Set a callback function to be run when a single-signout request is
received. The callback function will be passed a $logoutTicket as its
first parameter, followed by any $additionalArgs you pass. The
$logoutTicket parameter is an opaque string that can be used to map a
session-id to the logout request in order to support single-signout in
applications that manage their own sessions (rather than letting phpCAS
start and destroy the session).
function casSetup()
{
global $CASAuth;
global $casIsSetUp;
require_once $CASAuth["phpCAS"] . "/CAS.php";
phpCAS::client($CASAuth["Version"], $CASAuth["Server"], $CASAuth["Port"], $CASAuth["Url"], false);
phpCAS::setSingleSignoutCallback('casSingleSignOut');
phpCAS::setPostAuthenticateCallback('casPostAuth');
phpCAS::handleLogoutRequests(true, isset($CASAuth["LogoutServers"]) ? $CASAuth["LogoutServers"] : false);
phpCAS::setNoCasServerValidation();
$casIsSetUp = true;
}
/**
* @todo make this options usable.
* @todo move to other class
*
* @param string $providerName defined in Settings.yaml
*
* @throws \TYPO3\Flow\Exception
*
* @return void
*/
private function setOptionalClientSettings($providerName)
{
$casClientSettings = $this->getClientSettingsByProviderName($providerName);
try {
if (!empty($casClientSettings['serverLoginURL'])) {
\phpCAS::setServerLoginURL($casClientSettings['serverLoginURL']);
}
if (!empty($casClientSettings['serverLogoutURL'])) {
\phpCAS::setServerLogoutURL($casClientSettings['serverLogoutURL']);
}
if (!empty($casClientSettings['serverProxyValidateURL'])) {
\phpCAS::setServerProxyValidateURL($casClientSettings['serverProxyValidateURL']);
}
if (!empty($casClientSettings['serverSamlValidateURL'])) {
\phpCAS::setServerSamlValidateURL($casClientSettings['serverSamlValidateURL']);
}
if (!empty($casClientSettings['serverServiceValidateURL'])) {
\phpCAS::setServerServiceValidateURL($casClientSettings['serverServiceValidateURL']);
}
// since CAS 4.0 disbled
if (!empty($casClientSettings['singleSignoutCallback'])) {
\phpCAS::setSingleSignoutCallback($casClientSettings['singleSignoutCallback']);
}
} catch (\Exception $exc) {
throw new \TYPO3\Flow\Exception('Can not set some optianal property in Jasigs phpCAS broken on: ' . $exc->getCode() . ' with message: ' . $exc->getMessage(), 1372519681);
}
}
// Le premier argument est la version du protocole CAS
// Le dernier argument a été ajouté par patchage manuel de phpCAS.
settype($cas_port, "integer");
phpCAS::client(CAS_VERSION_2_0, $cas_host, $cas_port, $cas_root, true, $url_base);
phpCAS::setLang(PHPCAS_LANG_FRENCH);
// redirige vers le serveur d'authentification si aucun utilisateur authentifié n'a
// été trouvé par le client CAS.
phpCAS::setNoCasServerValidation();
// On a une demande de logout envoyée par le serveur CAS :
// il faut initialiser la session tout de suite, pour pouvoir la détruire complètement
if (isset($logout_request)) {
$session_gepi = new Session();
// Gestion du single sign-out
phpCAS::setSingleSignoutCallback(array($session_gepi, 'cas_logout_callback'));
phpCAS::handleLogoutRequests(false);
}
// Authentification
phpCAS::forceAuthentication();
// Initialisation de la session, avec blocage de l'initialisation de la
// session php ainsi que des tests de timeout et update de logs,
// car l'authentification CAS n'est pas encore validée côté Gepi !
$session_gepi = new Session(true);
} else {
$session_gepi = new Session();
}
function casSetup()
{
global $CASAuth;
if (!defined('PHPCAS_VERSION') || !class_exists('phpCAS')) {
require_once $CASAuth["phpCAS"] . "/CAS.php";
}
static $casIsSetUp = false;
if ($casIsSetUp) {
// phpCAS cannot be initialized twice.
return;
}
phpCAS::client($CASAuth["Version"], $CASAuth["Server"], $CASAuth["Port"], $CASAuth["Url"], false);
phpCAS::setSingleSignoutCallback('casSingleSignOut');
phpCAS::setPostAuthenticateCallback('casPostAuth');
phpCAS::handleLogoutRequests(true, isset($CASAuth["LogoutServers"]) ? $CASAuth["LogoutServers"] : false);
phpCAS::setNoCasServerValidation();
$casIsSetUp = true;
}
