This method is called to check if the user is authenticated (previously or by
tickets given in the URL).
public static isAuthenticated ( ) : true | ||
Résultat | true | when the user is authenticated. |
public static function logout($parameters) { if (phpCAS::isAuthenticated()) { phpCAS::logoutWithRedirectService(OC::$server->getURLGenerator()->getAbsoluteURL("")); } return true; }
function metodillo() { $sSQL = "SELECT * FROM PM_PARAMETERS WHERE PRM_ID = 'CAS_URL' "; $aResSQL = executeQuery($sSQL); if (count($aResSQL)) { $sURL = $aResSQL[1]['PRM_VALUE']; $sURI = $aResSQL[1]['PRM_VALUE_2']; $res = false; $RBAC = RBAC::getSingleton(); $RBAC->initRBAC(); require_once 'CAS-1.2.2/CAS.php'; phpCAS::client(CAS_VERSION_2_0, $sURL, 443, $sURI, false); phpCAS::setNoCasServerValidation(); phpCAS::forceAuthentication(); if (phpCAS::isAuthenticated() == true) { $sCasUser = phpCAS::getUser(); $sSQL = "SELECT USR_UID FROM USERS WHERE USR_USERNAME = '******' "; $aResSQL = executeQuery($sSQL); if (count($aResSQL)) { $nUserId = $aResSQL[1]['USR_UID']; $RBAC->singleSignOn = true; $RBAC->userObj->fields['USR_UID'] = $nUserId; $RBAC->userObj->fields['USR_USERNAME'] = $sCasUser; $res = true; } else { $res = false; } } else { $res = false; } } else { $res = false; } return $res; }
function getAttributes() { if (phpCAS::isAuthenticated()) { return phpCAS::getAttributes(); } return null; }
function forceAuth() { if (!phpCAS::isAuthenticated()) { // If they're not currently logged in, take them to the RPI CAS page phpCAS::forceAuthentication(); } }
public function get_login() { Logger::debug('main', 'AuthMethod_CAS::get_login()'); if (!isset($_SESSION['backup_sso']) || !is_array($_SESSION['backup_sso'])) { $_SESSION['backup_sso'] = array(); } foreach ($_REQUEST as $k => $v) { $_SESSION['backup_sso'][$k] = $v; } $buf = $this->prefs->get('AuthMethod', 'CAS'); $CAS_server_url = $buf['user_authenticate_cas_server_url']; if (!isset($CAS_server_url) || $CAS_server_url == '') { Logger::error('main', 'AuthMethod_CAS::get_login() - Unable to find CAS server url in Preferences'); return NULL; } phpCAS::client(CAS_VERSION_2_0, parse_url($CAS_server_url, PHP_URL_HOST), parse_url($CAS_server_url, PHP_URL_PORT), parse_url($CAS_server_url, PHP_URL_PATH)); Logger::debug('main', 'AuthMethod_CAS::get_login() - Parsing URL - Host:"' . parse_url($CAS_server_url, PHP_URL_HOST) . '" Port:"' . parse_url($CAS_server_url, PHP_URL_PORT) . '" Path:"' . parse_url($CAS_server_url, PHP_URL_PATH) . '"'); phpCAS::setNoCasServerValidation(); if (!phpCAS::forceAuthentication()) { Logger::error('main', 'AuthMethod_CAS::get_login() - phpCAS::forceAuthentication failed'); return NULL; } if (!phpCAS::isAuthenticated()) { Logger::error('main', 'AuthMethod_CAS::get_login() - phpCAS::isAuthenticated failed'); return NULL; } $this->login = phpCAS::getUser(); foreach ($_SESSION['backup_sso'] as $k => $v) { if (isset($_REQUEST[$k])) { continue; } $_REQUEST[$k] = $v; } return $this->login; }
function getUser() { if (phpCAS::isAuthenticated()) { return phpCAS::getUser(); } return null; }
public function checkAuthentication() { if (phpCAS::isAuthenticated() && !AuthCookie::hasAuthCookie()) { $this->loginCallback(); } // force CAS authentication phpCAS::forceAuthentication(); }
public function checkAuthentication() { if (phpCAS::isAuthenticated() && !Auth::isValidCookie(Auth::getCookieInfo(APP_COOKIE))) { $this->loginCallback(); } // force CAS authentication $auth = phpCAS::forceAuthentication(); }
/** * Collect any tokens that the user may have supplied. Reply NULL if none * are found. * * @return mixed * @access public * @since 3/16/05 */ function collect() { if (phpCAS::isAuthenticated()) { return phpCAS::getUser(); } else { return null; } }
public function checkPassword($uid, $password) { if (!phpCAS::isAuthenticated()) { return false; } $uid = phpCAS::getUser(); return $uid; }
function logout($user) { $this->initializeCASClient(); // Force CAS logout if required if (phpCAS::isAuthenticated()) { phpCAS::logout(); } return parent::logout(); }
public function Login($username, $loginContext) { Log::Debug('Attempting CAS login for username: %s', $username); $isAuth = phpCAS::isAuthenticated(); Log::Debug('CAS is auth ok: %s', $isAuth); $username = phpCAS::getUser(); $this->Synchronize($username); return $this->authToDecorate->Login($username, $loginContext); }
function check_auth() { if (!isset($GLOBALS['PHPCAS_CLIENT'])) { phpCAS::client(CAS_VERSION_2_0, 'cas.byu.edu', 443, 'cas'); //phpCAS::setCasServerCACert("../CAS/cas_ca.pem"); phpCAS::setNoCasServerValidation(); phpCAS::setDebug("cas_error.txt"); phpCAS::handleLogoutRequests(true, array('cas.byu.edu', 'cas1.byu.edu', 'cas2.byu.edu', 'cas3.byu.edu')); } return phpCAS::isAuthenticated(); }
public static function isAuthenticated() { if (self::$_user) { return self::$_user; } self::init(); if (true === ($result = phpCAS::isAuthenticated())) { $result = phpCAS::getUser(); } session_write_close(); return $result; }
/** * Logout execution method. Initializes CAS client and force logout if required before returning to parent logout method. * * @param mixed $url Optional URL to redirect the user to after logout * @return string AuthComponent::$loginAction * @see AuthComponent::$loginAction * @access public */ function logout() { // Set debug mode phpCAS::setDebug(false); //Initialize phpCAS phpCAS::client(CAS_VERSION_2_0, Configure::read('CAS.hostname'), Configure::read('CAS.port'), Configure::read('CAS.uri'), true); // No SSL validation for the CAS server phpCAS::setNoCasServerValidation(); // Force CAS logout if required if (phpCAS::isAuthenticated()) { phpCAS::logout(array('url' => 'http://www.cakephp.org')); // Provide login url for your application } return parent::logout(); }
protected function casUser() { $cas_host = \Config::get('app.cas_host'); $cas_context = \Config::get('app.cas_context'); $cas_port = \Config::get('app.cas_port'); \phpCAS::setDebug(); \phpCAS::client(CAS_VERSION_2_0, $cas_host, $cas_port, $cas_context); \phpCAS::setNoCasServerValidation(); if (\phpCAS::isAuthenticated()) { $attributes = array('id' => \phpCAS::getUser(), 'name' => \phpCAS::getUser()); return new GenericUser($attributes); } else { \phpCAS::setServerURL(\Config::get('app.url')); \phpCAS::forceAuthentication(); } return null; }
public function logout($user) { if (phpCAS::isAuthenticated()) { //Step 1. When the client clicks logout, this will run. // phpCAS::logout will redirect the client to the CAS server. // The CAS server will, in turn, redirect the client back to // this same logout URL. // // phpCAS will stop script execution after it sends the redirect // header, which is a problem because CakePHP still thinks the // user is logged in. See Step 2. $current_url = Router::url(null, true); phpCAS::logout(array('url' => $current_url)); } else { //Step 2. This will run when the CAS server has redirected the client // back to us. Do nothing in this method, then after this method // returns CakePHP will do whatever is necessary to log the user // out from its end (destroying the session or whatever). } }
public function triggerAuth($service_url = null) { self::buildClient($this->config->get('cas-hostname'), $this->config->get('cas-port'), $this->config->get('cas-context')); // Force set the CAS service URL to the osTicket login page. if ($service_url) { phpCAS::setFixedServiceURL($service_url); } // Verify the CAS server's certificate, if configured. if ($this->config->get('cas-ca-cert-path')) { phpCAS::setCasServerCACert($this->config->get('cas-ca-cert-path')); } else { phpCAS::setNoCasServerValidation(); } // Trigger authentication and set the user fields when validated. if (!phpCAS::isAuthenticated()) { phpCAS::forceAuthentication(); } else { $this->setUser(); $this->setEmail(); $this->setName(); } }
</head> <body> <img border="0" src="banner.jpg" width="100%" height="150"> <link href="bootstrap.css" rel="stylesheet"> <ul class="nav nav-pills"> <li><a href="main.php">Home</a></li> <li><a href="info.php">Info</a></li> <li><a href="add.php">Add</a></li> <li><a href="report.php">Report</a></li> <li><a href="course.php">Course</a></li> <li><a href="section.php">Section</a></li> <li><a href="faculty.php">Faculty</a></li> <li class="active"><a href="partner.php">Partner</a></li> <li><a href="project.php">Project</a></li> <?php if (phpCAS::isAuthenticated()) { echo '<li><a>You are logged in as <font color="red">' . $casuser . '</font></li></a>'; echo '<li><a href="?logout">(Logout)</li></a>'; } else { echo '<li><a href="login.php">Login</li></a>'; } ?> <li> <form action="keyword.php" method=POST> <input type=text align="center" style="width: 25em" name="keyword" placeholder="Search..."> <input type="submit" name="ksearch" value="Search"> <br> <font color="white"> <input type="checkbox" name="searchTables[]" value="section" checked>Section <input type="checkbox" name="searchTables[]" value="faculty" checked>Faculty <input type="checkbox" name="searchTables[]" value="project" checked>Projects
/** * @brief 判断用户是否登录接口 * * @return 已登录-用户登录的账户名string 未登录-false * @retval string/boolean * @author chenyijie * @date 2012/09/28 22:18:27 **/ public static function isAuthenticated() { if (!self::init()) { return false; } $result = phpCAS::isAuthenticated(); if ($result === true) { $result = phpCAS::getUser(); } session_write_close(); return $result; }
/** * Validate the login using CAS */ function validate_login($null, $username, $password) { if (!$this->cas_configured) { die('Error. Cas not configured and I was unable to redirect you to wp-login. Use define("WPCAS_BYPASS",true); in your wp-config.php to bypass wpCAS'); } phpCAS::forceAuthentication(); // might as well be paranoid if (!phpCAS::isAuthenticated()) { exit; } $username = phpCAS::getUser(); $password = md5($username . 'wpCASAuth!"#$"!$!"%$#"%#$' . rand() . $this->generateRandomString(20)); $user = get_user_by('login', $username); if ($user) { if (is_multisite()) { if ($this->canUserRegister($username) && !is_user_member_of_blog($user->ID, get_current_blog_id())) { $nextrole = $this->canUserRegister($username); add_user_to_blog(get_current_blog_id(), $user->ID, $nextrole); } } return $user; } /** Register a new user, if it is allowed */ if ($user_role = $this->canUserRegister($username)) { $user_email = ''; $email_registration = $this->settings['e-mail_registration']; //How does the site is configured to get the email? switch ($email_registration) { case 2: //Using sufix $user_email = $username . '@' . $this->settings['email_suffix']; break; case 3: //Using LDAP /*fetch user email from ldap*/ $ds = ldap_connect($this->settings['ldap_server']); ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION, $this->settings['ldap_protocol']); ldap_set_option($ds, LDAP_OPT_RESTART, TRUE); $r = ldap_bind($ds, $this->settings['ldap_username_rdn'], $this->settings['ldap_password']); $list = ldap_list($ds, $this->settings['ldap_basedn'], "uid={$username}"); if ($list !== FALSE) { $result = ldap_get_entries($ds, $list); if ($result['count'] > 0) { $result = $result[0]; if (isset($result['mail']) && is_array($result['mail'])) { $user_email = $result['mail'][0]; } if (isset($result['displayname']) && is_array($result['displayname'])) { $user_realname = $result['displayname'][0]; $exploded_name = explode(' ', $user_realname); $firstname = $exploded_name[0]; $lastname = end($exploded_name); } } } break; default: //No email predition break; } $user_info = array(); $user_info['user_pass'] = $password; $user_info['user_email'] = $user_email; $user_info['user_login'] = $username; $user_info['display_name'] = $user_realname; $user_info['first_name'] = $firstname; $user_info['last_name'] = $lastname; //Verify if we need to add user to a specified role if (!is_bool($user_role)) { $user_info['role'] = $user_role; } if (!is_wp_error(wp_insert_user($user_info))) { $send_user = !empty($user_info['user_email']); //False, if user has no email if (!isset($user_info['role']) && $this->settings['wait_mail']['send_user']) { //If user has no role and is allowed to send wait mail to user $this->processMailing(WPCAS_WAITACCESS_MAIL, $user_info, $send_user); } else { if (!isset($user_info['role']) && !$this->settings['wait_mail']['send_user']) { //Otherwise, if has no role and we don't want a wait for access mail, send the welcome mail $this->processMailing(WPCAS_WELCOME_MAIL, $user_info, $send_user); } else { //In any other case, send a Welcome Mail $this->processMailing(WPCAS_WELCOME_MAIL, $user_info, $send_user); } } $user = get_user_by('login', $username); if (!isset($user_info['user_role'])) { update_user_meta($user->ID, '_wpcas_waiting', true); } return $user; } } else { $caserror_file = get_template_directory() . '/cas_error.php'; include file_exists($caserror_file) ? $caserror_file : "cas_error.php"; exit; } }
/** * Attempt a login * * @param int iOnExit What action to take if the user is not logged on (one of the class constants EXIT_...) * @return int One of the class constants EXIT_CODE_... */ protected static function Login($iOnExit) { if (self::SecureConnectionRequired() && !utils::IsConnectionSecure()) { // Non secured URL... request for a secure connection throw new Exception('Secure connection required!'); } $aAllowedLoginTypes = MetaModel::GetConfig()->GetAllowedLoginTypes(); if (isset($_SESSION['auth_user'])) { //echo "User: "******"\n"; // Already authentified UserRights::Login($_SESSION['auth_user']); // Login & set the user's language return self::EXIT_CODE_OK; } else { $index = 0; $sLoginMode = ''; $sAuthentication = 'internal'; while ($sLoginMode == '' && $index < count($aAllowedLoginTypes)) { $sLoginType = $aAllowedLoginTypes[$index]; switch ($sLoginType) { case 'cas': utils::InitCASClient(); // check CAS authentication if (phpCAS::isAuthenticated()) { $sAuthUser = phpCAS::getUser(); $sAuthPwd = ''; $sLoginMode = 'cas'; $sAuthentication = 'external'; } break; case 'form': // iTop standard mode: form based authentication $sAuthUser = utils::ReadPostedParam('auth_user', '', false, 'raw_data'); $sAuthPwd = utils::ReadPostedParam('auth_pwd', null, false, 'raw_data'); if ($sAuthUser != '' && $sAuthPwd !== null) { $sLoginMode = 'form'; } break; case 'basic': // Standard PHP authentication method, works with Apache... // Case 1) Apache running in CGI mode + rewrite rules in .htaccess if (isset($_SERVER['HTTP_AUTHORIZATION']) && !empty($_SERVER['HTTP_AUTHORIZATION'])) { list($sAuthUser, $sAuthPwd) = explode(':', base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6))); $sLoginMode = 'basic'; } else { if (isset($_SERVER['PHP_AUTH_USER'])) { $sAuthUser = $_SERVER['PHP_AUTH_USER']; // Unfortunately, the RFC is not clear about the encoding... // IE and FF supply the user and password encoded in ISO-8859-1 whereas Chrome provides them encoded in UTF-8 // So let's try to guess if it's an UTF-8 string or not... fortunately all encodings share the same ASCII base if (!self::LooksLikeUTF8($sAuthUser)) { // Does not look like and UTF-8 string, try to convert it from iso-8859-1 to UTF-8 // Supposed to be harmless in case of a plain ASCII string... $sAuthUser = iconv('iso-8859-1', 'utf-8', $sAuthUser); } $sAuthPwd = $_SERVER['PHP_AUTH_PW']; if (!self::LooksLikeUTF8($sAuthPwd)) { // Does not look like and UTF-8 string, try to convert it from iso-8859-1 to UTF-8 // Supposed to be harmless in case of a plain ASCII string... $sAuthPwd = iconv('iso-8859-1', 'utf-8', $sAuthPwd); } $sLoginMode = 'basic'; } } break; case 'external': // Web server supplied authentication $bExternalAuth = false; $sExtAuthVar = MetaModel::GetConfig()->GetExternalAuthenticationVariable(); // In which variable is the info passed ? eval('$sAuthUser = isset(' . $sExtAuthVar . ') ? ' . $sExtAuthVar . ' : false;'); // Retrieve the value if ($sAuthUser && strlen($sAuthUser) > 0) { $sAuthPwd = ''; // No password in this case the web server already authentified the user... $sLoginMode = 'external'; $sAuthentication = 'external'; } break; case 'url': // Credentials passed directly in the url $sAuthUser = utils::ReadParam('auth_user', '', false, 'raw_data'); $sAuthPwd = utils::ReadParam('auth_pwd', null, false, 'raw_data'); if ($sAuthUser != '' && $sAuthPwd !== null) { $sLoginMode = 'url'; } break; } $index++; } //echo "\nsLoginMode: $sLoginMode (user: $sAuthUser / pwd: $sAuthPwd\n)"; if ($sLoginMode == '') { // First connection $sDesiredLoginMode = utils::ReadParam('login_mode'); if (in_array($sDesiredLoginMode, $aAllowedLoginTypes)) { $sLoginMode = $sDesiredLoginMode; } else { $sLoginMode = $aAllowedLoginTypes[0]; // First in the list... } if (array_key_exists('HTTP_X_COMBODO_AJAX', $_SERVER)) { // X-Combodo-Ajax is a special header automatically added to all ajax requests // Let's reply that we're currently logged-out header('HTTP/1.0 401 Unauthorized'); exit; } if ($iOnExit == self::EXIT_HTTP_401 || $sLoginMode == 'basic') { header('WWW-Authenticate: Basic realm="' . Dict::Format('UI:iTopVersion:Short', ITOP_VERSION)); header('HTTP/1.0 401 Unauthorized'); header('Content-type: text/html; charset=iso-8859-1'); exit; } else { if ($iOnExit == self::EXIT_RETURN) { if ($sAuthUser !== '' && $sAuthPwd === null) { return self::EXIT_CODE_MISSINGPASSWORD; } else { return self::EXIT_CODE_MISSINGLOGIN; } } else { $oPage = self::NewLoginWebPage(); $oPage->DisplayLoginForm($sLoginMode, false); $oPage->output(); exit; } } } else { if (!UserRights::CheckCredentials($sAuthUser, $sAuthPwd, $sLoginMode, $sAuthentication)) { //echo "Check Credentials returned false for user $sAuthUser!"; self::ResetSession(); if ($iOnExit == self::EXIT_HTTP_401 || $sLoginMode == 'basic') { header('WWW-Authenticate: Basic realm="' . Dict::Format('UI:iTopVersion:Short', ITOP_VERSION)); header('HTTP/1.0 401 Unauthorized'); header('Content-type: text/html; charset=iso-8859-1'); exit; } else { if ($iOnExit == self::EXIT_RETURN) { return self::EXIT_CODE_WRONGCREDENTIALS; } else { $oPage = self::NewLoginWebPage(); $oPage->DisplayLoginForm($sLoginMode, true); $oPage->output(); exit; } } } else { // User is Ok, let's save it in the session and proceed with normal login UserRights::Login($sAuthUser, $sAuthentication); // Login & set the user's language if (MetaModel::GetConfig()->Get('log_usage')) { $oLog = new EventLoginUsage(); $oLog->Set('userinfo', UserRights::GetUser()); $oLog->Set('user_id', UserRights::GetUserObject()->GetKey()); $oLog->Set('message', 'Successful login'); $oLog->DBInsertNoReload(); } $_SESSION['auth_user'] = $sAuthUser; $_SESSION['login_mode'] = $sLoginMode; UserRights::_InitSessionCache(); } } } return self::EXIT_CODE_OK; }
/** * Authentication choice (CAS or other) * Redirection to the CAS form or to login/index.php * for other authentication */ function loginpage_hook() { global $frm; global $CFG; global $SESSION, $OUTPUT, $PAGE; $site = get_site(); $CASform = get_string('CASform', 'auth_cas'); $username = optional_param('username', '', PARAM_RAW); $courseid = optional_param('courseid', 0, PARAM_INT); if (!empty($username)) { if (isset($SESSION->wantsurl) && (strstr($SESSION->wantsurl, 'ticket') || strstr($SESSION->wantsurl, 'NOCAS'))) { unset($SESSION->wantsurl); } return; } // Return if CAS enabled and settings not specified yet if (empty($this->config->hostname)) { return; } // If the multi-authentication setting is used, check for the param before connecting to CAS. if ($this->config->multiauth) { // If there is an authentication error, stay on the default authentication page. if (!empty($SESSION->loginerrormsg)) { return; } $authCAS = optional_param('authCAS', '', PARAM_RAW); if ($authCAS == 'NOCAS') { return; } // Show authentication form for multi-authentication. // Test pgtIou parameter for proxy mode (https connection in background from CAS server to the php server). if ($authCAS != 'CAS' && !isset($_GET['pgtIou'])) { $PAGE->set_url('/login/index.php'); $PAGE->navbar->add($CASform); $PAGE->set_title("{$site->fullname}: {$CASform}"); $PAGE->set_heading($site->fullname); echo $OUTPUT->header(); include $CFG->dirroot . '/auth/cas/cas_form.html'; echo $OUTPUT->footer(); exit; } } // Connection to CAS server $this->connectCAS(); if (phpCAS::checkAuthentication()) { $frm = new stdClass(); $frm->username = phpCAS::getUser(); $frm->password = '******'; // Redirect to a course if multi-auth is activated, authCAS is set to CAS and the courseid is specified. if ($this->config->multiauth && !empty($courseid)) { redirect(new moodle_url('/course/view.php', array('id' => $courseid))); } return; } if (isset($_GET['loginguest']) && $_GET['loginguest'] == true) { $frm = new stdClass(); $frm->username = '******'; $frm->password = '******'; return; } // Force CAS authentication (if needed). if (!phpCAS::isAuthenticated()) { phpCAS::setLang($this->config->language); phpCAS::forceAuthentication(); } }
public static function is_authenticated() { return phpCAS::isAuthenticated(); }
public static function logout($parameters) { if (\OC::$server->getConfig()->getAppValue('user_cas', 'cas_disable_logout', false)) { return true; } $casBackend = OC_USER_CAS::getInstance(); if (phpCAS::isAuthenticated()) { phpCAS::logout(); } return true; }
/** * Authentication choice (CAS or other) * Redirection to the CAS form or to login/index.php * for other authentication */ function loginpage_hook() { global $frm; global $CFG; global $SESSION, $OUTPUT, $PAGE; $site = get_site(); $CASform = get_string('CASform', 'auth_cas'); $username = optional_param('username', '', PARAM_RAW); if (!empty($username)) { if (isset($SESSION->wantsurl) && (strstr($SESSION->wantsurl, 'ticket') || strstr($SESSION->wantsurl, 'NOCAS'))) { unset($SESSION->wantsurl); } return; } // Return if CAS enabled and settings not specified yet if (empty($this->config->hostname)) { return; } // Connection to CAS server $this->connectCAS(); if (phpCAS::checkAuthentication()) { $frm = new stdClass(); $frm->username = phpCAS::getUser(); $frm->password = '******'; return; } if (isset($_GET['loginguest']) && $_GET['loginguest'] == true) { $frm = new stdClass(); $frm->username = '******'; $frm->password = '******'; return; } if ($this->config->multiauth) { $authCAS = optional_param('authCAS', '', PARAM_RAW); if ($authCAS == 'NOCAS') { return; } // Show authentication form for multi-authentication // test pgtIou parameter for proxy mode (https connection // in background from CAS server to the php server) if ($authCAS != 'CAS' && !isset($_GET['pgtIou'])) { $PAGE->set_url('/login/index.php'); $PAGE->navbar->add($CASform); $PAGE->set_title("{$site->fullname}: {$CASform}"); $PAGE->set_heading($site->fullname); echo $OUTPUT->header(); include $CFG->dirroot . '/auth/cas/cas_form.html'; echo $OUTPUT->footer(); exit; } } // Force CAS authentication (if needed). if (!phpCAS::isAuthenticated()) { phpCAS::setLang($this->config->language); phpCAS::forceAuthentication(); } }
public function getIsGuest() { $this->isGuest = !\phpCAS::isAuthenticated() || \yii::$app->user->identity == null; return $this->isGuest; }
public function checkPassword($uid, $password) { if (!self::initialized_php_cas()) { return false; } if (!phpCAS::isAuthenticated()) { return false; } $uid = phpCAS::getUser(); if ($uid === false) { OC_Log::write('cas', 'phpCAS return no user !', OC_Log::ERROR); return false; } if ($this->initializeLdapBackendAdapter()) { OC_Log::write('cas', "Search CAS user '{$uid}' in LDAP", OC_Log::DEBUG); //Retrieve user in LDAP directory $ocname = $this->ldapBackendAdapter->getUuid($uid); if ($uid !== false && $ocname !== false) { OC_Log::write('cas', "Found CAS user '{$uid}' in LDAP with name '{$ocname}'", OC_Log::DEBUG); return $ocname; } } return $uid; }
/** * Connect the user or the organization automatically if possible, * ask for method to connect otherwise. * * @Route("/user", name="user_connect") * @Template() */ public function connectAction() { if ($this->getUserLayer()->isConnected()) { return $this->redirect($this->generateUrl('homepage')); } if ($this->get('session')->has('etu.last_url')) { $this->get('session')->set('etu.login_target', $this->get('session')->get('etu.last_url')); } else { $this->get('session')->set('etu.login_target', $this->generateUrl('homepage')); } if ($this->getKernel()->getEnvironment() != 'test') { $this->initializeCAS(); \phpCAS::setNoCasServerValidation(); if (\phpCAS::isAuthenticated()) { // Try to connect user automatically $login = \phpCAS::getUser(); $em = $this->getDoctrine()->getManager(); $user = $em->getRepository('EtuUserBundle:User')->findOneBy(array('login' => $login)); if ($user && $user->getIsBanned()) { $this->get('session')->getFlashBag()->set('message', array('type' => 'error', 'message' => 'Vous avez été banni d\'EtuUTT.')); return $this->redirect($this->generateUrl('homepage')); } // If the user can't be loaded from database, we try for an organization if (!$user) { $orga = $em->getRepository('EtuUserBundle:Organization')->findOneBy(array('login' => $login)); if ($orga) { $user = $orga; } } // If the user can't be loaded even as organization, we try using LDAP if (!$user) { /** @var $ldap LdapManager */ $ldap = $this->get('etu.user.ldap'); $ldapUser = $ldap->getUser($login); // If we can't use a classic user, try with an organization if (!$ldapUser) { $ldapUser = $ldap->getOrga($login); } // We caught a user that is not in the database : we import it ! if ($ldapUser instanceof User) { $import = new ElementToImport($this->getDoctrine(), $ldapUser); $user = $import->import(true); } elseif ($ldapUser instanceof Organization) { $this->get('session')->getFlashBag()->set('message', array('type' => 'error', 'message' => 'user.auth.connect.orga_exists_ldap')); return $this->redirect($this->generateUrl('homepage')); } } if ($user instanceof \Etu\Core\UserBundle\Entity\User) { $this->createSession(Session::TYPE_USER, $user); // Remove BuckUTT cookie $this->get('session')->remove(SoapManager::cookie_name); $this->get('session')->getFlashBag()->set('message', array('type' => 'success', 'message' => 'user.auth.connect.confirm')); if (in_array($user->getLanguage(), $this->container->getParameter('etu.translation.languages'))) { $this->get('session')->set('_locale', $user->getLanguage()); } if ($this->get('session')->has('etu.login_target')) { return $this->redirect($this->get('session')->get('etu.login_target')); } else { return $this->redirect($this->generateUrl('homepage')); } } elseif ($user instanceof \Etu\Core\UserBundle\Entity\Organization) { $this->createSession(Session::TYPE_ORGA, $user); // Remove BuckUTT cookie $this->get('session')->remove(SoapManager::cookie_name); $this->get('session')->getFlashBag()->set('message', array('type' => 'success', 'message' => 'user.auth.connect.confirm')); if ($this->get('session')->has('etu.login_target')) { return $this->redirect($this->get('session')->get('etu.login_target')); } else { return $this->redirect($this->generateUrl('homepage')); } } } } // If we can't auto-connect, we ask for the method return array(); }
public static function logout($parameters) { if (phpCAS::isAuthenticated()) { \OCP\Util::writeLog('user_cas', "Deconexion", \OCP\Util::DEBUG); //phpCAS::logoutWithUrl('www.univ-amu.fr'); phpCAS::logout(); } return true; }