtogroup internalMisc
- * @{
- */
-
-/**
- * This global variable is used by the interface class phpCAS.
- *
- * @hideinitializer
- */
-$GLOBALS['PHPCAS_CLIENT'] = null;
-
-/**
- * This global variable is used to store where the initializer is called from
- * (to print a comprehensive error in case of multiple calls).
- *
- * @hideinitializer
- */
-$GLOBALS['PHPCAS_INIT_CALL'] = array('done' => FALSE,
- 'file' => '?',
- 'line' => -1,
- 'method' => '?');
-
-/**
- * This global variable is used to store where the method checking
- * the authentication is called from (to print comprehensive errors)
- *
- * @hideinitializer
- */
-$GLOBALS['PHPCAS_AUTH_CHECK_CALL'] = array('done' => FALSE,
- 'file' => '?',
- 'line' => -1,
- 'method' => '?',
- 'result' => FALSE);
-
-/**
- * This global variable is used to store phpCAS debug mode.
- *
- * @hideinitializer
- */
-$GLOBALS['PHPCAS_DEBUG'] = array('filename' => FALSE,
- 'indent' => 0,
- 'unique_id' => '');
-
-/** @} */
-
-// ########################################################################
-// CLIENT CLASS
-// ########################################################################
-
-// include client class
-include_once(dirname(__FILE__).'/CAS/client.php');
-
-// ########################################################################
-// INTERFACE CLASS
-// ########################################################################
-
-/**
- * @class phpCAS
- * The phpCAS class is a simple container for the phpCAS library. It provides CAS
- * authentication for web applications written in PHP.
- *
- * @ingroup public
- * @author Pascal Aubry <pascal.aubry at univ-rennes1.fr>
- *
- * \internal All its methods access the same object ($PHPCAS_CLIENT, declared
- * at the end of CAS/client.php).
- */
-
-
-
-class phpCAS
-{
-
- // ########################################################################
- // INITIALIZATION
- // ########################################################################
-
- /**
- * @addtogroup publicInit
- * @{
- */
-
- /**
- * phpCAS client initializer.
- * @note Only one of the phpCAS::client() and phpCAS::proxy functions should be
- * called, only once, and before all other methods (except phpCAS::getVersion()
- * and phpCAS::setDebug()).
- *
- * @param $server_version the version of the CAS server
- * @param $server_hostname the hostname of the CAS server
- * @param $server_port the port the CAS server is running on
- * @param $server_uri the URI the CAS server is responding on
- * @param $start_session Have phpCAS start PHP sessions (default true)
- *
- * @return a newly created CASClient object
- */
- function client($server_version,
- $server_hostname,
- $server_port,
- $server_uri,
- $start_session = true)
- {
- global $PHPCAS_CLIENT, $PHPCAS_INIT_CALL;
-
- phpCAS::traceBegin();
- if ( is_object($PHPCAS_CLIENT) ) {
- phpCAS::error($PHPCAS_INIT_CALL['method'].'() has already been called (at '.$PHPCAS_INIT_CALL['file'].':'.$PHPCAS_INIT_CALL['line'].')');
- }
- if ( gettype($server_version) != 'string' ) {
- phpCAS::error('type mismatched for parameter $server_version (should be `string\')');
- }
- if ( gettype($server_hostname) != 'string' ) {
- phpCAS::error('type mismatched for parameter $server_hostname (should be `string\')');
- }
- if ( gettype($server_port) != 'integer' ) {
- phpCAS::error('type mismatched for parameter $server_port (should be `integer\')');
- }
- if ( gettype($server_uri) != 'string' ) {
- phpCAS::error('type mismatched for parameter $server_uri (should be `string\')');
- }
-
- // store where the initialzer is called from
- $dbg = phpCAS::backtrace();
- $PHPCAS_INIT_CALL = array('done' => TRUE,
- 'file' => $dbg[0]['file'],
- 'line' => $dbg[0]['line'],
- 'method' => __CLASS__.'::'.__FUNCTION__);
-
- // initialize the global object $PHPCAS_CLIENT
- $PHPCAS_CLIENT = new CASClient($server_version,FALSE/*proxy*/,$server_hostname,$server_port,$server_uri,$start_session);
- phpCAS::traceEnd();
- }
-
- /**
- * phpCAS proxy initializer.
- * @note Only one of the phpCAS::client() and phpCAS::proxy functions should be
- * called, only once, and before all other methods (except phpCAS::getVersion()
- * and phpCAS::setDebug()).
- *
- * @param $server_version the version of the CAS server
- * @param $server_hostname the hostname of the CAS server
- * @param $server_port the port the CAS server is running on
- * @param $server_uri the URI the CAS server is responding on
- * @param $start_session Have phpCAS start PHP sessions (default true)
- *
- * @return a newly created CASClient object
- */
- function proxy($server_version,
- $server_hostname,
- $server_port,
- $server_uri,
- $start_session = true)
- {
- global $PHPCAS_CLIENT, $PHPCAS_INIT_CALL;
-
- phpCAS::traceBegin();
- if ( is_object($PHPCAS_CLIENT) ) {
- phpCAS::error($PHPCAS_INIT_CALL['method'].'() has already been called (at '.$PHPCAS_INIT_CALL['file'].':'.$PHPCAS_INIT_CALL['line'].')');
- }
- if ( gettype($server_version) != 'string' ) {
- phpCAS::error('type mismatched for parameter $server_version (should be `string\')');
- }
- if ( gettype($server_hostname) != 'string' ) {
- phpCAS::error('type mismatched for parameter $server_hostname (should be `string\')');
- }
- if ( gettype($server_port) != 'integer' ) {
- phpCAS::error('type mismatched for parameter $server_port (should be `integer\')');
- }
- if ( gettype($server_uri) != 'string' ) {
- phpCAS::error('type mismatched for parameter $server_uri (should be `string\')');
- }
-
- // store where the initialzer is called from
- $dbg = phpCAS::backtrace();
- $PHPCAS_INIT_CALL = array('done' => TRUE,
- 'file' => $dbg[0]['file'],
- 'line' => $dbg[0]['line'],
- 'method' => __CLASS__.'::'.__FUNCTION__);
-
- // initialize the global object $PHPCAS_CLIENT
- $PHPCAS_CLIENT = new CASClient($server_version,TRUE/*proxy*/,$server_hostname,$server_port,$server_uri,$start_session);
- phpCAS::traceEnd();
- }
-
- /** @} */
- // ########################################################################
- // DEBUGGING
- // ########################################################################
-
- /**
- * @addtogroup publicDebug
- * @{
- */
-
- /**
- * Set/unset debug mode
- *
- * @param $filename the name of the file used for logging, or FALSE to stop debugging.
- */
- function setDebug($filename='')
- {
- global $PHPCAS_DEBUG;
-
- if ( $filename != FALSE && gettype($filename) != 'string' ) {
- phpCAS::error('type mismatched for parameter $dbg (should be FALSE or the name of the log file)');
- }
-
- if ( empty($filename) ) {
- if ( preg_match('/^Win.*/',getenv('OS')) ) {
- if ( isset($_ENV['TMP']) ) {
- $debugDir = $_ENV['TMP'].'/';
- } else if ( isset($_ENV['TEMP']) ) {
- $debugDir = $_ENV['TEMP'].'/';
- } else {
- $debugDir = '';
- }
- } else {
- $debugDir = DEFAULT_DEBUG_DIR;
- }
- $filename = $debugDir . 'phpCAS.log';
- }
-
- if ( empty($PHPCAS_DEBUG['unique_id']) ) {
- $PHPCAS_DEBUG['unique_id'] = substr(strtoupper(md5(uniqid(''))),0,4);
- }
-
- $PHPCAS_DEBUG['filename'] = $filename;
-
- phpCAS::trace('START ******************');
- }
-
- /** @} */
- /**
- * @addtogroup internalDebug
- * @{
- */
-
- /**
- * This method is a wrapper for debug_backtrace() that is not available
- * in all PHP versions (>= 4.3.0 only)
- */
- function backtrace()
- {
- if ( function_exists('debug_backtrace') ) {
- return debug_backtrace();
- } else {
- // poor man's hack ... but it does work ...
- return array();
- }
- }
-
- /**
- * Logs a string in debug mode.
- *
- * @param $str the string to write
- *
- * @private
- */
- function log($str)
- {
- $indent_str = ".";
- global $PHPCAS_DEBUG;
-
- if ( $PHPCAS_DEBUG['filename'] ) {
- for ($i=0;$i<$PHPCAS_DEBUG['indent'];$i++) {
- $indent_str .= '| ';
- }
- error_log($PHPCAS_DEBUG['unique_id'].' '.$indent_str.$str."\n",3,$PHPCAS_DEBUG['filename']);
- }
-
- }
-
- /**
- * This method is used by interface methods to print an error and where the function
- * was originally called from.
- *
- * @param $msg the message to print
- *
- * @private
- */
- function error($msg)
- {
- $dbg = phpCAS::backtrace();
- $function = '?';
- $file = '?';
- $line = '?';
- if ( is_array($dbg) ) {
- for ( $i=1; $i<sizeof($dbg); $i++) {
- if ( is_array($dbg[$i]) ) {
- if ( $dbg[$i]['class'] == __CLASS__ ) {
- $function = $dbg[$i]['function'];
- $file = $dbg[$i]['file'];
- $line = $dbg[$i]['line'];
- }
- }
- }
- }
- echo "<br />\n<b>phpCAS error</b>: <font color=\"FF0000\"><b>".__CLASS__."::".$function.'(): '.htmlentities($msg)."</b></font> in <b>".$file."</b> on line <b>".$line."</b><br />\n";
- phpCAS::trace($msg);
- phpCAS::traceExit();
- exit();
- }
-
- /**
- * This method is used to log something in debug mode.
- */
- function trace($str)
- {
- $dbg = phpCAS::backtrace();
- phpCAS::log($str.' ['.basename($dbg[1]['file']).':'.$dbg[1]['line'].']');
- }
-
- /**
- * This method is used to indicate the start of the execution of a function in debug mode.
- */
- function traceBegin()
- {
- global $PHPCAS_DEBUG;
-
- $dbg = phpCAS::backtrace();
- $str = '=> ';
- if ( !empty($dbg[2]['class']) ) {
- $str .= $dbg[2]['class'].'::';
- }
- $str .= $dbg[2]['function'].'(';
- if ( is_array($dbg[2]['args']) ) {
- foreach ($dbg[2]['args'] as $index => $arg) {
- if ( $index != 0 ) {
- $str .= ', ';
- }
- $str .= str_replace("\n","",var_export($arg,TRUE));
- }
- }
- $str .= ') ['.basename($dbg[2]['file']).':'.$dbg[2]['line'].']';
- phpCAS::log($str);
- $PHPCAS_DEBUG['indent'] ++;
- }
-
- /**
- * This method is used to indicate the end of the execution of a function in debug mode.
- *
- * @param $res the result of the function
- */
- function traceEnd($res='')
- {
- global $PHPCAS_DEBUG;
-
- $PHPCAS_DEBUG['indent'] --;
- $dbg = phpCAS::backtrace();
- $str = '';
- $str .= '<= '.str_replace("\n","",var_export($res,TRUE));
- phpCAS::log($str);
- }
-
- /**
- * This method is used to indicate the end of the execution of the program
- */
- function traceExit()
- {
- global $PHPCAS_DEBUG;
-
- phpCAS::log('exit()');
- while ( $PHPCAS_DEBUG['indent'] > 0 ) {
- phpCAS::log('-');
- $PHPCAS_DEBUG['indent'] --;
- }
- }
-
- /** @} */
- // ########################################################################
- // INTERNATIONALIZATION
- // ########################################################################
- /**
- * @addtogroup publicLang
- * @{
- */
-
- /**
- * This method is used to set the language used by phpCAS.
- * @note Can be called only once.
- *
- * @param $lang a string representing the language.
- *
- * @sa PHPCAS_LANG_FRENCH, PHPCAS_LANG_ENGLISH
- */
- function setLang($lang)
- {
- global $PHPCAS_CLIENT;
- if ( !is_object($PHPCAS_CLIENT) ) {
- phpCAS::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()');
- }
- if ( gettype($lang) != 'string' ) {
- phpCAS::error('type mismatched for parameter $lang (should be `string\')');
- }
- $PHPCAS_CLIENT->setLang($lang);
- }
-
- /** @} */
- // ########################################################################
- // VERSION
- // ########################################################################
- /**
- * @addtogroup public
- * @{
- */
-
- /**
- * This method returns the phpCAS version.
- *
- * @return the phpCAS version.
- */
- function getVersion()
- {
- return PHPCAS_VERSION;
- }
-
- /** @} */
- // ########################################################################
- // HTML OUTPUT
- // ########################################################################
- /**
- * @addtogroup publicOutput
- * @{
- */
-
- /**
- * This method sets the HTML header used for all outputs.
- *
- * @param $header the HTML header.
- */
- function setHTMLHeader($header)
- {
- global $PHPCAS_CLIENT;
- if ( !is_object($PHPCAS_CLIENT) ) {
- phpCAS::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()');
- }
- if ( gettype($header) != 'string' ) {
- phpCAS::error('type mismatched for parameter $header (should be `string\')');
- }
- $PHPCAS_CLIENT->setHTMLHeader($header);
- }
-
- /**
- * This method sets the HTML footer used for all outputs.
- *
- * @param $footer the HTML footer.
- */
- function setHTMLFooter($footer)
- {
- global $PHPCAS_CLIENT;
- if ( !is_object($PHPCAS_CLIENT) ) {
- phpCAS::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()');
- }
- if ( gettype($footer) != 'string' ) {
- phpCAS::error('type mismatched for parameter $footer (should be `string\')');
- }
- $PHPCAS_CLIENT->setHTMLFooter($footer);
- }
-
- /** @} */
- // ########################################################################
- // PGT STORAGE
- // ########################################################################
- /**
- * @addtogroup publicPGTStorage
- * @{
- */
-
- /**
- * This method is used to tell phpCAS to store the response of the
- * CAS server to PGT requests onto the filesystem.
- *
- * @param $format the format used to store the PGT's (`plain' and `xml' allowed)
- * @param $path the path where the PGT's should be stored
- */
- function setPGTStorageFile($format='',
- $path='')
- {
- global $PHPCAS_CLIENT,$PHPCAS_AUTH_CHECK_CALL;
-
- phpCAS::traceBegin();
- if ( !is_object($PHPCAS_CLIENT) ) {
- phpCAS::error('this method should only be called after '.__CLASS__.'::proxy()');
- }
- if ( !$PHPCAS_CLIENT->isProxy() ) {
- phpCAS::error('this method should only be called after '.__CLASS__.'::proxy()');
- }
- if ( $PHPCAS_AUTH_CHECK_CALL['done'] ) {
- phpCAS::error('this method should only be called before '.$PHPCAS_AUTH_CHECK_CALL['method'].'() (called at '.$PHPCAS_AUTH_CHECK_CALL['file'].':'.$PHPCAS_AUTH_CHECK_CALL['line'].')');
- }
- if ( gettype($format) != 'string' ) {
- phpCAS::error('type mismatched for parameter $format (should be `string\')');
- }
- if ( gettype($path) != 'string' ) {
- phpCAS::error('type mismatched for parameter $format (should be `string\')');
- }
- $PHPCAS_CLIENT->setPGTStorageFile($format,$path);
- phpCAS::traceEnd();
- }
-
- /**
- * This method is used to tell phpCAS to store the response of the
- * CAS server to PGT requests into a database.
- * @note The connection to the database is done only when needed.
- * As a consequence, bad parameters are detected only when
- * initializing PGT storage, except in debug mode.
- *
- * @param $user the user to access the data with
- * @param $password the user's password
- * @param $database_type the type of the database hosting the data
- * @param $hostname the server hosting the database
- * @param $port the port the server is listening on
- * @param $database the name of the database
- * @param $table the name of the table storing the data
- */
- function setPGTStorageDB($user,
- $password,
- $database_type='',
- $hostname='',
- $port=0,
- $database='',
- $table='')
- {
- global $PHPCAS_CLIENT,$PHPCAS_AUTH_CHECK_CALL;
-
- phpCAS::traceBegin();
- if ( !is_object($PHPCAS_CLIENT) ) {
- phpCAS::error('this method should only be called after '.__CLASS__.'::proxy()');
- }
- if ( !$PHPCAS_CLIENT->isProxy() ) {
- phpCAS::error('this method should only be called after '.__CLASS__.'::proxy()');
- }
- if ( $PHPCAS_AUTH_CHECK_CALL['done'] ) {
- phpCAS::error('this method should only be called before '.$PHPCAS_AUTH_CHECK_CALL['method'].'() (called at '.$PHPCAS_AUTH_CHECK_CALL['file'].':'.$PHPCAS_AUTH_CHECK_CALL['line'].')');
- }
- if ( gettype($user) != 'string' ) {
- phpCAS::error('type mismatched for parameter $user (should be `string\')');
- }
- if ( gettype($password) != 'string' ) {
- phpCAS::error('type mismatched for parameter $password (should be `string\')');
- }
- if ( gettype($database_type) != 'string' ) {
- phpCAS::error('type mismatched for parameter $database_type (should be `string\')');
- }
- if ( gettype($hostname) != 'string' ) {
- phpCAS::error('type mismatched for parameter $hostname (should be `string\')');
- }
- if ( gettype($port) != 'integer' ) {
- phpCAS::error('type mismatched for parameter $port (should be `integer\')');
- }
- if ( gettype($database) != 'string' ) {
- phpCAS::error('type mismatched for parameter $database (should be `string\')');
- }
- if ( gettype($table) != 'string' ) {
- phpCAS::error('type mismatched for parameter $table (should be `string\')');
- }
- $PHPCAS_CLIENT->setPGTStorageDB($this,$user,$password,$hostname,$port,$database,$table);
- phpCAS::traceEnd();
- }
-
- /** @} */
- // ########################################################################
- // ACCESS TO EXTERNAL SERVICES
- // ########################################################################
- /**
- * @addtogroup publicServices
- * @{
- */
-
- /**
- * This method is used to access an HTTP[S] service.
- *
- * @param $url the service to access.
- * @param $err_code an error code Possible values are PHPCAS_SERVICE_OK (on
- * success), PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE, PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE,
- * PHPCAS_SERVICE_PT_FAILURE, PHPCAS_SERVICE_NOT AVAILABLE.
- * @param $output the output of the service (also used to give an error
- * message on failure).
- *
- * @return TRUE on success, FALSE otherwise (in this later case, $err_code
- * gives the reason why it failed and $output contains an error message).
- */
- function serviceWeb($url,&$err_code,&$output)
- {
- global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;
-
- phpCAS::traceBegin();
- if ( !is_object($PHPCAS_CLIENT) ) {
- phpCAS::error('this method should only be called after '.__CLASS__.'::proxy()');
- }
- if ( !$PHPCAS_CLIENT->isProxy() ) {
- phpCAS::error('this method should only be called after '.__CLASS__.'::proxy()');
- }
- if ( !$PHPCAS_AUTH_CHECK_CALL['done'] ) {
- phpCAS::error('this method should only be called after the programmer is sure the user has been authenticated (by calling '.__CLASS__.'::checkAuthentication() or '.__CLASS__.'::forceAuthentication()');
- }
- if ( !$PHPCAS_AUTH_CHECK_CALL['result'] ) {
- phpCAS::error('authentication was checked (by '.$PHPCAS_AUTH_CHECK_CALL['method'].'() at '.$PHPCAS_AUTH_CHECK_CALL['file'].':'.$PHPCAS_AUTH_CHECK_CALL['line'].') but the method returned FALSE');
- }
- if ( gettype($url) != 'string' ) {
- phpCAS::error('type mismatched for parameter $url (should be `string\')');
- }
-
- $res = $PHPCAS_CLIENT->serviceWeb($url,$err_code,$output);
-
- phpCAS::traceEnd($res);
- return $res;
- }
-
- /**
- * This method is used to access an IMAP/POP3/NNTP service.
- *
- * @param $url a string giving the URL of the service, including the mailing box
- * for IMAP URLs, as accepted by imap_open().
- * @param $flags options given to imap_open().
- * @param $err_code an error code Possible values are PHPCAS_SERVICE_OK (on
- * success), PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE, PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE,
- * PHPCAS_SERVICE_PT_FAILURE, PHPCAS_SERVICE_NOT AVAILABLE.
- * @param $err_msg an error message on failure
- * @param $pt the Proxy Ticket (PT) retrieved from the CAS server to access the URL
- * on success, FALSE on error).
- *
- * @return an IMAP stream on success, FALSE otherwise (in this later case, $err_code
- * gives the reason why it failed and $err_msg contains an error message).
- */
- function serviceMail($url,$flags,&$err_code,&$err_msg,&$pt)
- {
- global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;
-
- phpCAS::traceBegin();
- if ( !is_object($PHPCAS_CLIENT) ) {
- phpCAS::error('this method should only be called after '.__CLASS__.'::proxy()');
- }
- if ( !$PHPCAS_CLIENT->isProxy() ) {
- phpCAS::error('this method should only be called after '.__CLASS__.'::proxy()');
- }
- if ( !$PHPCAS_AUTH_CHECK_CALL['done'] ) {
- phpCAS::error('this method should only be called after the programmer is sure the user has been authenticated (by calling '.__CLASS__.'::checkAuthentication() or '.__CLASS__.'::forceAuthentication()');
- }
- if ( !$PHPCAS_AUTH_CHECK_CALL['result'] ) {
- phpCAS::error('authentication was checked (by '.$PHPCAS_AUTH_CHECK_CALL['method'].'() at '.$PHPCAS_AUTH_CHECK_CALL['file'].':'.$PHPCAS_AUTH_CHECK_CALL['line'].') but the method returned FALSE');
- }
- if ( gettype($url) != 'string' ) {
- phpCAS::error('type mismatched for parameter $url (should be `string\')');
- }
-
- if ( gettype($flags) != 'integer' ) {
- phpCAS::error('type mismatched for parameter $flags (should be `integer\')');
- }
-
- $res = $PHPCAS_CLIENT->serviceMail($url,$flags,$err_code,$err_msg,$pt);
-
- phpCAS::traceEnd($res);
- return $res;
- }
-
- /** @} */
- // ########################################################################
- // AUTHENTICATION
- // ########################################################################
- /**
- * @addtogroup publicAuth
- * @{
- */
-
- /**
- * Set the times authentication will be cached before really accessing the CAS server in gateway mode:
- * - -1: check only once, and then never again (until you pree login)
- * - 0: always check
- * - n: check every "n" time
- *
- * @param $n an integer.
- */
- function setCacheTimesForAuthRecheck($n)
- {
- global $PHPCAS_CLIENT;
- if ( !is_object($PHPCAS_CLIENT) ) {
- phpCAS::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()');
- }
- if ( gettype($n) != 'integer' ) {
- phpCAS::error('type mismatched for parameter $header (should be `string\')');
- }
- $PHPCAS_CLIENT->setCacheTimesForAuthRecheck($n);
- }
-
- /**
- * This method is called to check if the user is authenticated (use the gateway feature).
- * @return TRUE when the user is authenticated; otherwise FALSE.
- */
- function checkAuthentication()
- {
- global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;
-
- phpCAS::traceBegin();
- if ( !is_object($PHPCAS_CLIENT) ) {
- phpCAS::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()');
- }
-
- $auth = $PHPCAS_CLIENT->checkAuthentication();
-
- // store where the authentication has been checked and the result
- $dbg = phpCAS::backtrace();
- $PHPCAS_AUTH_CHECK_CALL = array('done' => TRUE,
- 'file' => $dbg[0]['file'],
- 'line' => $dbg[0]['line'],
- 'method' => __CLASS__.'::'.__FUNCTION__,
- 'result' => $auth );
- phpCAS::traceEnd($auth);
- return $auth;
- }
-
- /**
- * This method is called to force authentication if the user was not already
- * authenticated. If the user is not authenticated, halt by redirecting to
- * the CAS server.
- */
- function forceAuthentication()
- {
- global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;
-
- phpCAS::traceBegin();
- if ( !is_object($PHPCAS_CLIENT) ) {
- phpCAS::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()');
- }
-
- $auth = $PHPCAS_CLIENT->forceAuthentication();
-
- // store where the authentication has been checked and the result
- $dbg = phpCAS::backtrace();
- $PHPCAS_AUTH_CHECK_CALL = array('done' => TRUE,
- 'file' => $dbg[0]['file'],
- 'line' => $dbg[0]['line'],
- 'method' => __CLASS__.'::'.__FUNCTION__,
- 'result' => $auth );
-
- if ( !$auth ) {
- phpCAS::trace('user is not authenticated, redirecting to the CAS server');
- $PHPCAS_CLIENT->forceAuthentication();
- } else {
- phpCAS::trace('no need to authenticate (user `'.phpCAS::getUser().'\' is already authenticated)');
- }
-
- phpCAS::traceEnd();
- return $auth;
- }
-
- /**
- * This method is called to renew the authentication.
- **/
- function renewAuthentication() {
- global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;
-
- phpCAS::traceBegin();
- if ( !is_object($PHPCAS_CLIENT) ) {
- phpCAS::error('this method should not be called before'.__CLASS__.'::client() or '.__CLASS__.'::proxy()');
- }
-
- // store where the authentication has been checked and the result
- $dbg = phpCAS::backtrace();
- $PHPCAS_AUTH_CHECK_CALL = array('done' => TRUE, 'file' => $dbg[0]['file'], 'line' => $dbg[0]['line'], 'method' => __CLASS__.'::'.__FUNCTION__, 'result' => $auth );
-
- $PHPCAS_CLIENT->renewAuthentication();
- phpCAS::traceEnd();
- }
-
- /**
- * This method has been left from version 0.4.1 for compatibility reasons.
- */
- function authenticate()
- {
- phpCAS::error('this method is deprecated. You should use '.__CLASS__.'::forceAuthentication() instead');
- }
-
- /**
- * This method is called to check if the user is authenticated (previously or by
- * tickets given in the URL).
- *
- * @return TRUE when the user is authenticated.
- */
- function isAuthenticated()
- {
- global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;
-
- phpCAS::traceBegin();
- if ( !is_object($PHPCAS_CLIENT) ) {
- phpCAS::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()');
- }
-
- // call the isAuthenticated method of the global $PHPCAS_CLIENT object
- $auth = $PHPCAS_CLIENT->isAuthenticated();
-
- // store where the authentication has been checked and the result
- $dbg = phpCAS::backtrace();
- $PHPCAS_AUTH_CHECK_CALL = array('done' => TRUE,
- 'file' => $dbg[0]['file'],
- 'line' => $dbg[0]['line'],
- 'method' => __CLASS__.'::'.__FUNCTION__,
- 'result' => $auth );
- phpCAS::traceEnd($auth);
- return $auth;
- }
-
- /**
- * Checks whether authenticated based on $_SESSION. Useful to avoid
- * server calls.
- * @return true if authenticated, false otherwise.
- * @since 0.4.22 by Brendan Arnold
- */
- function isSessionAuthenticated ()
- {
- global $PHPCAS_CLIENT;
- if ( !is_object($PHPCAS_CLIENT) ) {
- phpCAS::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()');
- }
- return($PHPCAS_CLIENT->isSessionAuthenticated());
- }
-
- /**
- * This method returns the CAS user's login name.
- * @warning should not be called only after phpCAS::forceAuthentication()
- * or phpCAS::checkAuthentication().
- *
- * @return the login name of the authenticated user
- */
- function getUser()
- {
- global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;
- if ( !is_object($PHPCAS_CLIENT) ) {
- phpCAS::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()');
- }
- if ( !$PHPCAS_AUTH_CHECK_CALL['done'] ) {
- phpCAS::error('this method should only be called after '.__CLASS__.'::forceAuthentication() or '.__CLASS__.'::isAuthenticated()');
- }
- if ( !$PHPCAS_AUTH_CHECK_CALL['result'] ) {
- phpCAS::error('authentication was checked (by '.$PHPCAS_AUTH_CHECK_CALL['method'].'() at '.$PHPCAS_AUTH_CHECK_CALL['file'].':'.$PHPCAS_AUTH_CHECK_CALL['line'].') but the method returned FALSE');
- }
- return $PHPCAS_CLIENT->getUser();
- }
-
- /**
- * Handle logout requests.
- */
- function handleLogoutRequests($check_client=true, $allowed_clients=false)
- {
- global $PHPCAS_CLIENT;
- if ( !is_object($PHPCAS_CLIENT) ) {
- phpCAS::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()');
- }
- return($PHPCAS_CLIENT->handleLogoutRequests($check_client, $allowed_clients));
- }
-
- /**
- * This method returns the URL to be used to login.
- * or phpCAS::isAuthenticated().
- *
- * @return the login name of the authenticated user
- */
- function getServerLoginURL()
- {
- global $PHPCAS_CLIENT;
- if ( !is_object($PHPCAS_CLIENT) ) {
- phpCAS::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()');
- }
- return $PHPCAS_CLIENT->getServerLoginURL();
- }
-
- /**
- * Set the login URL of the CAS server.
- * @param $url the login URL
- * @since 0.4.21 by Wyman Chan
- */
- function setServerLoginURL($url='')
- {
- global $PHPCAS_CLIENT;
- phpCAS::traceBegin();
- if ( !is_object($PHPCAS_CLIENT) ) {
- phpCAS::error('this method should only be called after
- '.__CLASS__.'::client()');
- }
- if ( gettype($url) != 'string' ) {
- phpCAS::error('type mismatched for parameter $url (should be
- `string\')');
- }
- $PHPCAS_CLIENT->setServerLoginURL($url);
- phpCAS::traceEnd();
- }
-
- /**
- * This method returns the URL to be used to login.
- * or phpCAS::isAuthenticated().
- *
- * @return the login name of the authenticated user
- */
- function getServerLogoutURL()
- {
- global $PHPCAS_CLIENT;
- if ( !is_object($PHPCAS_CLIENT) ) {
- phpCAS::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()');
- }
- return $PHPCAS_CLIENT->getServerLogoutURL();
- }
-
- /**
- * Set the logout URL of the CAS server.
- * @param $url the logout URL
- * @since 0.4.21 by Wyman Chan
- */
- function setServerLogoutURL($url='')
- {
- global $PHPCAS_CLIENT;
- phpCAS::traceBegin();
- if ( !is_object($PHPCAS_CLIENT) ) {
- phpCAS::error('this method should only be called after
- '.__CLASS__.'::client()');
- }
- if ( gettype($url) != 'string' ) {
- phpCAS::error('type mismatched for parameter $url (should be
- `string\')');
- }
- $PHPCAS_CLIENT->setServerLogoutURL($url);
- phpCAS::traceEnd();
- }
-
- /**
- * This method is used to logout from CAS.
- * @params $params an array that contains the optional url and service parameters that will be passed to the CAS server
- * @public
- */
- function logout($params = "") {
- global $PHPCAS_CLIENT;
- phpCAS::traceBegin();
- if (!is_object($PHPCAS_CLIENT)) {
- phpCAS::error('this method should only be called after '.__CLASS__.'::client() or'.__CLASS__.'::proxy()');
- }
- $parsedParams = array();
- if ($params != "") {
- if (is_string($params)) {
- phpCAS::error('method `phpCAS::logout($url)\' is now deprecated, use `phpCAS::logoutWithUrl($url)\' instead');
- }
- if (!is_array($params)) {
- phpCAS::error('type mismatched for parameter $params (should be `array\')');
- }
- foreach ($params as $key => $value) {
- if ($key != "service" && $key != "url") {
- phpCAS::error('only `url\' and `service\' parameters are allowed for method `phpCAS::logout($params)\'');
- }
- $parsedParams[$key] = $value;
- }
- }
- $PHPCAS_CLIENT->logout($parsedParams);
- // never reached
- phpCAS::traceEnd();
- }
-
- /**
- * This method is used to logout from CAS. Halts by redirecting to the CAS server.
- * @param $service a URL that will be transmitted to the CAS server
- */
- function logoutWithRedirectService($service) {
- global $PHPCAS_CLIENT;
- phpCAS::traceBegin();
- if ( !is_object($PHPCAS_CLIENT) ) {
- phpCAS::error('this method should only be called after '.__CLASS__.'::client() or'.__CLASS__.'::proxy()');
- }
- if (!is_string($service)) {
- phpCAS::error('type mismatched for parameter $service (should be `string\')');
- }
- $PHPCAS_CLIENT->logout(array("service" => $service));
- // never reached
- phpCAS::traceEnd();
- }
-
- /**
- * This method is used to logout from CAS. Halts by redirecting to the CAS server.
- * @param $url a URL that will be transmitted to the CAS server
- */
- function logoutWithUrl($url) {
- global $PHPCAS_CLIENT;
- phpCAS::traceBegin();
- if ( !is_object($PHPCAS_CLIENT) ) {
- phpCAS::error('this method should only be called after '.__CLASS__.'::client() or'.__CLASS__.'::proxy()');
- }
- if (!is_string($url)) {
- phpCAS::error('type mismatched for parameter $url (should be `string\')');
- }
- $PHPCAS_CLIENT->logout(array("url" => $url));
- // never reached
- phpCAS::traceEnd();
- }
-
- /**
- * This method is used to logout from CAS. Halts by redirecting to the CAS server.
- * @param $service a URL that will be transmitted to the CAS server
- * @param $url a URL that will be transmitted to the CAS server
- */
- function logoutWithRedirectServiceAndUrl($service, $url) {
- global $PHPCAS_CLIENT;
- phpCAS::traceBegin();
- if ( !is_object($PHPCAS_CLIENT) ) {
- phpCAS::error('this method should only be called after '.__CLASS__.'::client() or'.__CLASS__.'::proxy()');
- }
- if (!is_string($service)) {
- phpCAS::error('type mismatched for parameter $service (should be `string\')');
- }
- if (!is_string($url)) {
- phpCAS::error('type mismatched for parameter $url (should be `string\')');
- }
- $PHPCAS_CLIENT->logout(array("service" => $service, "url" => $url));
- // never reached
- phpCAS::traceEnd();
- }
-
- /**
- * Set the fixed URL that will be used by the CAS server to transmit the PGT.
- * When this method is not called, a phpCAS script uses its own URL for the callback.
- *
- * @param $url the URL
- */
- function setFixedCallbackURL($url='')
- {
- global $PHPCAS_CLIENT;
- phpCAS::traceBegin();
- if ( !is_object($PHPCAS_CLIENT) ) {
- phpCAS::error('this method should only be called after '.__CLASS__.'::proxy()');
- }
- if ( !$PHPCAS_CLIENT->isProxy() ) {
- phpCAS::error('this method should only be called after '.__CLASS__.'::proxy()');
- }
- if ( gettype($url) != 'string' ) {
- phpCAS::error('type mismatched for parameter $url (should be `string\')');
- }
- $PHPCAS_CLIENT->setCallbackURL($url);
- phpCAS::traceEnd();
- }
-
- /**
- * Set the fixed URL that will be set as the CAS service parameter. When this
- * method is not called, a phpCAS script uses its own URL.
- *
- * @param $url the URL
- */
- function setFixedServiceURL($url)
- {
- global $PHPCAS_CLIENT;
- phpCAS::traceBegin();
- if ( !is_object($PHPCAS_CLIENT) ) {
- phpCAS::error('this method should only be called after '.__CLASS__.'::proxy()');
- }
- if ( gettype($url) != 'string' ) {
- phpCAS::error('type mismatched for parameter $url (should be `string\')');
- }
- $PHPCAS_CLIENT->setURL($url);
- phpCAS::traceEnd();
- }
-
- /**
- * Get the URL that is set as the CAS service parameter.
- */
- function getServiceURL()
- {
- global $PHPCAS_CLIENT;
- if ( !is_object($PHPCAS_CLIENT) ) {
- phpCAS::error('this method should only be called after '.__CLASS__.'::proxy()');
- }
- return($PHPCAS_CLIENT->getURL());
- }
-
- /**
- * Retrieve a Proxy Ticket from the CAS server.
- */
- function retrievePT($target_service,&$err_code,&$err_msg)
- {
- global $PHPCAS_CLIENT;
- if ( !is_object($PHPCAS_CLIENT) ) {
- phpCAS::error('this method should only be called after '.__CLASS__.'::proxy()');
- }
- if ( gettype($target_service) != 'string' ) {
- phpCAS::error('type mismatched for parameter $target_service(should be `string\')');
- }
- return($PHPCAS_CLIENT->retrievePT($target_service,$err_code,$err_msg));
- }
-
- /**
- * Set the certificate of the CAS server.
- *
- * @param $cert the PEM certificate
- */
- function setCasServerCert($cert)
- {
- global $PHPCAS_CLIENT;
- phpCAS::traceBegin();
- if ( !is_object($PHPCAS_CLIENT) ) {
- phpCAS::error('this method should only be called after '.__CLASS__.'::client() or'.__CLASS__.'::proxy()');
- }
- if ( gettype($cert) != 'string' ) {
- phpCAS::error('type mismatched for parameter $cert (should be `string\')');
- }
- $PHPCAS_CLIENT->setCasServerCert($cert);
- phpCAS::traceEnd();
- }
-
- /**
- * Set the certificate of the CAS server CA.
- *
- * @param $cert the CA certificate
- */
- function setCasServerCACert($cert)
- {
- global $PHPCAS_CLIENT;
- phpCAS::traceBegin();
- if ( !is_object($PHPCAS_CLIENT) ) {
- phpCAS::error('this method should only be called after '.__CLASS__.'::client() or'.__CLASS__.'::proxy()');
- }
- if ( gettype($cert) != 'string' ) {
- phpCAS::error('type mismatched for parameter $cert (should be `string\')');
- }
- $PHPCAS_CLIENT->setCasServerCACert($cert);
- phpCAS::traceEnd();
- }
-
- /**
- * Set no SSL validation for the CAS server.
- */
- function setNoCasServerValidation()
- {
- global $PHPCAS_CLIENT;
- phpCAS::traceBegin();
- if ( !is_object($PHPCAS_CLIENT) ) {
- phpCAS::error('this method should only be called after '.__CLASS__.'::client() or'.__CLASS__.'::proxy()');
- }
- $PHPCAS_CLIENT->setNoCasServerValidation();
- phpCAS::traceEnd();
- }
-
- /** @} */
-
- /**
- * Change CURL options.
- * CURL is used to connect through HTTPS to CAS server
- * @param $key the option key
- * @param $value the value to set
- */
- function setExtraCurlOption($key, $value)
- {
- global $PHPCAS_CLIENT;
- phpCAS::traceBegin();
- if ( !is_object($PHPCAS_CLIENT) ) {
- phpCAS::error('this method should only be called after '.__CLASS__.'::client() or'.__CLASS__.'::proxy()');
- }
- $PHPCAS_CLIENT->setExtraCurlOption($key, $value);
- phpCAS::traceEnd();
- }
-
-}
-
-// ########################################################################
-// DOCUMENTATION
-// ########################################################################
-
-// ########################################################################
-// MAIN PAGE
-
-/**
- * @mainpage
- *
- * The following pages only show the source documentation.
- *
- */
-
-// ########################################################################
-// MODULES DEFINITION
-
-/** @defgroup public User interface */
-
-/** @defgroup publicInit Initialization
- * @ingroup public */
-
-/** @defgroup publicAuth Authentication
- * @ingroup public */
-
-/** @defgroup publicServices Access to external services
- * @ingroup public */
-
-/** @defgroup publicConfig Configuration
- * @ingroup public */
-
-/** @defgroup publicLang Internationalization
- * @ingroup publicConfig */
-
-/** @defgroup publicOutput HTML output
- * @ingroup publicConfig */
-
-/** @defgroup publicPGTStorage PGT storage
- * @ingroup publicConfig */
-
-/** @defgroup publicDebug Debugging
- * @ingroup public */
-
-
-/** @defgroup internal Implementation */
-
-/** @defgroup internalAuthentication Authentication
- * @ingroup internal */
-
-/** @defgroup internalBasic CAS Basic client features (CAS 1.0, Service Tickets)
- * @ingroup internal */
-
-/** @defgroup internalProxy CAS Proxy features (CAS 2.0, Proxy Granting Tickets)
- * @ingroup internal */
-
-/** @defgroup internalPGTStorage PGT storage
- * @ingroup internalProxy */
-
-/** @defgroup internalPGTStorageDB PGT storage in a database
- * @ingroup internalPGTStorage */
-
-/** @defgroup internalPGTStorageFile PGT storage on the filesystem
- * @ingroup internalPGTStorage */
-
-/** @defgroup internalCallback Callback from the CAS server
- * @ingroup internalProxy */
-
-/** @defgroup internalProxied CAS proxied client features (CAS 2.0, Proxy Tickets)
- * @ingroup internal */
-
-/** @defgroup internalConfig Configuration
- * @ingroup internal */
-
-/** @defgroup internalOutput HTML output
- * @ingroup internalConfig */
-
-/** @defgroup internalLang Internationalization
- * @ingroup internalConfig
- *
- * To add a new language:
- * - 1. define a new constant PHPCAS_LANG_XXXXXX in CAS/CAS.php
- * - 2. copy any file from CAS/languages to CAS/languages/XXXXXX.php
- * - 3. Make the translations
- */
-
-/** @defgroup internalDebug Debugging
- * @ingroup internal */
-
-/** @defgroup internalMisc Miscellaneous
- * @ingroup internal */
-
-// ########################################################################
-// EXAMPLES
-
-/**
- * @example example_simple.php
- */
- /**
- * @example example_proxy.php
- */
- /**
- * @example example_proxy2.php
- */
- /**
- * @example example_lang.php
- */
- /**
- * @example example_html.php
- */
- /**
- * @example example_file.php
- */
- /**
- * @example example_db.php
- */
- /**
- * @example example_service.php
- */
- /**
- * @example example_session_proxy.php
- */
- /**
- * @example example_session_service.php
- */
- /**
- * @example example_gateway.php
- */
-
-
-
-?>
+<?php + +// commented in 0.4.22-RC2 for Sylvain Derosiaux +// error_reporting(E_ALL ^ E_NOTICE); + +// +// hack by Vangelis Haniotakis to handle the absence of $_SERVER['REQUEST_URI'] in IIS +// +if (!$_SERVER['REQUEST_URI']) { + $_SERVER['REQUEST_URI'] = $_SERVER['SCRIPT_NAME'].'?'.$_SERVER['QUERY_STRING']; +} + +// +// another one by Vangelis Haniotakis also to make phpCAS work with PHP5 +// +if (version_compare(PHP_VERSION,'5','>=')) { + require_once(dirname(__FILE__).'/CAS/domxml-php4-php5.php'); +} + +/** + * @file CAS/CAS.php + * Interface class of the phpCAS library + * + * @ingroup public + */ + +// ######################################################################## +// CONSTANTS +// ######################################################################## + +// ------------------------------------------------------------------------ +// CAS VERSIONS +// ------------------------------------------------------------------------ + +/** + * phpCAS version. accessible for the user by phpCAS::getVersion(). + */ +define('PHPCAS_VERSION','1.0.1'); + +// ------------------------------------------------------------------------ +// CAS VERSIONS +// ------------------------------------------------------------------------ + /** + * @addtogroup public + * @{ + */ + +/** + * CAS version 1.0 + */ +define("CAS_VERSION_1_0",'1.0'); +/*! + * CAS version 2.0 + */ +define("CAS_VERSION_2_0",'2.0'); + +/** @} */ + /** + * @addtogroup publicPGTStorage + * @{ + */ +// ------------------------------------------------------------------------ +// FILE PGT STORAGE +// ------------------------------------------------------------------------ + /** + * Default path used when storing PGT's to file + */ +define("CAS_PGT_STORAGE_FILE_DEFAULT_PATH",'/tmp'); +/** + * phpCAS::setPGTStorageFile()'s 2nd parameter to write plain text files + */ +define("CAS_PGT_STORAGE_FILE_FORMAT_PLAIN",'plain'); +/** + * phpCAS::setPGTStorageFile()'s 2nd parameter to write xml files + */ +define("CAS_PGT_STORAGE_FILE_FORMAT_XML",'xml'); +/** + * Default format used when storing PGT's to file + */ +define("CAS_PGT_STORAGE_FILE_DEFAULT_FORMAT",CAS_PGT_STORAGE_FILE_FORMAT_PLAIN); +// ------------------------------------------------------------------------ +// DATABASE PGT STORAGE +// ------------------------------------------------------------------------ + /** + * default database type when storing PGT's to database + */ +define("CAS_PGT_STORAGE_DB_DEFAULT_DATABASE_TYPE",'mysql'); +/** + * default host when storing PGT's to database + */ +define("CAS_PGT_STORAGE_DB_DEFAULT_HOSTNAME",'localhost'); +/** + * default port when storing PGT's to database + */ +define("CAS_PGT_STORAGE_DB_DEFAULT_PORT",''); +/** + * default database when storing PGT's to database + */ +define("CAS_PGT_STORAGE_DB_DEFAULT_DATABASE",'phpCAS'); +/** + * default table when storing PGT's to database + */ +define("CAS_PGT_STORAGE_DB_DEFAULT_TABLE",'pgt'); + +/** @} */ +// ------------------------------------------------------------------------ +// SERVICE ACCESS ERRORS +// ------------------------------------------------------------------------ + /** + * @addtogroup publicServices + * @{ + */ + +/** + * phpCAS::service() error code on success + */ +define("PHPCAS_SERVICE_OK",0); +/** + * phpCAS::service() error code when the PT could not retrieve because + * the CAS server did not respond. + */ +define("PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE",1); +/** + * phpCAS::service() error code when the PT could not retrieve because + * the response of the CAS server was ill-formed. + */ +define("PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE",2); +/** + * phpCAS::service() error code when the PT could not retrieve because + * the CAS server did not want to. + */ +define("PHPCAS_SERVICE_PT_FAILURE",3); +/** + * phpCAS::service() error code when the service was not available. + */ +define("PHPCAS_SERVICE_NOT AVAILABLE",4); + +/** @} */ +// ------------------------------------------------------------------------ +// LANGUAGES +// ------------------------------------------------------------------------ + /** + * @addtogroup publicLang + * @{ + */ + +define("PHPCAS_LANG_ENGLISH", 'english'); +define("PHPCAS_LANG_FRENCH", 'french'); +define("PHPCAS_LANG_GREEK", 'greek'); +define("PHPCAS_LANG_GERMAN", 'german'); +define("PHPCAS_LANG_JAPANESE", 'japanese'); +define("PHPCAS_LANG_SPANISH", 'spanish'); +define("PHPCAS_LANG_CATALAN", 'catalan'); + +/** @} */ + +/** + * @addtogroup internalLang + * @{ + */ + +/** + * phpCAS default language (when phpCAS::setLang() is not used) + */ +define("PHPCAS_LANG_DEFAULT", PHPCAS_LANG_ENGLISH); + +/** @} */ +// ------------------------------------------------------------------------ +// DEBUG +// ------------------------------------------------------------------------ + /** + * @addtogroup publicDebug + * @{ + */ + +/** + * The default directory for the debug file under Unix. + */ +define('DEFAULT_DEBUG_DIR','/tmp/'); + +/** @} */ +// ------------------------------------------------------------------------ +// MISC +// ------------------------------------------------------------------------ + /** + * @addtogroup internalMisc + * @{ + */ + +/** + * This global variable is used by the interface class phpCAS. + * + * @hideinitializer + */ +$GLOBALS['PHPCAS_CLIENT'] = null; + +/** + * This global variable is used to store where the initializer is called from + * (to print a comprehensive error in case of multiple calls). + * + * @hideinitializer + */ +$GLOBALS['PHPCAS_INIT_CALL'] = array('done' => FALSE, + 'file' => '?', + 'line' => -1, + 'method' => '?'); + +/** + * This global variable is used to store where the method checking + * the authentication is called from (to print comprehensive errors) + * + * @hideinitializer + */ +$GLOBALS['PHPCAS_AUTH_CHECK_CALL'] = array('done' => FALSE, + 'file' => '?', + 'line' => -1, + 'method' => '?', + 'result' => FALSE); + +/** + * This global variable is used to store phpCAS debug mode. + * + * @hideinitializer + */ +$GLOBALS['PHPCAS_DEBUG'] = array('filename' => FALSE, + 'indent' => 0, + 'unique_id' => ''); + +/** @} */ + +// ######################################################################## +// CLIENT CLASS +// ######################################################################## + +// include client class +include_once(dirname(__FILE__).'/CAS/client.php'); + +// ######################################################################## +// INTERFACE CLASS +// ######################################################################## + +/** + * @class phpCAS + * The phpCAS class is a simple container for the phpCAS library. It provides CAS + * authentication for web applications written in PHP. + * + * @ingroup public + * @author Pascal Aubry <pascal.aubry at univ-rennes1.fr> + * + * \internal All its methods access the same object ($PHPCAS_CLIENT, declared + * at the end of CAS/client.php). + */ + + + +class phpCAS +{ + + // ######################################################################## + // INITIALIZATION + // ######################################################################## + + /** + * @addtogroup publicInit + * @{ + */ + + /** + * phpCAS client initializer. + * @note Only one of the phpCAS::client() and phpCAS::proxy functions should be + * called, only once, and before all other methods (except phpCAS::getVersion() + * and phpCAS::setDebug()). + * + * @param $server_version the version of the CAS server + * @param $server_hostname the hostname of the CAS server + * @param $server_port the port the CAS server is running on + * @param $server_uri the URI the CAS server is responding on + * @param $start_session Have phpCAS start PHP sessions (default true) + * + * @return a newly created CASClient object + */ + function client($server_version, + $server_hostname, + $server_port, + $server_uri, + $start_session = true) + { + global $PHPCAS_CLIENT, $PHPCAS_INIT_CALL; + + phpCAS::traceBegin(); + if ( is_object($PHPCAS_CLIENT) ) { + phpCAS::error($PHPCAS_INIT_CALL['method'].'() has already been called (at '.$PHPCAS_INIT_CALL['file'].':'.$PHPCAS_INIT_CALL['line'].')'); + } + if ( gettype($server_version) != 'string' ) { + phpCAS::error('type mismatched for parameter $server_version (should be `string\')'); + } + if ( gettype($server_hostname) != 'string' ) { + phpCAS::error('type mismatched for parameter $server_hostname (should be `string\')'); + } + if ( gettype($server_port) != 'integer' ) { + phpCAS::error('type mismatched for parameter $server_port (should be `integer\')'); + } + if ( gettype($server_uri) != 'string' ) { + phpCAS::error('type mismatched for parameter $server_uri (should be `string\')'); + } + + // store where the initialzer is called from + $dbg = phpCAS::backtrace(); + $PHPCAS_INIT_CALL = array('done' => TRUE, + 'file' => $dbg[0]['file'], + 'line' => $dbg[0]['line'], + 'method' => __CLASS__.'::'.__FUNCTION__); + + // initialize the global object $PHPCAS_CLIENT + $PHPCAS_CLIENT = new CASClient($server_version,FALSE/*proxy*/,$server_hostname,$server_port,$server_uri,$start_session); + phpCAS::traceEnd(); + } + + /** + * phpCAS proxy initializer. + * @note Only one of the phpCAS::client() and phpCAS::proxy functions should be + * called, only once, and before all other methods (except phpCAS::getVersion() + * and phpCAS::setDebug()). + * + * @param $server_version the version of the CAS server + * @param $server_hostname the hostname of the CAS server + * @param $server_port the port the CAS server is running on + * @param $server_uri the URI the CAS server is responding on + * @param $start_session Have phpCAS start PHP sessions (default true) + * + * @return a newly created CASClient object + */ + function proxy($server_version, + $server_hostname, + $server_port, + $server_uri, + $start_session = true) + { + global $PHPCAS_CLIENT, $PHPCAS_INIT_CALL; + + phpCAS::traceBegin(); + if ( is_object($PHPCAS_CLIENT) ) { + phpCAS::error($PHPCAS_INIT_CALL['method'].'() has already been called (at '.$PHPCAS_INIT_CALL['file'].':'.$PHPCAS_INIT_CALL['line'].')'); + } + if ( gettype($server_version) != 'string' ) { + phpCAS::error('type mismatched for parameter $server_version (should be `string\')'); + } + if ( gettype($server_hostname) != 'string' ) { + phpCAS::error('type mismatched for parameter $server_hostname (should be `string\')'); + } + if ( gettype($server_port) != 'integer' ) { + phpCAS::error('type mismatched for parameter $server_port (should be `integer\')'); + } + if ( gettype($server_uri) != 'string' ) { + phpCAS::error('type mismatched for parameter $server_uri (should be `string\')'); + } + + // store where the initialzer is called from + $dbg = phpCAS::backtrace(); + $PHPCAS_INIT_CALL = array('done' => TRUE, + 'file' => $dbg[0]['file'], + 'line' => $dbg[0]['line'], + 'method' => __CLASS__.'::'.__FUNCTION__); + + // initialize the global object $PHPCAS_CLIENT + $PHPCAS_CLIENT = new CASClient($server_version,TRUE/*proxy*/,$server_hostname,$server_port,$server_uri,$start_session); + phpCAS::traceEnd(); + } + + /** @} */ + // ######################################################################## + // DEBUGGING + // ######################################################################## + + /** + * @addtogroup publicDebug + * @{ + */ + + /** + * Set/unset debug mode + * + * @param $filename the name of the file used for logging, or FALSE to stop debugging. + */ + function setDebug($filename='') + { + global $PHPCAS_DEBUG; + + if ( $filename != FALSE && gettype($filename) != 'string' ) { + phpCAS::error('type mismatched for parameter $dbg (should be FALSE or the name of the log file)'); + } + + if ( empty($filename) ) { + if ( preg_match('/^Win.*/',getenv('OS')) ) { + if ( isset($_ENV['TMP']) ) { + $debugDir = $_ENV['TMP'].'/'; + } else if ( isset($_ENV['TEMP']) ) { + $debugDir = $_ENV['TEMP'].'/'; + } else { + $debugDir = ''; + } + } else { + $debugDir = DEFAULT_DEBUG_DIR; + } + $filename = $debugDir . 'phpCAS.log'; + } + + if ( empty($PHPCAS_DEBUG['unique_id']) ) { + $PHPCAS_DEBUG['unique_id'] = substr(strtoupper(md5(uniqid(''))),0,4); + } + + $PHPCAS_DEBUG['filename'] = $filename; + + phpCAS::trace('START ******************'); + } + + /** @} */ + /** + * @addtogroup internalDebug + * @{ + */ + + /** + * This method is a wrapper for debug_backtrace() that is not available + * in all PHP versions (>= 4.3.0 only) + */ + function backtrace() + { + if ( function_exists('debug_backtrace') ) { + return debug_backtrace(); + } else { + // poor man's hack ... but it does work ... + return array(); + } + } + + /** + * Logs a string in debug mode. + * + * @param $str the string to write + * + * @private + */ + function log($str) + { + $indent_str = "."; + global $PHPCAS_DEBUG; + + if ( $PHPCAS_DEBUG['filename'] ) { + for ($i=0;$i<$PHPCAS_DEBUG['indent'];$i++) { + $indent_str .= '| '; + } + error_log($PHPCAS_DEBUG['unique_id'].' '.$indent_str.$str."\n",3,$PHPCAS_DEBUG['filename']); + } + + } + + /** + * This method is used by interface methods to print an error and where the function + * was originally called from. + * + * @param $msg the message to print + * + * @private + */ + function error($msg) + { + $dbg = phpCAS::backtrace(); + $function = '?'; + $file = '?'; + $line = '?'; + if ( is_array($dbg) ) { + for ( $i=1; $i<sizeof($dbg); $i++) { + if ( is_array($dbg[$i]) ) { + if ( $dbg[$i]['class'] == __CLASS__ ) { + $function = $dbg[$i]['function']; + $file = $dbg[$i]['file']; + $line = $dbg[$i]['line']; + } + } + } + } + echo "<br />\n<b>phpCAS error</b>: <font color=\"FF0000\"><b>".__CLASS__."::".$function.'(): '.htmlentities($msg)."</b></font> in <b>".$file."</b> on line <b>".$line."</b><br />\n"; + phpCAS::trace($msg); + phpCAS::traceExit(); + exit(); + } + + /** + * This method is used to log something in debug mode. + */ + function trace($str) + { + $dbg = phpCAS::backtrace(); + phpCAS::log($str.' ['.basename($dbg[1]['file']).':'.$dbg[1]['line'].']'); + } + + /** + * This method is used to indicate the start of the execution of a function in debug mode. + */ + function traceBegin() + { + global $PHPCAS_DEBUG; + + $dbg = phpCAS::backtrace(); + $str = '=> '; + if ( !empty($dbg[2]['class']) ) { + $str .= $dbg[2]['class'].'::'; + } + $str .= $dbg[2]['function'].'('; + if ( is_array($dbg[2]['args']) ) { + foreach ($dbg[2]['args'] as $index => $arg) { + if ( $index != 0 ) { + $str .= ', '; + } + $str .= str_replace("\n","",var_export($arg,TRUE)); + } + } + $str .= ') ['.basename($dbg[2]['file']).':'.$dbg[2]['line'].']'; + phpCAS::log($str); + $PHPCAS_DEBUG['indent'] ++; + } + + /** + * This method is used to indicate the end of the execution of a function in debug mode. + * + * @param $res the result of the function + */ + function traceEnd($res='') + { + global $PHPCAS_DEBUG; + + $PHPCAS_DEBUG['indent'] --; + $dbg = phpCAS::backtrace(); + $str = ''; + $str .= '<= '.str_replace("\n","",var_export($res,TRUE)); + phpCAS::log($str); + } + + /** + * This method is used to indicate the end of the execution of the program + */ + function traceExit() + { + global $PHPCAS_DEBUG; + + phpCAS::log('exit()'); + while ( $PHPCAS_DEBUG['indent'] > 0 ) { + phpCAS::log('-'); + $PHPCAS_DEBUG['indent'] --; + } + } + + /** @} */ + // ######################################################################## + // INTERNATIONALIZATION + // ######################################################################## + /** + * @addtogroup publicLang + * @{ + */ + + /** + * This method is used to set the language used by phpCAS. + * @note Can be called only once. + * + * @param $lang a string representing the language. + * + * @sa PHPCAS_LANG_FRENCH, PHPCAS_LANG_ENGLISH + */ + function setLang($lang) + { + global $PHPCAS_CLIENT; + if ( !is_object($PHPCAS_CLIENT) ) { + phpCAS::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()'); + } + if ( gettype($lang) != 'string' ) { + phpCAS::error('type mismatched for parameter $lang (should be `string\')'); + } + $PHPCAS_CLIENT->setLang($lang); + } + + /** @} */ + // ######################################################################## + // VERSION + // ######################################################################## + /** + * @addtogroup public + * @{ + */ + + /** + * This method returns the phpCAS version. + * + * @return the phpCAS version. + */ + function getVersion() + { + return PHPCAS_VERSION; + } + + /** @} */ + // ######################################################################## + // HTML OUTPUT + // ######################################################################## + /** + * @addtogroup publicOutput + * @{ + */ + + /** + * This method sets the HTML header used for all outputs. + * + * @param $header the HTML header. + */ + function setHTMLHeader($header) + { + global $PHPCAS_CLIENT; + if ( !is_object($PHPCAS_CLIENT) ) { + phpCAS::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()'); + } + if ( gettype($header) != 'string' ) { + phpCAS::error('type mismatched for parameter $header (should be `string\')'); + } + $PHPCAS_CLIENT->setHTMLHeader($header); + } + + /** + * This method sets the HTML footer used for all outputs. + * + * @param $footer the HTML footer. + */ + function setHTMLFooter($footer) + { + global $PHPCAS_CLIENT; + if ( !is_object($PHPCAS_CLIENT) ) { + phpCAS::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()'); + } + if ( gettype($footer) != 'string' ) { + phpCAS::error('type mismatched for parameter $footer (should be `string\')'); + } + $PHPCAS_CLIENT->setHTMLFooter($footer); + } + + /** @} */ + // ######################################################################## + // PGT STORAGE + // ######################################################################## + /** + * @addtogroup publicPGTStorage + * @{ + */ + + /** + * This method is used to tell phpCAS to store the response of the + * CAS server to PGT requests onto the filesystem. + * + * @param $format the format used to store the PGT's (`plain' and `xml' allowed) + * @param $path the path where the PGT's should be stored + */ + function setPGTStorageFile($format='', + $path='') + { + global $PHPCAS_CLIENT,$PHPCAS_AUTH_CHECK_CALL; + + phpCAS::traceBegin(); + if ( !is_object($PHPCAS_CLIENT) ) { + phpCAS::error('this method should only be called after '.__CLASS__.'::proxy()'); + } + if ( !$PHPCAS_CLIENT->isProxy() ) { + phpCAS::error('this method should only be called after '.__CLASS__.'::proxy()'); + } + if ( $PHPCAS_AUTH_CHECK_CALL['done'] ) { + phpCAS::error('this method should only be called before '.$PHPCAS_AUTH_CHECK_CALL['method'].'() (called at '.$PHPCAS_AUTH_CHECK_CALL['file'].':'.$PHPCAS_AUTH_CHECK_CALL['line'].')'); + } + if ( gettype($format) != 'string' ) { + phpCAS::error('type mismatched for parameter $format (should be `string\')'); + } + if ( gettype($path) != 'string' ) { + phpCAS::error('type mismatched for parameter $format (should be `string\')'); + } + $PHPCAS_CLIENT->setPGTStorageFile($format,$path); + phpCAS::traceEnd(); + } + + /** + * This method is used to tell phpCAS to store the response of the + * CAS server to PGT requests into a database. + * @note The connection to the database is done only when needed. + * As a consequence, bad parameters are detected only when + * initializing PGT storage, except in debug mode. + * + * @param $user the user to access the data with + * @param $password the user's password + * @param $database_type the type of the database hosting the data + * @param $hostname the server hosting the database + * @param $port the port the server is listening on + * @param $database the name of the database + * @param $table the name of the table storing the data + */ + function setPGTStorageDB($user, + $password, + $database_type='', + $hostname='', + $port=0, + $database='', + $table='') + { + global $PHPCAS_CLIENT,$PHPCAS_AUTH_CHECK_CALL; + + phpCAS::traceBegin(); + if ( !is_object($PHPCAS_CLIENT) ) { + phpCAS::error('this method should only be called after '.__CLASS__.'::proxy()'); + } + if ( !$PHPCAS_CLIENT->isProxy() ) { + phpCAS::error('this method should only be called after '.__CLASS__.'::proxy()'); + } + if ( $PHPCAS_AUTH_CHECK_CALL['done'] ) { + phpCAS::error('this method should only be called before '.$PHPCAS_AUTH_CHECK_CALL['method'].'() (called at '.$PHPCAS_AUTH_CHECK_CALL['file'].':'.$PHPCAS_AUTH_CHECK_CALL['line'].')'); + } + if ( gettype($user) != 'string' ) { + phpCAS::error('type mismatched for parameter $user (should be `string\')'); + } + if ( gettype($password) != 'string' ) { + phpCAS::error('type mismatched for parameter $password (should be `string\')'); + } + if ( gettype($database_type) != 'string' ) { + phpCAS::error('type mismatched for parameter $database_type (should be `string\')'); + } + if ( gettype($hostname) != 'string' ) { + phpCAS::error('type mismatched for parameter $hostname (should be `string\')'); + } + if ( gettype($port) != 'integer' ) { + phpCAS::error('type mismatched for parameter $port (should be `integer\')'); + } + if ( gettype($database) != 'string' ) { + phpCAS::error('type mismatched for parameter $database (should be `string\')'); + } + if ( gettype($table) != 'string' ) { + phpCAS::error('type mismatched for parameter $table (should be `string\')'); + } + $PHPCAS_CLIENT->setPGTStorageDB($this,$user,$password,$hostname,$port,$database,$table); + phpCAS::traceEnd(); + } + + /** @} */ + // ######################################################################## + // ACCESS TO EXTERNAL SERVICES + // ######################################################################## + /** + * @addtogroup publicServices + * @{ + */ + + /** + * This method is used to access an HTTP[S] service. + * + * @param $url the service to access. + * @param $err_code an error code Possible values are PHPCAS_SERVICE_OK (on + * success), PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE, PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE, + * PHPCAS_SERVICE_PT_FAILURE, PHPCAS_SERVICE_NOT AVAILABLE. + * @param $output the output of the service (also used to give an error + * message on failure). + * + * @return TRUE on success, FALSE otherwise (in this later case, $err_code + * gives the reason why it failed and $output contains an error message). + */ + function serviceWeb($url,&$err_code,&$output) + { + global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL; + + phpCAS::traceBegin(); + if ( !is_object($PHPCAS_CLIENT) ) { + phpCAS::error('this method should only be called after '.__CLASS__.'::proxy()'); + } + if ( !$PHPCAS_CLIENT->isProxy() ) { + phpCAS::error('this method should only be called after '.__CLASS__.'::proxy()'); + } + if ( !$PHPCAS_AUTH_CHECK_CALL['done'] ) { + phpCAS::error('this method should only be called after the programmer is sure the user has been authenticated (by calling '.__CLASS__.'::checkAuthentication() or '.__CLASS__.'::forceAuthentication()'); + } + if ( !$PHPCAS_AUTH_CHECK_CALL['result'] ) { + phpCAS::error('authentication was checked (by '.$PHPCAS_AUTH_CHECK_CALL['method'].'() at '.$PHPCAS_AUTH_CHECK_CALL['file'].':'.$PHPCAS_AUTH_CHECK_CALL['line'].') but the method returned FALSE'); + } + if ( gettype($url) != 'string' ) { + phpCAS::error('type mismatched for parameter $url (should be `string\')'); + } + + $res = $PHPCAS_CLIENT->serviceWeb($url,$err_code,$output); + + phpCAS::traceEnd($res); + return $res; + } + + /** + * This method is used to access an IMAP/POP3/NNTP service. + * + * @param $url a string giving the URL of the service, including the mailing box + * for IMAP URLs, as accepted by imap_open(). + * @param $flags options given to imap_open(). + * @param $err_code an error code Possible values are PHPCAS_SERVICE_OK (on + * success), PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE, PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE, + * PHPCAS_SERVICE_PT_FAILURE, PHPCAS_SERVICE_NOT AVAILABLE. + * @param $err_msg an error message on failure + * @param $pt the Proxy Ticket (PT) retrieved from the CAS server to access the URL + * on success, FALSE on error). + * + * @return an IMAP stream on success, FALSE otherwise (in this later case, $err_code + * gives the reason why it failed and $err_msg contains an error message). + */ + function serviceMail($url,$flags,&$err_code,&$err_msg,&$pt) + { + global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL; + + phpCAS::traceBegin(); + if ( !is_object($PHPCAS_CLIENT) ) { + phpCAS::error('this method should only be called after '.__CLASS__.'::proxy()'); + } + if ( !$PHPCAS_CLIENT->isProxy() ) { + phpCAS::error('this method should only be called after '.__CLASS__.'::proxy()'); + } + if ( !$PHPCAS_AUTH_CHECK_CALL['done'] ) { + phpCAS::error('this method should only be called after the programmer is sure the user has been authenticated (by calling '.__CLASS__.'::checkAuthentication() or '.__CLASS__.'::forceAuthentication()'); + } + if ( !$PHPCAS_AUTH_CHECK_CALL['result'] ) { + phpCAS::error('authentication was checked (by '.$PHPCAS_AUTH_CHECK_CALL['method'].'() at '.$PHPCAS_AUTH_CHECK_CALL['file'].':'.$PHPCAS_AUTH_CHECK_CALL['line'].') but the method returned FALSE'); + } + if ( gettype($url) != 'string' ) { + phpCAS::error('type mismatched for parameter $url (should be `string\')'); + } + + if ( gettype($flags) != 'integer' ) { + phpCAS::error('type mismatched for parameter $flags (should be `integer\')'); + } + + $res = $PHPCAS_CLIENT->serviceMail($url,$flags,$err_code,$err_msg,$pt); + + phpCAS::traceEnd($res); + return $res; + } + + /** @} */ + // ######################################################################## + // AUTHENTICATION + // ######################################################################## + /** + * @addtogroup publicAuth + * @{ + */ + + /** + * Set the times authentication will be cached before really accessing the CAS server in gateway mode: + * - -1: check only once, and then never again (until you pree login) + * - 0: always check + * - n: check every "n" time + * + * @param $n an integer. + */ + function setCacheTimesForAuthRecheck($n) + { + global $PHPCAS_CLIENT; + if ( !is_object($PHPCAS_CLIENT) ) { + phpCAS::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()'); + } + if ( gettype($n) != 'integer' ) { + phpCAS::error('type mismatched for parameter $header (should be `string\')'); + } + $PHPCAS_CLIENT->setCacheTimesForAuthRecheck($n); + } + + /** + * This method is called to check if the user is authenticated (use the gateway feature). + * @return TRUE when the user is authenticated; otherwise FALSE. + */ + function checkAuthentication() + { + global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL; + + phpCAS::traceBegin(); + if ( !is_object($PHPCAS_CLIENT) ) { + phpCAS::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()'); + } + + $auth = $PHPCAS_CLIENT->checkAuthentication(); + + // store where the authentication has been checked and the result + $dbg = phpCAS::backtrace(); + $PHPCAS_AUTH_CHECK_CALL = array('done' => TRUE, + 'file' => $dbg[0]['file'], + 'line' => $dbg[0]['line'], + 'method' => __CLASS__.'::'.__FUNCTION__, + 'result' => $auth ); + phpCAS::traceEnd($auth); + return $auth; + } + + /** + * This method is called to force authentication if the user was not already + * authenticated. If the user is not authenticated, halt by redirecting to + * the CAS server. + */ + function forceAuthentication() + { + global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL; + + phpCAS::traceBegin(); + if ( !is_object($PHPCAS_CLIENT) ) { + phpCAS::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()'); + } + + $auth = $PHPCAS_CLIENT->forceAuthentication(); + + // store where the authentication has been checked and the result + $dbg = phpCAS::backtrace(); + $PHPCAS_AUTH_CHECK_CALL = array('done' => TRUE, + 'file' => $dbg[0]['file'], + 'line' => $dbg[0]['line'], + 'method' => __CLASS__.'::'.__FUNCTION__, + 'result' => $auth ); + + if ( !$auth ) { + phpCAS::trace('user is not authenticated, redirecting to the CAS server'); + $PHPCAS_CLIENT->forceAuthentication(); + } else { + phpCAS::trace('no need to authenticate (user `'.phpCAS::getUser().'\' is already authenticated)'); + } + + phpCAS::traceEnd(); + return $auth; + } + + /** + * This method is called to renew the authentication. + **/ + function renewAuthentication() { + global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL; + + phpCAS::traceBegin(); + if ( !is_object($PHPCAS_CLIENT) ) { + phpCAS::error('this method should not be called before'.__CLASS__.'::client() or '.__CLASS__.'::proxy()'); + } + + // store where the authentication has been checked and the result + $dbg = phpCAS::backtrace(); + $PHPCAS_AUTH_CHECK_CALL = array('done' => TRUE, 'file' => $dbg[0]['file'], 'line' => $dbg[0]['line'], 'method' => __CLASS__.'::'.__FUNCTION__, 'result' => $auth ); + + $PHPCAS_CLIENT->renewAuthentication(); + phpCAS::traceEnd(); + } + + /** + * This method has been left from version 0.4.1 for compatibility reasons. + */ + function authenticate() + { + phpCAS::error('this method is deprecated. You should use '.__CLASS__.'::forceAuthentication() instead'); + } + + /** + * This method is called to check if the user is authenticated (previously or by + * tickets given in the URL). + * + * @return TRUE when the user is authenticated. + */ + function isAuthenticated() + { + global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL; + + phpCAS::traceBegin(); + if ( !is_object($PHPCAS_CLIENT) ) { + phpCAS::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()'); + } + + // call the isAuthenticated method of the global $PHPCAS_CLIENT object + $auth = $PHPCAS_CLIENT->isAuthenticated(); + + // store where the authentication has been checked and the result + $dbg = phpCAS::backtrace(); + $PHPCAS_AUTH_CHECK_CALL = array('done' => TRUE, + 'file' => $dbg[0]['file'], + 'line' => $dbg[0]['line'], + 'method' => __CLASS__.'::'.__FUNCTION__, + 'result' => $auth ); + phpCAS::traceEnd($auth); + return $auth; + } + + /** + * Checks whether authenticated based on $_SESSION. Useful to avoid + * server calls. + * @return true if authenticated, false otherwise. + * @since 0.4.22 by Brendan Arnold + */ + function isSessionAuthenticated () + { + global $PHPCAS_CLIENT; + if ( !is_object($PHPCAS_CLIENT) ) { + phpCAS::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()'); + } + return($PHPCAS_CLIENT->isSessionAuthenticated()); + } + + /** + * This method returns the CAS user's login name. + * @warning should not be called only after phpCAS::forceAuthentication() + * or phpCAS::checkAuthentication(). + * + * @return the login name of the authenticated user + */ + function getUser() + { + global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL; + if ( !is_object($PHPCAS_CLIENT) ) { + phpCAS::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()'); + } + if ( !$PHPCAS_AUTH_CHECK_CALL['done'] ) { + phpCAS::error('this method should only be called after '.__CLASS__.'::forceAuthentication() or '.__CLASS__.'::isAuthenticated()'); + } + if ( !$PHPCAS_AUTH_CHECK_CALL['result'] ) { + phpCAS::error('authentication was checked (by '.$PHPCAS_AUTH_CHECK_CALL['method'].'() at '.$PHPCAS_AUTH_CHECK_CALL['file'].':'.$PHPCAS_AUTH_CHECK_CALL['line'].') but the method returned FALSE'); + } + return $PHPCAS_CLIENT->getUser(); + } + + /** + * Handle logout requests. + */ + function handleLogoutRequests($check_client=true, $allowed_clients=false) + { + global $PHPCAS_CLIENT; + if ( !is_object($PHPCAS_CLIENT) ) { + phpCAS::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()'); + } + return($PHPCAS_CLIENT->handleLogoutRequests($check_client, $allowed_clients)); + } + + /** + * This method returns the URL to be used to login. + * or phpCAS::isAuthenticated(). + * + * @return the login name of the authenticated user + */ + function getServerLoginURL() + { + global $PHPCAS_CLIENT; + if ( !is_object($PHPCAS_CLIENT) ) { + phpCAS::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()'); + } + return $PHPCAS_CLIENT->getServerLoginURL(); + } + + /** + * Set the login URL of the CAS server. + * @param $url the login URL + * @since 0.4.21 by Wyman Chan + */ + function setServerLoginURL($url='') + { + global $PHPCAS_CLIENT; + phpCAS::traceBegin(); + if ( !is_object($PHPCAS_CLIENT) ) { + phpCAS::error('this method should only be called after + '.__CLASS__.'::client()'); + } + if ( gettype($url) != 'string' ) { + phpCAS::error('type mismatched for parameter $url (should be + `string\')'); + } + $PHPCAS_CLIENT->setServerLoginURL($url); + phpCAS::traceEnd(); + } + + /** + * This method returns the URL to be used to login. + * or phpCAS::isAuthenticated(). + * + * @return the login name of the authenticated user + */ + function getServerLogoutURL() + { + global $PHPCAS_CLIENT; + if ( !is_object($PHPCAS_CLIENT) ) { + phpCAS::error('this method should not be called before '.__CLASS__.'::client() or '.__CLASS__.'::proxy()'); + } + return $PHPCAS_CLIENT->getServerLogoutURL(); + } + + /** + * Set the logout URL of the CAS server. + * @param $url the logout URL + * @since 0.4.21 by Wyman Chan + */ + function setServerLogoutURL($url='') + { + global $PHPCAS_CLIENT; + phpCAS::traceBegin(); + if ( !is_object($PHPCAS_CLIENT) ) { + phpCAS::error('this method should only be called after + '.__CLASS__.'::client()'); + } + if ( gettype($url) != 'string' ) { + phpCAS::error('type mismatched for parameter $url (should be + `string\')'); + } + $PHPCAS_CLIENT->setServerLogoutURL($url); + phpCAS::traceEnd(); + } + + /** + * This method is used to logout from CAS. + * @params $params an array that contains the optional url and service parameters that will be passed to the CAS server + * @public + */ + function logout($params = "") { + global $PHPCAS_CLIENT; + phpCAS::traceBegin(); + if (!is_object($PHPCAS_CLIENT)) { + phpCAS::error('this method should only be called after '.__CLASS__.'::client() or'.__CLASS__.'::proxy()'); + } + $parsedParams = array(); + if ($params != "") { + if (is_string($params)) { + phpCAS::error('method `phpCAS::logout($url)\' is now deprecated, use `phpCAS::logoutWithUrl($url)\' instead'); + } + if (!is_array($params)) { + phpCAS::error('type mismatched for parameter $params (should be `array\')'); + } + foreach ($params as $key => $value) { + if ($key != "service" && $key != "url") { + phpCAS::error('only `url\' and `service\' parameters are allowed for method `phpCAS::logout($params)\''); + } + $parsedParams[$key] = $value; + } + } + $PHPCAS_CLIENT->logout($parsedParams); + // never reached + phpCAS::traceEnd(); + } + + /** + * This method is used to logout from CAS. Halts by redirecting to the CAS server. + * @param $service a URL that will be transmitted to the CAS server + */ + function logoutWithRedirectService($service) { + global $PHPCAS_CLIENT; + phpCAS::traceBegin(); + if ( !is_object($PHPCAS_CLIENT) ) { + phpCAS::error('this method should only be called after '.__CLASS__.'::client() or'.__CLASS__.'::proxy()'); + } + if (!is_string($service)) { + phpCAS::error('type mismatched for parameter $service (should be `string\')'); + } + $PHPCAS_CLIENT->logout(array("service" => $service)); + // never reached + phpCAS::traceEnd(); + } + + /** + * This method is used to logout from CAS. Halts by redirecting to the CAS server. + * @param $url a URL that will be transmitted to the CAS server + */ + function logoutWithUrl($url) { + global $PHPCAS_CLIENT; + phpCAS::traceBegin(); + if ( !is_object($PHPCAS_CLIENT) ) { + phpCAS::error('this method should only be called after '.__CLASS__.'::client() or'.__CLASS__.'::proxy()'); + } + if (!is_string($url)) { + phpCAS::error('type mismatched for parameter $url (should be `string\')'); + } + $PHPCAS_CLIENT->logout(array("url" => $url)); + // never reached + phpCAS::traceEnd(); + } + + /** + * This method is used to logout from CAS. Halts by redirecting to the CAS server. + * @param $service a URL that will be transmitted to the CAS server + * @param $url a URL that will be transmitted to the CAS server + */ + function logoutWithRedirectServiceAndUrl($service, $url) { + global $PHPCAS_CLIENT; + phpCAS::traceBegin(); + if ( !is_object($PHPCAS_CLIENT) ) { + phpCAS::error('this method should only be called after '.__CLASS__.'::client() or'.__CLASS__.'::proxy()'); + } + if (!is_string($service)) { + phpCAS::error('type mismatched for parameter $service (should be `string\')'); + } + if (!is_string($url)) { + phpCAS::error('type mismatched for parameter $url (should be `string\')'); + } + $PHPCAS_CLIENT->logout(array("service" => $service, "url" => $url)); + // never reached + phpCAS::traceEnd(); + } + + /** + * Set the fixed URL that will be used by the CAS server to transmit the PGT. + * When this method is not called, a phpCAS script uses its own URL for the callback. + * + * @param $url the URL + */ + function setFixedCallbackURL($url='') + { + global $PHPCAS_CLIENT; + phpCAS::traceBegin(); + if ( !is_object($PHPCAS_CLIENT) ) { + phpCAS::error('this method should only be called after '.__CLASS__.'::proxy()'); + } + if ( !$PHPCAS_CLIENT->isProxy() ) { + phpCAS::error('this method should only be called after '.__CLASS__.'::proxy()'); + } + if ( gettype($url) != 'string' ) { + phpCAS::error('type mismatched for parameter $url (should be `string\')'); + } + $PHPCAS_CLIENT->setCallbackURL($url); + phpCAS::traceEnd(); + } + + /** + * Set the fixed URL that will be set as the CAS service parameter. When this + * method is not called, a phpCAS script uses its own URL. + * + * @param $url the URL + */ + function setFixedServiceURL($url) + { + global $PHPCAS_CLIENT; + phpCAS::traceBegin(); + if ( !is_object($PHPCAS_CLIENT) ) { + phpCAS::error('this method should only be called after '.__CLASS__.'::proxy()'); + } + if ( gettype($url) != 'string' ) { + phpCAS::error('type mismatched for parameter $url (should be `string\')'); + } + $PHPCAS_CLIENT->setURL($url); + phpCAS::traceEnd(); + } + + /** + * Get the URL that is set as the CAS service parameter. + */ + function getServiceURL() + { + global $PHPCAS_CLIENT; + if ( !is_object($PHPCAS_CLIENT) ) { + phpCAS::error('this method should only be called after '.__CLASS__.'::proxy()'); + } + return($PHPCAS_CLIENT->getURL()); + } + + /** + * Retrieve a Proxy Ticket from the CAS server. + */ + function retrievePT($target_service,&$err_code,&$err_msg) + { + global $PHPCAS_CLIENT; + if ( !is_object($PHPCAS_CLIENT) ) { + phpCAS::error('this method should only be called after '.__CLASS__.'::proxy()'); + } + if ( gettype($target_service) != 'string' ) { + phpCAS::error('type mismatched for parameter $target_service(should be `string\')'); + } + return($PHPCAS_CLIENT->retrievePT($target_service,$err_code,$err_msg)); + } + + /** + * Set the certificate of the CAS server. + * + * @param $cert the PEM certificate + */ + function setCasServerCert($cert) + { + global $PHPCAS_CLIENT; + phpCAS::traceBegin(); + if ( !is_object($PHPCAS_CLIENT) ) { + phpCAS::error('this method should only be called after '.__CLASS__.'::client() or'.__CLASS__.'::proxy()'); + } + if ( gettype($cert) != 'string' ) { + phpCAS::error('type mismatched for parameter $cert (should be `string\')'); + } + $PHPCAS_CLIENT->setCasServerCert($cert); + phpCAS::traceEnd(); + } + + /** + * Set the certificate of the CAS server CA. + * + * @param $cert the CA certificate + */ + function setCasServerCACert($cert) + { + global $PHPCAS_CLIENT; + phpCAS::traceBegin(); + if ( !is_object($PHPCAS_CLIENT) ) { + phpCAS::error('this method should only be called after '.__CLASS__.'::client() or'.__CLASS__.'::proxy()'); + } + if ( gettype($cert) != 'string' ) { + phpCAS::error('type mismatched for parameter $cert (should be `string\')'); + } + $PHPCAS_CLIENT->setCasServerCACert($cert); + phpCAS::traceEnd(); + } + + /** + * Set no SSL validation for the CAS server. + */ + function setNoCasServerValidation() + { + global $PHPCAS_CLIENT; + phpCAS::traceBegin(); + if ( !is_object($PHPCAS_CLIENT) ) { + phpCAS::error('this method should only be called after '.__CLASS__.'::client() or'.__CLASS__.'::proxy()'); + } + $PHPCAS_CLIENT->setNoCasServerValidation(); + phpCAS::traceEnd(); + } + + /** @} */ + + /** + * Change CURL options. + * CURL is used to connect through HTTPS to CAS server + * @param $key the option key + * @param $value the value to set + */ + function setExtraCurlOption($key, $value) + { + global $PHPCAS_CLIENT; + phpCAS::traceBegin(); + if ( !is_object($PHPCAS_CLIENT) ) { + phpCAS::error('this method should only be called after '.__CLASS__.'::client() or'.__CLASS__.'::proxy()'); + } + $PHPCAS_CLIENT->setExtraCurlOption($key, $value); + phpCAS::traceEnd(); + } + +} + +// ######################################################################## +// DOCUMENTATION +// ######################################################################## + +// ######################################################################## +// MAIN PAGE + +/** + * @mainpage + * + * The following pages only show the source documentation. + * + */ + +// ######################################################################## +// MODULES DEFINITION + +/** @defgroup public User interface */ + +/** @defgroup publicInit Initialization + * @ingroup public */ + +/** @defgroup publicAuth Authentication + * @ingroup public */ + +/** @defgroup publicServices Access to external services + * @ingroup public */ + +/** @defgroup publicConfig Configuration + * @ingroup public */ + +/** @defgroup publicLang Internationalization + * @ingroup publicConfig */ + +/** @defgroup publicOutput HTML output + * @ingroup publicConfig */ + +/** @defgroup publicPGTStorage PGT storage + * @ingroup publicConfig */ + +/** @defgroup publicDebug Debugging + * @ingroup public */ + + +/** @defgroup internal Implementation */ + +/** @defgroup internalAuthentication Authentication + * @ingroup internal */ + +/** @defgroup internalBasic CAS Basic client features (CAS 1.0, Service Tickets) + * @ingroup internal */ + +/** @defgroup internalProxy CAS Proxy features (CAS 2.0, Proxy Granting Tickets) + * @ingroup internal */ + +/** @defgroup internalPGTStorage PGT storage + * @ingroup internalProxy */ + +/** @defgroup internalPGTStorageDB PGT storage in a database + * @ingroup internalPGTStorage */ + +/** @defgroup internalPGTStorageFile PGT storage on the filesystem + * @ingroup internalPGTStorage */ + +/** @defgroup internalCallback Callback from the CAS server + * @ingroup internalProxy */ + +/** @defgroup internalProxied CAS proxied client features (CAS 2.0, Proxy Tickets) + * @ingroup internal */ + +/** @defgroup internalConfig Configuration + * @ingroup internal */ + +/** @defgroup internalOutput HTML output + * @ingroup internalConfig */ + +/** @defgroup internalLang Internationalization + * @ingroup internalConfig + * + * To add a new language: + * - 1. define a new constant PHPCAS_LANG_XXXXXX in CAS/CAS.php + * - 2. copy any file from CAS/languages to CAS/languages/XXXXXX.php + * - 3. Make the translations + */ + +/** @defgroup internalDebug Debugging + * @ingroup internal */ + +/** @defgroup internalMisc Miscellaneous + * @ingroup internal */ + +// ######################################################################## +// EXAMPLES + +/** + * @example example_simple.php + */ + /** + * @example example_proxy.php + */ + /** + * @example example_proxy2.php + */ + /** + * @example example_lang.php + */ + /** + * @example example_html.php + */ + /** + * @example example_file.php + */ + /** + * @example example_db.php + */ + /** + * @example example_service.php + */ + /** + * @example example_session_proxy.php + */ + /** + * @example example_session_service.php + */ + /** + * @example example_gateway.php + */ + + + +?> diff --git a/plugins/CasAuthentication/extlib/CAS/PGTStorage/pgt-db.php b/plugins/CasAuthentication/extlib/CAS/PGTStorage/pgt-db.php index 5a589e4b2..00797b9c5 100644 --- a/plugins/CasAuthentication/extlib/CAS/PGTStorage/pgt-db.php +++ b/plugins/CasAuthentication/extlib/CAS/PGTStorage/pgt-db.php @@ -1,190 +1,190 @@ -<?php
-
-/**
- * @file CAS/PGTStorage/pgt-db.php
- * Basic class for PGT database storage
- */
-
-/**
- * @class PGTStorageDB
- * The PGTStorageDB class is a class for PGT database storage. An instance of
- * this class is returned by CASClient::SetPGTStorageDB().
- *
- * @author Pascal Aubry <pascal.aubry at univ-rennes1.fr>
- *
- * @ingroup internalPGTStorageDB
- */
-
-class PGTStorageDB extends PGTStorage
-{
- /**
- * @addtogroup internalPGTStorageDB
- * @{
- */
-
- /**
- * a string representing a PEAR DB URL to connect to the database. Written by
- * PGTStorageDB::PGTStorageDB(), read by getURL().
- *
- * @hideinitializer
- * @private
- */
- var $_url='';
-
- /**
- * This method returns the PEAR DB URL to use to connect to the database.
- *
- * @return a PEAR DB URL
- *
- * @private
- */
- function getURL()
- {
- return $this->_url;
- }
-
- /**
- * The handle of the connection to the database where PGT's are stored. Written by
- * PGTStorageDB::init(), read by getLink().
- *
- * @hideinitializer
- * @private
- */
- var $_link = null;
-
- /**
- * This method returns the handle of the connection to the database where PGT's are
- * stored.
- *
- * @return a handle of connection.
- *
- * @private
- */
- function getLink()
- {
- return $this->_link;
- }
-
- /**
- * The name of the table where PGT's are stored. Written by
- * PGTStorageDB::PGTStorageDB(), read by getTable().
- *
- * @hideinitializer
- * @private
- */
- var $_table = '';
-
- /**
- * This method returns the name of the table where PGT's are stored.
- *
- * @return the name of a table.
- *
- * @private
- */
- function getTable()
- {
- return $this->_table;
- }
-
- // ########################################################################
- // DEBUGGING
- // ########################################################################
-
- /**
- * This method returns an informational string giving the type of storage
- * used by the object (used for debugging purposes).
- *
- * @return an informational string.
- * @public
- */
- function getStorageType()
- {
- return "database";
- }
-
- /**
- * This method returns an informational string giving informations on the
- * parameters of the storage.(used for debugging purposes).
- *
- * @public
- */
- function getStorageInfo()
- {
- return 'url=`'.$this->getURL().'\', table=`'.$this->getTable().'\'';
- }
-
- // ########################################################################
- // CONSTRUCTOR
- // ########################################################################
-
- /**
- * The class constructor, called by CASClient::SetPGTStorageDB().
- *
- * @param $cas_parent the CASClient instance that creates the object.
- * @param $user the user to access the data with
- * @param $password the user's password
- * @param $database_type the type of the database hosting the data
- * @param $hostname the server hosting the database
- * @param $port the port the server is listening on
- * @param $database the name of the database
- * @param $table the name of the table storing the data
- *
- * @public
- */
- function PGTStorageDB($cas_parent,$user,$password,$database_type,$hostname,$port,$database,$table)
- {
- phpCAS::traceBegin();
-
- // call the ancestor's constructor
- $this->PGTStorage($cas_parent);
-
- if ( empty($database_type) ) $database_type = CAS_PGT_STORAGE_DB_DEFAULT_DATABASE_TYPE;
- if ( empty($hostname) ) $hostname = CAS_PGT_STORAGE_DB_DEFAULT_HOSTNAME;
- if ( $port==0 ) $port = CAS_PGT_STORAGE_DB_DEFAULT_PORT;
- if ( empty($database) ) $database = CAS_PGT_STORAGE_DB_DEFAULT_DATABASE;
- if ( empty($table) ) $table = CAS_PGT_STORAGE_DB_DEFAULT_TABLE;
-
- // build and store the PEAR DB URL
- $this->_url = $database_type.':'.'//'.$user.':'.$password.'@'.$hostname.':'.$port.'/'.$database;
-
- // XXX should use setURL and setTable
- phpCAS::traceEnd();
- }
-
- // ########################################################################
- // INITIALIZATION
- // ########################################################################
-
- /**
- * This method is used to initialize the storage. Halts on error.
- *
- * @public
- */
- function init()
- {
- phpCAS::traceBegin();
- // if the storage has already been initialized, return immediatly
- if ( $this->isInitialized() )
- return;
- // call the ancestor's method (mark as initialized)
- parent::init();
-
- //include phpDB library (the test was introduced in release 0.4.8 for
- //the integration into Tikiwiki).
- if (!class_exists('DB')) {
- include_once('DB.php');
- }
-
- // try to connect to the database
- $this->_link = DB::connect($this->getURL());
- if ( DB::isError($this->_link) ) {
- phpCAS::error('could not connect to database ('.DB::errorMessage($this->_link).')');
- }
- var_dump($this->_link);
- phpCAS::traceBEnd();
- }
-
- /** @} */
-}
-
+<?php + +/** + * @file CAS/PGTStorage/pgt-db.php + * Basic class for PGT database storage + */ + +/** + * @class PGTStorageDB + * The PGTStorageDB class is a class for PGT database storage. An instance of + * this class is returned by CASClient::SetPGTStorageDB(). + * + * @author Pascal Aubry <pascal.aubry at univ-rennes1.fr> + * + * @ingroup internalPGTStorageDB + */ + +class PGTStorageDB extends PGTStorage +{ + /** + * @addtogroup internalPGTStorageDB + * @{ + */ + + /** + * a string representing a PEAR DB URL to connect to the database. Written by + * PGTStorageDB::PGTStorageDB(), read by getURL(). + * + * @hideinitializer + * @private + */ + var $_url=''; + + /** + * This method returns the PEAR DB URL to use to connect to the database. + * + * @return a PEAR DB URL + * + * @private + */ + function getURL() + { + return $this->_url; + } + + /** + * The handle of the connection to the database where PGT's are stored. Written by + * PGTStorageDB::init(), read by getLink(). + * + * @hideinitializer + * @private + */ + var $_link = null; + + /** + * This method returns the handle of the connection to the database where PGT's are + * stored. + * + * @return a handle of connection. + * + * @private + */ + function getLink() + { + return $this->_link; + } + + /** + * The name of the table where PGT's are stored. Written by + * PGTStorageDB::PGTStorageDB(), read by getTable(). + * + * @hideinitializer + * @private + */ + var $_table = ''; + + /** + * This method returns the name of the table where PGT's are stored. + * + * @return the name of a table. + * + * @private + */ + function getTable() + { + return $this->_table; + } + + // ######################################################################## + // DEBUGGING + // ######################################################################## + + /** + * This method returns an informational string giving the type of storage + * used by the object (used for debugging purposes). + * + * @return an informational string. + * @public + */ + function getStorageType() + { + return "database"; + } + + /** + * This method returns an informational string giving informations on the + * parameters of the storage.(used for debugging purposes). + * + * @public + */ + function getStorageInfo() + { + return 'url=`'.$this->getURL().'\', table=`'.$this->getTable().'\''; + } + + // ######################################################################## + // CONSTRUCTOR + // ######################################################################## + + /** + * The class constructor, called by CASClient::SetPGTStorageDB(). + * + * @param $cas_parent the CASClient instance that creates the object. + * @param $user the user to access the data with + * @param $password the user's password + * @param $database_type the type of the database hosting the data + * @param $hostname the server hosting the database + * @param $port the port the server is listening on + * @param $database the name of the database + * @param $table the name of the table storing the data + * + * @public + */ + function PGTStorageDB($cas_parent,$user,$password,$database_type,$hostname,$port,$database,$table) + { + phpCAS::traceBegin(); + + // call the ancestor's constructor + $this->PGTStorage($cas_parent); + + if ( empty($database_type) ) $database_type = CAS_PGT_STORAGE_DB_DEFAULT_DATABASE_TYPE; + if ( empty($hostname) ) $hostname = CAS_PGT_STORAGE_DB_DEFAULT_HOSTNAME; + if ( $port==0 ) $port = CAS_PGT_STORAGE_DB_DEFAULT_PORT; + if ( empty($database) ) $database = CAS_PGT_STORAGE_DB_DEFAULT_DATABASE; + if ( empty($table) ) $table = CAS_PGT_STORAGE_DB_DEFAULT_TABLE; + + // build and store the PEAR DB URL + $this->_url = $database_type.':'.'//'.$user.':'.$password.'@'.$hostname.':'.$port.'/'.$database; + + // XXX should use setURL and setTable + phpCAS::traceEnd(); + } + + // ######################################################################## + // INITIALIZATION + // ######################################################################## + + /** + * This method is used to initialize the storage. Halts on error. + * + * @public + */ + function init() + { + phpCAS::traceBegin(); + // if the storage has already been initialized, return immediatly + if ( $this->isInitialized() ) + return; + // call the ancestor's method (mark as initialized) + parent::init(); + + //include phpDB library (the test was introduced in release 0.4.8 for + //the integration into Tikiwiki). + if (!class_exists('DB')) { + include_once('DB.php'); + } + + // try to connect to the database + $this->_link = DB::connect($this->getURL()); + if ( DB::isError($this->_link) ) { + phpCAS::error('could not connect to database ('.DB::errorMessage($this->_link).')'); + } + var_dump($this->_link); + phpCAS::traceBEnd(); + } + + /** @} */ +} + ?>
\ No newline at end of file diff --git a/plugins/CasAuthentication/extlib/CAS/PGTStorage/pgt-file.php b/plugins/CasAuthentication/extlib/CAS/PGTStorage/pgt-file.php index bc07485b8..d48a60d67 100644 --- a/plugins/CasAuthentication/extlib/CAS/PGTStorage/pgt-file.php +++ b/plugins/CasAuthentication/extlib/CAS/PGTStorage/pgt-file.php @@ -1,249 +1,249 @@ -<?php
-
-/**
- * @file CAS/PGTStorage/pgt-file.php
- * Basic class for PGT file storage
- */
-
-/**
- * @class PGTStorageFile
- * The PGTStorageFile class is a class for PGT file storage. An instance of
- * this class is returned by CASClient::SetPGTStorageFile().
- *
- * @author Pascal Aubry <pascal.aubry at univ-rennes1.fr>
- *
- * @ingroup internalPGTStorageFile
- */
-
-class PGTStorageFile extends PGTStorage
-{
- /**
- * @addtogroup internalPGTStorageFile
- * @{
- */
-
- /**
- * a string telling where PGT's should be stored on the filesystem. Written by
- * PGTStorageFile::PGTStorageFile(), read by getPath().
- *
- * @private
- */
- var $_path;
-
- /**
- * This method returns the name of the directory where PGT's should be stored
- * on the filesystem.
- *
- * @return the name of a directory (with leading and trailing '/')
- *
- * @private
- */
- function getPath()
- {
- return $this->_path;
- }
-
- /**
- * a string telling the format to use to store PGT's (plain or xml). Written by
- * PGTStorageFile::PGTStorageFile(), read by getFormat().
- *
- * @private
- */
- var $_format;
-
- /**
- * This method returns the format to use when storing PGT's on the filesystem.
- *
- * @return a string corresponding to the format used (plain or xml).
- *
- * @private
- */
- function getFormat()
- {
- return $this->_format;
- }
-
- // ########################################################################
- // DEBUGGING
- // ########################################################################
-
- /**
- * This method returns an informational string giving the type of storage
- * used by the object (used for debugging purposes).
- *
- * @return an informational string.
- * @public
- */
- function getStorageType()
- {
- return "file";
- }
-
- /**
- * This method returns an informational string giving informations on the
- * parameters of the storage.(used for debugging purposes).
- *
- * @return an informational string.
- * @public
- */
- function getStorageInfo()
- {
- return 'path=`'.$this->getPath().'\', format=`'.$this->getFormat().'\'';
- }
-
- // ########################################################################
- // CONSTRUCTOR
- // ########################################################################
-
- /**
- * The class constructor, called by CASClient::SetPGTStorageFile().
- *
- * @param $cas_parent the CASClient instance that creates the object.
- * @param $format the format used to store the PGT's (`plain' and `xml' allowed).
- * @param $path the path where the PGT's should be stored
- *
- * @public
- */
- function PGTStorageFile($cas_parent,$format,$path)
- {
- phpCAS::traceBegin();
- // call the ancestor's constructor
- $this->PGTStorage($cas_parent);
-
- if (empty($format) ) $format = CAS_PGT_STORAGE_FILE_DEFAULT_FORMAT;
- if (empty($path) ) $path = CAS_PGT_STORAGE_FILE_DEFAULT_PATH;
-
- // check that the path is an absolute path
- if (getenv("OS")=="Windows_NT"){
-
- if (!preg_match('`^[a-zA-Z]:`', $path)) {
- phpCAS::error('an absolute path is needed for PGT storage to file');
- }
-
- }
- else
- {
-
- if ( $path[0] != '/' ) {
- phpCAS::error('an absolute path is needed for PGT storage to file');
- }
-
- // store the path (with a leading and trailing '/')
- $path = preg_replace('|[/]*$|','/',$path);
- $path = preg_replace('|^[/]*|','/',$path);
- }
-
- $this->_path = $path;
- // check the format and store it
- switch ($format) {
- case CAS_PGT_STORAGE_FILE_FORMAT_PLAIN:
- case CAS_PGT_STORAGE_FILE_FORMAT_XML:
- $this->_format = $format;
- break;
- default:
- phpCAS::error('unknown PGT file storage format (`'.CAS_PGT_STORAGE_FILE_FORMAT_PLAIN.'\' and `'.CAS_PGT_STORAGE_FILE_FORMAT_XML.'\' allowed)');
- }
- phpCAS::traceEnd();
- }
-
- // ########################################################################
- // INITIALIZATION
- // ########################################################################
-
- /**
- * This method is used to initialize the storage. Halts on error.
- *
- * @public
- */
- function init()
- {
- phpCAS::traceBegin();
- // if the storage has already been initialized, return immediatly
- if ( $this->isInitialized() )
- return;
- // call the ancestor's method (mark as initialized)
- parent::init();
- phpCAS::traceEnd();
- }
-
- // ########################################################################
- // PGT I/O
- // ########################################################################
-
- /**
- * This method returns the filename corresponding to a PGT Iou.
- *
- * @param $pgt_iou the PGT iou.
- *
- * @return a filename
- * @private
- */
- function getPGTIouFilename($pgt_iou)
- {
- phpCAS::traceBegin();
- $filename = $this->getPath().$pgt_iou.'.'.$this->getFormat();
- phpCAS::traceEnd($filename);
- return $filename;
- }
-
- /**
- * This method stores a PGT and its corresponding PGT Iou into a file. Echoes a
- * warning on error.
- *
- * @param $pgt the PGT
- * @param $pgt_iou the PGT iou
- *
- * @public
- */
- function write($pgt,$pgt_iou)
- {
- phpCAS::traceBegin();
- $fname = $this->getPGTIouFilename($pgt_iou);
- if ( $f=fopen($fname,"w") ) {
- if ( fputs($f,$pgt) === FALSE ) {
- phpCAS::error('could not write PGT to `'.$fname.'\'');
- }
- fclose($f);
- } else {
- phpCAS::error('could not open `'.$fname.'\'');
- }
- phpCAS::traceEnd();
- }
-
- /**
- * This method reads a PGT corresponding to a PGT Iou and deletes the
- * corresponding file.
- *
- * @param $pgt_iou the PGT iou
- *
- * @return the corresponding PGT, or FALSE on error
- *
- * @public
- */
- function read($pgt_iou)
- {
- phpCAS::traceBegin();
- $pgt = FALSE;
- $fname = $this->getPGTIouFilename($pgt_iou);
- if ( !($f=fopen($fname,"r")) ) {
- phpCAS::trace('could not open `'.$fname.'\'');
- } else {
- if ( ($pgt=fgets($f)) === FALSE ) {
- phpCAS::trace('could not read PGT from `'.$fname.'\'');
- }
- fclose($f);
- }
-
- // delete the PGT file
- @unlink($fname);
-
- phpCAS::traceEnd($pgt);
- return $pgt;
- }
-
- /** @} */
-
-}
-
-
+<?php + +/** + * @file CAS/PGTStorage/pgt-file.php + * Basic class for PGT file storage + */ + +/** + * @class PGTStorageFile + * The PGTStorageFile class is a class for PGT file storage. An instance of + * this class is returned by CASClient::SetPGTStorageFile(). + * + * @author Pascal Aubry <pascal.aubry at univ-rennes1.fr> + * + * @ingroup internalPGTStorageFile + */ + +class PGTStorageFile extends PGTStorage +{ + /** + * @addtogroup internalPGTStorageFile + * @{ + */ + + /** + * a string telling where PGT's should be stored on the filesystem. Written by + * PGTStorageFile::PGTStorageFile(), read by getPath(). + * + * @private + */ + var $_path; + + /** + * This method returns the name of the directory where PGT's should be stored + * on the filesystem. + * + * @return the name of a directory (with leading and trailing '/') + * + * @private + */ + function getPath() + { + return $this->_path; + } + + /** + * a string telling the format to use to store PGT's (plain or xml). Written by + * PGTStorageFile::PGTStorageFile(), read by getFormat(). + * + * @private + */ + var $_format; + + /** + * This method returns the format to use when storing PGT's on the filesystem. + * + * @return a string corresponding to the format used (plain or xml). + * + * @private + */ + function getFormat() + { + return $this->_format; + } + + // ######################################################################## + // DEBUGGING + // ######################################################################## + + /** + * This method returns an informational string giving the type of storage + * used by the object (used for debugging purposes). + * + * @return an informational string. + * @public + */ + function getStorageType() + { + return "file"; + } + + /** + * This method returns an informational string giving informations on the + * parameters of the storage.(used for debugging purposes). + * + * @return an informational string. + * @public + */ + function getStorageInfo() + { + return 'path=`'.$this->getPath().'\', format=`'.$this->getFormat().'\''; + } + + // ######################################################################## + // CONSTRUCTOR + // ######################################################################## + + /** + * The class constructor, called by CASClient::SetPGTStorageFile(). + * + * @param $cas_parent the CASClient instance that creates the object. + * @param $format the format used to store the PGT's (`plain' and `xml' allowed). + * @param $path the path where the PGT's should be stored + * + * @public + */ + function PGTStorageFile($cas_parent,$format,$path) + { + phpCAS::traceBegin(); + // call the ancestor's constructor + $this->PGTStorage($cas_parent); + + if (empty($format) ) $format = CAS_PGT_STORAGE_FILE_DEFAULT_FORMAT; + if (empty($path) ) $path = CAS_PGT_STORAGE_FILE_DEFAULT_PATH; + + // check that the path is an absolute path + if (getenv("OS")=="Windows_NT"){ + + if (!preg_match('`^[a-zA-Z]:`', $path)) { + phpCAS::error('an absolute path is needed for PGT storage to file'); + } + + } + else + { + + if ( $path[0] != '/' ) { + phpCAS::error('an absolute path is needed for PGT storage to file'); + } + + // store the path (with a leading and trailing '/') + $path = preg_replace('|[/]*$|','/',$path); + $path = preg_replace('|^[/]*|','/',$path); + } + + $this->_path = $path; + // check the format and store it + switch ($format) { + case CAS_PGT_STORAGE_FILE_FORMAT_PLAIN: + case CAS_PGT_STORAGE_FILE_FORMAT_XML: + $this->_format = $format; + break; + default: + phpCAS::error('unknown PGT file storage format (`'.CAS_PGT_STORAGE_FILE_FORMAT_PLAIN.'\' and `'.CAS_PGT_STORAGE_FILE_FORMAT_XML.'\' allowed)'); + } + phpCAS::traceEnd(); + } + + // ######################################################################## + // INITIALIZATION + // ######################################################################## + + /** + * This method is used to initialize the storage. Halts on error. + * + * @public + */ + function init() + { + phpCAS::traceBegin(); + // if the storage has already been initialized, return immediatly + if ( $this->isInitialized() ) + return; + // call the ancestor's method (mark as initialized) + parent::init(); + phpCAS::traceEnd(); + } + + // ######################################################################## + // PGT I/O + // ######################################################################## + + /** + * This method returns the filename corresponding to a PGT Iou. + * + * @param $pgt_iou the PGT iou. + * + * @return a filename + * @private + */ + function getPGTIouFilename($pgt_iou) + { + phpCAS::traceBegin(); + $filename = $this->getPath().$pgt_iou.'.'.$this->getFormat(); + phpCAS::traceEnd($filename); + return $filename; + } + + /** + * This method stores a PGT and its corresponding PGT Iou into a file. Echoes a + * warning on error. + * + * @param $pgt the PGT + * @param $pgt_iou the PGT iou + * + * @public + */ + function write($pgt,$pgt_iou) + { + phpCAS::traceBegin(); + $fname = $this->getPGTIouFilename($pgt_iou); + if ( $f=fopen($fname,"w") ) { + if ( fputs($f,$pgt) === FALSE ) { + phpCAS::error('could not write PGT to `'.$fname.'\''); + } + fclose($f); + } else { + phpCAS::error('could not open `'.$fname.'\''); + } + phpCAS::traceEnd(); + } + + /** + * This method reads a PGT corresponding to a PGT Iou and deletes the + * corresponding file. + * + * @param $pgt_iou the PGT iou + * + * @return the corresponding PGT, or FALSE on error + * + * @public + */ + function read($pgt_iou) + { + phpCAS::traceBegin(); + $pgt = FALSE; + $fname = $this->getPGTIouFilename($pgt_iou); + if ( !($f=fopen($fname,"r")) ) { + phpCAS::trace('could not open `'.$fname.'\''); + } else { + if ( ($pgt=fgets($f)) === FALSE ) { + phpCAS::trace('could not read PGT from `'.$fname.'\''); + } + fclose($f); + } + + // delete the PGT file + @unlink($fname); + + phpCAS::traceEnd($pgt); + return $pgt; + } + + /** @} */ + +} + + ?>
\ No newline at end of file diff --git a/plugins/CasAuthentication/extlib/CAS/PGTStorage/pgt-main.php b/plugins/CasAuthentication/extlib/CAS/PGTStorage/pgt-main.php index cd9b49967..8fd3c9e12 100644 --- a/plugins/CasAuthentication/extlib/CAS/PGTStorage/pgt-main.php +++ b/plugins/CasAuthentication/extlib/CAS/PGTStorage/pgt-main.php @@ -1,188 +1,188 @@ -<?php
-
-/**
- * @file CAS/PGTStorage/pgt-main.php
- * Basic class for PGT storage
- */
-
-/**
- * @class PGTStorage
- * The PGTStorage class is a generic class for PGT storage. This class should
- * not be instanciated itself but inherited by specific PGT storage classes.
- *
- * @author Pascal Aubry <pascal.aubry at univ-rennes1.fr>
- *
- * @ingroup internalPGTStorage
- */
-
-class PGTStorage
-{
- /**
- * @addtogroup internalPGTStorage
- * @{
- */
-
- // ########################################################################
- // CONSTRUCTOR
- // ########################################################################
-
- /**
- * The constructor of the class, should be called only by inherited classes.
- *
- * @param $cas_parent the CASclient instance that creates the current object.
- *
- * @protected
- */
- function PGTStorage($cas_parent)
- {
- phpCAS::traceBegin();
- if ( !$cas_parent->isProxy() ) {
- phpCAS::error('defining PGT storage makes no sense when not using a CAS proxy');
- }
- phpCAS::traceEnd();
- }
-
- // ########################################################################
- // DEBUGGING
- // ########################################################################
-
- /**
- * This virtual method returns an informational string giving the type of storage
- * used by the object (used for debugging purposes).
- *
- * @public
- */
- function getStorageType()
- {
- phpCAS::error(__CLASS__.'::'.__FUNCTION__.'() should never be called');
- }
-
- /**
- * This virtual method returns an informational string giving informations on the
- * parameters of the storage.(used for debugging purposes).
- *
- * @public
- */
- function getStorageInfo()
- {
- phpCAS::error(__CLASS__.'::'.__FUNCTION__.'() should never be called');
- }
-
- // ########################################################################
- // ERROR HANDLING
- // ########################################################################
-
- /**
- * string used to store an error message. Written by PGTStorage::setErrorMessage(),
- * read by PGTStorage::getErrorMessage().
- *
- * @hideinitializer
- * @private
- * @deprecated not used.
- */
- var $_error_message=FALSE;
-
- /**
- * This method sets en error message, which can be read later by
- * PGTStorage::getErrorMessage().
- *
- * @param $error_message an error message
- *
- * @protected
- * @deprecated not used.
- */
- function setErrorMessage($error_message)
- {
- $this->_error_message = $error_message;
- }
-
- /**
- * This method returns an error message set by PGTStorage::setErrorMessage().
- *
- * @return an error message when set by PGTStorage::setErrorMessage(), FALSE
- * otherwise.
- *
- * @public
- * @deprecated not used.
- */
- function getErrorMessage()
- {
- return $this->_error_message;
- }
-
- // ########################################################################
- // INITIALIZATION
- // ########################################################################
-
- /**
- * a boolean telling if the storage has already been initialized. Written by
- * PGTStorage::init(), read by PGTStorage::isInitialized().
- *
- * @hideinitializer
- * @private
- */
- var $_initialized = FALSE;
-
- /**
- * This method tells if the storage has already been intialized.
- *
- * @return a boolean
- *
- * @protected
- */
- function isInitialized()
- {
- return $this->_initialized;
- }
-
- /**
- * This virtual method initializes the object.
- *
- * @protected
- */
- function init()
- {
- $this->_initialized = TRUE;
- }
-
- // ########################################################################
- // PGT I/O
- // ########################################################################
-
- /**
- * This virtual method stores a PGT and its corresponding PGT Iuo.
- * @note Should never be called.
- *
- * @param $pgt the PGT
- * @param $pgt_iou the PGT iou
- *
- * @protected
- */
- function write($pgt,$pgt_iou)
- {
- phpCAS::error(__CLASS__.'::'.__FUNCTION__.'() should never be called');
- }
-
- /**
- * This virtual method reads a PGT corresponding to a PGT Iou and deletes
- * the corresponding storage entry.
- * @note Should never be called.
- *
- * @param $pgt_iou the PGT iou
- *
- * @protected
- */
- function read($pgt_iou)
- {
- phpCAS::error(__CLASS__.'::'.__FUNCTION__.'() should never be called');
- }
-
- /** @} */
-
-}
-
-// include specific PGT storage classes
-include_once(dirname(__FILE__).'/pgt-file.php');
-include_once(dirname(__FILE__).'/pgt-db.php');
-
+<?php + +/** + * @file CAS/PGTStorage/pgt-main.php + * Basic class for PGT storage + */ + +/** + * @class PGTStorage + * The PGTStorage class is a generic class for PGT storage. This class should + * not be instanciated itself but inherited by specific PGT storage classes. + * + * @author Pascal Aubry <pascal.aubry at univ-rennes1.fr> + * + * @ingroup internalPGTStorage + */ + +class PGTStorage +{ + /** + * @addtogroup internalPGTStorage + * @{ + */ + + // ######################################################################## + // CONSTRUCTOR + // ######################################################################## + + /** + * The constructor of the class, should be called only by inherited classes. + * + * @param $cas_parent the CASclient instance that creates the current object. + * + * @protected + */ + function PGTStorage($cas_parent) + { + phpCAS::traceBegin(); + if ( !$cas_parent->isProxy() ) { + phpCAS::error('defining PGT storage makes no sense when not using a CAS proxy'); + } + phpCAS::traceEnd(); + } + + // ######################################################################## + // DEBUGGING + // ######################################################################## + + /** + * This virtual method returns an informational string giving the type of storage + * used by the object (used for debugging purposes). + * + * @public + */ + function getStorageType() + { + phpCAS::error(__CLASS__.'::'.__FUNCTION__.'() should never be called'); + } + + /** + * This virtual method returns an informational string giving informations on the + * parameters of the storage.(used for debugging purposes). + * + * @public + */ + function getStorageInfo() + { + phpCAS::error(__CLASS__.'::'.__FUNCTION__.'() should never be called'); + } + + // ######################################################################## + // ERROR HANDLING + // ######################################################################## + + /** + * string used to store an error message. Written by PGTStorage::setErrorMessage(), + * read by PGTStorage::getErrorMessage(). + * + * @hideinitializer + * @private + * @deprecated not used. + */ + var $_error_message=FALSE; + + /** + * This method sets en error message, which can be read later by + * PGTStorage::getErrorMessage(). + * + * @param $error_message an error message + * + * @protected + * @deprecated not used. + */ + function setErrorMessage($error_message) + { + $this->_error_message = $error_message; + } + + /** + * This method returns an error message set by PGTStorage::setErrorMessage(). + * + * @return an error message when set by PGTStorage::setErrorMessage(), FALSE + * otherwise. + * + * @public + * @deprecated not used. + */ + function getErrorMessage() + { + return $this->_error_message; + } + + // ######################################################################## + // INITIALIZATION + // ######################################################################## + + /** + * a boolean telling if the storage has already been initialized. Written by + * PGTStorage::init(), read by PGTStorage::isInitialized(). + * + * @hideinitializer + * @private + */ + var $_initialized = FALSE; + + /** + * This method tells if the storage has already been intialized. + * + * @return a boolean + * + * @protected + */ + function isInitialized() + { + return $this->_initialized; + } + + /** + * This virtual method initializes the object. + * + * @protected + */ + function init() + { + $this->_initialized = TRUE; + } + + // ######################################################################## + // PGT I/O + // ######################################################################## + + /** + * This virtual method stores a PGT and its corresponding PGT Iuo. + * @note Should never be called. + * + * @param $pgt the PGT + * @param $pgt_iou the PGT iou + * + * @protected + */ + function write($pgt,$pgt_iou) + { + phpCAS::error(__CLASS__.'::'.__FUNCTION__.'() should never be called'); + } + + /** + * This virtual method reads a PGT corresponding to a PGT Iou and deletes + * the corresponding storage entry. + * @note Should never be called. + * + * @param $pgt_iou the PGT iou + * + * @protected + */ + function read($pgt_iou) + { + phpCAS::error(__CLASS__.'::'.__FUNCTION__.'() should never be called'); + } + + /** @} */ + +} + +// include specific PGT storage classes +include_once(dirname(__FILE__).'/pgt-file.php'); +include_once(dirname(__FILE__).'/pgt-db.php'); + ?>
\ No newline at end of file diff --git a/plugins/CasAuthentication/extlib/CAS/client.php b/plugins/CasAuthentication/extlib/CAS/client.php index bfea59052..bbde55a28 100644 --- a/plugins/CasAuthentication/extlib/CAS/client.php +++ b/plugins/CasAuthentication/extlib/CAS/client.php @@ -1,2297 +1,2297 @@ -<?php
-
-/**
- * @file CAS/client.php
- * Main class of the phpCAS library
- */
-
-// include internationalization stuff
-include_once(dirname(__FILE__).'/languages/languages.php');
-
-// include PGT storage classes
-include_once(dirname(__FILE__).'/PGTStorage/pgt-main.php');
-
-/**
- * @class CASClient
- * The CASClient class is a client interface that provides CAS authentication
- * to PHP applications.
- *
- * @author Pascal Aubry <pascal.aubry at univ-rennes1.fr>
- */
-
-class CASClient
-{
-
- // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
- // XX XX
- // XX CONFIGURATION XX
- // XX XX
- // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
-
- // ########################################################################
- // HTML OUTPUT
- // ########################################################################
- /**
- * @addtogroup internalOutput
- * @{
- */
-
- /**
- * This method filters a string by replacing special tokens by appropriate values
- * and prints it. The corresponding tokens are taken into account:
- * - __CAS_VERSION__
- * - __PHPCAS_VERSION__
- * - __SERVER_BASE_URL__
- *
- * Used by CASClient::PrintHTMLHeader() and CASClient::printHTMLFooter().
- *
- * @param $str the string to filter and output
- *
- * @private
- */
- function HTMLFilterOutput($str)
- {
- $str = str_replace('__CAS_VERSION__',$this->getServerVersion(),$str);
- $str = str_replace('__PHPCAS_VERSION__',phpCAS::getVersion(),$str);
- $str = str_replace('__SERVER_BASE_URL__',$this->getServerBaseURL(),$str);
- echo $str;
- }
-
- /**
- * A string used to print the header of HTML pages. Written by CASClient::setHTMLHeader(),
- * read by CASClient::printHTMLHeader().
- *
- * @hideinitializer
- * @private
- * @see CASClient::setHTMLHeader, CASClient::printHTMLHeader()
- */
- var $_output_header = '';
-
- /**
- * This method prints the header of the HTML output (after filtering). If
- * CASClient::setHTMLHeader() was not used, a default header is output.
- *
- * @param $title the title of the page
- *
- * @see HTMLFilterOutput()
- * @private
- */
- function printHTMLHeader($title)
- {
- $this->HTMLFilterOutput(str_replace('__TITLE__',
- $title,
- (empty($this->_output_header)
- ? '<html><head><title>__TITLE__</title></head><body><h1>__TITLE__</h1>'
- : $this->_output_header)
- )
- );
- }
-
- /**
- * A string used to print the footer of HTML pages. Written by CASClient::setHTMLFooter(),
- * read by printHTMLFooter().
- *
- * @hideinitializer
- * @private
- * @see CASClient::setHTMLFooter, CASClient::printHTMLFooter()
- */
- var $_output_footer = '';
-
- /**
- * This method prints the footer of the HTML output (after filtering). If
- * CASClient::setHTMLFooter() was not used, a default footer is output.
- *
- * @see HTMLFilterOutput()
- * @private
- */
- function printHTMLFooter()
- {
- $this->HTMLFilterOutput(empty($this->_output_footer)
- ?('<hr><address>phpCAS __PHPCAS_VERSION__ '.$this->getString(CAS_STR_USING_SERVER).' <a href="__SERVER_BASE_URL__">__SERVER_BASE_URL__</a> (CAS __CAS_VERSION__)</a></address></body></html>')
- :$this->_output_footer);
- }
-
- /**
- * This method set the HTML header used for all outputs.
- *
- * @param $header the HTML header.
- *
- * @public
- */
- function setHTMLHeader($header)
- {
- $this->_output_header = $header;
- }
-
- /**
- * This method set the HTML footer used for all outputs.
- *
- * @param $footer the HTML footer.
- *
- * @public
- */
- function setHTMLFooter($footer)
- {
- $this->_output_footer = $footer;
- }
-
- /** @} */
- // ########################################################################
- // INTERNATIONALIZATION
- // ########################################################################
- /**
- * @addtogroup internalLang
- * @{
- */
- /**
- * A string corresponding to the language used by phpCAS. Written by
- * CASClient::setLang(), read by CASClient::getLang().
-
- * @note debugging information is always in english (debug purposes only).
- *
- * @hideinitializer
- * @private
- * @sa CASClient::_strings, CASClient::getString()
- */
- var $_lang = '';
-
- /**
- * This method returns the language used by phpCAS.
- *
- * @return a string representing the language
- *
- * @private
- */
- function getLang()
- {
- if ( empty($this->_lang) )
- $this->setLang(PHPCAS_LANG_DEFAULT);
- return $this->_lang;
- }
-
- /**
- * array containing the strings used by phpCAS. Written by CASClient::setLang(), read by
- * CASClient::getString() and used by CASClient::setLang().
- *
- * @note This array is filled by instructions in CAS/languages/<$this->_lang>.php
- *
- * @private
- * @see CASClient::_lang, CASClient::getString(), CASClient::setLang(), CASClient::getLang()
- */
- var $_strings;
-
- /**
- * This method returns a string depending on the language.
- *
- * @param $str the index of the string in $_string.
- *
- * @return the string corresponding to $index in $string.
- *
- * @private
- */
- function getString($str)
- {
- // call CASclient::getLang() to be sure the language is initialized
- $this->getLang();
-
- if ( !isset($this->_strings[$str]) ) {
- trigger_error('string `'.$str.'\' not defined for language `'.$this->getLang().'\'',E_USER_ERROR);
- }
- return $this->_strings[$str];
- }
-
- /**
- * This method is used to set the language used by phpCAS.
- * @note Can be called only once.
- *
- * @param $lang a string representing the language.
- *
- * @public
- * @sa CAS_LANG_FRENCH, CAS_LANG_ENGLISH
- */
- function setLang($lang)
- {
- // include the corresponding language file
- include_once(dirname(__FILE__).'/languages/'.$lang.'.php');
-
- if ( !is_array($this->_strings) ) {
- trigger_error('language `'.$lang.'\' is not implemented',E_USER_ERROR);
- }
- $this->_lang = $lang;
- }
-
- /** @} */
- // ########################################################################
- // CAS SERVER CONFIG
- // ########################################################################
- /**
- * @addtogroup internalConfig
- * @{
- */
-
- /**
- * a record to store information about the CAS server.
- * - $_server["version"]: the version of the CAS server
- * - $_server["hostname"]: the hostname of the CAS server
- * - $_server["port"]: the port the CAS server is running on
- * - $_server["uri"]: the base URI the CAS server is responding on
- * - $_server["base_url"]: the base URL of the CAS server
- * - $_server["login_url"]: the login URL of the CAS server
- * - $_server["service_validate_url"]: the service validating URL of the CAS server
- * - $_server["proxy_url"]: the proxy URL of the CAS server
- * - $_server["proxy_validate_url"]: the proxy validating URL of the CAS server
- * - $_server["logout_url"]: the logout URL of the CAS server
- *
- * $_server["version"], $_server["hostname"], $_server["port"] and $_server["uri"]
- * are written by CASClient::CASClient(), read by CASClient::getServerVersion(),
- * CASClient::getServerHostname(), CASClient::getServerPort() and CASClient::getServerURI().
- *
- * The other fields are written and read by CASClient::getServerBaseURL(),
- * CASClient::getServerLoginURL(), CASClient::getServerServiceValidateURL(),
- * CASClient::getServerProxyValidateURL() and CASClient::getServerLogoutURL().
- *
- * @hideinitializer
- * @private
- */
- var $_server = array(
- 'version' => -1,
- 'hostname' => 'none',
- 'port' => -1,
- 'uri' => 'none'
- );
-
- /**
- * This method is used to retrieve the version of the CAS server.
- * @return the version of the CAS server.
- * @private
- */
- function getServerVersion()
- {
- return $this->_server['version'];
- }
-
- /**
- * This method is used to retrieve the hostname of the CAS server.
- * @return the hostname of the CAS server.
- * @private
- */
- function getServerHostname()
- { return $this->_server['hostname']; }
-
- /**
- * This method is used to retrieve the port of the CAS server.
- * @return the port of the CAS server.
- * @private
- */
- function getServerPort()
- { return $this->_server['port']; }
-
- /**
- * This method is used to retrieve the URI of the CAS server.
- * @return a URI.
- * @private
- */
- function getServerURI()
- { return $this->_server['uri']; }
-
- /**
- * This method is used to retrieve the base URL of the CAS server.
- * @return a URL.
- * @private
- */
- function getServerBaseURL()
- {
- // the URL is build only when needed
- if ( empty($this->_server['base_url']) ) {
- $this->_server['base_url'] = 'https://'
- .$this->getServerHostname()
- .':'
- .$this->getServerPort()
- .$this->getServerURI();
- }
- return $this->_server['base_url'];
- }
-
- /**
- * This method is used to retrieve the login URL of the CAS server.
- * @param $gateway true to check authentication, false to force it
- * @param $renew true to force the authentication with the CAS server
- * NOTE : It is recommended that CAS implementations ignore the
- "gateway" parameter if "renew" is set
- * @return a URL.
- * @private
- */
- function getServerLoginURL($gateway=false,$renew=false) {
- phpCAS::traceBegin();
- // the URL is build only when needed
- if ( empty($this->_server['login_url']) ) {
- $this->_server['login_url'] = $this->getServerBaseURL();
- $this->_server['login_url'] .= 'login?service=';
- // $this->_server['login_url'] .= preg_replace('/&/','%26',$this->getURL());
- $this->_server['login_url'] .= urlencode($this->getURL());
- if($renew) {
- // It is recommended that when the "renew" parameter is set, its value be "true"
- $this->_server['login_url'] .= '&renew=true';
- } elseif ($gateway) {
- // It is recommended that when the "gateway" parameter is set, its value be "true"
- $this->_server['login_url'] .= '&gateway=true';
- }
- }
- phpCAS::traceEnd($this->_server['login_url']);
- return $this->_server['login_url'];
- }
-
- /**
- * This method sets the login URL of the CAS server.
- * @param $url the login URL
- * @private
- * @since 0.4.21 by Wyman Chan
- */
- function setServerLoginURL($url)
- {
- return $this->_server['login_url'] = $url;
- }
-
- /**
- * This method is used to retrieve the service validating URL of the CAS server.
- * @return a URL.
- * @private
- */
- function getServerServiceValidateURL()
- {
- // the URL is build only when needed
- if ( empty($this->_server['service_validate_url']) ) {
- switch ($this->getServerVersion()) {
- case CAS_VERSION_1_0:
- $this->_server['service_validate_url'] = $this->getServerBaseURL().'validate';
- break;
- case CAS_VERSION_2_0:
- $this->_server['service_validate_url'] = $this->getServerBaseURL().'serviceValidate';
- break;
- }
- }
- // return $this->_server['service_validate_url'].'?service='.preg_replace('/&/','%26',$this->getURL());
- return $this->_server['service_validate_url'].'?service='.urlencode($this->getURL());
- }
-
- /**
- * This method is used to retrieve the proxy validating URL of the CAS server.
- * @return a URL.
- * @private
- */
- function getServerProxyValidateURL()
- {
- // the URL is build only when needed
- if ( empty($this->_server['proxy_validate_url']) ) {
- switch ($this->getServerVersion()) {
- case CAS_VERSION_1_0:
- $this->_server['proxy_validate_url'] = '';
- break;
- case CAS_VERSION_2_0:
- $this->_server['proxy_validate_url'] = $this->getServerBaseURL().'proxyValidate';
- break;
- }
- }
- // return $this->_server['proxy_validate_url'].'?service='.preg_replace('/&/','%26',$this->getURL());
- return $this->_server['proxy_validate_url'].'?service='.urlencode($this->getURL());
- }
-
- /**
- * This method is used to retrieve the proxy URL of the CAS server.
- * @return a URL.
- * @private
- */
- function getServerProxyURL()
- {
- // the URL is build only when needed
- if ( empty($this->_server['proxy_url']) ) {
- switch ($this->getServerVersion()) {
- case CAS_VERSION_1_0:
- $this->_server['proxy_url'] = '';
- break;
- case CAS_VERSION_2_0:
- $this->_server['proxy_url'] = $this->getServerBaseURL().'proxy';
- break;
- }
- }
- return $this->_server['proxy_url'];
- }
-
- /**
- * This method is used to retrieve the logout URL of the CAS server.
- * @return a URL.
- * @private
- */
- function getServerLogoutURL()
- {
- // the URL is build only when needed
- if ( empty($this->_server['logout_url']) ) {
- $this->_server['logout_url'] = $this->getServerBaseURL().'logout';
- }
- return $this->_server['logout_url'];
- }
-
- /**
- * This method sets the logout URL of the CAS server.
- * @param $url the logout URL
- * @private
- * @since 0.4.21 by Wyman Chan
- */
- function setServerLogoutURL($url)
- {
- return $this->_server['logout_url'] = $url;
- }
-
- /**
- * An array to store extra curl options.
- */
- var $_curl_options = array();
-
- /**
- * This method is used to set additional user curl options.
- */
- function setExtraCurlOption($key, $value)
- {
- $this->_curl_options[$key] = $value;
- }
-
- /**
- * This method checks to see if the request is secured via HTTPS
- * @return true if https, false otherwise
- * @private
- */
- function isHttps() {
- //if ( isset($_SERVER['HTTPS']) && !empty($_SERVER['HTTPS']) ) {
- //0.4.24 by Hinnack
- if ( isset($_SERVER['HTTPS']) && !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') {
- return true;
- } else {
- return false;
- }
- }
-
- // ########################################################################
- // CONSTRUCTOR
- // ########################################################################
- /**
- * CASClient constructor.
- *
- * @param $server_version the version of the CAS server
- * @param $proxy TRUE if the CAS client is a CAS proxy, FALSE otherwise
- * @param $server_hostname the hostname of the CAS server
- * @param $server_port the port the CAS server is running on
- * @param $server_uri the URI the CAS server is responding on
- * @param $start_session Have phpCAS start PHP sessions (default true)
- *
- * @return a newly created CASClient object
- *
- * @public
- */
- function CASClient(
- $server_version,
- $proxy,
- $server_hostname,
- $server_port,
- $server_uri,
- $start_session = true) {
-
- phpCAS::traceBegin();
-
- if (!$this->isLogoutRequest() && !empty($_GET['ticket']) && $start_session) {
- // copy old session vars and destroy the current session
- if (!isset($_SESSION)) {
- session_start();
- }
- $old_session = $_SESSION;
- session_destroy();
- // set up a new session, of name based on the ticket
- $session_id = preg_replace('/[^\w]/','',$_GET['ticket']);
- phpCAS::LOG("Session ID: " . $session_id);
- session_id($session_id);
- if (!isset($_SESSION)) {
- session_start();
- }
- // restore old session vars
+<?php + +/** + * @file CAS/client.php + * Main class of the phpCAS library + */ + +// include internationalization stuff +include_once(dirname(__FILE__).'/languages/languages.php'); + +// include PGT storage classes +include_once(dirname(__FILE__).'/PGTStorage/pgt-main.php'); + +/** + * @class CASClient + * The CASClient class is a client interface that provides CAS authentication + * to PHP applications. + * + * @author Pascal Aubry <pascal.aubry at univ-rennes1.fr> + */ + +class CASClient +{ + + // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + // XX XX + // XX CONFIGURATION XX + // XX XX + // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + + // ######################################################################## + // HTML OUTPUT + // ######################################################################## + /** + * @addtogroup internalOutput + * @{ + */ + + /** + * This method filters a string by replacing special tokens by appropriate values + * and prints it. The corresponding tokens are taken into account: + * - __CAS_VERSION__ + * - __PHPCAS_VERSION__ + * - __SERVER_BASE_URL__ + * + * Used by CASClient::PrintHTMLHeader() and CASClient::printHTMLFooter(). + * + * @param $str the string to filter and output + * + * @private + */ + function HTMLFilterOutput($str) + { + $str = str_replace('__CAS_VERSION__',$this->getServerVersion(),$str); + $str = str_replace('__PHPCAS_VERSION__',phpCAS::getVersion(),$str); + $str = str_replace('__SERVER_BASE_URL__',$this->getServerBaseURL(),$str); + echo $str; + } + + /** + * A string used to print the header of HTML pages. Written by CASClient::setHTMLHeader(), + * read by CASClient::printHTMLHeader(). + * + * @hideinitializer + * @private + * @see CASClient::setHTMLHeader, CASClient::printHTMLHeader() + */ + var $_output_header = ''; + + /** + * This method prints the header of the HTML output (after filtering). If + * CASClient::setHTMLHeader() was not used, a default header is output. + * + * @param $title the title of the page + * + * @see HTMLFilterOutput() + * @private + */ + function printHTMLHeader($title) + { + $this->HTMLFilterOutput(str_replace('__TITLE__', + $title, + (empty($this->_output_header) + ? '<html><head><title>__TITLE__</title></head><body><h1>__TITLE__</h1>' + : $this->_output_header) + ) + ); + } + + /** + * A string used to print the footer of HTML pages. Written by CASClient::setHTMLFooter(), + * read by printHTMLFooter(). + * + * @hideinitializer + * @private + * @see CASClient::setHTMLFooter, CASClient::printHTMLFooter() + */ + var $_output_footer = ''; + + /** + * This method prints the footer of the HTML output (after filtering). If + * CASClient::setHTMLFooter() was not used, a default footer is output. + * + * @see HTMLFilterOutput() + * @private + */ + function printHTMLFooter() + { + $this->HTMLFilterOutput(empty($this->_output_footer) + ?('<hr><address>phpCAS __PHPCAS_VERSION__ '.$this->getString(CAS_STR_USING_SERVER).' <a href="__SERVER_BASE_URL__">__SERVER_BASE_URL__</a> (CAS __CAS_VERSION__)</a></address></body></html>') + :$this->_output_footer); + } + + /** + * This method set the HTML header used for all outputs. + * + * @param $header the HTML header. + * + * @public + */ + function setHTMLHeader($header) + { + $this->_output_header = $header; + } + + /** + * This method set the HTML footer used for all outputs. + * + * @param $footer the HTML footer. + * + * @public + */ + function setHTMLFooter($footer) + { + $this->_output_footer = $footer; + } + + /** @} */ + // ######################################################################## + // INTERNATIONALIZATION + // ######################################################################## + /** + * @addtogroup internalLang + * @{ + */ + /** + * A string corresponding to the language used by phpCAS. Written by + * CASClient::setLang(), read by CASClient::getLang(). + + * @note debugging information is always in english (debug purposes only). + * + * @hideinitializer + * @private + * @sa CASClient::_strings, CASClient::getString() + */ + var $_lang = ''; + + /** + * This method returns the language used by phpCAS. + * + * @return a string representing the language + * + * @private + */ + function getLang() + { + if ( empty($this->_lang) ) + $this->setLang(PHPCAS_LANG_DEFAULT); + return $this->_lang; + } + + /** + * array containing the strings used by phpCAS. Written by CASClient::setLang(), read by + * CASClient::getString() and used by CASClient::setLang(). + * + * @note This array is filled by instructions in CAS/languages/<$this->_lang>.php + * + * @private + * @see CASClient::_lang, CASClient::getString(), CASClient::setLang(), CASClient::getLang() + */ + var $_strings; + + /** + * This method returns a string depending on the language. + * + * @param $str the index of the string in $_string. + * + * @return the string corresponding to $index in $string. + * + * @private + */ + function getString($str) + { + // call CASclient::getLang() to be sure the language is initialized + $this->getLang(); + + if ( !isset($this->_strings[$str]) ) { + trigger_error('string `'.$str.'\' not defined for language `'.$this->getLang().'\'',E_USER_ERROR); + } + return $this->_strings[$str]; + } + + /** + * This method is used to set the language used by phpCAS. + * @note Can be called only once. + * + * @param $lang a string representing the language. + * + * @public + * @sa CAS_LANG_FRENCH, CAS_LANG_ENGLISH + */ + function setLang($lang) + { + // include the corresponding language file + include_once(dirname(__FILE__).'/languages/'.$lang.'.php'); + + if ( !is_array($this->_strings) ) { + trigger_error('language `'.$lang.'\' is not implemented',E_USER_ERROR); + } + $this->_lang = $lang; + } + + /** @} */ + // ######################################################################## + // CAS SERVER CONFIG + // ######################################################################## + /** + * @addtogroup internalConfig + * @{ + */ + + /** + * a record to store information about the CAS server. + * - $_server["version"]: the version of the CAS server + * - $_server["hostname"]: the hostname of the CAS server + * - $_server["port"]: the port the CAS server is running on + * - $_server["uri"]: the base URI the CAS server is responding on + * - $_server["base_url"]: the base URL of the CAS server + * - $_server["login_url"]: the login URL of the CAS server + * - $_server["service_validate_url"]: the service validating URL of the CAS server + * - $_server["proxy_url"]: the proxy URL of the CAS server + * - $_server["proxy_validate_url"]: the proxy validating URL of the CAS server + * - $_server["logout_url"]: the logout URL of the CAS server + * + * $_server["version"], $_server["hostname"], $_server["port"] and $_server["uri"] + * are written by CASClient::CASClient(), read by CASClient::getServerVersion(), + * CASClient::getServerHostname(), CASClient::getServerPort() and CASClient::getServerURI(). + * + * The other fields are written and read by CASClient::getServerBaseURL(), + * CASClient::getServerLoginURL(), CASClient::getServerServiceValidateURL(), + * CASClient::getServerProxyValidateURL() and CASClient::getServerLogoutURL(). + * + * @hideinitializer + * @private + */ + var $_server = array( + 'version' => -1, + 'hostname' => 'none', + 'port' => -1, + 'uri' => 'none' + ); + + /** + * This method is used to retrieve the version of the CAS server. + * @return the version of the CAS server. + * @private + */ + function getServerVersion() + { + return $this->_server['version']; + } + + /** + * This method is used to retrieve the hostname of the CAS server. + * @return the hostname of the CAS server. + * @private + */ + function getServerHostname() + { return $this->_server['hostname']; } + + /** + * This method is used to retrieve the port of the CAS server. + * @return the port of the CAS server. + * @private + */ + function getServerPort() + { return $this->_server['port']; } + + /** + * This method is used to retrieve the URI of the CAS server. + * @return a URI. + * @private + */ + function getServerURI() + { return $this->_server['uri']; } + + /** + * This method is used to retrieve the base URL of the CAS server. + * @return a URL. + * @private + */ + function getServerBaseURL() + { + // the URL is build only when needed + if ( empty($this->_server['base_url']) ) { + $this->_server['base_url'] = 'https://' + .$this->getServerHostname() + .':' + .$this->getServerPort() + .$this->getServerURI(); + } + return $this->_server['base_url']; + } + + /** + * This method is used to retrieve the login URL of the CAS server. + * @param $gateway true to check authentication, false to force it + * @param $renew true to force the authentication with the CAS server + * NOTE : It is recommended that CAS implementations ignore the + "gateway" parameter if "renew" is set + * @return a URL. + * @private + */ + function getServerLoginURL($gateway=false,$renew=false) { + phpCAS::traceBegin(); + // the URL is build only when needed + if ( empty($this->_server['login_url']) ) { + $this->_server['login_url'] = $this->getServerBaseURL(); + $this->_server['login_url'] .= 'login?service='; + // $this->_server['login_url'] .= preg_replace('/&/','%26',$this->getURL()); + $this->_server['login_url'] .= urlencode($this->getURL()); + if($renew) { + // It is recommended that when the "renew" parameter is set, its value be "true" + $this->_server['login_url'] .= '&renew=true'; + } elseif ($gateway) { + // It is recommended that when the "gateway" parameter is set, its value be "true" + $this->_server['login_url'] .= '&gateway=true'; + } + } + phpCAS::traceEnd($this->_server['login_url']); + return $this->_server['login_url']; + } + + /** + * This method sets the login URL of the CAS server. + * @param $url the login URL + * @private + * @since 0.4.21 by Wyman Chan + */ + function setServerLoginURL($url) + { + return $this->_server['login_url'] = $url; + } + + /** + * This method is used to retrieve the service validating URL of the CAS server. + * @return a URL. + * @private + */ + function getServerServiceValidateURL() + { + // the URL is build only when needed + if ( empty($this->_server['service_validate_url']) ) { + switch ($this->getServerVersion()) { + case CAS_VERSION_1_0: + $this->_server['service_validate_url'] = $this->getServerBaseURL().'validate'; + break; + case CAS_VERSION_2_0: + $this->_server['service_validate_url'] = $this->getServerBaseURL().'serviceValidate'; + break; + } + } + // return $this->_server['service_validate_url'].'?service='.preg_replace('/&/','%26',$this->getURL()); + return $this->_server['service_validate_url'].'?service='.urlencode($this->getURL()); + } + + /** + * This method is used to retrieve the proxy validating URL of the CAS server. + * @return a URL. + * @private + */ + function getServerProxyValidateURL() + { + // the URL is build only when needed + if ( empty($this->_server['proxy_validate_url']) ) { + switch ($this->getServerVersion()) { + case CAS_VERSION_1_0: + $this->_server['proxy_validate_url'] = ''; + break; + case CAS_VERSION_2_0: + $this->_server['proxy_validate_url'] = $this->getServerBaseURL().'proxyValidate'; + break; + } + } + // return $this->_server['proxy_validate_url'].'?service='.preg_replace('/&/','%26',$this->getURL()); + return $this->_server['proxy_validate_url'].'?service='.urlencode($this->getURL()); + } + + /** + * This method is used to retrieve the proxy URL of the CAS server. + * @return a URL. + * @private + */ + function getServerProxyURL() + { + // the URL is build only when needed + if ( empty($this->_server['proxy_url']) ) { + switch ($this->getServerVersion()) { + case CAS_VERSION_1_0: + $this->_server['proxy_url'] = ''; + break; + case CAS_VERSION_2_0: + $this->_server['proxy_url'] = $this->getServerBaseURL().'proxy'; + break; + } + } + return $this->_server['proxy_url']; + } + + /** + * This method is used to retrieve the logout URL of the CAS server. + * @return a URL. + * @private + */ + function getServerLogoutURL() + { + // the URL is build only when needed + if ( empty($this->_server['logout_url']) ) { + $this->_server['logout_url'] = $this->getServerBaseURL().'logout'; + } + return $this->_server['logout_url']; + } + + /** + * This method sets the logout URL of the CAS server. + * @param $url the logout URL + * @private + * @since 0.4.21 by Wyman Chan + */ + function setServerLogoutURL($url) + { + return $this->_server['logout_url'] = $url; + } + + /** + * An array to store extra curl options. + */ + var $_curl_options = array(); + + /** + * This method is used to set additional user curl options. + */ + function setExtraCurlOption($key, $value) + { + $this->_curl_options[$key] = $value; + } + + /** + * This method checks to see if the request is secured via HTTPS + * @return true if https, false otherwise + * @private + */ + function isHttps() { + //if ( isset($_SERVER['HTTPS']) && !empty($_SERVER['HTTPS']) ) { + //0.4.24 by Hinnack + if ( isset($_SERVER['HTTPS']) && !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') { + return true; + } else { + return false; + } + } + + // ######################################################################## + // CONSTRUCTOR + // ######################################################################## + /** + * CASClient constructor. + * + * @param $server_version the version of the CAS server + * @param $proxy TRUE if the CAS client is a CAS proxy, FALSE otherwise + * @param $server_hostname the hostname of the CAS server + * @param $server_port the port the CAS server is running on + * @param $server_uri the URI the CAS server is responding on + * @param $start_session Have phpCAS start PHP sessions (default true) + * + * @return a newly created CASClient object + * + * @public + */ + function CASClient( + $server_version, + $proxy, + $server_hostname, + $server_port, + $server_uri, + $start_session = true) { + + phpCAS::traceBegin(); + + if (!$this->isLogoutRequest() && !empty($_GET['ticket']) && $start_session) { + // copy old session vars and destroy the current session + if (!isset($_SESSION)) { + session_start(); + } + $old_session = $_SESSION; + session_destroy(); + // set up a new session, of name based on the ticket + $session_id = preg_replace('/[^\w]/','',$_GET['ticket']); + phpCAS::LOG("Session ID: " . $session_id); + session_id($session_id); + if (!isset($_SESSION)) { + session_start(); + } + // restore old session vars $_SESSION = $old_session; // Redirect to location without ticket. - header('Location: '.$this->getURL());
- }
-
- //activate session mechanism if desired
- if (!$this->isLogoutRequest() && $start_session) {
- session_start();
- }
-
- $this->_proxy = $proxy;
-
- //check version
- switch ($server_version) {
- case CAS_VERSION_1_0:
- if ( $this->isProxy() )
- phpCAS::error('CAS proxies are not supported in CAS '
- .$server_version);
- break;
- case CAS_VERSION_2_0:
- break;
- default:
- phpCAS::error('this version of CAS (`'
- .$server_version
- .'\') is not supported by phpCAS '
- .phpCAS::getVersion());
- }
- $this->_server['version'] = $server_version;
-
- //check hostname
- if ( empty($server_hostname)
- || !preg_match('/[\.\d\-abcdefghijklmnopqrstuvwxyz]*/',$server_hostname) ) {
- phpCAS::error('bad CAS server hostname (`'.$server_hostname.'\')');
- }
- $this->_server['hostname'] = $server_hostname;
-
- //check port
- if ( $server_port == 0
- || !is_int($server_port) ) {
- phpCAS::error('bad CAS server port (`'.$server_hostname.'\')');
- }
- $this->_server['port'] = $server_port;
-
- //check URI
- if ( !preg_match('/[\.\d\-_abcdefghijklmnopqrstuvwxyz\/]*/',$server_uri) ) {
- phpCAS::error('bad CAS server URI (`'.$server_uri.'\')');
- }
- //add leading and trailing `/' and remove doubles
- $server_uri = preg_replace('/\/\//','/','/'.$server_uri.'/');
- $this->_server['uri'] = $server_uri;
-
- //set to callback mode if PgtIou and PgtId CGI GET parameters are provided
- if ( $this->isProxy() ) {
- $this->setCallbackMode(!empty($_GET['pgtIou'])&&!empty($_GET['pgtId']));
- }
-
- if ( $this->isCallbackMode() ) {
- //callback mode: check that phpCAS is secured
- if ( !$this->isHttps() ) {
- phpCAS::error('CAS proxies must be secured to use phpCAS; PGT\'s will not be received from the CAS server');
- }
- } else {
- //normal mode: get ticket and remove it from CGI parameters for developpers
- $ticket = (isset($_GET['ticket']) ? $_GET['ticket'] : null);
- switch ($this->getServerVersion()) {
- case CAS_VERSION_1_0: // check for a Service Ticket
- if( preg_match('/^ST-/',$ticket) ) {
- phpCAS::trace('ST \''.$ticket.'\' found');
- //ST present
- $this->setST($ticket);
- //ticket has been taken into account, unset it to hide it to applications
- unset($_GET['ticket']);
- } else if ( !empty($ticket) ) {
- //ill-formed ticket, halt
- phpCAS::error('ill-formed ticket found in the URL (ticket=`'.htmlentities($ticket).'\')');
- }
- break;
- case CAS_VERSION_2_0: // check for a Service or Proxy Ticket
- if( preg_match('/^[SP]T-/',$ticket) ) {
- phpCAS::trace('ST or PT \''.$ticket.'\' found');
- $this->setPT($ticket);
- unset($_GET['ticket']);
- } else if ( !empty($ticket) ) {
- //ill-formed ticket, halt
- phpCAS::error('ill-formed ticket found in the URL (ticket=`'.htmlentities($ticket).'\')');
- }
- break;
- }
- }
- phpCAS::traceEnd();
- }
-
- /** @} */
-
- // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
- // XX XX
- // XX AUTHENTICATION XX
- // XX XX
- // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
-
- /**
- * @addtogroup internalAuthentication
- * @{
- */
-
- /**
- * The Authenticated user. Written by CASClient::setUser(), read by CASClient::getUser().
- * @attention client applications should use phpCAS::getUser().
- *
- * @hideinitializer
- * @private
- */
- var $_user = '';
-
- /**
- * This method sets the CAS user's login name.
- *
- * @param $user the login name of the authenticated user.
- *
- * @private
- */
- function setUser($user)
- {
- $this->_user = $user;
- }
-
- /**
- * This method returns the CAS user's login name.
- * @warning should be called only after CASClient::forceAuthentication() or
- * CASClient::isAuthenticated(), otherwise halt with an error.
- *
- * @return the login name of the authenticated user
- */
- function getUser()
- {
- if ( empty($this->_user) ) {
- phpCAS::error('this method should be used only after '.__CLASS__.'::forceAuthentication() or '.__CLASS__.'::isAuthenticated()');
- }
- return $this->_user;
- }
-
- /**
- * This method is called to renew the authentication of the user
- * If the user is authenticated, renew the connection
- * If not, redirect to CAS
- * @public
- */
- function renewAuthentication(){
- phpCAS::traceBegin();
- // Either way, the user is authenticated by CAS
- if( isset( $_SESSION['phpCAS']['auth_checked'] ) )
- unset($_SESSION['phpCAS']['auth_checked']);
- if ( $this->isAuthenticated() ) {
- phpCAS::trace('user already authenticated; renew');
- $this->redirectToCas(false,true);
- } else {
- $this->redirectToCas();
- }
- phpCAS::traceEnd();
- }
-
- /**
- * This method is called to be sure that the user is authenticated. When not
- * authenticated, halt by redirecting to the CAS server; otherwise return TRUE.
- * @return TRUE when the user is authenticated; otherwise halt.
- * @public
- */
- function forceAuthentication()
- {
- phpCAS::traceBegin();
-
- if ( $this->isAuthenticated() ) {
- // the user is authenticated, nothing to be done.
- phpCAS::trace('no need to authenticate');
- $res = TRUE;
- } else {
- // the user is not authenticated, redirect to the CAS server
- if (isset($_SESSION['phpCAS']['auth_checked'])) {
- unset($_SESSION['phpCAS']['auth_checked']);
- }
- $this->redirectToCas(FALSE/* no gateway */);
- // never reached
- $res = FALSE;
- }
- phpCAS::traceEnd($res);
- return $res;
- }
-
- /**
- * An integer that gives the number of times authentication will be cached before rechecked.
- *
- * @hideinitializer
- * @private
- */
- var $_cache_times_for_auth_recheck = 0;
-
- /**
- * Set the number of times authentication will be cached before rechecked.
- *
- * @param $n an integer.
- *
- * @public
- */
- function setCacheTimesForAuthRecheck($n)
- {
- $this->_cache_times_for_auth_recheck = $n;
- }
-
- /**
- * This method is called to check whether the user is authenticated or not.
- * @return TRUE when the user is authenticated, FALSE otherwise.
- * @public
- */
- function checkAuthentication()
- {
- phpCAS::traceBegin();
-
- if ( $this->isAuthenticated() ) {
- phpCAS::trace('user is authenticated');
- $res = TRUE;
- } else if (isset($_SESSION['phpCAS']['auth_checked'])) {
- // the previous request has redirected the client to the CAS server with gateway=true
- unset($_SESSION['phpCAS']['auth_checked']);
- $res = FALSE;
- } else {
- // $_SESSION['phpCAS']['auth_checked'] = true;
- // $this->redirectToCas(TRUE/* gateway */);
- // // never reached
- // $res = FALSE;
- // avoid a check against CAS on every request
- if (! isset($_SESSION['phpCAS']['unauth_count']) )
- $_SESSION['phpCAS']['unauth_count'] = -2; // uninitialized
-
- if (($_SESSION['phpCAS']['unauth_count'] != -2 && $this->_cache_times_for_auth_recheck == -1)
- || ($_SESSION['phpCAS']['unauth_count'] >= 0 && $_SESSION['phpCAS']['unauth_count'] < $this->_cache_times_for_auth_recheck))
- {
- $res = FALSE;
-
- if ($this->_cache_times_for_auth_recheck != -1)
- {
- $_SESSION['phpCAS']['unauth_count']++;
- phpCAS::trace('user is not authenticated (cached for '.$_SESSION['phpCAS']['unauth_count'].' times of '.$this->_cache_times_for_auth_recheck.')');
- }
- else
- {
- phpCAS::trace('user is not authenticated (cached for until login pressed)');
- }
- }
- else
- {
- $_SESSION['phpCAS']['unauth_count'] = 0;
- $_SESSION['phpCAS']['auth_checked'] = true;
- phpCAS::trace('user is not authenticated (cache reset)');
- $this->redirectToCas(TRUE/* gateway */);
- // never reached
- $res = FALSE;
- }
- }
- phpCAS::traceEnd($res);
- return $res;
- }
-
- /**
- * This method is called to check if the user is authenticated (previously or by
- * tickets given in the URL).
- *
- * @return TRUE when the user is authenticated.
- *
- * @public
- */
- function isAuthenticated()
- {
- phpCAS::traceBegin();
- $res = FALSE;
- $validate_url = '';
-
- if ( $this->wasPreviouslyAuthenticated() ) {
- // the user has already (previously during the session) been
- // authenticated, nothing to be done.
- phpCAS::trace('user was already authenticated, no need to look for tickets');
- $res = TRUE;
- }
- elseif ( $this->hasST() ) {
- // if a Service Ticket was given, validate it
- phpCAS::trace('ST `'.$this->getST().'\' is present');
- $this->validateST($validate_url,$text_response,$tree_response); // if it fails, it halts
- phpCAS::trace('ST `'.$this->getST().'\' was validated');
- if ( $this->isProxy() ) {
- $this->validatePGT($validate_url,$text_response,$tree_response); // idem
- phpCAS::trace('PGT `'.$this->getPGT().'\' was validated');
- $_SESSION['phpCAS']['pgt'] = $this->getPGT();
- }
- $_SESSION['phpCAS']['user'] = $this->getUser();
- $res = TRUE;
- }
- elseif ( $this->hasPT() ) {
- // if a Proxy Ticket was given, validate it
- phpCAS::trace('PT `'.$this->getPT().'\' is present');
- $this->validatePT($validate_url,$text_response,$tree_response); // note: if it fails, it halts
- phpCAS::trace('PT `'.$this->getPT().'\' was validated');
- if ( $this->isProxy() ) {
- $this->validatePGT($validate_url,$text_response,$tree_response); // idem
- phpCAS::trace('PGT `'.$this->getPGT().'\' was validated');
- $_SESSION['phpCAS']['pgt'] = $this->getPGT();
- }
- $_SESSION['phpCAS']['user'] = $this->getUser();
- $res = TRUE;
- }
- else {
- // no ticket given, not authenticated
- phpCAS::trace('no ticket found');
- }
-
- phpCAS::traceEnd($res);
- return $res;
- }
-
- /**
- * This method tells if the current session is authenticated.
- * @return true if authenticated based soley on $_SESSION variable
- * @since 0.4.22 by Brendan Arnold
- */
- function isSessionAuthenticated ()
- {
- return !empty($_SESSION['phpCAS']['user']);
- }
-
- /**
- * This method tells if the user has already been (previously) authenticated
- * by looking into the session variables.
- *
- * @note This function switches to callback mode when needed.
- *
- * @return TRUE when the user has already been authenticated; FALSE otherwise.
- *
- * @private
- */
- function wasPreviouslyAuthenticated()
- {
- phpCAS::traceBegin();
-
- if ( $this->isCallbackMode() ) {
- $this->callback();
- }
-
- $auth = FALSE;
-
- if ( $this->isProxy() ) {
- // CAS proxy: username and PGT must be present
- if ( $this->isSessionAuthenticated() && !empty($_SESSION['phpCAS']['pgt']) ) {
- // authentication already done
- $this->setUser($_SESSION['phpCAS']['user']);
- $this->setPGT($_SESSION['phpCAS']['pgt']);
- phpCAS::trace('user = `'.$_SESSION['phpCAS']['user'].'\', PGT = `'.$_SESSION['phpCAS']['pgt'].'\'');
- $auth = TRUE;
- } elseif ( $this->isSessionAuthenticated() && empty($_SESSION['phpCAS']['pgt']) ) {
- // these two variables should be empty or not empty at the same time
- phpCAS::trace('username found (`'.$_SESSION['phpCAS']['user'].'\') but PGT is empty');
- // unset all tickets to enforce authentication
- unset($_SESSION['phpCAS']);
- $this->setST('');
- $this->setPT('');
- } elseif ( !$this->isSessionAuthenticated() && !empty($_SESSION['phpCAS']['pgt']) ) {
- // these two variables should be empty or not empty at the same time
- phpCAS::trace('PGT found (`'.$_SESSION['phpCAS']['pgt'].'\') but username is empty');
- // unset all tickets to enforce authentication
- unset($_SESSION['phpCAS']);
- $this->setST('');
- $this->setPT('');
- } else {
- phpCAS::trace('neither user not PGT found');
- }
- } else {
- // `simple' CAS client (not a proxy): username must be present
- if ( $this->isSessionAuthenticated() ) {
- // authentication already done
- $this->setUser($_SESSION['phpCAS']['user']);
- phpCAS::trace('user = `'.$_SESSION['phpCAS']['user'].'\'');
- $auth = TRUE;
- } else {
- phpCAS::trace('no user found');
- }
- }
-
- phpCAS::traceEnd($auth);
- return $auth;
- }
-
- /**
- * This method is used to redirect the client to the CAS server.
- * It is used by CASClient::forceAuthentication() and CASClient::checkAuthentication().
- * @param $gateway true to check authentication, false to force it
- * @param $renew true to force the authentication with the CAS server
- * @public
- */
- function redirectToCas($gateway=false,$renew=false){
- phpCAS::traceBegin();
- $cas_url = $this->getServerLoginURL($gateway,$renew);
- header('Location: '.$cas_url);
- phpCAS::log( "Redirect to : ".$cas_url );
-
- $this->printHTMLHeader($this->getString(CAS_STR_AUTHENTICATION_WANTED));
-
- printf('<p>'.$this->getString(CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED).'</p>',$cas_url);
- $this->printHTMLFooter();
- phpCAS::traceExit();
- exit();
- }
-
-// /**
-// * This method is used to logout from CAS.
-// * @param $url a URL that will be transmitted to the CAS server (to come back to when logged out)
-// * @public
-// */
-// function logout($url = "") {
-// phpCAS::traceBegin();
-// $cas_url = $this->getServerLogoutURL();
-// // v0.4.14 sebastien.gougeon at univ-rennes1.fr
-// // header('Location: '.$cas_url);
-// if ( $url != "" ) {
-// // Adam Moore 1.0.0RC2
-// $url = '?service=' . $url . '&url=' . $url;
-// }
-// header('Location: '.$cas_url . $url);
-// session_unset();
-// session_destroy();
-// $this->printHTMLHeader($this->getString(CAS_STR_LOGOUT));
-// printf('<p>'.$this->getString(CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED).'</p>',$cas_url);
-// $this->printHTMLFooter();
-// phpCAS::traceExit();
-// exit();
-// }
-
- /**
- * This method is used to logout from CAS.
- * @params $params an array that contains the optional url and service parameters that will be passed to the CAS server
- * @public
- */
- function logout($params) {
- phpCAS::traceBegin();
- $cas_url = $this->getServerLogoutURL();
- $paramSeparator = '?';
- if (isset($params['url'])) {
- $cas_url = $cas_url . $paramSeparator . "url=" . urlencode($params['url']);
- $paramSeparator = '&';
- }
- if (isset($params['service'])) {
- $cas_url = $cas_url . $paramSeparator . "service=" . urlencode($params['service']);
- }
- header('Location: '.$cas_url);
- session_unset();
- session_destroy();
- $this->printHTMLHeader($this->getString(CAS_STR_LOGOUT));
- printf('<p>'.$this->getString(CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED).'</p>',$cas_url);
- $this->printHTMLFooter();
- phpCAS::traceExit();
- exit();
- }
-
- /**
- * @return true if the current request is a logout request.
- * @private
- */
- function isLogoutRequest() {
- return !empty($_POST['logoutRequest']);
- }
-
- /**
- * @return true if a logout request is allowed.
- * @private
- */
- function isLogoutRequestAllowed() {
- }
-
- /**
- * This method handles logout requests.
- * @param $check_client true to check the client bofore handling the request,
- * false not to perform any access control. True by default.
- * @param $allowed_clients an array of host names allowed to send logout requests.
- * By default, only the CAs server (declared in the constructor) will be allowed.
- * @public
- */
- function handleLogoutRequests($check_client=true, $allowed_clients=false) {
- phpCAS::traceBegin();
- if (!$this->isLogoutRequest()) {
- phpCAS::log("Not a logout request");
- phpCAS::traceEnd();
- return;
- }
- phpCAS::log("Logout requested");
- phpCAS::log("SAML REQUEST: ".$_POST['logoutRequest']);
- if ($check_client) {
- if (!$allowed_clients) {
- $allowed_clients = array( $this->getServerHostname() );
- }
- $client_ip = $_SERVER['REMOTE_ADDR'];
- $client = gethostbyaddr($client_ip);
- phpCAS::log("Client: ".$client);
- $allowed = false;
- foreach ($allowed_clients as $allowed_client) {
- if ($client == $allowed_client) {
- phpCAS::log("Allowed client '".$allowed_client."' matches, logout request is allowed");
- $allowed = true;
- break;
- } else {
- phpCAS::log("Allowed client '".$allowed_client."' does not match");
- }
- }
- if (!$allowed) {
- phpCAS::error("Unauthorized logout request from client '".$client."'");
- printf("Unauthorized!");
- phpCAS::traceExit();
- exit();
- }
- } else {
- phpCAS::log("No access control set");
- }
- // Extract the ticket from the SAML Request
- preg_match("|<samlp:SessionIndex>(.*)</samlp:SessionIndex>|", $_POST['logoutRequest'], $tick, PREG_OFFSET_CAPTURE, 3);
- $wrappedSamlSessionIndex = preg_replace('|<samlp:SessionIndex>|','',$tick[0][0]);
- $ticket2logout = preg_replace('|</samlp:SessionIndex>|','',$wrappedSamlSessionIndex);
- phpCAS::log("Ticket to logout: ".$ticket2logout);
- $session_id = preg_replace('/[^\w]/','',$ticket2logout);
- phpCAS::log("Session id: ".$session_id);
-
- // fix New session ID
- session_id($session_id);
- $_COOKIE[session_name()]=$session_id;
- $_GET[session_name()]=$session_id;
-
- // Overwrite session
- session_start();
- session_unset();
- session_destroy();
- printf("Disconnected!");
- phpCAS::traceExit();
- exit();
- }
-
- /** @} */
-
- // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
- // XX XX
- // XX BASIC CLIENT FEATURES (CAS 1.0) XX
- // XX XX
- // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
-
- // ########################################################################
- // ST
- // ########################################################################
- /**
- * @addtogroup internalBasic
- * @{
- */
-
- /**
- * the Service Ticket provided in the URL of the request if present
- * (empty otherwise). Written by CASClient::CASClient(), read by
- * CASClient::getST() and CASClient::hasPGT().
- *
- * @hideinitializer
- * @private
- */
- var $_st = '';
-
- /**
- * This method returns the Service Ticket provided in the URL of the request.
- * @return The service ticket.
- * @private
- */
- function getST()
- { return $this->_st; }
-
- /**
- * This method stores the Service Ticket.
- * @param $st The Service Ticket.
- * @private
- */
- function setST($st)
- { $this->_st = $st; }
-
- /**
- * This method tells if a Service Ticket was stored.
- * @return TRUE if a Service Ticket has been stored.
- * @private
- */
- function hasST()
- { return !empty($this->_st); }
-
- /** @} */
-
- // ########################################################################
- // ST VALIDATION
- // ########################################################################
- /**
- * @addtogroup internalBasic
- * @{
- */
-
- /**
- * the certificate of the CAS server.
- *
- * @hideinitializer
- * @private
- */
- var $_cas_server_cert = '';
-
- /**
- * the certificate of the CAS server CA.
- *
- * @hideinitializer
- * @private
- */
- var $_cas_server_ca_cert = '';
-
- /**
- * Set to true not to validate the CAS server.
- *
- * @hideinitializer
- * @private
- */
- var $_no_cas_server_validation = false;
-
- /**
- * Set the certificate of the CAS server.
- *
- * @param $cert the PEM certificate
- */
- function setCasServerCert($cert)
- {
- $this->_cas_server_cert = $cert;
- }
-
- /**
- * Set the CA certificate of the CAS server.
- *
- * @param $cert the PEM certificate of the CA that emited the cert of the server
- */
- function setCasServerCACert($cert)
- {
- $this->_cas_server_ca_cert = $cert;
- }
-
- /**
- * Set no SSL validation for the CAS server.
- */
- function setNoCasServerValidation()
- {
- $this->_no_cas_server_validation = true;
- }
-
- /**
- * This method is used to validate a ST; halt on failure, and sets $validate_url,
- * $text_reponse and $tree_response on success. These parameters are used later
- * by CASClient::validatePGT() for CAS proxies.
- *
- * @param $validate_url the URL of the request to the CAS server.
- * @param $text_response the response of the CAS server, as is (XML text).
- * @param $tree_response the response of the CAS server, as a DOM XML tree.
- *
- * @return bool TRUE when successfull, halt otherwise by calling CASClient::authError().
- *
- * @private
- */
- function validateST($validate_url,&$text_response,&$tree_response)
- {
- phpCAS::traceBegin();
- // build the URL to validate the ticket
- $validate_url = $this->getServerServiceValidateURL().'&ticket='.$this->getST();
- if ( $this->isProxy() ) {
- // pass the callback url for CAS proxies
- $validate_url .= '&pgtUrl='.$this->getCallbackURL();
- }
-
- // open and read the URL
- if ( !$this->readURL($validate_url,''/*cookies*/,$headers,$text_response,$err_msg) ) {
- phpCAS::trace('could not open URL \''.$validate_url.'\' to validate ('.$err_msg.')');
- $this->authError('ST not validated',
- $validate_url,
- TRUE/*$no_response*/);
- }
-
- // analyze the result depending on the version
- switch ($this->getServerVersion()) {
- case CAS_VERSION_1_0:
- if (preg_match('/^no\n/',$text_response)) {
- phpCAS::trace('ST has not been validated');
- $this->authError('ST not validated',
- $validate_url,
- FALSE/*$no_response*/,
- FALSE/*$bad_response*/,
- $text_response);
- }
- if (!preg_match('/^yes\n/',$text_response)) {
- phpCAS::trace('ill-formed response');
- $this->authError('ST not validated',
- $validate_url,
- FALSE/*$no_response*/,
- TRUE/*$bad_response*/,
- $text_response);
- }
- // ST has been validated, extract the user name
- $arr = preg_split('/\n/',$text_response);
- $this->setUser(trim($arr[1]));
- break;
- case CAS_VERSION_2_0:
- // read the response of the CAS server into a DOM object
- if ( !($dom = domxml_open_mem($text_response))) {
- phpCAS::trace('domxml_open_mem() failed');
- $this->authError('ST not validated',
- $validate_url,
- FALSE/*$no_response*/,
- TRUE/*$bad_response*/,
- $text_response);
- }
- // read the root node of the XML tree
- if ( !($tree_response = $dom->document_element()) ) {
- phpCAS::trace('document_element() failed');
- $this->authError('ST not validated',
- $validate_url,
- FALSE/*$no_response*/,
- TRUE/*$bad_response*/,
- $text_response);
- }
- // insure that tag name is 'serviceResponse'
- if ( $tree_response->node_name() != 'serviceResponse' ) {
- phpCAS::trace('bad XML root node (should be `serviceResponse\' instead of `'.$tree_response->node_name().'\'');
- $this->authError('ST not validated',
- $validate_url,
- FALSE/*$no_response*/,
- TRUE/*$bad_response*/,
- $text_response);
- }
- if ( sizeof($success_elements = $tree_response->get_elements_by_tagname("authenticationSuccess")) != 0) {
- // authentication succeded, extract the user name
- if ( sizeof($user_elements = $success_elements[0]->get_elements_by_tagname("user")) == 0) {
- phpCAS::trace('<authenticationSuccess> found, but no <user>');
- $this->authError('ST not validated',
- $validate_url,
- FALSE/*$no_response*/,
- TRUE/*$bad_response*/,
- $text_response);
- }
- $user = trim($user_elements[0]->get_content());
- phpCAS::trace('user = `'.$user);
- $this->setUser($user);
-
- } else if ( sizeof($failure_elements = $tree_response->get_elements_by_tagname("authenticationFailure")) != 0) {
- phpCAS::trace('<authenticationFailure> found');
- // authentication failed, extract the error code and message
- $this->authError('ST not validated',
- $validate_url,
- FALSE/*$no_response*/,
- FALSE/*$bad_response*/,
- $text_response,
- $failure_elements[0]->get_attribute('code')/*$err_code*/,
- trim($failure_elements[0]->get_content())/*$err_msg*/);
- } else {
- phpCAS::trace('neither <authenticationSuccess> nor <authenticationFailure> found');
- $this->authError('ST not validated',
- $validate_url,
- FALSE/*$no_response*/,
- TRUE/*$bad_response*/,
- $text_response);
- }
- break;
- }
-
- // at this step, ST has been validated and $this->_user has been set,
- phpCAS::traceEnd(TRUE);
- return TRUE;
- }
-
- /** @} */
-
- // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
- // XX XX
- // XX PROXY FEATURES (CAS 2.0) XX
- // XX XX
- // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
-
- // ########################################################################
- // PROXYING
- // ########################################################################
- /**
- * @addtogroup internalProxy
- * @{
- */
-
- /**
- * A boolean telling if the client is a CAS proxy or not. Written by CASClient::CASClient(),
- * read by CASClient::isProxy().
- *
- * @private
- */
- var $_proxy;
-
- /**
- * Tells if a CAS client is a CAS proxy or not
- *
- * @return TRUE when the CAS client is a CAs proxy, FALSE otherwise
- *
- * @private
- */
- function isProxy()
- {
- return $this->_proxy;
- }
-
- /** @} */
- // ########################################################################
- // PGT
- // ########################################################################
- /**
- * @addtogroup internalProxy
- * @{
- */
-
- /**
- * the Proxy Grnting Ticket given by the CAS server (empty otherwise).
- * Written by CASClient::setPGT(), read by CASClient::getPGT() and CASClient::hasPGT().
- *
- * @hideinitializer
- * @private
- */
- var $_pgt = '';
-
- /**
- * This method returns the Proxy Granting Ticket given by the CAS server.
- * @return The Proxy Granting Ticket.
- * @private
- */
- function getPGT()
- { return $this->_pgt; }
-
- /**
- * This method stores the Proxy Granting Ticket.
- * @param $pgt The Proxy Granting Ticket.
- * @private
- */
- function setPGT($pgt)
- { $this->_pgt = $pgt; }
-
- /**
- * This method tells if a Proxy Granting Ticket was stored.
- * @return TRUE if a Proxy Granting Ticket has been stored.
- * @private
- */
- function hasPGT()
- { return !empty($this->_pgt); }
-
- /** @} */
-
- // ########################################################################
- // CALLBACK MODE
- // ########################################################################
- /**
- * @addtogroup internalCallback
- * @{
- */
- /**
- * each PHP script using phpCAS in proxy mode is its own callback to get the
- * PGT back from the CAS server. callback_mode is detected by the constructor
- * thanks to the GET parameters.
- */
-
- /**
- * a boolean to know if the CAS client is running in callback mode. Written by
- * CASClient::setCallBackMode(), read by CASClient::isCallbackMode().
- *
- * @hideinitializer
- * @private
- */
- var $_callback_mode = FALSE;
-
- /**
- * This method sets/unsets callback mode.
- *
- * @param $callback_mode TRUE to set callback mode, FALSE otherwise.
- *
- * @private
- */
- function setCallbackMode($callback_mode)
- {
- $this->_callback_mode = $callback_mode;
- }
-
- /**
- * This method returns TRUE when the CAs client is running i callback mode,
- * FALSE otherwise.
- *
- * @return A boolean.
- *
- * @private
- */
- function isCallbackMode()
- {
- return $this->_callback_mode;
- }
-
- /**
- * the URL that should be used for the PGT callback (in fact the URL of the
- * current request without any CGI parameter). Written and read by
- * CASClient::getCallbackURL().
- *
- * @hideinitializer
- * @private
- */
- var $_callback_url = '';
-
- /**
- * This method returns the URL that should be used for the PGT callback (in
- * fact the URL of the current request without any CGI parameter, except if
- * phpCAS::setFixedCallbackURL() was used).
- *
- * @return The callback URL
- *
- * @private
- */
- function getCallbackURL()
- {
- // the URL is built when needed only
- if ( empty($this->_callback_url) ) {
- $final_uri = '';
- // remove the ticket if present in the URL
- $final_uri = 'https://';
- /* replaced by Julien Marchal - v0.4.6
- * $this->uri .= $_SERVER['SERVER_NAME'];
- */
- if(empty($_SERVER['HTTP_X_FORWARDED_SERVER'])){
- /* replaced by teedog - v0.4.12
- * $final_uri .= $_SERVER['SERVER_NAME'];
- */
- if (empty($_SERVER['SERVER_NAME'])) {
- $final_uri .= $_SERVER['HTTP_HOST'];
- } else {
- $final_uri .= $_SERVER['SERVER_NAME'];
- }
- } else {
- $final_uri .= $_SERVER['HTTP_X_FORWARDED_SERVER'];
- }
- if ( ($this->isHttps() && $_SERVER['SERVER_PORT']!=443)
- || (!$this->isHttps() && $_SERVER['SERVER_PORT']!=80) ) {
- $final_uri .= ':';
- $final_uri .= $_SERVER['SERVER_PORT'];
- }
- $request_uri = $_SERVER['REQUEST_URI'];
- $request_uri = preg_replace('/\?.*$/','',$request_uri);
- $final_uri .= $request_uri;
- $this->setCallbackURL($final_uri);
- }
- return $this->_callback_url;
- }
-
- /**
- * This method sets the callback url.
- *
- * @param $callback_url url to set callback
- *
- * @private
- */
- function setCallbackURL($url)
- {
- return $this->_callback_url = $url;
- }
-
- /**
- * This method is called by CASClient::CASClient() when running in callback
- * mode. It stores the PGT and its PGT Iou, prints its output and halts.
- *
- * @private
- */
- function callback()
- {
- phpCAS::traceBegin();
- $this->printHTMLHeader('phpCAS callback');
- $pgt_iou = $_GET['pgtIou'];
- $pgt = $_GET['pgtId'];
- phpCAS::trace('Storing PGT `'.$pgt.'\' (id=`'.$pgt_iou.'\')');
- echo '<p>Storing PGT `'.$pgt.'\' (id=`'.$pgt_iou.'\').</p>';
- $this->storePGT($pgt,$pgt_iou);
- $this->printHTMLFooter();
- phpCAS::traceExit();
- }
-
- /** @} */
-
- // ########################################################################
- // PGT STORAGE
- // ########################################################################
- /**
- * @addtogroup internalPGTStorage
- * @{
- */
-
- /**
- * an instance of a class inheriting of PGTStorage, used to deal with PGT
- * storage. Created by CASClient::setPGTStorageFile() or CASClient::setPGTStorageDB(), used
- * by CASClient::setPGTStorageFile(), CASClient::setPGTStorageDB() and CASClient::initPGTStorage().
- *
- * @hideinitializer
- * @private
- */
- var $_pgt_storage = null;
-
- /**
- * This method is used to initialize the storage of PGT's.
- * Halts on error.
- *
- * @private
- */
- function initPGTStorage()
- {
- // if no SetPGTStorageXxx() has been used, default to file
- if ( !is_object($this->_pgt_storage) ) {
- $this->setPGTStorageFile();
- }
-
- // initializes the storage
- $this->_pgt_storage->init();
- }
-
- /**
- * This method stores a PGT. Halts on error.
- *
- * @param $pgt the PGT to store
- * @param $pgt_iou its corresponding Iou
- *
- * @private
- */
- function storePGT($pgt,$pgt_iou)
- {
- // ensure that storage is initialized
- $this->initPGTStorage();
- // writes the PGT
- $this->_pgt_storage->write($pgt,$pgt_iou);
- }
-
- /**
- * This method reads a PGT from its Iou and deletes the corresponding storage entry.
- *
- * @param $pgt_iou the PGT Iou
- *
- * @return The PGT corresponding to the Iou, FALSE when not found.
- *
- * @private
- */
- function loadPGT($pgt_iou)
- {
- // ensure that storage is initialized
- $this->initPGTStorage();
- // read the PGT
- return $this->_pgt_storage->read($pgt_iou);
- }
-
- /**
- * This method is used to tell phpCAS to store the response of the
- * CAS server to PGT requests onto the filesystem.
- *
- * @param $format the format used to store the PGT's (`plain' and `xml' allowed)
- * @param $path the path where the PGT's should be stored
- *
- * @public
- */
- function setPGTStorageFile($format='',
- $path='')
- {
- // check that the storage has not already been set
- if ( is_object($this->_pgt_storage) ) {
- phpCAS::error('PGT storage already defined');
- }
-
- // create the storage object
- $this->_pgt_storage = &new PGTStorageFile($this,$format,$path);
- }
-
- /**
- * This method is used to tell phpCAS to store the response of the
- * CAS server to PGT requests into a database.
- * @note The connection to the database is done only when needed.
- * As a consequence, bad parameters are detected only when
- * initializing PGT storage.
- *
- * @param $user the user to access the data with
- * @param $password the user's password
- * @param $database_type the type of the database hosting the data
- * @param $hostname the server hosting the database
- * @param $port the port the server is listening on
- * @param $database the name of the database
- * @param $table the name of the table storing the data
- *
- * @public
- */
- function setPGTStorageDB($user,
- $password,
- $database_type,
- $hostname,
- $port,
- $database,
- $table)
- {
- // check that the storage has not already been set
- if ( is_object($this->_pgt_storage) ) {
- phpCAS::error('PGT storage already defined');
- }
-
- // warn the user that he should use file storage...
- trigger_error('PGT storage into database is an experimental feature, use at your own risk',E_USER_WARNING);
-
- // create the storage object
- $this->_pgt_storage = & new PGTStorageDB($this,$user,$password,$database_type,$hostname,$port,$database,$table);
- }
-
- // ########################################################################
- // PGT VALIDATION
- // ########################################################################
- /**
- * This method is used to validate a PGT; halt on failure.
- *
- * @param $validate_url the URL of the request to the CAS server.
- * @param $text_response the response of the CAS server, as is (XML text); result
- * of CASClient::validateST() or CASClient::validatePT().
- * @param $tree_response the response of the CAS server, as a DOM XML tree; result
- * of CASClient::validateST() or CASClient::validatePT().
- *
- * @return bool TRUE when successfull, halt otherwise by calling CASClient::authError().
- *
- * @private
- */
- function validatePGT(&$validate_url,$text_response,$tree_response)
- {
- phpCAS::traceBegin();
- if ( sizeof($arr = $tree_response->get_elements_by_tagname("proxyGrantingTicket")) == 0) {
- phpCAS::trace('<proxyGrantingTicket> not found');
- // authentication succeded, but no PGT Iou was transmitted
- $this->authError('Ticket validated but no PGT Iou transmitted',
- $validate_url,
- FALSE/*$no_response*/,
- FALSE/*$bad_response*/,
- $text_response);
- } else {
- // PGT Iou transmitted, extract it
- $pgt_iou = trim($arr[0]->get_content());
- $pgt = $this->loadPGT($pgt_iou);
- if ( $pgt == FALSE ) {
- phpCAS::trace('could not load PGT');
- $this->authError('PGT Iou was transmitted but PGT could not be retrieved',
- $validate_url,
- FALSE/*$no_response*/,
- FALSE/*$bad_response*/,
- $text_response);
- }
- $this->setPGT($pgt);
- }
- phpCAS::traceEnd(TRUE);
- return TRUE;
- }
-
- // ########################################################################
- // PGT VALIDATION
- // ########################################################################
-
- /**
- * This method is used to retrieve PT's from the CAS server thanks to a PGT.
- *
- * @param $target_service the service to ask for with the PT.
- * @param $err_code an error code (PHPCAS_SERVICE_OK on success).
- * @param $err_msg an error message (empty on success).
- *
- * @return a Proxy Ticket, or FALSE on error.
- *
- * @private
- */
- function retrievePT($target_service,&$err_code,&$err_msg)
- {
- phpCAS::traceBegin();
-
- // by default, $err_msg is set empty and $pt to TRUE. On error, $pt is
- // set to false and $err_msg to an error message. At the end, if $pt is FALSE
- // and $error_msg is still empty, it is set to 'invalid response' (the most
- // commonly encountered error).
- $err_msg = '';
-
- // build the URL to retrieve the PT
- // $cas_url = $this->getServerProxyURL().'?targetService='.preg_replace('/&/','%26',$target_service).'&pgt='.$this->getPGT();
- $cas_url = $this->getServerProxyURL().'?targetService='.urlencode($target_service).'&pgt='.$this->getPGT();
-
- // open and read the URL
- if ( !$this->readURL($cas_url,''/*cookies*/,$headers,$cas_response,$err_msg) ) {
- phpCAS::trace('could not open URL \''.$cas_url.'\' to validate ('.$err_msg.')');
- $err_code = PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE;
- $err_msg = 'could not retrieve PT (no response from the CAS server)';
- phpCAS::traceEnd(FALSE);
- return FALSE;
- }
-
- $bad_response = FALSE;
-
- if ( !$bad_response ) {
- // read the response of the CAS server into a DOM object
- if ( !($dom = @domxml_open_mem($cas_response))) {
- phpCAS::trace('domxml_open_mem() failed');
- // read failed
- $bad_response = TRUE;
- }
- }
-
- if ( !$bad_response ) {
- // read the root node of the XML tree
- if ( !($root = $dom->document_element()) ) {
- phpCAS::trace('document_element() failed');
- // read failed
- $bad_response = TRUE;
- }
- }
-
- if ( !$bad_response ) {
- // insure that tag name is 'serviceResponse'
- if ( $root->node_name() != 'serviceResponse' ) {
- phpCAS::trace('node_name() failed');
- // bad root node
- $bad_response = TRUE;
- }
- }
-
- if ( !$bad_response ) {
- // look for a proxySuccess tag
- if ( sizeof($arr = $root->get_elements_by_tagname("proxySuccess")) != 0) {
- // authentication succeded, look for a proxyTicket tag
- if ( sizeof($arr = $root->get_elements_by_tagname("proxyTicket")) != 0) {
- $err_code = PHPCAS_SERVICE_OK;
- $err_msg = '';
- phpCAS::trace('original PT: '.trim($arr[0]->get_content()));
- $pt = trim($arr[0]->get_content());
- phpCAS::traceEnd($pt);
- return $pt;
- } else {
- phpCAS::trace('<proxySuccess> was found, but not <proxyTicket>');
- }
- }
- // look for a proxyFailure tag
- else if ( sizeof($arr = $root->get_elements_by_tagname("proxyFailure")) != 0) {
- // authentication failed, extract the error
- $err_code = PHPCAS_SERVICE_PT_FAILURE;
- $err_msg = 'PT retrieving failed (code=`'
- .$arr[0]->get_attribute('code')
- .'\', message=`'
- .trim($arr[0]->get_content())
- .'\')';
- phpCAS::traceEnd(FALSE);
- return FALSE;
- } else {
- phpCAS::trace('neither <proxySuccess> nor <proxyFailure> found');
- }
- }
-
- // at this step, we are sure that the response of the CAS server was ill-formed
- $err_code = PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE;
- $err_msg = 'Invalid response from the CAS server (response=`'.$cas_response.'\')';
-
- phpCAS::traceEnd(FALSE);
- return FALSE;
- }
-
- // ########################################################################
- // ACCESS TO EXTERNAL SERVICES
- // ########################################################################
-
- /**
- * This method is used to acces a remote URL.
- *
- * @param $url the URL to access.
- * @param $cookies an array containing cookies strings such as 'name=val'
- * @param $headers an array containing the HTTP header lines of the response
- * (an empty array on failure).
- * @param $body the body of the response, as a string (empty on failure).
- * @param $err_msg an error message, filled on failure.
- *
- * @return TRUE on success, FALSE otherwise (in this later case, $err_msg
- * contains an error message).
- *
- * @private
- */
- function readURL($url,$cookies,&$headers,&$body,&$err_msg)
- {
- phpCAS::traceBegin();
- $headers = '';
- $body = '';
- $err_msg = '';
-
- $res = TRUE;
-
- // initialize the CURL session
- $ch = curl_init($url);
-
- if (version_compare(PHP_VERSION,'5.1.3','>=')) {
- //only avaible in php5
- curl_setopt_array($ch, $this->_curl_options);
- } else {
- foreach ($this->_curl_options as $key => $value) {
- curl_setopt($ch, $key, $value);
- }
- }
-
- if ($this->_cas_server_cert == '' && $this->_cas_server_ca_cert == '' && !$this->_no_cas_server_validation) {
- phpCAS::error('one of the methods phpCAS::setCasServerCert(), phpCAS::setCasServerCACert() or phpCAS::setNoCasServerValidation() must be called.');
- }
- if ($this->_cas_server_cert != '' ) {
- curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
- curl_setopt($ch, CURLOPT_SSLCERT, $this->_cas_server_cert);
- } else if ($this->_cas_server_ca_cert != '') {
- curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
- curl_setopt($ch, CURLOPT_CAINFO, $this->_cas_server_ca_cert);
- } else {
- curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 1);
- curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
- }
-
- // return the CURL output into a variable
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- // get the HTTP header with a callback
- $this->_curl_headers = array(); // empty the headers array
- curl_setopt($ch, CURLOPT_HEADERFUNCTION, array($this, '_curl_read_headers'));
- // add cookies headers
- if ( is_array($cookies) ) {
- curl_setopt($ch,CURLOPT_COOKIE,implode(';',$cookies));
- }
- // perform the query
- $buf = curl_exec ($ch);
- if ( $buf === FALSE ) {
- phpCAS::trace('curl_exec() failed');
- $err_msg = 'CURL error #'.curl_errno($ch).': '.curl_error($ch);
- // close the CURL session
- curl_close ($ch);
- $res = FALSE;
- } else {
- // close the CURL session
- curl_close ($ch);
-
- $headers = $this->_curl_headers;
- $body = $buf;
- }
-
- phpCAS::traceEnd($res);
- return $res;
- }
-
- /**
- * This method is the callback used by readURL method to request HTTP headers.
- */
- var $_curl_headers = array();
- function _curl_read_headers($ch, $header)
- {
- $this->_curl_headers[] = $header;
- return strlen($header);
- }
-
- /**
- * This method is used to access an HTTP[S] service.
- *
- * @param $url the service to access.
- * @param $err_code an error code Possible values are PHPCAS_SERVICE_OK (on
- * success), PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE, PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE,
- * PHPCAS_SERVICE_PT_FAILURE, PHPCAS_SERVICE_NOT AVAILABLE.
- * @param $output the output of the service (also used to give an error
- * message on failure).
- *
- * @return TRUE on success, FALSE otherwise (in this later case, $err_code
- * gives the reason why it failed and $output contains an error message).
- *
- * @public
- */
- function serviceWeb($url,&$err_code,&$output)
- {
- phpCAS::traceBegin();
- // at first retrieve a PT
- $pt = $this->retrievePT($url,$err_code,$output);
-
- $res = TRUE;
-
- // test if PT was retrieved correctly
- if ( !$pt ) {
- // note: $err_code and $err_msg are filled by CASClient::retrievePT()
- phpCAS::trace('PT was not retrieved correctly');
- $res = FALSE;
- } else {
- // add cookies if necessary
- if ( is_array($_SESSION['phpCAS']['services'][$url]['cookies']) ) {
- foreach ( $_SESSION['phpCAS']['services'][$url]['cookies'] as $name => $val ) {
- $cookies[] = $name.'='.$val;
- }
- }
-
- // build the URL including the PT
- if ( strstr($url,'?') === FALSE ) {
- $service_url = $url.'?ticket='.$pt;
- } else {
- $service_url = $url.'&ticket='.$pt;
- }
-
- phpCAS::trace('reading URL`'.$service_url.'\'');
- if ( !$this->readURL($service_url,$cookies,$headers,$output,$err_msg) ) {
- phpCAS::trace('could not read URL`'.$service_url.'\'');
- $err_code = PHPCAS_SERVICE_NOT_AVAILABLE;
- // give an error message
- $output = sprintf($this->getString(CAS_STR_SERVICE_UNAVAILABLE),
- $service_url,
- $err_msg);
- $res = FALSE;
- } else {
- // URL has been fetched, extract the cookies
- phpCAS::trace('URL`'.$service_url.'\' has been read, storing cookies:');
- foreach ( $headers as $header ) {
- // test if the header is a cookie
- if ( preg_match('/^Set-Cookie:/',$header) ) {
- // the header is a cookie, remove the beginning
- $header_val = preg_replace('/^Set-Cookie: */','',$header);
- // extract interesting information
- $name_val = strtok($header_val,'; ');
- // extract the name and the value of the cookie
- $cookie_name = strtok($name_val,'=');
- $cookie_val = strtok('=');
- // store the cookie
- $_SESSION['phpCAS']['services'][$url]['cookies'][$cookie_name] = $cookie_val;
- phpCAS::trace($cookie_name.' -> '.$cookie_val);
- }
- }
- }
- }
-
- phpCAS::traceEnd($res);
- return $res;
- }
-
- /**
- * This method is used to access an IMAP/POP3/NNTP service.
- *
- * @param $url a string giving the URL of the service, including the mailing box
- * for IMAP URLs, as accepted by imap_open().
- * @param $flags options given to imap_open().
- * @param $err_code an error code Possible values are PHPCAS_SERVICE_OK (on
- * success), PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE, PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE,
- * PHPCAS_SERVICE_PT_FAILURE, PHPCAS_SERVICE_NOT AVAILABLE.
- * @param $err_msg an error message on failure
- * @param $pt the Proxy Ticket (PT) retrieved from the CAS server to access the URL
- * on success, FALSE on error).
- *
- * @return an IMAP stream on success, FALSE otherwise (in this later case, $err_code
- * gives the reason why it failed and $err_msg contains an error message).
- *
- * @public
- */
- function serviceMail($url,$flags,&$err_code,&$err_msg,&$pt)
- {
- phpCAS::traceBegin();
- // at first retrieve a PT
- $pt = $this->retrievePT($target_service,$err_code,$output);
-
- $stream = FALSE;
-
- // test if PT was retrieved correctly
- if ( !$pt ) {
- // note: $err_code and $err_msg are filled by CASClient::retrievePT()
- phpCAS::trace('PT was not retrieved correctly');
- } else {
- phpCAS::trace('opening IMAP URL `'.$url.'\'...');
- $stream = @imap_open($url,$this->getUser(),$pt,$flags);
- if ( !$stream ) {
- phpCAS::trace('could not open URL');
- $err_code = PHPCAS_SERVICE_NOT_AVAILABLE;
- // give an error message
- $err_msg = sprintf($this->getString(CAS_STR_SERVICE_UNAVAILABLE),
- $service_url,
- var_export(imap_errors(),TRUE));
- $pt = FALSE;
- $stream = FALSE;
- } else {
- phpCAS::trace('ok');
- }
- }
-
- phpCAS::traceEnd($stream);
- return $stream;
- }
-
- /** @} */
-
- // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
- // XX XX
- // XX PROXIED CLIENT FEATURES (CAS 2.0) XX
- // XX XX
- // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
-
- // ########################################################################
- // PT
- // ########################################################################
- /**
- * @addtogroup internalProxied
- * @{
- */
-
- /**
- * the Proxy Ticket provided in the URL of the request if present
- * (empty otherwise). Written by CASClient::CASClient(), read by
- * CASClient::getPT() and CASClient::hasPGT().
- *
- * @hideinitializer
- * @private
- */
- var $_pt = '';
-
- /**
- * This method returns the Proxy Ticket provided in the URL of the request.
- * @return The proxy ticket.
- * @private
- */
- function getPT()
- {
- // return 'ST'.substr($this->_pt, 2);
- return $this->_pt;
- }
-
- /**
- * This method stores the Proxy Ticket.
- * @param $pt The Proxy Ticket.
- * @private
- */
- function setPT($pt)
- { $this->_pt = $pt; }
-
- /**
- * This method tells if a Proxy Ticket was stored.
- * @return TRUE if a Proxy Ticket has been stored.
- * @private
- */
- function hasPT()
- { return !empty($this->_pt); }
-
- /** @} */
- // ########################################################################
- // PT VALIDATION
- // ########################################################################
- /**
- * @addtogroup internalProxied
- * @{
- */
-
- /**
- * This method is used to validate a PT; halt on failure
- *
- * @return bool TRUE when successfull, halt otherwise by calling CASClient::authError().
- *
- * @private
- */
- function validatePT(&$validate_url,&$text_response,&$tree_response)
- {
- phpCAS::traceBegin();
- // build the URL to validate the ticket
- $validate_url = $this->getServerProxyValidateURL().'&ticket='.$this->getPT();
-
- if ( $this->isProxy() ) {
- // pass the callback url for CAS proxies
- $validate_url .= '&pgtUrl='.$this->getCallbackURL();
- }
-
- // open and read the URL
- if ( !$this->readURL($validate_url,''/*cookies*/,$headers,$text_response,$err_msg) ) {
- phpCAS::trace('could not open URL \''.$validate_url.'\' to validate ('.$err_msg.')');
- $this->authError('PT not validated',
- $validate_url,
- TRUE/*$no_response*/);
- }
-
- // read the response of the CAS server into a DOM object
- if ( !($dom = domxml_open_mem($text_response))) {
- // read failed
- $this->authError('PT not validated',
- $validate_url,
- FALSE/*$no_response*/,
- TRUE/*$bad_response*/,
- $text_response);
- }
- // read the root node of the XML tree
- if ( !($tree_response = $dom->document_element()) ) {
- // read failed
- $this->authError('PT not validated',
- $validate_url,
- FALSE/*$no_response*/,
- TRUE/*$bad_response*/,
- $text_response);
- }
- // insure that tag name is 'serviceResponse'
- if ( $tree_response->node_name() != 'serviceResponse' ) {
- // bad root node
- $this->authError('PT not validated',
- $validate_url,
- FALSE/*$no_response*/,
- TRUE/*$bad_response*/,
- $text_response);
- }
- if ( sizeof($arr = $tree_response->get_elements_by_tagname("authenticationSuccess")) != 0) {
- // authentication succeded, extract the user name
- if ( sizeof($arr = $tree_response->get_elements_by_tagname("user")) == 0) {
- // no user specified => error
- $this->authError('PT not validated',
- $validate_url,
- FALSE/*$no_response*/,
- TRUE/*$bad_response*/,
- $text_response);
- }
- $this->setUser(trim($arr[0]->get_content()));
-
- } else if ( sizeof($arr = $tree_response->get_elements_by_tagname("authenticationFailure")) != 0) {
- // authentication succeded, extract the error code and message
- $this->authError('PT not validated',
- $validate_url,
- FALSE/*$no_response*/,
- FALSE/*$bad_response*/,
- $text_response,
- $arr[0]->get_attribute('code')/*$err_code*/,
- trim($arr[0]->get_content())/*$err_msg*/);
- } else {
- $this->authError('PT not validated',
- $validate_url,
- FALSE/*$no_response*/,
- TRUE/*$bad_response*/,
- $text_response);
- }
-
- // at this step, PT has been validated and $this->_user has been set,
-
- phpCAS::traceEnd(TRUE);
- return TRUE;
- }
-
- /** @} */
-
- // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
- // XX XX
- // XX MISC XX
- // XX XX
- // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
-
- /**
- * @addtogroup internalMisc
- * @{
- */
-
- // ########################################################################
- // URL
- // ########################################################################
- /**
- * the URL of the current request (without any ticket CGI parameter). Written
- * and read by CASClient::getURL().
- *
- * @hideinitializer
- * @private
- */
- var $_url = '';
-
- /**
- * This method returns the URL of the current request (without any ticket
- * CGI parameter).
- *
- * @return The URL
- *
- * @private
- */
- function getURL()
- {
- phpCAS::traceBegin();
- // the URL is built when needed only
- if ( empty($this->_url) ) {
- $final_uri = '';
- // remove the ticket if present in the URL
- $final_uri = ($this->isHttps()) ? 'https' : 'http';
- $final_uri .= '://';
- /* replaced by Julien Marchal - v0.4.6
- * $this->_url .= $_SERVER['SERVER_NAME'];
- */
- if(empty($_SERVER['HTTP_X_FORWARDED_SERVER'])){
- /* replaced by teedog - v0.4.12
- * $this->_url .= $_SERVER['SERVER_NAME'];
- */
- if (empty($_SERVER['SERVER_NAME'])) {
- $server_name = $_SERVER['HTTP_HOST'];
- } else {
- $server_name = $_SERVER['SERVER_NAME'];
- }
- } else {
- $server_name = $_SERVER['HTTP_X_FORWARDED_SERVER'];
- }
- $final_uri .= $server_name;
- if (!strpos($server_name, ':')) {
- if ( ($this->isHttps() && $_SERVER['SERVER_PORT']!=443)
- || (!$this->isHttps() && $_SERVER['SERVER_PORT']!=80) ) {
- $final_uri .= ':';
- $final_uri .= $_SERVER['SERVER_PORT'];
- }
- }
-
- $final_uri .= strtok($_SERVER['REQUEST_URI'],"?");
- $cgi_params = '?'.strtok("?");
- // remove the ticket if present in the CGI parameters
- $cgi_params = preg_replace('/&ticket=[^&]*/','',$cgi_params);
- $cgi_params = preg_replace('/\?ticket=[^&;]*/','?',$cgi_params);
- $cgi_params = preg_replace('/\?%26/','?',$cgi_params);
- $cgi_params = preg_replace('/\?&/','?',$cgi_params);
- $cgi_params = preg_replace('/\?$/','',$cgi_params);
- $final_uri .= $cgi_params;
- $this->setURL($final_uri);
- }
- phpCAS::traceEnd($this->_url);
- return $this->_url;
- }
-
- /**
- * This method sets the URL of the current request
- *
- * @param $url url to set for service
- *
- * @private
- */
- function setURL($url)
- {
- $this->_url = $url;
- }
-
- // ########################################################################
- // AUTHENTICATION ERROR HANDLING
- // ########################################################################
- /**
- * This method is used to print the HTML output when the user was not authenticated.
- *
- * @param $failure the failure that occured
- * @param $cas_url the URL the CAS server was asked for
- * @param $no_response the response from the CAS server (other
- * parameters are ignored if TRUE)
- * @param $bad_response bad response from the CAS server ($err_code
- * and $err_msg ignored if TRUE)
- * @param $cas_response the response of the CAS server
- * @param $err_code the error code given by the CAS server
- * @param $err_msg the error message given by the CAS server
- *
- * @private
- */
- function authError($failure,$cas_url,$no_response,$bad_response='',$cas_response='',$err_code='',$err_msg='')
- {
- phpCAS::traceBegin();
-
- $this->printHTMLHeader($this->getString(CAS_STR_AUTHENTICATION_FAILED));
- printf($this->getString(CAS_STR_YOU_WERE_NOT_AUTHENTICATED),$this->getURL(),$_SERVER['SERVER_ADMIN']);
- phpCAS::trace('CAS URL: '.$cas_url);
- phpCAS::trace('Authentication failure: '.$failure);
- if ( $no_response ) {
- phpCAS::trace('Reason: no response from the CAS server');
- } else {
- if ( $bad_response ) {
- phpCAS::trace('Reason: bad response from the CAS server');
- } else {
- switch ($this->getServerVersion()) {
- case CAS_VERSION_1_0:
- phpCAS::trace('Reason: CAS error');
- break;
- case CAS_VERSION_2_0:
- if ( empty($err_code) )
- phpCAS::trace('Reason: no CAS error');
- else
- phpCAS::trace('Reason: ['.$err_code.'] CAS error: '.$err_msg);
- break;
- }
- }
- phpCAS::trace('CAS response: '.$cas_response);
- }
- $this->printHTMLFooter();
- phpCAS::traceExit();
- exit();
- }
-
- /** @} */
-}
-
+ header('Location: '.$this->getURL()); + } + + //activate session mechanism if desired + if (!$this->isLogoutRequest() && $start_session) { + session_start(); + } + + $this->_proxy = $proxy; + + //check version + switch ($server_version) { + case CAS_VERSION_1_0: + if ( $this->isProxy() ) + phpCAS::error('CAS proxies are not supported in CAS ' + .$server_version); + break; + case CAS_VERSION_2_0: + break; + default: + phpCAS::error('this version of CAS (`' + .$server_version + .'\') is not supported by phpCAS ' + .phpCAS::getVersion()); + } + $this->_server['version'] = $server_version; + + //check hostname + if ( empty($server_hostname) + || !preg_match('/[\.\d\-abcdefghijklmnopqrstuvwxyz]*/',$server_hostname) ) { + phpCAS::error('bad CAS server hostname (`'.$server_hostname.'\')'); + } + $this->_server['hostname'] = $server_hostname; + + //check port + if ( $server_port == 0 + || !is_int($server_port) ) { + phpCAS::error('bad CAS server port (`'.$server_hostname.'\')'); + } + $this->_server['port'] = $server_port; + + //check URI + if ( !preg_match('/[\.\d\-_abcdefghijklmnopqrstuvwxyz\/]*/',$server_uri) ) { + phpCAS::error('bad CAS server URI (`'.$server_uri.'\')'); + } + //add leading and trailing `/' and remove doubles + $server_uri = preg_replace('/\/\//','/','/'.$server_uri.'/'); + $this->_server['uri'] = $server_uri; + + //set to callback mode if PgtIou and PgtId CGI GET parameters are provided + if ( $this->isProxy() ) { + $this->setCallbackMode(!empty($_GET['pgtIou'])&&!empty($_GET['pgtId'])); + } + + if ( $this->isCallbackMode() ) { + //callback mode: check that phpCAS is secured + if ( !$this->isHttps() ) { + phpCAS::error('CAS proxies must be secured to use phpCAS; PGT\'s will not be received from the CAS server'); + } + } else { + //normal mode: get ticket and remove it from CGI parameters for developpers + $ticket = (isset($_GET['ticket']) ? $_GET['ticket'] : null); + switch ($this->getServerVersion()) { + case CAS_VERSION_1_0: // check for a Service Ticket + if( preg_match('/^ST-/',$ticket) ) { + phpCAS::trace('ST \''.$ticket.'\' found'); + //ST present + $this->setST($ticket); + //ticket has been taken into account, unset it to hide it to applications + unset($_GET['ticket']); + } else if ( !empty($ticket) ) { + //ill-formed ticket, halt + phpCAS::error('ill-formed ticket found in the URL (ticket=`'.htmlentities($ticket).'\')'); + } + break; + case CAS_VERSION_2_0: // check for a Service or Proxy Ticket + if( preg_match('/^[SP]T-/',$ticket) ) { + phpCAS::trace('ST or PT \''.$ticket.'\' found'); + $this->setPT($ticket); + unset($_GET['ticket']); + } else if ( !empty($ticket) ) { + //ill-formed ticket, halt + phpCAS::error('ill-formed ticket found in the URL (ticket=`'.htmlentities($ticket).'\')'); + } + break; + } + } + phpCAS::traceEnd(); + } + + /** @} */ + + // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + // XX XX + // XX AUTHENTICATION XX + // XX XX + // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + + /** + * @addtogroup internalAuthentication + * @{ + */ + + /** + * The Authenticated user. Written by CASClient::setUser(), read by CASClient::getUser(). + * @attention client applications should use phpCAS::getUser(). + * + * @hideinitializer + * @private + */ + var $_user = ''; + + /** + * This method sets the CAS user's login name. + * + * @param $user the login name of the authenticated user. + * + * @private + */ + function setUser($user) + { + $this->_user = $user; + } + + /** + * This method returns the CAS user's login name. + * @warning should be called only after CASClient::forceAuthentication() or + * CASClient::isAuthenticated(), otherwise halt with an error. + * + * @return the login name of the authenticated user + */ + function getUser() + { + if ( empty($this->_user) ) { + phpCAS::error('this method should be used only after '.__CLASS__.'::forceAuthentication() or '.__CLASS__.'::isAuthenticated()'); + } + return $this->_user; + } + + /** + * This method is called to renew the authentication of the user + * If the user is authenticated, renew the connection + * If not, redirect to CAS + * @public + */ + function renewAuthentication(){ + phpCAS::traceBegin(); + // Either way, the user is authenticated by CAS + if( isset( $_SESSION['phpCAS']['auth_checked'] ) ) + unset($_SESSION['phpCAS']['auth_checked']); + if ( $this->isAuthenticated() ) { + phpCAS::trace('user already authenticated; renew'); + $this->redirectToCas(false,true); + } else { + $this->redirectToCas(); + } + phpCAS::traceEnd(); + } + + /** + * This method is called to be sure that the user is authenticated. When not + * authenticated, halt by redirecting to the CAS server; otherwise return TRUE. + * @return TRUE when the user is authenticated; otherwise halt. + * @public + */ + function forceAuthentication() + { + phpCAS::traceBegin(); + + if ( $this->isAuthenticated() ) { + // the user is authenticated, nothing to be done. + phpCAS::trace('no need to authenticate'); + $res = TRUE; + } else { + // the user is not authenticated, redirect to the CAS server + if (isset($_SESSION['phpCAS']['auth_checked'])) { + unset($_SESSION['phpCAS']['auth_checked']); + } + $this->redirectToCas(FALSE/* no gateway */); + // never reached + $res = FALSE; + } + phpCAS::traceEnd($res); + return $res; + } + + /** + * An integer that gives the number of times authentication will be cached before rechecked. + * + * @hideinitializer + * @private + */ + var $_cache_times_for_auth_recheck = 0; + + /** + * Set the number of times authentication will be cached before rechecked. + * + * @param $n an integer. + * + * @public + */ + function setCacheTimesForAuthRecheck($n) + { + $this->_cache_times_for_auth_recheck = $n; + } + + /** + * This method is called to check whether the user is authenticated or not. + * @return TRUE when the user is authenticated, FALSE otherwise. + * @public + */ + function checkAuthentication() + { + phpCAS::traceBegin(); + + if ( $this->isAuthenticated() ) { + phpCAS::trace('user is authenticated'); + $res = TRUE; + } else if (isset($_SESSION['phpCAS']['auth_checked'])) { + // the previous request has redirected the client to the CAS server with gateway=true + unset($_SESSION['phpCAS']['auth_checked']); + $res = FALSE; + } else { + // $_SESSION['phpCAS']['auth_checked'] = true; + // $this->redirectToCas(TRUE/* gateway */); + // // never reached + // $res = FALSE; + // avoid a check against CAS on every request + if (! isset($_SESSION['phpCAS']['unauth_count']) ) + $_SESSION['phpCAS']['unauth_count'] = -2; // uninitialized + + if (($_SESSION['phpCAS']['unauth_count'] != -2 && $this->_cache_times_for_auth_recheck == -1) + || ($_SESSION['phpCAS']['unauth_count'] >= 0 && $_SESSION['phpCAS']['unauth_count'] < $this->_cache_times_for_auth_recheck)) + { + $res = FALSE; + + if ($this->_cache_times_for_auth_recheck != -1) + { + $_SESSION['phpCAS']['unauth_count']++; + phpCAS::trace('user is not authenticated (cached for '.$_SESSION['phpCAS']['unauth_count'].' times of '.$this->_cache_times_for_auth_recheck.')'); + } + else + { + phpCAS::trace('user is not authenticated (cached for until login pressed)'); + } + } + else + { + $_SESSION['phpCAS']['unauth_count'] = 0; + $_SESSION['phpCAS']['auth_checked'] = true; + phpCAS::trace('user is not authenticated (cache reset)'); + $this->redirectToCas(TRUE/* gateway */); + // never reached + $res = FALSE; + } + } + phpCAS::traceEnd($res); + return $res; + } + + /** + * This method is called to check if the user is authenticated (previously or by + * tickets given in the URL). + * + * @return TRUE when the user is authenticated. + * + * @public + */ + function isAuthenticated() + { + phpCAS::traceBegin(); + $res = FALSE; + $validate_url = ''; + + if ( $this->wasPreviouslyAuthenticated() ) { + // the user has already (previously during the session) been + // authenticated, nothing to be done. + phpCAS::trace('user was already authenticated, no need to look for tickets'); + $res = TRUE; + } + elseif ( $this->hasST() ) { + // if a Service Ticket was given, validate it + phpCAS::trace('ST `'.$this->getST().'\' is present'); + $this->validateST($validate_url,$text_response,$tree_response); // if it fails, it halts + phpCAS::trace('ST `'.$this->getST().'\' was validated'); + if ( $this->isProxy() ) { + $this->validatePGT($validate_url,$text_response,$tree_response); // idem + phpCAS::trace('PGT `'.$this->getPGT().'\' was validated'); + $_SESSION['phpCAS']['pgt'] = $this->getPGT(); + } + $_SESSION['phpCAS']['user'] = $this->getUser(); + $res = TRUE; + } + elseif ( $this->hasPT() ) { + // if a Proxy Ticket was given, validate it + phpCAS::trace('PT `'.$this->getPT().'\' is present'); + $this->validatePT($validate_url,$text_response,$tree_response); // note: if it fails, it halts + phpCAS::trace('PT `'.$this->getPT().'\' was validated'); + if ( $this->isProxy() ) { + $this->validatePGT($validate_url,$text_response,$tree_response); // idem + phpCAS::trace('PGT `'.$this->getPGT().'\' was validated'); + $_SESSION['phpCAS']['pgt'] = $this->getPGT(); + } + $_SESSION['phpCAS']['user'] = $this->getUser(); + $res = TRUE; + } + else { + // no ticket given, not authenticated + phpCAS::trace('no ticket found'); + } + + phpCAS::traceEnd($res); + return $res; + } + + /** + * This method tells if the current session is authenticated. + * @return true if authenticated based soley on $_SESSION variable + * @since 0.4.22 by Brendan Arnold + */ + function isSessionAuthenticated () + { + return !empty($_SESSION['phpCAS']['user']); + } + + /** + * This method tells if the user has already been (previously) authenticated + * by looking into the session variables. + * + * @note This function switches to callback mode when needed. + * + * @return TRUE when the user has already been authenticated; FALSE otherwise. + * + * @private + */ + function wasPreviouslyAuthenticated() + { + phpCAS::traceBegin(); + + if ( $this->isCallbackMode() ) { + $this->callback(); + } + + $auth = FALSE; + + if ( $this->isProxy() ) { + // CAS proxy: username and PGT must be present + if ( $this->isSessionAuthenticated() && !empty($_SESSION['phpCAS']['pgt']) ) { + // authentication already done + $this->setUser($_SESSION['phpCAS']['user']); + $this->setPGT($_SESSION['phpCAS']['pgt']); + phpCAS::trace('user = `'.$_SESSION['phpCAS']['user'].'\', PGT = `'.$_SESSION['phpCAS']['pgt'].'\''); + $auth = TRUE; + } elseif ( $this->isSessionAuthenticated() && empty($_SESSION['phpCAS']['pgt']) ) { + // these two variables should be empty or not empty at the same time + phpCAS::trace('username found (`'.$_SESSION['phpCAS']['user'].'\') but PGT is empty'); + // unset all tickets to enforce authentication + unset($_SESSION['phpCAS']); + $this->setST(''); + $this->setPT(''); + } elseif ( !$this->isSessionAuthenticated() && !empty($_SESSION['phpCAS']['pgt']) ) { + // these two variables should be empty or not empty at the same time + phpCAS::trace('PGT found (`'.$_SESSION['phpCAS']['pgt'].'\') but username is empty'); + // unset all tickets to enforce authentication + unset($_SESSION['phpCAS']); + $this->setST(''); + $this->setPT(''); + } else { + phpCAS::trace('neither user not PGT found'); + } + } else { + // `simple' CAS client (not a proxy): username must be present + if ( $this->isSessionAuthenticated() ) { + // authentication already done + $this->setUser($_SESSION['phpCAS']['user']); + phpCAS::trace('user = `'.$_SESSION['phpCAS']['user'].'\''); + $auth = TRUE; + } else { + phpCAS::trace('no user found'); + } + } + + phpCAS::traceEnd($auth); + return $auth; + } + + /** + * This method is used to redirect the client to the CAS server. + * It is used by CASClient::forceAuthentication() and CASClient::checkAuthentication(). + * @param $gateway true to check authentication, false to force it + * @param $renew true to force the authentication with the CAS server + * @public + */ + function redirectToCas($gateway=false,$renew=false){ + phpCAS::traceBegin(); + $cas_url = $this->getServerLoginURL($gateway,$renew); + header('Location: '.$cas_url); + phpCAS::log( "Redirect to : ".$cas_url ); + + $this->printHTMLHeader($this->getString(CAS_STR_AUTHENTICATION_WANTED)); + + printf('<p>'.$this->getString(CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED).'</p>',$cas_url); + $this->printHTMLFooter(); + phpCAS::traceExit(); + exit(); + } + +// /** +// * This method is used to logout from CAS. +// * @param $url a URL that will be transmitted to the CAS server (to come back to when logged out) +// * @public +// */ +// function logout($url = "") { +// phpCAS::traceBegin(); +// $cas_url = $this->getServerLogoutURL(); +// // v0.4.14 sebastien.gougeon at univ-rennes1.fr +// // header('Location: '.$cas_url); +// if ( $url != "" ) { +// // Adam Moore 1.0.0RC2 +// $url = '?service=' . $url . '&url=' . $url; +// } +// header('Location: '.$cas_url . $url); +// session_unset(); +// session_destroy(); +// $this->printHTMLHeader($this->getString(CAS_STR_LOGOUT)); +// printf('<p>'.$this->getString(CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED).'</p>',$cas_url); +// $this->printHTMLFooter(); +// phpCAS::traceExit(); +// exit(); +// } + + /** + * This method is used to logout from CAS. + * @params $params an array that contains the optional url and service parameters that will be passed to the CAS server + * @public + */ + function logout($params) { + phpCAS::traceBegin(); + $cas_url = $this->getServerLogoutURL(); + $paramSeparator = '?'; + if (isset($params['url'])) { + $cas_url = $cas_url . $paramSeparator . "url=" . urlencode($params['url']); + $paramSeparator = '&'; + } + if (isset($params['service'])) { + $cas_url = $cas_url . $paramSeparator . "service=" . urlencode($params['service']); + } + header('Location: '.$cas_url); + session_unset(); + session_destroy(); + $this->printHTMLHeader($this->getString(CAS_STR_LOGOUT)); + printf('<p>'.$this->getString(CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED).'</p>',$cas_url); + $this->printHTMLFooter(); + phpCAS::traceExit(); + exit(); + } + + /** + * @return true if the current request is a logout request. + * @private + */ + function isLogoutRequest() { + return !empty($_POST['logoutRequest']); + } + + /** + * @return true if a logout request is allowed. + * @private + */ + function isLogoutRequestAllowed() { + } + + /** + * This method handles logout requests. + * @param $check_client true to check the client bofore handling the request, + * false not to perform any access control. True by default. + * @param $allowed_clients an array of host names allowed to send logout requests. + * By default, only the CAs server (declared in the constructor) will be allowed. + * @public + */ + function handleLogoutRequests($check_client=true, $allowed_clients=false) { + phpCAS::traceBegin(); + if (!$this->isLogoutRequest()) { + phpCAS::log("Not a logout request"); + phpCAS::traceEnd(); + return; + } + phpCAS::log("Logout requested"); + phpCAS::log("SAML REQUEST: ".$_POST['logoutRequest']); + if ($check_client) { + if (!$allowed_clients) { + $allowed_clients = array( $this->getServerHostname() ); + } + $client_ip = $_SERVER['REMOTE_ADDR']; + $client = gethostbyaddr($client_ip); + phpCAS::log("Client: ".$client); + $allowed = false; + foreach ($allowed_clients as $allowed_client) { + if ($client == $allowed_client) { + phpCAS::log("Allowed client '".$allowed_client."' matches, logout request is allowed"); + $allowed = true; + break; + } else { + phpCAS::log("Allowed client '".$allowed_client."' does not match"); + } + } + if (!$allowed) { + phpCAS::error("Unauthorized logout request from client '".$client."'"); + printf("Unauthorized!"); + phpCAS::traceExit(); + exit(); + } + } else { + phpCAS::log("No access control set"); + } + // Extract the ticket from the SAML Request + preg_match("|<samlp:SessionIndex>(.*)</samlp:SessionIndex>|", $_POST['logoutRequest'], $tick, PREG_OFFSET_CAPTURE, 3); + $wrappedSamlSessionIndex = preg_replace('|<samlp:SessionIndex>|','',$tick[0][0]); + $ticket2logout = preg_replace('|</samlp:SessionIndex>|','',$wrappedSamlSessionIndex); + phpCAS::log("Ticket to logout: ".$ticket2logout); + $session_id = preg_replace('/[^\w]/','',$ticket2logout); + phpCAS::log("Session id: ".$session_id); + + // fix New session ID + session_id($session_id); + $_COOKIE[session_name()]=$session_id; + $_GET[session_name()]=$session_id; + + // Overwrite session + session_start(); + session_unset(); + session_destroy(); + printf("Disconnected!"); + phpCAS::traceExit(); + exit(); + } + + /** @} */ + + // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + // XX XX + // XX BASIC CLIENT FEATURES (CAS 1.0) XX + // XX XX + // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + + // ######################################################################## + // ST + // ######################################################################## + /** + * @addtogroup internalBasic + * @{ + */ + + /** + * the Service Ticket provided in the URL of the request if present + * (empty otherwise). Written by CASClient::CASClient(), read by + * CASClient::getST() and CASClient::hasPGT(). + * + * @hideinitializer + * @private + */ + var $_st = ''; + + /** + * This method returns the Service Ticket provided in the URL of the request. + * @return The service ticket. + * @private + */ + function getST() + { return $this->_st; } + + /** + * This method stores the Service Ticket. + * @param $st The Service Ticket. + * @private + */ + function setST($st) + { $this->_st = $st; } + + /** + * This method tells if a Service Ticket was stored. + * @return TRUE if a Service Ticket has been stored. + * @private + */ + function hasST() + { return !empty($this->_st); } + + /** @} */ + + // ######################################################################## + // ST VALIDATION + // ######################################################################## + /** + * @addtogroup internalBasic + * @{ + */ + + /** + * the certificate of the CAS server. + * + * @hideinitializer + * @private + */ + var $_cas_server_cert = ''; + + /** + * the certificate of the CAS server CA. + * + * @hideinitializer + * @private + */ + var $_cas_server_ca_cert = ''; + + /** + * Set to true not to validate the CAS server. + * + * @hideinitializer + * @private + */ + var $_no_cas_server_validation = false; + + /** + * Set the certificate of the CAS server. + * + * @param $cert the PEM certificate + */ + function setCasServerCert($cert) + { + $this->_cas_server_cert = $cert; + } + + /** + * Set the CA certificate of the CAS server. + * + * @param $cert the PEM certificate of the CA that emited the cert of the server + */ + function setCasServerCACert($cert) + { + $this->_cas_server_ca_cert = $cert; + } + + /** + * Set no SSL validation for the CAS server. + */ + function setNoCasServerValidation() + { + $this->_no_cas_server_validation = true; + } + + /** + * This method is used to validate a ST; halt on failure, and sets $validate_url, + * $text_reponse and $tree_response on success. These parameters are used later + * by CASClient::validatePGT() for CAS proxies. + * + * @param $validate_url the URL of the request to the CAS server. + * @param $text_response the response of the CAS server, as is (XML text). + * @param $tree_response the response of the CAS server, as a DOM XML tree. + * + * @return bool TRUE when successfull, halt otherwise by calling CASClient::authError(). + * + * @private + */ + function validateST($validate_url,&$text_response,&$tree_response) + { + phpCAS::traceBegin(); + // build the URL to validate the ticket + $validate_url = $this->getServerServiceValidateURL().'&ticket='.$this->getST(); + if ( $this->isProxy() ) { + // pass the callback url for CAS proxies + $validate_url .= '&pgtUrl='.$this->getCallbackURL(); + } + + // open and read the URL + if ( !$this->readURL($validate_url,''/*cookies*/,$headers,$text_response,$err_msg) ) { + phpCAS::trace('could not open URL \''.$validate_url.'\' to validate ('.$err_msg.')'); + $this->authError('ST not validated', + $validate_url, + TRUE/*$no_response*/); + } + + // analyze the result depending on the version + switch ($this->getServerVersion()) { + case CAS_VERSION_1_0: + if (preg_match('/^no\n/',$text_response)) { + phpCAS::trace('ST has not been validated'); + $this->authError('ST not validated', + $validate_url, + FALSE/*$no_response*/, + FALSE/*$bad_response*/, + $text_response); + } + if (!preg_match('/^yes\n/',$text_response)) { + phpCAS::trace('ill-formed response'); + $this->authError('ST not validated', + $validate_url, + FALSE/*$no_response*/, + TRUE/*$bad_response*/, + $text_response); + } + // ST has been validated, extract the user name + $arr = preg_split('/\n/',$text_response); + $this->setUser(trim($arr[1])); + break; + case CAS_VERSION_2_0: + // read the response of the CAS server into a DOM object + if ( !($dom = domxml_open_mem($text_response))) { + phpCAS::trace('domxml_open_mem() failed'); + $this->authError('ST not validated', + $validate_url, + FALSE/*$no_response*/, + TRUE/*$bad_response*/, + $text_response); + } + // read the root node of the XML tree + if ( !($tree_response = $dom->document_element()) ) { + phpCAS::trace('document_element() failed'); + $this->authError('ST not validated', + $validate_url, + FALSE/*$no_response*/, + TRUE/*$bad_response*/, + $text_response); + } + // insure that tag name is 'serviceResponse' + if ( $tree_response->node_name() != 'serviceResponse' ) { + phpCAS::trace('bad XML root node (should be `serviceResponse\' instead of `'.$tree_response->node_name().'\''); + $this->authError('ST not validated', + $validate_url, + FALSE/*$no_response*/, + TRUE/*$bad_response*/, + $text_response); + } + if ( sizeof($success_elements = $tree_response->get_elements_by_tagname("authenticationSuccess")) != 0) { + // authentication succeded, extract the user name + if ( sizeof($user_elements = $success_elements[0]->get_elements_by_tagname("user")) == 0) { + phpCAS::trace('<authenticationSuccess> found, but no <user>'); + $this->authError('ST not validated', + $validate_url, + FALSE/*$no_response*/, + TRUE/*$bad_response*/, + $text_response); + } + $user = trim($user_elements[0]->get_content()); + phpCAS::trace('user = `'.$user); + $this->setUser($user); + + } else if ( sizeof($failure_elements = $tree_response->get_elements_by_tagname("authenticationFailure")) != 0) { + phpCAS::trace('<authenticationFailure> found'); + // authentication failed, extract the error code and message + $this->authError('ST not validated', + $validate_url, + FALSE/*$no_response*/, + FALSE/*$bad_response*/, + $text_response, + $failure_elements[0]->get_attribute('code')/*$err_code*/, + trim($failure_elements[0]->get_content())/*$err_msg*/); + } else { + phpCAS::trace('neither <authenticationSuccess> nor <authenticationFailure> found'); + $this->authError('ST not validated', + $validate_url, + FALSE/*$no_response*/, + TRUE/*$bad_response*/, + $text_response); + } + break; + } + + // at this step, ST has been validated and $this->_user has been set, + phpCAS::traceEnd(TRUE); + return TRUE; + } + + /** @} */ + + // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + // XX XX + // XX PROXY FEATURES (CAS 2.0) XX + // XX XX + // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + + // ######################################################################## + // PROXYING + // ######################################################################## + /** + * @addtogroup internalProxy + * @{ + */ + + /** + * A boolean telling if the client is a CAS proxy or not. Written by CASClient::CASClient(), + * read by CASClient::isProxy(). + * + * @private + */ + var $_proxy; + + /** + * Tells if a CAS client is a CAS proxy or not + * + * @return TRUE when the CAS client is a CAs proxy, FALSE otherwise + * + * @private + */ + function isProxy() + { + return $this->_proxy; + } + + /** @} */ + // ######################################################################## + // PGT + // ######################################################################## + /** + * @addtogroup internalProxy + * @{ + */ + + /** + * the Proxy Grnting Ticket given by the CAS server (empty otherwise). + * Written by CASClient::setPGT(), read by CASClient::getPGT() and CASClient::hasPGT(). + * + * @hideinitializer + * @private + */ + var $_pgt = ''; + + /** + * This method returns the Proxy Granting Ticket given by the CAS server. + * @return The Proxy Granting Ticket. + * @private + */ + function getPGT() + { return $this->_pgt; } + + /** + * This method stores the Proxy Granting Ticket. + * @param $pgt The Proxy Granting Ticket. + * @private + */ + function setPGT($pgt) + { $this->_pgt = $pgt; } + + /** + * This method tells if a Proxy Granting Ticket was stored. + * @return TRUE if a Proxy Granting Ticket has been stored. + * @private + */ + function hasPGT() + { return !empty($this->_pgt); } + + /** @} */ + + // ######################################################################## + // CALLBACK MODE + // ######################################################################## + /** + * @addtogroup internalCallback + * @{ + */ + /** + * each PHP script using phpCAS in proxy mode is its own callback to get the + * PGT back from the CAS server. callback_mode is detected by the constructor + * thanks to the GET parameters. + */ + + /** + * a boolean to know if the CAS client is running in callback mode. Written by + * CASClient::setCallBackMode(), read by CASClient::isCallbackMode(). + * + * @hideinitializer + * @private + */ + var $_callback_mode = FALSE; + + /** + * This method sets/unsets callback mode. + * + * @param $callback_mode TRUE to set callback mode, FALSE otherwise. + * + * @private + */ + function setCallbackMode($callback_mode) + { + $this->_callback_mode = $callback_mode; + } + + /** + * This method returns TRUE when the CAs client is running i callback mode, + * FALSE otherwise. + * + * @return A boolean. + * + * @private + */ + function isCallbackMode() + { + return $this->_callback_mode; + } + + /** + * the URL that should be used for the PGT callback (in fact the URL of the + * current request without any CGI parameter). Written and read by + * CASClient::getCallbackURL(). + * + * @hideinitializer + * @private + */ + var $_callback_url = ''; + + /** + * This method returns the URL that should be used for the PGT callback (in + * fact the URL of the current request without any CGI parameter, except if + * phpCAS::setFixedCallbackURL() was used). + * + * @return The callback URL + * + * @private + */ + function getCallbackURL() + { + // the URL is built when needed only + if ( empty($this->_callback_url) ) { + $final_uri = ''; + // remove the ticket if present in the URL + $final_uri = 'https://'; + /* replaced by Julien Marchal - v0.4.6 + * $this->uri .= $_SERVER['SERVER_NAME']; + */ + if(empty($_SERVER['HTTP_X_FORWARDED_SERVER'])){ + /* replaced by teedog - v0.4.12 + * $final_uri .= $_SERVER['SERVER_NAME']; + */ + if (empty($_SERVER['SERVER_NAME'])) { + $final_uri .= $_SERVER['HTTP_HOST']; + } else { + $final_uri .= $_SERVER['SERVER_NAME']; + } + } else { + $final_uri .= $_SERVER['HTTP_X_FORWARDED_SERVER']; + } + if ( ($this->isHttps() && $_SERVER['SERVER_PORT']!=443) + || (!$this->isHttps() && $_SERVER['SERVER_PORT']!=80) ) { + $final_uri .= ':'; + $final_uri .= $_SERVER['SERVER_PORT']; + } + $request_uri = $_SERVER['REQUEST_URI']; + $request_uri = preg_replace('/\?.*$/','',$request_uri); + $final_uri .= $request_uri; + $this->setCallbackURL($final_uri); + } + return $this->_callback_url; + } + + /** + * This method sets the callback url. + * + * @param $callback_url url to set callback + * + * @private + */ + function setCallbackURL($url) + { + return $this->_callback_url = $url; + } + + /** + * This method is called by CASClient::CASClient() when running in callback + * mode. It stores the PGT and its PGT Iou, prints its output and halts. + * + * @private + */ + function callback() + { + phpCAS::traceBegin(); + $this->printHTMLHeader('phpCAS callback'); + $pgt_iou = $_GET['pgtIou']; + $pgt = $_GET['pgtId']; + phpCAS::trace('Storing PGT `'.$pgt.'\' (id=`'.$pgt_iou.'\')'); + echo '<p>Storing PGT `'.$pgt.'\' (id=`'.$pgt_iou.'\').</p>'; + $this->storePGT($pgt,$pgt_iou); + $this->printHTMLFooter(); + phpCAS::traceExit(); + } + + /** @} */ + + // ######################################################################## + // PGT STORAGE + // ######################################################################## + /** + * @addtogroup internalPGTStorage + * @{ + */ + + /** + * an instance of a class inheriting of PGTStorage, used to deal with PGT + * storage. Created by CASClient::setPGTStorageFile() or CASClient::setPGTStorageDB(), used + * by CASClient::setPGTStorageFile(), CASClient::setPGTStorageDB() and CASClient::initPGTStorage(). + * + * @hideinitializer + * @private + */ + var $_pgt_storage = null; + + /** + * This method is used to initialize the storage of PGT's. + * Halts on error. + * + * @private + */ + function initPGTStorage() + { + // if no SetPGTStorageXxx() has been used, default to file + if ( !is_object($this->_pgt_storage) ) { + $this->setPGTStorageFile(); + } + + // initializes the storage + $this->_pgt_storage->init(); + } + + /** + * This method stores a PGT. Halts on error. + * + * @param $pgt the PGT to store + * @param $pgt_iou its corresponding Iou + * + * @private + */ + function storePGT($pgt,$pgt_iou) + { + // ensure that storage is initialized + $this->initPGTStorage(); + // writes the PGT + $this->_pgt_storage->write($pgt,$pgt_iou); + } + + /** + * This method reads a PGT from its Iou and deletes the corresponding storage entry. + * + * @param $pgt_iou the PGT Iou + * + * @return The PGT corresponding to the Iou, FALSE when not found. + * + * @private + */ + function loadPGT($pgt_iou) + { + // ensure that storage is initialized + $this->initPGTStorage(); + // read the PGT + return $this->_pgt_storage->read($pgt_iou); + } + + /** + * This method is used to tell phpCAS to store the response of the + * CAS server to PGT requests onto the filesystem. + * + * @param $format the format used to store the PGT's (`plain' and `xml' allowed) + * @param $path the path where the PGT's should be stored + * + * @public + */ + function setPGTStorageFile($format='', + $path='') + { + // check that the storage has not already been set + if ( is_object($this->_pgt_storage) ) { + phpCAS::error('PGT storage already defined'); + } + + // create the storage object + $this->_pgt_storage = &new PGTStorageFile($this,$format,$path); + } + + /** + * This method is used to tell phpCAS to store the response of the + * CAS server to PGT requests into a database. + * @note The connection to the database is done only when needed. + * As a consequence, bad parameters are detected only when + * initializing PGT storage. + * + * @param $user the user to access the data with + * @param $password the user's password + * @param $database_type the type of the database hosting the data + * @param $hostname the server hosting the database + * @param $port the port the server is listening on + * @param $database the name of the database + * @param $table the name of the table storing the data + * + * @public + */ + function setPGTStorageDB($user, + $password, + $database_type, + $hostname, + $port, + $database, + $table) + { + // check that the storage has not already been set + if ( is_object($this->_pgt_storage) ) { + phpCAS::error('PGT storage already defined'); + } + + // warn the user that he should use file storage... + trigger_error('PGT storage into database is an experimental feature, use at your own risk',E_USER_WARNING); + + // create the storage object + $this->_pgt_storage = & new PGTStorageDB($this,$user,$password,$database_type,$hostname,$port,$database,$table); + } + + // ######################################################################## + // PGT VALIDATION + // ######################################################################## + /** + * This method is used to validate a PGT; halt on failure. + * + * @param $validate_url the URL of the request to the CAS server. + * @param $text_response the response of the CAS server, as is (XML text); result + * of CASClient::validateST() or CASClient::validatePT(). + * @param $tree_response the response of the CAS server, as a DOM XML tree; result + * of CASClient::validateST() or CASClient::validatePT(). + * + * @return bool TRUE when successfull, halt otherwise by calling CASClient::authError(). + * + * @private + */ + function validatePGT(&$validate_url,$text_response,$tree_response) + { + phpCAS::traceBegin(); + if ( sizeof($arr = $tree_response->get_elements_by_tagname("proxyGrantingTicket")) == 0) { + phpCAS::trace('<proxyGrantingTicket> not found'); + // authentication succeded, but no PGT Iou was transmitted + $this->authError('Ticket validated but no PGT Iou transmitted', + $validate_url, + FALSE/*$no_response*/, + FALSE/*$bad_response*/, + $text_response); + } else { + // PGT Iou transmitted, extract it + $pgt_iou = trim($arr[0]->get_content()); + $pgt = $this->loadPGT($pgt_iou); + if ( $pgt == FALSE ) { + phpCAS::trace('could not load PGT'); + $this->authError('PGT Iou was transmitted but PGT could not be retrieved', + $validate_url, + FALSE/*$no_response*/, + FALSE/*$bad_response*/, + $text_response); + } + $this->setPGT($pgt); + } + phpCAS::traceEnd(TRUE); + return TRUE; + } + + // ######################################################################## + // PGT VALIDATION + // ######################################################################## + + /** + * This method is used to retrieve PT's from the CAS server thanks to a PGT. + * + * @param $target_service the service to ask for with the PT. + * @param $err_code an error code (PHPCAS_SERVICE_OK on success). + * @param $err_msg an error message (empty on success). + * + * @return a Proxy Ticket, or FALSE on error. + * + * @private + */ + function retrievePT($target_service,&$err_code,&$err_msg) + { + phpCAS::traceBegin(); + + // by default, $err_msg is set empty and $pt to TRUE. On error, $pt is + // set to false and $err_msg to an error message. At the end, if $pt is FALSE + // and $error_msg is still empty, it is set to 'invalid response' (the most + // commonly encountered error). + $err_msg = ''; + + // build the URL to retrieve the PT + // $cas_url = $this->getServerProxyURL().'?targetService='.preg_replace('/&/','%26',$target_service).'&pgt='.$this->getPGT(); + $cas_url = $this->getServerProxyURL().'?targetService='.urlencode($target_service).'&pgt='.$this->getPGT(); + + // open and read the URL + if ( !$this->readURL($cas_url,''/*cookies*/,$headers,$cas_response,$err_msg) ) { + phpCAS::trace('could not open URL \''.$cas_url.'\' to validate ('.$err_msg.')'); + $err_code = PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE; + $err_msg = 'could not retrieve PT (no response from the CAS server)'; + phpCAS::traceEnd(FALSE); + return FALSE; + } + + $bad_response = FALSE; + + if ( !$bad_response ) { + // read the response of the CAS server into a DOM object + if ( !($dom = @domxml_open_mem($cas_response))) { + phpCAS::trace('domxml_open_mem() failed'); + // read failed + $bad_response = TRUE; + } + } + + if ( !$bad_response ) { + // read the root node of the XML tree + if ( !($root = $dom->document_element()) ) { + phpCAS::trace('document_element() failed'); + // read failed + $bad_response = TRUE; + } + } + + if ( !$bad_response ) { + // insure that tag name is 'serviceResponse' + if ( $root->node_name() != 'serviceResponse' ) { + phpCAS::trace('node_name() failed'); + // bad root node + $bad_response = TRUE; + } + } + + if ( !$bad_response ) { + // look for a proxySuccess tag + if ( sizeof($arr = $root->get_elements_by_tagname("proxySuccess")) != 0) { + // authentication succeded, look for a proxyTicket tag + if ( sizeof($arr = $root->get_elements_by_tagname("proxyTicket")) != 0) { + $err_code = PHPCAS_SERVICE_OK; + $err_msg = ''; + phpCAS::trace('original PT: '.trim($arr[0]->get_content())); + $pt = trim($arr[0]->get_content()); + phpCAS::traceEnd($pt); + return $pt; + } else { + phpCAS::trace('<proxySuccess> was found, but not <proxyTicket>'); + } + } + // look for a proxyFailure tag + else if ( sizeof($arr = $root->get_elements_by_tagname("proxyFailure")) != 0) { + // authentication failed, extract the error + $err_code = PHPCAS_SERVICE_PT_FAILURE; + $err_msg = 'PT retrieving failed (code=`' + .$arr[0]->get_attribute('code') + .'\', message=`' + .trim($arr[0]->get_content()) + .'\')'; + phpCAS::traceEnd(FALSE); + return FALSE; + } else { + phpCAS::trace('neither <proxySuccess> nor <proxyFailure> found'); + } + } + + // at this step, we are sure that the response of the CAS server was ill-formed + $err_code = PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE; + $err_msg = 'Invalid response from the CAS server (response=`'.$cas_response.'\')'; + + phpCAS::traceEnd(FALSE); + return FALSE; + } + + // ######################################################################## + // ACCESS TO EXTERNAL SERVICES + // ######################################################################## + + /** + * This method is used to acces a remote URL. + * + * @param $url the URL to access. + * @param $cookies an array containing cookies strings such as 'name=val' + * @param $headers an array containing the HTTP header lines of the response + * (an empty array on failure). + * @param $body the body of the response, as a string (empty on failure). + * @param $err_msg an error message, filled on failure. + * + * @return TRUE on success, FALSE otherwise (in this later case, $err_msg + * contains an error message). + * + * @private + */ + function readURL($url,$cookies,&$headers,&$body,&$err_msg) + { + phpCAS::traceBegin(); + $headers = ''; + $body = ''; + $err_msg = ''; + + $res = TRUE; + + // initialize the CURL session + $ch = curl_init($url); + + if (version_compare(PHP_VERSION,'5.1.3','>=')) { + //only avaible in php5 + curl_setopt_array($ch, $this->_curl_options); + } else { + foreach ($this->_curl_options as $key => $value) { + curl_setopt($ch, $key, $value); + } + } + + if ($this->_cas_server_cert == '' && $this->_cas_server_ca_cert == '' && !$this->_no_cas_server_validation) { + phpCAS::error('one of the methods phpCAS::setCasServerCert(), phpCAS::setCasServerCACert() or phpCAS::setNoCasServerValidation() must be called.'); + } + if ($this->_cas_server_cert != '' ) { + curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1); + curl_setopt($ch, CURLOPT_SSLCERT, $this->_cas_server_cert); + } else if ($this->_cas_server_ca_cert != '') { + curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1); + curl_setopt($ch, CURLOPT_CAINFO, $this->_cas_server_ca_cert); + } else { + curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 1); + curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); + } + + // return the CURL output into a variable + curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); + // get the HTTP header with a callback + $this->_curl_headers = array(); // empty the headers array + curl_setopt($ch, CURLOPT_HEADERFUNCTION, array($this, '_curl_read_headers')); + // add cookies headers + if ( is_array($cookies) ) { + curl_setopt($ch,CURLOPT_COOKIE,implode(';',$cookies)); + } + // perform the query + $buf = curl_exec ($ch); + if ( $buf === FALSE ) { + phpCAS::trace('curl_exec() failed'); + $err_msg = 'CURL error #'.curl_errno($ch).': '.curl_error($ch); + // close the CURL session + curl_close ($ch); + $res = FALSE; + } else { + // close the CURL session + curl_close ($ch); + + $headers = $this->_curl_headers; + $body = $buf; + } + + phpCAS::traceEnd($res); + return $res; + } + + /** + * This method is the callback used by readURL method to request HTTP headers. + */ + var $_curl_headers = array(); + function _curl_read_headers($ch, $header) + { + $this->_curl_headers[] = $header; + return strlen($header); + } + + /** + * This method is used to access an HTTP[S] service. + * + * @param $url the service to access. + * @param $err_code an error code Possible values are PHPCAS_SERVICE_OK (on + * success), PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE, PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE, + * PHPCAS_SERVICE_PT_FAILURE, PHPCAS_SERVICE_NOT AVAILABLE. + * @param $output the output of the service (also used to give an error + * message on failure). + * + * @return TRUE on success, FALSE otherwise (in this later case, $err_code + * gives the reason why it failed and $output contains an error message). + * + * @public + */ + function serviceWeb($url,&$err_code,&$output) + { + phpCAS::traceBegin(); + // at first retrieve a PT + $pt = $this->retrievePT($url,$err_code,$output); + + $res = TRUE; + + // test if PT was retrieved correctly + if ( !$pt ) { + // note: $err_code and $err_msg are filled by CASClient::retrievePT() + phpCAS::trace('PT was not retrieved correctly'); + $res = FALSE; + } else { + // add cookies if necessary + if ( is_array($_SESSION['phpCAS']['services'][$url]['cookies']) ) { + foreach ( $_SESSION['phpCAS']['services'][$url]['cookies'] as $name => $val ) { + $cookies[] = $name.'='.$val; + } + } + + // build the URL including the PT + if ( strstr($url,'?') === FALSE ) { + $service_url = $url.'?ticket='.$pt; + } else { + $service_url = $url.'&ticket='.$pt; + } + + phpCAS::trace('reading URL`'.$service_url.'\''); + if ( !$this->readURL($service_url,$cookies,$headers,$output,$err_msg) ) { + phpCAS::trace('could not read URL`'.$service_url.'\''); + $err_code = PHPCAS_SERVICE_NOT_AVAILABLE; + // give an error message + $output = sprintf($this->getString(CAS_STR_SERVICE_UNAVAILABLE), + $service_url, + $err_msg); + $res = FALSE; + } else { + // URL has been fetched, extract the cookies + phpCAS::trace('URL`'.$service_url.'\' has been read, storing cookies:'); + foreach ( $headers as $header ) { + // test if the header is a cookie + if ( preg_match('/^Set-Cookie:/',$header) ) { + // the header is a cookie, remove the beginning + $header_val = preg_replace('/^Set-Cookie: */','',$header); + // extract interesting information + $name_val = strtok($header_val,'; '); + // extract the name and the value of the cookie + $cookie_name = strtok($name_val,'='); + $cookie_val = strtok('='); + // store the cookie + $_SESSION['phpCAS']['services'][$url]['cookies'][$cookie_name] = $cookie_val; + phpCAS::trace($cookie_name.' -> '.$cookie_val); + } + } + } + } + + phpCAS::traceEnd($res); + return $res; + } + + /** + * This method is used to access an IMAP/POP3/NNTP service. + * + * @param $url a string giving the URL of the service, including the mailing box + * for IMAP URLs, as accepted by imap_open(). + * @param $flags options given to imap_open(). + * @param $err_code an error code Possible values are PHPCAS_SERVICE_OK (on + * success), PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE, PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE, + * PHPCAS_SERVICE_PT_FAILURE, PHPCAS_SERVICE_NOT AVAILABLE. + * @param $err_msg an error message on failure + * @param $pt the Proxy Ticket (PT) retrieved from the CAS server to access the URL + * on success, FALSE on error). + * + * @return an IMAP stream on success, FALSE otherwise (in this later case, $err_code + * gives the reason why it failed and $err_msg contains an error message). + * + * @public + */ + function serviceMail($url,$flags,&$err_code,&$err_msg,&$pt) + { + phpCAS::traceBegin(); + // at first retrieve a PT + $pt = $this->retrievePT($target_service,$err_code,$output); + + $stream = FALSE; + + // test if PT was retrieved correctly + if ( !$pt ) { + // note: $err_code and $err_msg are filled by CASClient::retrievePT() + phpCAS::trace('PT was not retrieved correctly'); + } else { + phpCAS::trace('opening IMAP URL `'.$url.'\'...'); + $stream = @imap_open($url,$this->getUser(),$pt,$flags); + if ( !$stream ) { + phpCAS::trace('could not open URL'); + $err_code = PHPCAS_SERVICE_NOT_AVAILABLE; + // give an error message + $err_msg = sprintf($this->getString(CAS_STR_SERVICE_UNAVAILABLE), + $service_url, + var_export(imap_errors(),TRUE)); + $pt = FALSE; + $stream = FALSE; + } else { + phpCAS::trace('ok'); + } + } + + phpCAS::traceEnd($stream); + return $stream; + } + + /** @} */ + + // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + // XX XX + // XX PROXIED CLIENT FEATURES (CAS 2.0) XX + // XX XX + // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + + // ######################################################################## + // PT + // ######################################################################## + /** + * @addtogroup internalProxied + * @{ + */ + + /** + * the Proxy Ticket provided in the URL of the request if present + * (empty otherwise). Written by CASClient::CASClient(), read by + * CASClient::getPT() and CASClient::hasPGT(). + * + * @hideinitializer + * @private + */ + var $_pt = ''; + + /** + * This method returns the Proxy Ticket provided in the URL of the request. + * @return The proxy ticket. + * @private + */ + function getPT() + { + // return 'ST'.substr($this->_pt, 2); + return $this->_pt; + } + + /** + * This method stores the Proxy Ticket. + * @param $pt The Proxy Ticket. + * @private + */ + function setPT($pt) + { $this->_pt = $pt; } + + /** + * This method tells if a Proxy Ticket was stored. + * @return TRUE if a Proxy Ticket has been stored. + * @private + */ + function hasPT() + { return !empty($this->_pt); } + + /** @} */ + // ######################################################################## + // PT VALIDATION + // ######################################################################## + /** + * @addtogroup internalProxied + * @{ + */ + + /** + * This method is used to validate a PT; halt on failure + * + * @return bool TRUE when successfull, halt otherwise by calling CASClient::authError(). + * + * @private + */ + function validatePT(&$validate_url,&$text_response,&$tree_response) + { + phpCAS::traceBegin(); + // build the URL to validate the ticket + $validate_url = $this->getServerProxyValidateURL().'&ticket='.$this->getPT(); + + if ( $this->isProxy() ) { + // pass the callback url for CAS proxies + $validate_url .= '&pgtUrl='.$this->getCallbackURL(); + } + + // open and read the URL + if ( !$this->readURL($validate_url,''/*cookies*/,$headers,$text_response,$err_msg) ) { + phpCAS::trace('could not open URL \''.$validate_url.'\' to validate ('.$err_msg.')'); + $this->authError('PT not validated', + $validate_url, + TRUE/*$no_response*/); + } + + // read the response of the CAS server into a DOM object + if ( !($dom = domxml_open_mem($text_response))) { + // read failed + $this->authError('PT not validated', + $validate_url, + FALSE/*$no_response*/, + TRUE/*$bad_response*/, + $text_response); + } + // read the root node of the XML tree + if ( !($tree_response = $dom->document_element()) ) { + // read failed + $this->authError('PT not validated', + $validate_url, + FALSE/*$no_response*/, + TRUE/*$bad_response*/, + $text_response); + } + // insure that tag name is 'serviceResponse' + if ( $tree_response->node_name() != 'serviceResponse' ) { + // bad root node + $this->authError('PT not validated', + $validate_url, + FALSE/*$no_response*/, + TRUE/*$bad_response*/, + $text_response); + } + if ( sizeof($arr = $tree_response->get_elements_by_tagname("authenticationSuccess")) != 0) { + // authentication succeded, extract the user name + if ( sizeof($arr = $tree_response->get_elements_by_tagname("user")) == 0) { + // no user specified => error + $this->authError('PT not validated', + $validate_url, + FALSE/*$no_response*/, + TRUE/*$bad_response*/, + $text_response); + } + $this->setUser(trim($arr[0]->get_content())); + + } else if ( sizeof($arr = $tree_response->get_elements_by_tagname("authenticationFailure")) != 0) { + // authentication succeded, extract the error code and message + $this->authError('PT not validated', + $validate_url, + FALSE/*$no_response*/, + FALSE/*$bad_response*/, + $text_response, + $arr[0]->get_attribute('code')/*$err_code*/, + trim($arr[0]->get_content())/*$err_msg*/); + } else { + $this->authError('PT not validated', + $validate_url, + FALSE/*$no_response*/, + TRUE/*$bad_response*/, + $text_response); + } + + // at this step, PT has been validated and $this->_user has been set, + + phpCAS::traceEnd(TRUE); + return TRUE; + } + + /** @} */ + + // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + // XX XX + // XX MISC XX + // XX XX + // XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + + /** + * @addtogroup internalMisc + * @{ + */ + + // ######################################################################## + // URL + // ######################################################################## + /** + * the URL of the current request (without any ticket CGI parameter). Written + * and read by CASClient::getURL(). + * + * @hideinitializer + * @private + */ + var $_url = ''; + + /** + * This method returns the URL of the current request (without any ticket + * CGI parameter). + * + * @return The URL + * + * @private + */ + function getURL() + { + phpCAS::traceBegin(); + // the URL is built when needed only + if ( empty($this->_url) ) { + $final_uri = ''; + // remove the ticket if present in the URL + $final_uri = ($this->isHttps()) ? 'https' : 'http'; + $final_uri .= '://'; + /* replaced by Julien Marchal - v0.4.6 + * $this->_url .= $_SERVER['SERVER_NAME']; + */ + if(empty($_SERVER['HTTP_X_FORWARDED_SERVER'])){ + /* replaced by teedog - v0.4.12 + * $this->_url .= $_SERVER['SERVER_NAME']; + */ + if (empty($_SERVER['SERVER_NAME'])) { + $server_name = $_SERVER['HTTP_HOST']; + } else { + $server_name = $_SERVER['SERVER_NAME']; + } + } else { + $server_name = $_SERVER['HTTP_X_FORWARDED_SERVER']; + } + $final_uri .= $server_name; + if (!strpos($server_name, ':')) { + if ( ($this->isHttps() && $_SERVER['SERVER_PORT']!=443) + || (!$this->isHttps() && $_SERVER['SERVER_PORT']!=80) ) { + $final_uri .= ':'; + $final_uri .= $_SERVER['SERVER_PORT']; + } + } + + $final_uri .= strtok($_SERVER['REQUEST_URI'],"?"); + $cgi_params = '?'.strtok("?"); + // remove the ticket if present in the CGI parameters + $cgi_params = preg_replace('/&ticket=[^&]*/','',$cgi_params); + $cgi_params = preg_replace('/\?ticket=[^&;]*/','?',$cgi_params); + $cgi_params = preg_replace('/\?%26/','?',$cgi_params); + $cgi_params = preg_replace('/\?&/','?',$cgi_params); + $cgi_params = preg_replace('/\?$/','',$cgi_params); + $final_uri .= $cgi_params; + $this->setURL($final_uri); + } + phpCAS::traceEnd($this->_url); + return $this->_url; + } + + /** + * This method sets the URL of the current request + * + * @param $url url to set for service + * + * @private + */ + function setURL($url) + { + $this->_url = $url; + } + + // ######################################################################## + // AUTHENTICATION ERROR HANDLING + // ######################################################################## + /** + * This method is used to print the HTML output when the user was not authenticated. + * + * @param $failure the failure that occured + * @param $cas_url the URL the CAS server was asked for + * @param $no_response the response from the CAS server (other + * parameters are ignored if TRUE) + * @param $bad_response bad response from the CAS server ($err_code + * and $err_msg ignored if TRUE) + * @param $cas_response the response of the CAS server + * @param $err_code the error code given by the CAS server + * @param $err_msg the error message given by the CAS server + * + * @private + */ + function authError($failure,$cas_url,$no_response,$bad_response='',$cas_response='',$err_code='',$err_msg='') + { + phpCAS::traceBegin(); + + $this->printHTMLHeader($this->getString(CAS_STR_AUTHENTICATION_FAILED)); + printf($this->getString(CAS_STR_YOU_WERE_NOT_AUTHENTICATED),$this->getURL(),$_SERVER['SERVER_ADMIN']); + phpCAS::trace('CAS URL: '.$cas_url); + phpCAS::trace('Authentication failure: '.$failure); + if ( $no_response ) { + phpCAS::trace('Reason: no response from the CAS server'); + } else { + if ( $bad_response ) { + phpCAS::trace('Reason: bad response from the CAS server'); + } else { + switch ($this->getServerVersion()) { + case CAS_VERSION_1_0: + phpCAS::trace('Reason: CAS error'); + break; + case CAS_VERSION_2_0: + if ( empty($err_code) ) + phpCAS::trace('Reason: no CAS error'); + else + phpCAS::trace('Reason: ['.$err_code.'] CAS error: '.$err_msg); + break; + } + } + phpCAS::trace('CAS response: '.$cas_response); + } + $this->printHTMLFooter(); + phpCAS::traceExit(); + exit(); + } + + /** @} */ +} + ?>
\ No newline at end of file diff --git a/plugins/CasAuthentication/extlib/CAS/domxml-php4-php5.php b/plugins/CasAuthentication/extlib/CAS/domxml-php4-php5.php index d64747514..a0dfb99c7 100644 --- a/plugins/CasAuthentication/extlib/CAS/domxml-php4-php5.php +++ b/plugins/CasAuthentication/extlib/CAS/domxml-php4-php5.php @@ -1,277 +1,277 @@ -<?php
-/**
- * @file domxml-php4-php5.php
- * Require PHP5, uses built-in DOM extension.
- * To be used in PHP4 scripts using DOMXML extension.
- * Allows PHP4/DOMXML scripts to run on PHP5/DOM.
- * (Requires PHP5/XSL extension for domxml_xslt functions)
- *
- * Typical use:
- * <pre>
- * {
- * if (version_compare(PHP_VERSION,'5','>='))
- * require_once('domxml-php4-to-php5.php');
- * }
- * </pre>
- *
- * Version 1.5.5, 2005-01-18, http://alexandre.alapetite.net/doc-alex/domxml-php4-php5/
- *
- * ------------------------------------------------------------------<br>
- * Written by Alexandre Alapetite, http://alexandre.alapetite.net/cv/
- *
- * Copyright 2004, Licence: Creative Commons "Attribution-ShareAlike 2.0 France" BY-SA (FR),
- * http://creativecommons.org/licenses/by-sa/2.0/fr/
- * http://alexandre.alapetite.net/divers/apropos/#by-sa
- * - Attribution. You must give the original author credit
- * - Share Alike. If you alter, transform, or build upon this work,
- * you may distribute the resulting work only under a license identical to this one
- * - The French law is authoritative
- * - Any of these conditions can be waived if you get permission from Alexandre Alapetite
- * - Please send to Alexandre Alapetite the modifications you make,
- * in order to improve this file for the benefit of everybody
- *
- * If you want to distribute this code, please do it as a link to:
- * http://alexandre.alapetite.net/doc-alex/domxml-php4-php5/
- */
-
-function domxml_new_doc($version) {return new php4DOMDocument('');}
-function domxml_open_file($filename) {return new php4DOMDocument($filename);}
-function domxml_open_mem($str)
-{
- $dom=new php4DOMDocument('');
- $dom->myDOMNode->loadXML($str);
- return $dom;
-}
-function xpath_eval($xpath_context,$eval_str,$contextnode=null) {return $xpath_context->query($eval_str,$contextnode);}
-function xpath_new_context($dom_document) {return new php4DOMXPath($dom_document);}
-
-class php4DOMAttr extends php4DOMNode
-{
- function php4DOMAttr($aDOMAttr) {$this->myDOMNode=$aDOMAttr;}
- function Name() {return $this->myDOMNode->name;}
- function Specified() {return $this->myDOMNode->specified;}
- function Value() {return $this->myDOMNode->value;}
-}
-
-class php4DOMDocument extends php4DOMNode
-{
- function php4DOMDocument($filename='')
- {
- $this->myDOMNode=new DOMDocument();
- if ($filename!='') $this->myDOMNode->load($filename);
- }
- function create_attribute($name,$value)
- {
- $myAttr=$this->myDOMNode->createAttribute($name);
- $myAttr->value=$value;
- return new php4DOMAttr($myAttr,$this);
- }
- function create_cdata_section($content) {return new php4DOMNode($this->myDOMNode->createCDATASection($content),$this);}
- function create_comment($data) {return new php4DOMNode($this->myDOMNode->createComment($data),$this);}
- function create_element($name) {return new php4DOMElement($this->myDOMNode->createElement($name),$this);}
- function create_text_node($content) {return new php4DOMNode($this->myDOMNode->createTextNode($content),$this);}
- function document_element() {return new php4DOMElement($this->myDOMNode->documentElement,$this);}
- function dump_file($filename,$compressionmode=false,$format=false) {return $this->myDOMNode->save($filename);}
- function dump_mem($format=false,$encoding=false) {return $this->myDOMNode->saveXML();}
- function get_element_by_id($id) {return new php4DOMElement($this->myDOMNode->getElementById($id),$this);}
- function get_elements_by_tagname($name)
- {
- $myDOMNodeList=$this->myDOMNode->getElementsByTagName($name);
- $nodeSet=array();
- $i=0;
- if (isset($myDOMNodeList))
- while ($node=$myDOMNodeList->item($i))
- {
- $nodeSet[]=new php4DOMElement($node,$this);
- $i++;
- }
- return $nodeSet;
- }
- function html_dump_mem() {return $this->myDOMNode->saveHTML();}
- function root() {return new php4DOMElement($this->myDOMNode->documentElement,$this);}
-}
-
-class php4DOMElement extends php4DOMNode
-{
- function get_attribute($name) {return $this->myDOMNode->getAttribute($name);}
- function get_elements_by_tagname($name)
- {
- $myDOMNodeList=$this->myDOMNode->getElementsByTagName($name);
- $nodeSet=array();
- $i=0;
- if (isset($myDOMNodeList))
- while ($node=$myDOMNodeList->item($i))
- {
- $nodeSet[]=new php4DOMElement($node,$this->myOwnerDocument);
- $i++;
- }
- return $nodeSet;
- }
- function has_attribute($name) {return $this->myDOMNode->hasAttribute($name);}
- function remove_attribute($name) {return $this->myDOMNode->removeAttribute($name);}
- function set_attribute($name,$value) {return $this->myDOMNode->setAttribute($name,$value);}
- function tagname() {return $this->myDOMNode->tagName;}
-}
-
-class php4DOMNode
-{
- var $myDOMNode;
- var $myOwnerDocument;
- function php4DOMNode($aDomNode,$aOwnerDocument)
- {
- $this->myDOMNode=$aDomNode;
- $this->myOwnerDocument=$aOwnerDocument;
- }
- function __get($name)
- {
- if ($name=='type') return $this->myDOMNode->nodeType;
- elseif ($name=='tagname') return $this->myDOMNode->tagName;
- elseif ($name=='content') return $this->myDOMNode->textContent;
- else
- {
- $myErrors=debug_backtrace();
- trigger_error('Undefined property: '.get_class($this).'::$'.$name.' ['.$myErrors[0]['file'].':'.$myErrors[0]['line'].']',E_USER_NOTICE);
- return false;
- }
- }
- function append_child($newnode) {return new php4DOMElement($this->myDOMNode->appendChild($newnode->myDOMNode),$this->myOwnerDocument);}
- function append_sibling($newnode) {return new php4DOMElement($this->myDOMNode->parentNode->appendChild($newnode->myDOMNode),$this->myOwnerDocument);}
- function attributes()
- {
- $myDOMNodeList=$this->myDOMNode->attributes;
- $nodeSet=array();
- $i=0;
- if (isset($myDOMNodeList))
- while ($node=$myDOMNodeList->item($i))
- {
- $nodeSet[]=new php4DOMAttr($node,$this->myOwnerDocument);
- $i++;
- }
- return $nodeSet;
- }
- function child_nodes()
- {
- $myDOMNodeList=$this->myDOMNode->childNodes;
- $nodeSet=array();
- $i=0;
- if (isset($myDOMNodeList))
- while ($node=$myDOMNodeList->item($i))
- {
- $nodeSet[]=new php4DOMElement($node,$this->myOwnerDocument);
- $i++;
- }
- return $nodeSet;
- }
- function children() {return $this->child_nodes();}
- function clone_node($deep=false) {return new php4DOMElement($this->myDOMNode->cloneNode($deep),$this->myOwnerDocument);}
- function first_child() {return new php4DOMElement($this->myDOMNode->firstChild,$this->myOwnerDocument);}
- function get_content() {return $this->myDOMNode->textContent;}
- function has_attributes() {return $this->myDOMNode->hasAttributes();}
- function has_child_nodes() {return $this->myDOMNode->hasChildNodes();}
- function insert_before($newnode,$refnode) {return new php4DOMElement($this->myDOMNode->insertBefore($newnode->myDOMNode,$refnode->myDOMNode),$this->myOwnerDocument);}
- function is_blank_node()
- {
- $myDOMNodeList=$this->myDOMNode->childNodes;
- $i=0;
- if (isset($myDOMNodeList))
- while ($node=$myDOMNodeList->item($i))
- {
- if (($node->nodeType==XML_ELEMENT_NODE)||
- (($node->nodeType==XML_TEXT_NODE)&&!ereg('^([[:cntrl:]]|[[:space:]])*$',$node->nodeValue)))
- return false;
- $i++;
- }
- return true;
- }
- function last_child() {return new php4DOMElement($this->myDOMNode->lastChild,$this->myOwnerDocument);}
- function new_child($name,$content)
- {
- $mySubNode=$this->myDOMNode->ownerDocument->createElement($name);
- $mySubNode->appendChild($this->myDOMNode->ownerDocument->createTextNode($content));
- $this->myDOMNode->appendChild($mySubNode);
- return new php4DOMElement($mySubNode,$this->myOwnerDocument);
- }
- function next_sibling() {return new php4DOMElement($this->myDOMNode->nextSibling,$this->myOwnerDocument);}
- function node_name() {return $this->myDOMNode->localName;}
- function node_type() {return $this->myDOMNode->nodeType;}
- function node_value() {return $this->myDOMNode->nodeValue;}
- function owner_document() {return $this->myOwnerDocument;}
- function parent_node() {return new php4DOMElement($this->myDOMNode->parentNode,$this->myOwnerDocument);}
- function prefix() {return $this->myDOMNode->prefix;}
- function previous_sibling() {return new php4DOMElement($this->myDOMNode->previousSibling,$this->myOwnerDocument);}
- function remove_child($oldchild) {return new php4DOMElement($this->myDOMNode->removeChild($oldchild->myDOMNode),$this->myOwnerDocument);}
- function replace_child($oldnode,$newnode) {return new php4DOMElement($this->myDOMNode->replaceChild($oldnode->myDOMNode,$newnode->myDOMNode),$this->myOwnerDocument);}
- function set_content($text)
- {
- if (($this->myDOMNode->hasChildNodes())&&($this->myDOMNode->firstChild->nodeType==XML_TEXT_NODE))
- $this->myDOMNode->removeChild($this->myDOMNode->firstChild);
- return $this->myDOMNode->appendChild($this->myDOMNode->ownerDocument->createTextNode($text));
- }
-}
-
-class php4DOMNodelist
-{
- var $myDOMNodelist;
- var $nodeset;
- function php4DOMNodelist($aDOMNodelist,$aOwnerDocument)
- {
- $this->myDOMNodelist=$aDOMNodelist;
- $this->nodeset=array();
- $i=0;
- if (isset($this->myDOMNodelist))
- while ($node=$this->myDOMNodelist->item($i))
- {
- $this->nodeset[]=new php4DOMElement($node,$aOwnerDocument);
- $i++;
- }
- }
-}
-
-class php4DOMXPath
-{
- var $myDOMXPath;
- var $myOwnerDocument;
- function php4DOMXPath($dom_document)
- {
- $this->myOwnerDocument=$dom_document;
- $this->myDOMXPath=new DOMXPath($dom_document->myDOMNode);
- }
- function query($eval_str,$contextnode)
- {
- if (isset($contextnode)) return new php4DOMNodelist($this->myDOMXPath->query($eval_str,$contextnode->myDOMNode),$this->myOwnerDocument);
- else return new php4DOMNodelist($this->myDOMXPath->query($eval_str),$this->myOwnerDocument);
- }
- function xpath_register_ns($prefix,$namespaceURI) {return $this->myDOMXPath->registerNamespace($prefix,$namespaceURI);}
-}
-
-if (extension_loaded('xsl'))
-{//See also: http://alexandre.alapetite.net/doc-alex/xslt-php4-php5/
- function domxml_xslt_stylesheet($xslstring) {return new php4DomXsltStylesheet(DOMDocument::loadXML($xslstring));}
- function domxml_xslt_stylesheet_doc($dom_document) {return new php4DomXsltStylesheet($dom_document);}
- function domxml_xslt_stylesheet_file($xslfile) {return new php4DomXsltStylesheet(DOMDocument::load($xslfile));}
- class php4DomXsltStylesheet
- {
- var $myxsltProcessor;
- function php4DomXsltStylesheet($dom_document)
- {
- $this->myxsltProcessor=new xsltProcessor();
- $this->myxsltProcessor->importStyleSheet($dom_document);
- }
- function process($dom_document,$xslt_parameters=array(),$param_is_xpath=false)
- {
- foreach ($xslt_parameters as $param=>$value)
- $this->myxsltProcessor->setParameter('',$param,$value);
- $myphp4DOMDocument=new php4DOMDocument();
- $myphp4DOMDocument->myDOMNode=$this->myxsltProcessor->transformToDoc($dom_document->myDOMNode);
- return $myphp4DOMDocument;
- }
- function result_dump_file($dom_document,$filename)
- {
- $html=$dom_document->myDOMNode->saveHTML();
- file_put_contents($filename,$html);
- return $html;
- }
- function result_dump_mem($dom_document) {return $dom_document->myDOMNode->saveHTML();}
- }
-}
+<?php +/** + * @file domxml-php4-php5.php + * Require PHP5, uses built-in DOM extension. + * To be used in PHP4 scripts using DOMXML extension. + * Allows PHP4/DOMXML scripts to run on PHP5/DOM. + * (Requires PHP5/XSL extension for domxml_xslt functions) + * + * Typical use: + * <pre> + * { + * if (version_compare(PHP_VERSION,'5','>=')) + * require_once('domxml-php4-to-php5.php'); + * } + * </pre> + * + * Version 1.5.5, 2005-01-18, http://alexandre.alapetite.net/doc-alex/domxml-php4-php5/ + * + * ------------------------------------------------------------------<br> + * Written by Alexandre Alapetite, http://alexandre.alapetite.net/cv/ + * + * Copyright 2004, Licence: Creative Commons "Attribution-ShareAlike 2.0 France" BY-SA (FR), + * http://creativecommons.org/licenses/by-sa/2.0/fr/ + * http://alexandre.alapetite.net/divers/apropos/#by-sa + * - Attribution. You must give the original author credit + * - Share Alike. If you alter, transform, or build upon this work, + * you may distribute the resulting work only under a license identical to this one + * - The French law is authoritative + * - Any of these conditions can be waived if you get permission from Alexandre Alapetite + * - Please send to Alexandre Alapetite the modifications you make, + * in order to improve this file for the benefit of everybody + * + * If you want to distribute this code, please do it as a link to: + * http://alexandre.alapetite.net/doc-alex/domxml-php4-php5/ + */ + +function domxml_new_doc($version) {return new php4DOMDocument('');} +function domxml_open_file($filename) {return new php4DOMDocument($filename);} +function domxml_open_mem($str) +{ + $dom=new php4DOMDocument(''); + $dom->myDOMNode->loadXML($str); + return $dom; +} +function xpath_eval($xpath_context,$eval_str,$contextnode=null) {return $xpath_context->query($eval_str,$contextnode);} +function xpath_new_context($dom_document) {return new php4DOMXPath($dom_document);} + +class php4DOMAttr extends php4DOMNode +{ + function php4DOMAttr($aDOMAttr) {$this->myDOMNode=$aDOMAttr;} + function Name() {return $this->myDOMNode->name;} + function Specified() {return $this->myDOMNode->specified;} + function Value() {return $this->myDOMNode->value;} +} + +class php4DOMDocument extends php4DOMNode +{ + function php4DOMDocument($filename='') + { + $this->myDOMNode=new DOMDocument(); + if ($filename!='') $this->myDOMNode->load($filename); + } + function create_attribute($name,$value) + { + $myAttr=$this->myDOMNode->createAttribute($name); + $myAttr->value=$value; + return new php4DOMAttr($myAttr,$this); + } + function create_cdata_section($content) {return new php4DOMNode($this->myDOMNode->createCDATASection($content),$this);} + function create_comment($data) {return new php4DOMNode($this->myDOMNode->createComment($data),$this);} + function create_element($name) {return new php4DOMElement($this->myDOMNode->createElement($name),$this);} + function create_text_node($content) {return new php4DOMNode($this->myDOMNode->createTextNode($content),$this);} + function document_element() {return new php4DOMElement($this->myDOMNode->documentElement,$this);} + function dump_file($filename,$compressionmode=false,$format=false) {return $this->myDOMNode->save($filename);} + function dump_mem($format=false,$encoding=false) {return $this->myDOMNode->saveXML();} + function get_element_by_id($id) {return new php4DOMElement($this->myDOMNode->getElementById($id),$this);} + function get_elements_by_tagname($name) + { + $myDOMNodeList=$this->myDOMNode->getElementsByTagName($name); + $nodeSet=array(); + $i=0; + if (isset($myDOMNodeList)) + while ($node=$myDOMNodeList->item($i)) + { + $nodeSet[]=new php4DOMElement($node,$this); + $i++; + } + return $nodeSet; + } + function html_dump_mem() {return $this->myDOMNode->saveHTML();} + function root() {return new php4DOMElement($this->myDOMNode->documentElement,$this);} +} + +class php4DOMElement extends php4DOMNode +{ + function get_attribute($name) {return $this->myDOMNode->getAttribute($name);} + function get_elements_by_tagname($name) + { + $myDOMNodeList=$this->myDOMNode->getElementsByTagName($name); + $nodeSet=array(); + $i=0; + if (isset($myDOMNodeList)) + while ($node=$myDOMNodeList->item($i)) + { + $nodeSet[]=new php4DOMElement($node,$this->myOwnerDocument); + $i++; + } + return $nodeSet; + } + function has_attribute($name) {return $this->myDOMNode->hasAttribute($name);} + function remove_attribute($name) {return $this->myDOMNode->removeAttribute($name);} + function set_attribute($name,$value) {return $this->myDOMNode->setAttribute($name,$value);} + function tagname() {return $this->myDOMNode->tagName;} +} + +class php4DOMNode +{ + var $myDOMNode; + var $myOwnerDocument; + function php4DOMNode($aDomNode,$aOwnerDocument) + { + $this->myDOMNode=$aDomNode; + $this->myOwnerDocument=$aOwnerDocument; + } + function __get($name) + { + if ($name=='type') return $this->myDOMNode->nodeType; + elseif ($name=='tagname') return $this->myDOMNode->tagName; + elseif ($name=='content') return $this->myDOMNode->textContent; + else + { + $myErrors=debug_backtrace(); + trigger_error('Undefined property: '.get_class($this).'::$'.$name.' ['.$myErrors[0]['file'].':'.$myErrors[0]['line'].']',E_USER_NOTICE); + return false; + } + } + function append_child($newnode) {return new php4DOMElement($this->myDOMNode->appendChild($newnode->myDOMNode),$this->myOwnerDocument);} + function append_sibling($newnode) {return new php4DOMElement($this->myDOMNode->parentNode->appendChild($newnode->myDOMNode),$this->myOwnerDocument);} + function attributes() + { + $myDOMNodeList=$this->myDOMNode->attributes; + $nodeSet=array(); + $i=0; + if (isset($myDOMNodeList)) + while ($node=$myDOMNodeList->item($i)) + { + $nodeSet[]=new php4DOMAttr($node,$this->myOwnerDocument); + $i++; + } + return $nodeSet; + } + function child_nodes() + { + $myDOMNodeList=$this->myDOMNode->childNodes; + $nodeSet=array(); + $i=0; + if (isset($myDOMNodeList)) + while ($node=$myDOMNodeList->item($i)) + { + $nodeSet[]=new php4DOMElement($node,$this->myOwnerDocument); + $i++; + } + return $nodeSet; + } + function children() {return $this->child_nodes();} + function clone_node($deep=false) {return new php4DOMElement($this->myDOMNode->cloneNode($deep),$this->myOwnerDocument);} + function first_child() {return new php4DOMElement($this->myDOMNode->firstChild,$this->myOwnerDocument);} + function get_content() {return $this->myDOMNode->textContent;} + function has_attributes() {return $this->myDOMNode->hasAttributes();} + function has_child_nodes() {return $this->myDOMNode->hasChildNodes();} + function insert_before($newnode,$refnode) {return new php4DOMElement($this->myDOMNode->insertBefore($newnode->myDOMNode,$refnode->myDOMNode),$this->myOwnerDocument);} + function is_blank_node() + { + $myDOMNodeList=$this->myDOMNode->childNodes; + $i=0; + if (isset($myDOMNodeList)) + while ($node=$myDOMNodeList->item($i)) + { + if (($node->nodeType==XML_ELEMENT_NODE)|| + (($node->nodeType==XML_TEXT_NODE)&&!ereg('^([[:cntrl:]]|[[:space:]])*$',$node->nodeValue))) + return false; + $i++; + } + return true; + } + function last_child() {return new php4DOMElement($this->myDOMNode->lastChild,$this->myOwnerDocument);} + function new_child($name,$content) + { + $mySubNode=$this->myDOMNode->ownerDocument->createElement($name); + $mySubNode->appendChild($this->myDOMNode->ownerDocument->createTextNode($content)); + $this->myDOMNode->appendChild($mySubNode); + return new php4DOMElement($mySubNode,$this->myOwnerDocument); + } + function next_sibling() {return new php4DOMElement($this->myDOMNode->nextSibling,$this->myOwnerDocument);} + function node_name() {return $this->myDOMNode->localName;} + function node_type() {return $this->myDOMNode->nodeType;} + function node_value() {return $this->myDOMNode->nodeValue;} + function owner_document() {return $this->myOwnerDocument;} + function parent_node() {return new php4DOMElement($this->myDOMNode->parentNode,$this->myOwnerDocument);} + function prefix() {return $this->myDOMNode->prefix;} + function previous_sibling() {return new php4DOMElement($this->myDOMNode->previousSibling,$this->myOwnerDocument);} + function remove_child($oldchild) {return new php4DOMElement($this->myDOMNode->removeChild($oldchild->myDOMNode),$this->myOwnerDocument);} + function replace_child($oldnode,$newnode) {return new php4DOMElement($this->myDOMNode->replaceChild($oldnode->myDOMNode,$newnode->myDOMNode),$this->myOwnerDocument);} + function set_content($text) + { + if (($this->myDOMNode->hasChildNodes())&&($this->myDOMNode->firstChild->nodeType==XML_TEXT_NODE)) + $this->myDOMNode->removeChild($this->myDOMNode->firstChild); + return $this->myDOMNode->appendChild($this->myDOMNode->ownerDocument->createTextNode($text)); + } +} + +class php4DOMNodelist +{ + var $myDOMNodelist; + var $nodeset; + function php4DOMNodelist($aDOMNodelist,$aOwnerDocument) + { + $this->myDOMNodelist=$aDOMNodelist; + $this->nodeset=array(); + $i=0; + if (isset($this->myDOMNodelist)) + while ($node=$this->myDOMNodelist->item($i)) + { + $this->nodeset[]=new php4DOMElement($node,$aOwnerDocument); + $i++; + } + } +} + +class php4DOMXPath +{ + var $myDOMXPath; + var $myOwnerDocument; + function php4DOMXPath($dom_document) + { + $this->myOwnerDocument=$dom_document; + $this->myDOMXPath=new DOMXPath($dom_document->myDOMNode); + } + function query($eval_str,$contextnode) + { + if (isset($contextnode)) return new php4DOMNodelist($this->myDOMXPath->query($eval_str,$contextnode->myDOMNode),$this->myOwnerDocument); + else return new php4DOMNodelist($this->myDOMXPath->query($eval_str),$this->myOwnerDocument); + } + function xpath_register_ns($prefix,$namespaceURI) {return $this->myDOMXPath->registerNamespace($prefix,$namespaceURI);} +} + +if (extension_loaded('xsl')) +{//See also: http://alexandre.alapetite.net/doc-alex/xslt-php4-php5/ + function domxml_xslt_stylesheet($xslstring) {return new php4DomXsltStylesheet(DOMDocument::loadXML($xslstring));} + function domxml_xslt_stylesheet_doc($dom_document) {return new php4DomXsltStylesheet($dom_document);} + function domxml_xslt_stylesheet_file($xslfile) {return new php4DomXsltStylesheet(DOMDocument::load($xslfile));} + class php4DomXsltStylesheet + { + var $myxsltProcessor; + function php4DomXsltStylesheet($dom_document) + { + $this->myxsltProcessor=new xsltProcessor(); + $this->myxsltProcessor->importStyleSheet($dom_document); + } + function process($dom_document,$xslt_parameters=array(),$param_is_xpath=false) + { + foreach ($xslt_parameters as $param=>$value) + $this->myxsltProcessor->setParameter('',$param,$value); + $myphp4DOMDocument=new php4DOMDocument(); + $myphp4DOMDocument->myDOMNode=$this->myxsltProcessor->transformToDoc($dom_document->myDOMNode); + return $myphp4DOMDocument; + } + function result_dump_file($dom_document,$filename) + { + $html=$dom_document->myDOMNode->saveHTML(); + file_put_contents($filename,$html); + return $html; + } + function result_dump_mem($dom_document) {return $dom_document->myDOMNode->saveHTML();} + } +} ?>
\ No newline at end of file diff --git a/plugins/CasAuthentication/extlib/CAS/languages/catalan.php b/plugins/CasAuthentication/extlib/CAS/languages/catalan.php index 3d67473d9..0b139c7ca 100644 --- a/plugins/CasAuthentication/extlib/CAS/languages/catalan.php +++ b/plugins/CasAuthentication/extlib/CAS/languages/catalan.php @@ -1,27 +1,27 @@ -<?php
-
-/**
- * @file languages/spanish.php
- * @author Iván-BenjamÃn GarcÃa Torà <ivaniclixx AT gmail DOT com>
- * @sa @link internalLang Internationalization @endlink
- * @ingroup internalLang
- */
-
-$this->_strings = array(
- CAS_STR_USING_SERVER
- => 'usant servidor',
- CAS_STR_AUTHENTICATION_WANTED
- => 'Autentificació CAS necessà ria!',
- CAS_STR_LOGOUT
- => 'Sortida de CAS necessà ria!',
- CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED
- => 'Ja hauria d\ haver estat redireccionat al servidor CAS. Feu click <a href="%s">aquÃ</a> per a continuar.',
- CAS_STR_AUTHENTICATION_FAILED
- => 'Autentificació CAS fallida!',
- CAS_STR_YOU_WERE_NOT_AUTHENTICATED
- => '<p>No està s autentificat.</p><p>Pots tornar a intentar-ho fent click <a href="%s">aquÃ</a>.</p><p>Si el problema persisteix haurÃa de contactar amb l\'<a href="mailto:%s">administrador d\'aquest llocc</a>.</p>',
- CAS_STR_SERVICE_UNAVAILABLE
- => 'El servei `<b>%s</b>\' no està disponible (<b>%s</b>).'
-);
-
-?>
+<?php + +/** + * @file languages/spanish.php + * @author Iván-BenjamÃn GarcÃa Torà <ivaniclixx AT gmail DOT com> + * @sa @link internalLang Internationalization @endlink + * @ingroup internalLang + */ + +$this->_strings = array( + CAS_STR_USING_SERVER + => 'usant servidor', + CAS_STR_AUTHENTICATION_WANTED + => 'Autentificació CAS necessà ria!', + CAS_STR_LOGOUT + => 'Sortida de CAS necessà ria!', + CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED + => 'Ja hauria d\ haver estat redireccionat al servidor CAS. Feu click <a href="%s">aquÃ</a> per a continuar.', + CAS_STR_AUTHENTICATION_FAILED + => 'Autentificació CAS fallida!', + CAS_STR_YOU_WERE_NOT_AUTHENTICATED + => '<p>No està s autentificat.</p><p>Pots tornar a intentar-ho fent click <a href="%s">aquÃ</a>.</p><p>Si el problema persisteix haurÃa de contactar amb l\'<a href="mailto:%s">administrador d\'aquest llocc</a>.</p>', + CAS_STR_SERVICE_UNAVAILABLE + => 'El servei `<b>%s</b>\' no està disponible (<b>%s</b>).' +); + +?> diff --git a/plugins/CasAuthentication/extlib/CAS/languages/english.php b/plugins/CasAuthentication/extlib/CAS/languages/english.php index c14345031..d38d42c1f 100644 --- a/plugins/CasAuthentication/extlib/CAS/languages/english.php +++ b/plugins/CasAuthentication/extlib/CAS/languages/english.php @@ -1,27 +1,27 @@ -<?php
-
-/**
- * @file languages/english.php
- * @author Pascal Aubry <pascal.aubry at univ-rennes1.fr>
- * @sa @link internalLang Internationalization @endlink
- * @ingroup internalLang
- */
-
-$this->_strings = array(
- CAS_STR_USING_SERVER
- => 'using server',
- CAS_STR_AUTHENTICATION_WANTED
- => 'CAS Authentication wanted!',
- CAS_STR_LOGOUT
- => 'CAS logout wanted!',
- CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED
- => 'You should already have been redirected to the CAS server. Click <a href="%s">here</a> to continue.',
- CAS_STR_AUTHENTICATION_FAILED
- => 'CAS Authentication failed!',
- CAS_STR_YOU_WERE_NOT_AUTHENTICATED
- => '<p>You were not authenticated.</p><p>You may submit your request again by clicking <a href="%s">here</a>.</p><p>If the problem persists, you may contact <a href="mailto:%s">the administrator of this site</a>.</p>',
- CAS_STR_SERVICE_UNAVAILABLE
- => 'The service `<b>%s</b>\' is not available (<b>%s</b>).'
-);
-
+<?php + +/** + * @file languages/english.php + * @author Pascal Aubry <pascal.aubry at univ-rennes1.fr> + * @sa @link internalLang Internationalization @endlink + * @ingroup internalLang + */ + +$this->_strings = array( + CAS_STR_USING_SERVER + => 'using server', + CAS_STR_AUTHENTICATION_WANTED + => 'CAS Authentication wanted!', + CAS_STR_LOGOUT + => 'CAS logout wanted!', + CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED + => 'You should already have been redirected to the CAS server. Click <a href="%s">here</a> to continue.', + CAS_STR_AUTHENTICATION_FAILED + => 'CAS Authentication failed!', + CAS_STR_YOU_WERE_NOT_AUTHENTICATED + => '<p>You were not authenticated.</p><p>You may submit your request again by clicking <a href="%s">here</a>.</p><p>If the problem persists, you may contact <a href="mailto:%s">the administrator of this site</a>.</p>', + CAS_STR_SERVICE_UNAVAILABLE + => 'The service `<b>%s</b>\' is not available (<b>%s</b>).' +); + ?>
\ No newline at end of file diff --git a/plugins/CasAuthentication/extlib/CAS/languages/french.php b/plugins/CasAuthentication/extlib/CAS/languages/french.php index 675a7fc04..32d141685 100644 --- a/plugins/CasAuthentication/extlib/CAS/languages/french.php +++ b/plugins/CasAuthentication/extlib/CAS/languages/french.php @@ -1,28 +1,28 @@ -<?php
-
-/**
- * @file languages/english.php
- * @author Pascal Aubry <pascal.aubry at univ-rennes1.fr>
- * @sa @link internalLang Internationalization @endlink
- * @ingroup internalLang
- */
-
-$this->_strings = array(
- CAS_STR_USING_SERVER
- => 'utilisant le serveur',
- CAS_STR_AUTHENTICATION_WANTED
- => 'Authentication CAS nécessaire !',
- CAS_STR_LOGOUT
- => 'Déconnexion demandée !',
- CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED
- => 'Vous auriez du etre redirigé(e) vers le serveur CAS. Cliquez <a href="%s">ici</a> pour continuer.',
- CAS_STR_AUTHENTICATION_FAILED
- => 'Authentification CAS infructueuse !',
- CAS_STR_YOU_WERE_NOT_AUTHENTICATED
- => '<p>Vous n\'avez pas été authentifié(e).</p><p>Vous pouvez soumettre votre requete à nouveau en cliquant <a href="%s">ici</a>.</p><p>Si le problème persiste, vous pouvez contacter <a href="mailto:%s">l\'administrateur de ce site</a>.</p>',
- CAS_STR_SERVICE_UNAVAILABLE
- => 'Le service `<b>%s</b>\' est indisponible (<b>%s</b>)'
-
-);
-
+<?php + +/** + * @file languages/english.php + * @author Pascal Aubry <pascal.aubry at univ-rennes1.fr> + * @sa @link internalLang Internationalization @endlink + * @ingroup internalLang + */ + +$this->_strings = array( + CAS_STR_USING_SERVER + => 'utilisant le serveur', + CAS_STR_AUTHENTICATION_WANTED + => 'Authentication CAS nécessaire !', + CAS_STR_LOGOUT + => 'Déconnexion demandée !', + CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED + => 'Vous auriez du etre redirigé(e) vers le serveur CAS. Cliquez <a href="%s">ici</a> pour continuer.', + CAS_STR_AUTHENTICATION_FAILED + => 'Authentification CAS infructueuse !', + CAS_STR_YOU_WERE_NOT_AUTHENTICATED + => '<p>Vous n\'avez pas été authentifié(e).</p><p>Vous pouvez soumettre votre requete à nouveau en cliquant <a href="%s">ici</a>.</p><p>Si le problème persiste, vous pouvez contacter <a href="mailto:%s">l\'administrateur de ce site</a>.</p>', + CAS_STR_SERVICE_UNAVAILABLE + => 'Le service `<b>%s</b>\' est indisponible (<b>%s</b>)' + +); + ?>
\ No newline at end of file diff --git a/plugins/CasAuthentication/extlib/CAS/languages/german.php b/plugins/CasAuthentication/extlib/CAS/languages/german.php index 29daeb35d..55c3238fd 100644 --- a/plugins/CasAuthentication/extlib/CAS/languages/german.php +++ b/plugins/CasAuthentication/extlib/CAS/languages/german.php @@ -1,27 +1,27 @@ -<?php
-
-/**
- * @file languages/german.php
- * @author Henrik Genssen <hg at mediafactory.de>
- * @sa @link internalLang Internationalization @endlink
- * @ingroup internalLang
- */
-
-$this->_strings = array(
- CAS_STR_USING_SERVER
- => 'via Server',
- CAS_STR_AUTHENTICATION_WANTED
- => 'CAS Authentifizierung erforderlich!',
- CAS_STR_LOGOUT
- => 'CAS Abmeldung!',
- CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED
- => 'eigentlich häten Sie zum CAS Server weitergeleitet werden sollen. Drücken Sie <a href="%s">hier</a> um fortzufahren.',
- CAS_STR_AUTHENTICATION_FAILED
- => 'CAS Anmeldung fehlgeschlagen!',
- CAS_STR_YOU_WERE_NOT_AUTHENTICATED
- => '<p>Sie wurden nicht angemeldet.</p><p>Um es erneut zu versuchen klicken Sie <a href="%s">hier</a>.</p><p>Wenn das Problem bestehen bleibt, kontkatieren Sie den <a href="mailto:%s">Administrator</a> dieser Seite.</p>',
- CAS_STR_SERVICE_UNAVAILABLE
- => 'Der Dienst `<b>%s</b>\' ist nicht verfügbar (<b>%s</b>).'
-);
-
+<?php + +/** + * @file languages/german.php + * @author Henrik Genssen <hg at mediafactory.de> + * @sa @link internalLang Internationalization @endlink + * @ingroup internalLang + */ + +$this->_strings = array( + CAS_STR_USING_SERVER + => 'via Server', + CAS_STR_AUTHENTICATION_WANTED + => 'CAS Authentifizierung erforderlich!', + CAS_STR_LOGOUT + => 'CAS Abmeldung!', + CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED + => 'eigentlich häten Sie zum CAS Server weitergeleitet werden sollen. Drücken Sie <a href="%s">hier</a> um fortzufahren.', + CAS_STR_AUTHENTICATION_FAILED + => 'CAS Anmeldung fehlgeschlagen!', + CAS_STR_YOU_WERE_NOT_AUTHENTICATED + => '<p>Sie wurden nicht angemeldet.</p><p>Um es erneut zu versuchen klicken Sie <a href="%s">hier</a>.</p><p>Wenn das Problem bestehen bleibt, kontkatieren Sie den <a href="mailto:%s">Administrator</a> dieser Seite.</p>', + CAS_STR_SERVICE_UNAVAILABLE + => 'Der Dienst `<b>%s</b>\' ist nicht verfügbar (<b>%s</b>).' +); + ?>
\ No newline at end of file diff --git a/plugins/CasAuthentication/extlib/CAS/languages/greek.php b/plugins/CasAuthentication/extlib/CAS/languages/greek.php index c17b1d663..d41bf783b 100644 --- a/plugins/CasAuthentication/extlib/CAS/languages/greek.php +++ b/plugins/CasAuthentication/extlib/CAS/languages/greek.php @@ -1,27 +1,27 @@ -<?php
-
-/**
- * @file languages/greek.php
- * @author Vangelis Haniotakis <haniotak at ucnet.uoc.gr>
- * @sa @link internalLang Internationalization @endlink
- * @ingroup internalLang
- */
-
-$this->_strings = array(
- CAS_STR_USING_SERVER
- => '÷ñçóéìïðïéåßôáé ï åîõðçñåôçôÞò',
- CAS_STR_AUTHENTICATION_WANTED
- => 'Áðáéôåßôáé ç ôáõôïðïßçóç CAS!',
- CAS_STR_LOGOUT
- => 'Áðáéôåßôáé ç áðïóýíäåóç áðü CAS!',
- CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED
- => 'Èá Ýðñåðå íá åß÷áôå áíáêáôåõèõíèåß óôïí åîõðçñåôçôÞ CAS. ÊÜíôå êëßê <a href="%s">åäþ</a> ãéá íá óõíå÷ßóåôå.',
- CAS_STR_AUTHENTICATION_FAILED
- => 'Ç ôáõôïðïßçóç CAS áðÝôõ÷å!',
- CAS_STR_YOU_WERE_NOT_AUTHENTICATED
- => '<p>Äåí ôáõôïðïéçèÞêáôå.</p><p>Ìðïñåßôå íá îáíáðñïóðáèÞóåôå, êÜíïíôáò êëßê <a href="%s">åäþ</a>.</p><p>Åáí ôï ðñüâëçìá åðéìåßíåé, åëÜôå óå åðáöÞ ìå ôïí <a href="mailto:%s">äéá÷åéñéóôÞ</a>.</p>',
- CAS_STR_SERVICE_UNAVAILABLE
- => 'Ç õðçñåóßá `<b>%s</b>\' äåí åßíáé äéáèÝóéìç (<b>%s</b>).'
-);
-
+<?php + +/** + * @file languages/greek.php + * @author Vangelis Haniotakis <haniotak at ucnet.uoc.gr> + * @sa @link internalLang Internationalization @endlink + * @ingroup internalLang + */ + +$this->_strings = array( + CAS_STR_USING_SERVER + => '÷ñçóéìïðïéåßôáé ï åîõðçñåôçôÞò', + CAS_STR_AUTHENTICATION_WANTED + => 'Áðáéôåßôáé ç ôáõôïðïßçóç CAS!', + CAS_STR_LOGOUT + => 'Áðáéôåßôáé ç áðïóýíäåóç áðü CAS!', + CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED + => 'Èá Ýðñåðå íá åß÷áôå áíáêáôåõèõíèåß óôïí åîõðçñåôçôÞ CAS. ÊÜíôå êëßê <a href="%s">åäþ</a> ãéá íá óõíå÷ßóåôå.', + CAS_STR_AUTHENTICATION_FAILED + => 'Ç ôáõôïðïßçóç CAS áðÝôõ÷å!', + CAS_STR_YOU_WERE_NOT_AUTHENTICATED + => '<p>Äåí ôáõôïðïéçèÞêáôå.</p><p>Ìðïñåßôå íá îáíáðñïóðáèÞóåôå, êÜíïíôáò êëßê <a href="%s">åäþ</a>.</p><p>Åáí ôï ðñüâëçìá åðéìåßíåé, åëÜôå óå åðáöÞ ìå ôïí <a href="mailto:%s">äéá÷åéñéóôÞ</a>.</p>', + CAS_STR_SERVICE_UNAVAILABLE + => 'Ç õðçñåóßá `<b>%s</b>\' äåí åßíáé äéáèÝóéìç (<b>%s</b>).' +); + ?>
\ No newline at end of file diff --git a/plugins/CasAuthentication/extlib/CAS/languages/languages.php b/plugins/CasAuthentication/extlib/CAS/languages/languages.php index 2c6f8bb3b..001cfe445 100644 --- a/plugins/CasAuthentication/extlib/CAS/languages/languages.php +++ b/plugins/CasAuthentication/extlib/CAS/languages/languages.php @@ -1,24 +1,24 @@ -<?php
-
-/**
- * @file languages/languages.php
- * Internationalization constants
- * @author Pascal Aubry <pascal.aubry at univ-rennes1.fr>
- * @sa @link internalLang Internationalization @endlink
- * @ingroup internalLang
- */
-
-//@{
-/**
- * a phpCAS string index
- */
-define("CAS_STR_USING_SERVER", 1);
-define("CAS_STR_AUTHENTICATION_WANTED", 2);
-define("CAS_STR_LOGOUT", 3);
-define("CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED", 4);
-define("CAS_STR_AUTHENTICATION_FAILED", 5);
-define("CAS_STR_YOU_WERE_NOT_AUTHENTICATED", 6);
-define("CAS_STR_SERVICE_UNAVAILABLE", 7);
-//@}
-
+<?php + +/** + * @file languages/languages.php + * Internationalization constants + * @author Pascal Aubry <pascal.aubry at univ-rennes1.fr> + * @sa @link internalLang Internationalization @endlink + * @ingroup internalLang + */ + +//@{ +/** + * a phpCAS string index + */ +define("CAS_STR_USING_SERVER", 1); +define("CAS_STR_AUTHENTICATION_WANTED", 2); +define("CAS_STR_LOGOUT", 3); +define("CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED", 4); +define("CAS_STR_AUTHENTICATION_FAILED", 5); +define("CAS_STR_YOU_WERE_NOT_AUTHENTICATED", 6); +define("CAS_STR_SERVICE_UNAVAILABLE", 7); +//@} + ?>
\ No newline at end of file diff --git a/plugins/CasAuthentication/extlib/CAS/languages/spanish.php b/plugins/CasAuthentication/extlib/CAS/languages/spanish.php index 3a8ffc253..04067ca03 100644 --- a/plugins/CasAuthentication/extlib/CAS/languages/spanish.php +++ b/plugins/CasAuthentication/extlib/CAS/languages/spanish.php @@ -1,27 +1,27 @@ -<?php
-
-/**
- * @file languages/spanish.php
- * @author Iván-BenjamÃn GarcÃa Torà <ivaniclixx AT gmail DOT com>
- * @sa @link internalLang Internationalization @endlink
- * @ingroup internalLang
- */
-
-$this->_strings = array(
- CAS_STR_USING_SERVER
- => 'usando servidor',
- CAS_STR_AUTHENTICATION_WANTED
- => '¡Autentificación CAS necesaria!',
- CAS_STR_LOGOUT
- => '¡Salida CAS necesaria!',
- CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED
- => 'Ya deberÃa haber sido redireccionado al servidor CAS. Haga click <a href="%s">aquÃ</a> para continuar.',
- CAS_STR_AUTHENTICATION_FAILED
- => '¡Autentificación CAS fallida!',
- CAS_STR_YOU_WERE_NOT_AUTHENTICATED
- => '<p>No estás autentificado.</p><p>Puedes volver a intentarlo haciendo click <a href="%s">aquÃ</a>.</p><p>Si el problema persiste deberÃa contactar con el <a href="mailto:%s">administrador de este sitio</a>.</p>',
- CAS_STR_SERVICE_UNAVAILABLE
- => 'El servicio `<b>%s</b>\' no está disponible (<b>%s</b>).'
-);
-
-?>
+<?php + +/** + * @file languages/spanish.php + * @author Iván-BenjamÃn GarcÃa Torà <ivaniclixx AT gmail DOT com> + * @sa @link internalLang Internationalization @endlink + * @ingroup internalLang + */ + +$this->_strings = array( + CAS_STR_USING_SERVER + => 'usando servidor', + CAS_STR_AUTHENTICATION_WANTED + => '¡Autentificación CAS necesaria!', + CAS_STR_LOGOUT + => '¡Salida CAS necesaria!', + CAS_STR_SHOULD_HAVE_BEEN_REDIRECTED + => 'Ya deberÃa haber sido redireccionado al servidor CAS. Haga click <a href="%s">aquÃ</a> para continuar.', + CAS_STR_AUTHENTICATION_FAILED + => '¡Autentificación CAS fallida!', + CAS_STR_YOU_WERE_NOT_AUTHENTICATED + => '<p>No estás autentificado.</p><p>Puedes volver a intentarlo haciendo click <a href="%s">aquÃ</a>.</p><p>Si el problema persiste deberÃa contactar con el <a href="mailto:%s">administrador de este sitio</a>.</p>', + CAS_STR_SERVICE_UNAVAILABLE + => 'El servicio `<b>%s</b>\' no está disponible (<b>%s</b>).' +); + +?> diff --git a/plugins/DiskCachePlugin.php b/plugins/DiskCachePlugin.php new file mode 100644 index 000000000..b709ea3b3 --- /dev/null +++ b/plugins/DiskCachePlugin.php @@ -0,0 +1,168 @@ +<?php +/** + * StatusNet - the distributed open-source microblogging tool + * Copyright (C) 2009, StatusNet, Inc. + * + * Plugin to implement cache interface with disk files + * + * PHP version 5 + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + * @category Cache + * @package StatusNet + * @author Evan Prodromou <evan@status.net> + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +if (!defined('STATUSNET')) { + // This check helps protect against security problems; + // your code file can't be executed directly from the web. + exit(1); +} + +/** + * A plugin to cache data on local disk + * + * @category Cache + * @package StatusNet + * @author Evan Prodromou <evan@status.net> + * @copyright 2009 StatusNet, Inc. + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://status.net/ + */ + +class DiskCachePlugin extends Plugin +{ + var $root = '/tmp'; + + function keyToFilename($key) + { + return $this->root . '/' . str_replace(':', '/', $key); + } + + /** + * Get a value associated with a key + * + * The value should have been set previously. + * + * @param string &$key in; Lookup key + * @param mixed &$value out; value associated with key + * + * @return boolean hook success + */ + + function onStartCacheGet(&$key, &$value) + { + $filename = $this->keyToFilename($key); + + if (file_exists($filename)) { + $data = file_get_contents($filename); + if ($data !== false) { + $value = unserialize($data); + } + } + + Event::handle('EndCacheGet', array($key, &$value)); + return false; + } + + /** + * Associate a value with a key + * + * @param string &$key in; Key to use for lookups + * @param mixed &$value in; Value to associate + * @param integer &$flag in; Flag (passed through to Memcache) + * @param integer &$expiry in; Expiry (passed through to Memcache) + * @param boolean &$success out; Whether the set was successful + * + * @return boolean hook success + */ + + function onStartCacheSet(&$key, &$value, &$flag, &$expiry, &$success) + { + $filename = $this->keyToFilename($key); + $parent = dirname($filename); + + $sofar = ''; + + foreach (explode('/', $parent) as $part) { + if (empty($part)) { + continue; + } + $sofar .= '/' . $part; + if (!is_dir($sofar)) { + $this->debug("Creating new directory '$sofar'"); + $success = mkdir($sofar, 0750); + if (!$success) { + $this->log(LOG_ERR, "Can't create directory '$sofar'"); + return false; + } + } + } + + if (is_dir($filename)) { + $success = false; + return false; + } + + // Write to a temp file and move to destination + + $tempname = tempnam(null, 'statusnetdiskcache'); + + $result = file_put_contents($tempname, serialize($value)); + + if ($result === false) { + $this->log(LOG_ERR, "Couldn't write '$key' to temp file '$tempname'"); + return false; + } + + $result = rename($tempname, $filename); + + if (!$result) { + $this->log(LOG_ERR, "Couldn't move temp file '$tempname' to path '$filename' for key '$key'"); + @unlink($tempname); + return false; + } + + Event::handle('EndCacheSet', array($key, $value, $flag, + $expiry)); + + return false; + } + + /** + * Delete a value associated with a key + * + * @param string &$key in; Key to lookup + * @param boolean &$success out; whether it worked + * + * @return boolean hook success + */ + + function onStartCacheDelete(&$key, &$success) + { + $filename = $this->keyToFilename($key); + + if (file_exists($filename) && !is_dir($filename)) { + unlink($filename); + } + + Event::handle('EndCacheDelete', array($key)); + return false; + } +} + diff --git a/plugins/EmailAuthentication/EmailAuthenticationPlugin.php b/plugins/EmailAuthentication/EmailAuthenticationPlugin.php index 25e537735..406c00073 100644 --- a/plugins/EmailAuthentication/EmailAuthenticationPlugin.php +++ b/plugins/EmailAuthentication/EmailAuthenticationPlugin.php @@ -50,5 +50,16 @@ class EmailAuthenticationPlugin extends Plugin } } } + + function onPluginVersion(&$versions) + { + $versions[] = array('name' => 'Email Authentication', + 'version' => STATUSNET_VERSION, + 'author' => 'Craig Andrews', + 'homepage' => 'http://status.net/wiki/Plugin:EmailAuthentication', + 'rawdescription' => + _m('The Email Authentication plugin allows users to login using their email address.')); + return true; + } } diff --git a/plugins/FirePHP/FirePHPPlugin.php b/plugins/FirePHP/FirePHPPlugin.php index 37b397796..452f79024 100644 --- a/plugins/FirePHP/FirePHPPlugin.php +++ b/plugins/FirePHP/FirePHPPlugin.php @@ -55,5 +55,16 @@ class FirePHPPlugin extends Plugin $priority = $firephp_priorities[$priority]; $this->firephp->fb($msg, $priority); } + + function onPluginVersion(&$versions) + { + $versions[] = array('name' => 'FirePHP', + 'version' => STATUSNET_VERSION, + 'author' => 'Craig Andrews', + 'homepage' => 'http://status.net/wiki/Plugin:FirePHP', + 'rawdescription' => + _m('The FirePHP plugin writes StatusNet\'s log output to FirePHP.')); + return true; + } } diff --git a/plugins/FirePHP/README b/plugins/FirePHP/README index ee22794d5..22ed1e9be 100644 --- a/plugins/FirePHP/README +++ b/plugins/FirePHP/README @@ -1,4 +1,4 @@ -The FirePHP writes StatusNet's log output to FirePHP. +The FirePHP plugin writes StatusNet's log output to FirePHP. Using FirePHP on production sites can expose sensitive information. You must protect the security of your application by disabling FirePHP diff --git a/plugins/Gravatar/GravatarPlugin.php b/plugins/Gravatar/GravatarPlugin.php index 3c61a682e..580852072 100644 --- a/plugins/Gravatar/GravatarPlugin.php +++ b/plugins/Gravatar/GravatarPlugin.php @@ -185,4 +185,16 @@ class GravatarPlugin extends Plugin "&size=".$size; return $url; } + + function onPluginVersion(&$versions) + { + $versions[] = array('name' => 'Gravatar', + 'version' => STATUSNET_VERSION, + 'author' => 'Eric Helgeson', + 'homepage' => 'http://status.net/wiki/Plugin:Gravatar', + 'rawdescription' => + _m('The Gravatar plugin allows users to use their <a href="http://www.gravatar.com/">Gravatar</a> with StatusNet.')); + + return true; + } } diff --git a/plugins/Imap/ImapPlugin.php b/plugins/Imap/ImapPlugin.php index 034444222..d9768b680 100644 --- a/plugins/Imap/ImapPlugin.php +++ b/plugins/Imap/ImapPlugin.php @@ -82,4 +82,15 @@ class ImapPlugin extends Plugin } return true; } + + function onPluginVersion(&$versions) + { + $versions[] = array('name' => 'IMAP', + 'version' => STATUSNET_VERSION, + 'author' => 'Craig Andrews', + 'homepage' => 'http://status.net/wiki/Plugin:IMAP', + 'rawdescription' => + _m('The IMAP plugin allows for StatusNet to check a POP or IMAP mailbox for incoming mail containing user posts.')); + return true; + } } diff --git a/plugins/Imap/imapdaemon.php b/plugins/Imap/imapdaemon.php index a45c603ce..7e60e1376 100755 --- a/plugins/Imap/imapdaemon.php +++ b/plugins/Imap/imapdaemon.php @@ -117,7 +117,7 @@ class IMAPMailHandler extends MailHandler { $this->log(LOG_INFO, "Error: $from $msg"); $headers['To'] = $from; - $headers['Subject'] = "Error"; + $headers['Subject'] = _m('Error'); return mail_send(array($from), $headers, $msg); } diff --git a/plugins/InfiniteScroll/InfiniteScrollPlugin.php b/plugins/InfiniteScroll/InfiniteScrollPlugin.php index 5928c007f..a4d1a5d05 100644 --- a/plugins/InfiniteScroll/InfiniteScrollPlugin.php +++ b/plugins/InfiniteScroll/InfiniteScrollPlugin.php @@ -43,4 +43,15 @@ class InfiniteScrollPlugin extends Plugin $action->script('plugins/InfiniteScroll/jquery.infinitescroll.js'); $action->script('plugins/InfiniteScroll/infinitescroll.js'); } + + function onPluginVersion(&$versions) + { + $versions[] = array('name' => 'InfiniteScroll', + 'version' => STATUSNET_VERSION, + 'author' => 'Craig Andrews', + 'homepage' => 'http://status.net/wiki/Plugin:InfiniteScroll', + 'rawdescription' => + _m('Infinite Scroll adds the following functionality to your StatusNet installation: When a user scrolls towards the bottom of the page, the next page of notices is automatically retrieved and appended. This means they never need to click "Next Page", which dramatically increases stickiness.')); + return true; + } } diff --git a/plugins/InfiniteScroll/readme.txt b/plugins/InfiniteScroll/README index 2428cc69a..2428cc69a 100644 --- a/plugins/InfiniteScroll/readme.txt +++ b/plugins/InfiniteScroll/README diff --git a/plugins/LdapAuthentication/LdapAuthenticationPlugin.php b/plugins/LdapAuthentication/LdapAuthenticationPlugin.php index c14fa21a9..eb3a05117 100644 --- a/plugins/LdapAuthentication/LdapAuthenticationPlugin.php +++ b/plugins/LdapAuthentication/LdapAuthenticationPlugin.php @@ -346,4 +346,15 @@ class LdapAuthenticationPlugin extends AuthenticationPlugin return $str; } + + function onPluginVersion(&$versions) + { + $versions[] = array('name' => 'LDAP Authentication', + 'version' => STATUSNET_VERSION, + 'author' => 'Craig Andrews', + 'homepage' => 'http://status.net/wiki/Plugin:LdapAuthentication', + 'rawdescription' => + _m('The LDAP Authentication plugin allows for StatusNet to handle authentication through LDAP.')); + return true; + } } diff --git a/plugins/LdapAuthorization/LdapAuthorizationPlugin.php b/plugins/LdapAuthorization/LdapAuthorizationPlugin.php index e5e22c0dd..7f48ce5e1 100644 --- a/plugins/LdapAuthorization/LdapAuthorizationPlugin.php +++ b/plugins/LdapAuthorization/LdapAuthorizationPlugin.php @@ -206,4 +206,15 @@ class LdapAuthorizationPlugin extends AuthorizationPlugin return false; } } + + function onPluginVersion(&$versions) + { + $versions[] = array('name' => 'LDAP Authorization', + 'version' => STATUSNET_VERSION, + 'author' => 'Craig Andrews', + 'homepage' => 'http://status.net/wiki/Plugin:LdapAuthorization', + 'rawdescription' => + _m('The LDAP Authorization plugin allows for StatusNet to handle authorization through LDAP.')); + return true; + } } diff --git a/plugins/Minify/MinifyPlugin.php b/plugins/Minify/MinifyPlugin.php index 718bfd163..b49b6a4ba 100644 --- a/plugins/Minify/MinifyPlugin.php +++ b/plugins/Minify/MinifyPlugin.php @@ -164,5 +164,16 @@ class MinifyPlugin extends Plugin require_once('Minify/CSS.php'); return Minify_CSS::minify($code,$options); } + + function onPluginVersion(&$versions) + { + $versions[] = array('name' => 'Minify', + 'version' => STATUSNET_VERSION, + 'author' => 'Craig Andrews', + 'homepage' => 'http://status.net/wiki/Plugin:Minify', + 'rawdescription' => + _m('The Minify plugin minifies your CSS and Javascript, removing whitespace and comments.')); + return true; + } } diff --git a/plugins/OpenID/finishopenidlogin.php b/plugins/OpenID/finishopenidlogin.php index 987fa9213..d25ce696c 100644 --- a/plugins/OpenID/finishopenidlogin.php +++ b/plugins/OpenID/finishopenidlogin.php @@ -363,6 +363,7 @@ class FinishopenidloginAction extends Action if ($url) { # We don't have to return to it again common_set_returnto(null); + $url = common_inject_session($url); } else { $url = common_local_url('all', array('nickname' => diff --git a/plugins/PoweredByStatusNet/PoweredByStatusNetPlugin.php b/plugins/PoweredByStatusNet/PoweredByStatusNetPlugin.php index bae6c529d..c59fcca89 100644 --- a/plugins/PoweredByStatusNet/PoweredByStatusNetPlugin.php +++ b/plugins/PoweredByStatusNet/PoweredByStatusNetPlugin.php @@ -57,7 +57,7 @@ class PoweredByStatusNetPlugin extends Plugin { $versions[] = array('name' => 'PoweredByStatusNet', 'version' => STATUSNET_VERSION, - 'author' => 'Sarven Capdaisli', + 'author' => 'Sarven Capadisli', 'homepage' => 'http://status.net/wiki/Plugin:PoweredByStatusNet', 'rawdescription' => _m('Outputs powered by <a href="http://status.net/">StatusNet</a> after site name.')); diff --git a/plugins/PubSubHubBub/PubSubHubBubPlugin.php b/plugins/PubSubHubBub/PubSubHubBubPlugin.php index d9c047de8..367b35403 100644 --- a/plugins/PubSubHubBub/PubSubHubBubPlugin.php +++ b/plugins/PubSubHubBub/PubSubHubBubPlugin.php @@ -120,4 +120,16 @@ class PubSubHubBubPlugin extends Plugin } } } + + function onPluginVersion(&$versions) + { + $versions[] = array('name' => 'PubSubHubBub', + 'version' => STATUSNET_VERSION, + 'author' => 'Craig Andrews', + 'homepage' => 'http://status.net/wiki/Plugin:PubSubHubBub', + 'rawdescription' => + _m('The PubSubHubBub plugin pushes RSS/Atom updates to a <a href="http://pubsubhubbub.googlecode.com/">PubSubHubBub</a> hub.')); + + return true; + } } diff --git a/plugins/RequireValidatedEmail/RequireValidatedEmailPlugin.php b/plugins/RequireValidatedEmail/RequireValidatedEmailPlugin.php index 04adbf00e..3581f1de9 100644 --- a/plugins/RequireValidatedEmail/RequireValidatedEmailPlugin.php +++ b/plugins/RequireValidatedEmail/RequireValidatedEmailPlugin.php @@ -96,5 +96,16 @@ class RequireValidatedEmailPlugin extends Plugin } return false; } + + function onPluginVersion(&$versions) + { + $versions[] = array('name' => 'Require Validated Email', + 'version' => STATUSNET_VERSION, + 'author' => 'Craig Andrews, Evan Prodromou, Brion Vibber', + 'homepage' => 'http://status.net/wiki/Plugin:RequireValidatedEmail', + 'rawdescription' => + _m('The Require Validated Email plugin disables posting for accounts that do not have a validated email address.')); + return true; + } } diff --git a/plugins/ReverseUsernameAuthentication/ReverseUsernameAuthenticationPlugin.php b/plugins/ReverseUsernameAuthentication/ReverseUsernameAuthenticationPlugin.php index d157ea067..d9d2137f8 100644 --- a/plugins/ReverseUsernameAuthentication/ReverseUsernameAuthenticationPlugin.php +++ b/plugins/ReverseUsernameAuthentication/ReverseUsernameAuthenticationPlugin.php @@ -53,4 +53,15 @@ class ReverseUsernameAuthenticationPlugin extends AuthenticationPlugin $registration_data['nickname'] = $username ; return User::register($registration_data); } + + function onPluginVersion(&$versions) + { + $versions[] = array('name' => 'Reverse Username Authentication', + 'version' => STATUSNET_VERSION, + 'author' => 'Craig Andrews', + 'homepage' => 'http://status.net/wiki/Plugin:ReverseUsernameAuthentication', + 'rawdescription' => + _m('The Reverse Username Authentication plugin allows for StatusNet to handle authentication by checking if the provided password is the same as the reverse of the username.')); + return true; + } } diff --git a/plugins/XCachePlugin.php b/plugins/XCachePlugin.php index 03cb0c06e..2baa290ed 100644 --- a/plugins/XCachePlugin.php +++ b/plugins/XCachePlugin.php @@ -109,5 +109,16 @@ class XCachePlugin extends Plugin Event::handle('EndCacheDelete', array($key)); return false; } + + function onPluginVersion(&$versions) + { + $versions[] = array('name' => 'XCache', + 'version' => STATUSNET_VERSION, + 'author' => 'Craig Andrews', + 'homepage' => 'http://status.net/wiki/Plugin:XCache', + 'rawdescription' => + _m('Use the <a href="http://xcache.lighttpd.net/">XCache</a> variable cache to cache query results.')); + return true; + } } |