/**
* Validate the service ticket parameter present in the request.
*
* This method will return the username of the user if valid, and raise an
* exception if the ticket is not found or not valid.
*
* @param string $ticket
* The CAS authentication ticket to validate.
* @param array $service_params
* An array of query string parameters to add to the service URL.
*
* @return array
* An array containing validation result data from the CAS server.
*
* @throws CasValidateException
* Thrown if there was a problem making the validation request or
* if there was a local configuration issue.
*/
public function validateTicket($ticket, $service_params = array())
{
$options = array();
$verify = $this->casHelper->getSslVerificationMethod();
switch ($verify) {
case CasHelper::CA_CUSTOM:
$cert = $this->casHelper->getCertificateAuthorityPem();
$options['verify'] = $cert;
break;
case CasHelper::CA_NONE:
$options['verify'] = FALSE;
break;
case CasHelper::CA_DEFAULT:
default:
// This triggers for CasHelper::CA_DEFAULT.
$options['verify'] = TRUE;
}
$validate_url = $this->casHelper->getServerValidateUrl($ticket, $service_params);
$this->casHelper->log("Attempting to validate service ticket using URL {$validate_url}");
try {
$response = $this->httpClient->get($validate_url, $options);
$response_data = $response->getBody()->__toString();
$this->casHelper->log("Validation response received from CAS server: " . htmlspecialchars($response_data));
} catch (RequestException $e) {
throw new CasValidateException("Error with request to validate ticket: " . $e->getMessage());
}
$protocol_version = $this->casHelper->getCasProtocolVersion();
switch ($protocol_version) {
case "1.0":
return $this->validateVersion1($response_data);
case "2.0":
return $this->validateVersion2($response_data);
}
throw new CasValidateException('Unknown CAS protocol version specified: ' . $protocol_version);
}
/**
* Validate the service ticket parameter present in the request.
*
* This method will return the username of the user if valid, and raise an
* exception if the ticket is not found or not valid.
*
* @param string $version
* The protocol version of the CAS server.
* @param string $ticket
* The CAS authentication ticket to validate.
* @param array $service_params
* An array of query string parameters to add to the service URL.
*
* @return array
* An array containing validation result data from the CAS server.
* @throws CasValidateException
*/
public function validateTicket($version, $ticket, $service_params = array())
{
try {
$validate_url = $this->casHelper->getServerValidateUrl($ticket, $service_params);
$this->casHelper->log("Trying to validate against {$validate_url}");
$options = array();
$cert = $this->casHelper->getCertificateAuthorityPem();
if (!empty($cert)) {
$options['verify'] = $cert;
} else {
$options['verify'] = FALSE;
}
$response = $this->httpClient->get($validate_url, $options);
$response_data = $response->getBody()->__toString();
$this->casHelper->log("Received " . htmlspecialchars($response_data));
} catch (ClientException $e) {
throw new CasValidateException("Error with request to validate ticket: " . $e->getMessage());
}
switch ($version) {
case "1.0":
return $this->validateVersion1($response_data);
case "2.0":
return $this->validateVersion2($response_data);
}
// If we get here, its because we had a bad CAS version specified.
throw new CasValidateException("Unknown CAS protocol version specified.");
}
/**
* Test constructing the CAS Server validation url.
*
* @covers ::getServerValidateUrl
* @covers ::formatProxyCallbackURL
* @covers ::__construct
*
* @dataProvider getServerValidateUrlDataProvider
*/
public function testGetServerValidateUrl($ticket, $service_params, $return, $is_proxy, $can_be_proxied, $protocol)
{
$config_factory = $this->getConfigFactoryStub(array('cas.settings' => array('server.hostname' => 'example.com', 'server.port' => 443, 'server.path' => '/cas', 'server.version' => $protocol, 'proxy.initialize' => $is_proxy, 'proxy.can_be_proxied' => $can_be_proxied)));
if (!empty($service_params)) {
$params = '';
foreach ($service_params as $key => $value) {
$params .= '&' . $key . '=' . urlencode($value);
}
$params = '?' . substr($params, 1);
$return_value = 'https://example.com/client' . $params;
} else {
$return_value = 'https://example.com/client';
}
$this->urlGenerator->expects($this->once())->method('generate')->will($this->returnValue($return_value));
$this->urlGenerator->expects($this->any())->method('generateFromRoute')->will($this->returnValue('https://example.com/casproxycallback'));
$cas_helper = new CasHelper($config_factory, $this->urlGenerator, $this->connection, $this->loggerFactory, $this->session);
$this->assertEquals($return, $cas_helper->getServerValidateUrl($ticket, $service_params));
}
