/**
* CASClient constructor.
*
* @param $server_version the version of the CAS server
* @param $proxy TRUE if the CAS client is a CAS proxy, FALSE otherwise
* @param $server_hostname the hostname of the CAS server
* @param $server_port the port the CAS server is running on
* @param $server_uri the URI the CAS server is responding on
* @param $start_session Have phpCAS start PHP sessions (default true)
*
* @return a newly created CASClient object
*
* @public
*/
function CASClient($server_version, $proxy, $server_hostname, $server_port, $server_uri, $start_session = true)
{
phpCAS::traceBegin();
if (!$this->isLogoutRequest() && !empty($_GET['ticket']) && $start_session) {
// copy old session vars and destroy the current session
if (!isset($_SESSION)) {
session_start();
}
$old_session = $_SESSION;
session_destroy();
// set up a new session, of name based on the ticket
$session_id = preg_replace('/[^\\w]/', '', $_GET['ticket']);
phpCAS::LOG("Session ID: " . $session_id);
session_id($session_id);
if (!isset($_SESSION)) {
session_start();
}
// restore old session vars
$_SESSION = $old_session;
// Redirect to location without ticket.
header('Location: ' . $this->getURL());
}
//activate session mechanism if desired
if (!$this->isLogoutRequest() && $start_session && !isset($_SESSION)) {
session_start();
}
$this->_proxy = $proxy;
//check version
switch ($server_version) {
case CAS_VERSION_1_0:
if ($this->isProxy()) {
phpCAS::error('CAS proxies are not supported in CAS ' . $server_version);
}
break;
case CAS_VERSION_2_0:
break;
default:
phpCAS::error('this version of CAS (`' . $server_version . '\') is not supported by phpCAS ' . phpCAS::getVersion());
}
$this->_server['version'] = $server_version;
//check hostname
if (empty($server_hostname) || !preg_match('/[\\.\\d\\-abcdefghijklmnopqrstuvwxyz]*/', $server_hostname)) {
phpCAS::error('bad CAS server hostname (`' . $server_hostname . '\')');
}
$this->_server['hostname'] = $server_hostname;
//check port
if ($server_port == 0 || !is_int($server_port)) {
phpCAS::error('bad CAS server port (`' . $server_hostname . '\')');
}
$this->_server['port'] = $server_port;
//check URI
if (!preg_match('/[\\.\\d\\-_abcdefghijklmnopqrstuvwxyz\\/]*/', $server_uri)) {
phpCAS::error('bad CAS server URI (`' . $server_uri . '\')');
}
//add leading and trailing `/' and remove doubles
$server_uri = preg_replace('/\\/\\//', '/', '/' . $server_uri . '/');
$this->_server['uri'] = $server_uri;
//set to callback mode if PgtIou and PgtId CGI GET parameters are provided
if ($this->isProxy()) {
$this->setCallbackMode(!empty($_GET['pgtIou']) && !empty($_GET['pgtId']));
}
if ($this->isCallbackMode()) {
//callback mode: check that phpCAS is secured
if (!$this->isHttps()) {
phpCAS::error('CAS proxies must be secured to use phpCAS; PGT\'s will not be received from the CAS server');
}
} else {
//normal mode: get ticket and remove it from CGI parameters for developpers
$ticket = isset($_GET['ticket']) ? $_GET['ticket'] : null;
switch ($this->getServerVersion()) {
case CAS_VERSION_1_0:
// check for a Service Ticket
if (preg_match('/^ST-/', $ticket)) {
phpCAS::trace('ST \'' . $ticket . '\' found');
//ST present
$this->setST($ticket);
//ticket has been taken into account, unset it to hide it to applications
unset($_GET['ticket']);
} else {
if (!empty($ticket)) {
//ill-formed ticket, halt
phpCAS::error('ill-formed ticket found in the URL (ticket=`' . htmlentities($ticket) . '\')');
}
}
break;
case CAS_VERSION_2_0:
// check for a Service or Proxy Ticket
if (preg_match('/^[SP]T-/', $ticket)) {
phpCAS::trace('ST or PT \'' . $ticket . '\' found');
$this->setPT($ticket);
unset($_GET['ticket']);
} else {
if (!empty($ticket)) {
//ill-formed ticket, halt
phpCAS::error('ill-formed ticket found in the URL (ticket=`' . htmlentities($ticket) . '\')');
}
}
break;
}
}
phpCAS::traceEnd();
}
/**
* CASClient constructor.
*
* @param $server_version the version of the CAS server
* @param $proxy TRUE if the CAS client is a CAS proxy, FALSE otherwise
* @param $server_hostname the hostname of the CAS server
* @param $server_port the port the CAS server is running on
* @param $server_uri the URI the CAS server is responding on
* @param $start_session Have phpCAS start PHP sessions (default true)
*
* @return a newly created CASClient object
*
* @public
*/
function CASClient($server_version, $proxy, $server_hostname, $server_port, $server_uri, $start_session = true)
{
phpCAS::traceBegin();
// the redirect header() call and DOM parsing code from domxml-php4-php5.php won't work in PHP4 compatibility mode
if (version_compare(PHP_VERSION, '5', '>=') && ini_get('zend.ze1_compatibility_mode')) {
phpCAS::error('phpCAS cannot support zend.ze1_compatibility_mode. Sorry.');
}
// skip Session Handling for logout requests and if don't want it'
if ($start_session && !$this->isLogoutRequest()) {
phpCAS::trace("Starting session handling");
// Check for Tickets from the CAS server
if (empty($_GET['ticket'])) {
phpCAS::trace("No ticket found");
// only create a session if necessary
if (session_id() !== '') {
phpCAS::trace("No session found, creating new session");
session_start();
}
} else {
phpCAS::trace("Ticket found");
// We have to copy any old data before renaming the session
if (session_id() !== '') {
phpCAS::trace("Old active session found, saving old data and destroying session");
$old_session = $_SESSION;
session_destroy();
} else {
session_start();
phpCAS::trace("Starting possible old session to copy variables");
$old_session = $_SESSION;
session_destroy();
}
// set up a new session, of name based on the ticket
$session_id = preg_replace('/[^\\w]/', '', $_GET['ticket']);
phpCAS::LOG("Session ID: " . $session_id);
session_id($session_id);
session_start();
// restore old session vars
if (isset($old_session)) {
phpCAS::trace("Restoring old session vars");
$_SESSION = $old_session;
}
}
} else {
phpCAS::trace("Skipping session creation");
}
// are we in proxy mode ?
$this->_proxy = $proxy;
//check version
switch ($server_version) {
case CAS_VERSION_1_0:
if ($this->isProxy()) {
phpCAS::error('CAS proxies are not supported in CAS ' . $server_version);
}
break;
case CAS_VERSION_2_0:
break;
case SAML_VERSION_1_1:
break;
default:
phpCAS::error('this version of CAS (`' . $server_version . '\') is not supported by phpCAS ' . phpCAS::getVersion());
}
$this->_server['version'] = $server_version;
// check hostname
if (empty($server_hostname) || !preg_match('/[\\.\\d\\-abcdefghijklmnopqrstuvwxyz]*/', $server_hostname)) {
phpCAS::error('bad CAS server hostname (`' . $server_hostname . '\')');
}
$this->_server['hostname'] = $server_hostname;
// check port
if ($server_port == 0 || !is_int($server_port)) {
phpCAS::error('bad CAS server port (`' . $server_hostname . '\')');
}
$this->_server['port'] = $server_port;
// check URI
if (!preg_match('/[\\.\\d\\-_abcdefghijklmnopqrstuvwxyz\\/]*/', $server_uri)) {
phpCAS::error('bad CAS server URI (`' . $server_uri . '\')');
}
// add leading and trailing `/' and remove doubles
$server_uri = preg_replace('/\\/\\//', '/', '/' . $server_uri . '/');
$this->_server['uri'] = $server_uri;
// set to callback mode if PgtIou and PgtId CGI GET parameters are provided
if ($this->isProxy()) {
$this->setCallbackMode(!empty($_GET['pgtIou']) && !empty($_GET['pgtId']));
}
if ($this->isCallbackMode()) {
//callback mode: check that phpCAS is secured
if (!$this->isHttps()) {
phpCAS::error('CAS proxies must be secured to use phpCAS; PGT\'s will not be received from the CAS server');
}
} else {
//normal mode: get ticket and remove it from CGI parameters for developpers
$ticket = isset($_GET['ticket']) ? $_GET['ticket'] : null;
switch ($this->getServerVersion()) {
case CAS_VERSION_1_0:
// check for a Service Ticket
if (preg_match('/^ST-/', $ticket)) {
phpCAS::trace('ST \'' . $ticket . '\' found');
//ST present
$this->setST($ticket);
//ticket has been taken into account, unset it to hide it to applications
unset($_GET['ticket']);
} else {
if (!empty($ticket)) {
//ill-formed ticket, halt
phpCAS::error('ill-formed ticket found in the URL (ticket=`' . htmlentities($ticket) . '\')');
}
}
break;
case CAS_VERSION_2_0:
// check for a Service or Proxy Ticket
if (preg_match('/^[SP]T-/', $ticket)) {
phpCAS::trace('ST or PT \'' . $ticket . '\' found');
$this->setPT($ticket);
unset($_GET['ticket']);
} else {
if (!empty($ticket)) {
//ill-formed ticket, halt
phpCAS::error('ill-formed ticket found in the URL (ticket=`' . htmlentities($ticket) . '\')');
}
}
break;
case SAML_VERSION_1_1:
// SAML just does Service Tickets
if (preg_match('/^[SP]T-/', $ticket)) {
phpCAS::trace('SA \'' . $ticket . '\' found');
$this->setSA($ticket);
unset($_GET['ticket']);
} else {
if (!empty($ticket)) {
//ill-formed ticket, halt
phpCAS::error('ill-formed ticket found in the URL (ticket=`' . htmlentities($ticket) . '\')');
}
}
break;
}
}
phpCAS::traceEnd();
}
