/** * @covers ::isUsed * @covers ::markUsed */ function test_reuse() { $type = CAS\Ticket::TYPE_ST; $user = get_user_by('id', $this->factory->user->create()); $service = 'https://test/ÚÑ|Ǻ∂€/'; $ticket = new CAS\Ticket($type, $user, $service); $this->assertFalse($ticket->isUsed(), 'Newly generated ticket is fresh.'); $ticket->markUsed(); $this->assertTrue($ticket->isUsed(), 'Ticket correctly marked as used.'); Cassava\Options::set('allow_ticket_reuse', 1); $this->assertFalse($ticket->isUsed(), 'Settings allow ticket reuse.'); }
/** * Validates a ticket, returning a ticket object, or throws an exception. * * Triggers the `cas_server_validation_success` action on ticket validation. * * @param string $ticket Service or proxy ticket. * @param string $service Service URI. * @return CAS\Ticket Valid ticket object associated with request. * * @uses \do_action() * @uses \esc_url_raw() * * @throws \Cassava\Exception\RequestException * @throws \Cassava\Exception\TicketException */ protected function validateRequest($ticket = '', $service = '') { if (empty($ticket)) { throw new RequestException(__('Ticket is required.', 'wp-cas-server')); } if (empty($service)) { throw new RequestException(__('Service is required.', 'wp-cas-server')); } $service = esc_url_raw($service); CAS\Ticket::validateAllowedTypes($ticket, $this->validTicketTypes); $ticket = CAS\Ticket::fromString($ticket); $ticket->markUsed(); if ($ticket->service !== $service) { throw new RequestException(__('Ticket does not match the service provided.', 'wp-cas-server'), RequestException::ERROR_INVALID_SERVICE); } /** * Fires on successful ticket validation. * * @param \Cassava\CAS\Ticket $ticket Valid ticket object. */ \do_action('cas_server_validation_success', $ticket); return $ticket; }