/** * Validate the service ticket parameter present in the request. * * This method will return the username of the user if valid, and raise an * exception if the ticket is not found or not valid. * * @param string $ticket * The CAS authentication ticket to validate. * @param array $service_params * An array of query string parameters to add to the service URL. * * @return array * An array containing validation result data from the CAS server. * * @throws CasValidateException * Thrown if there was a problem making the validation request or * if there was a local configuration issue. */ public function validateTicket($ticket, $service_params = array()) { $options = array(); $verify = $this->casHelper->getSslVerificationMethod(); switch ($verify) { case CasHelper::CA_CUSTOM: $cert = $this->casHelper->getCertificateAuthorityPem(); $options['verify'] = $cert; break; case CasHelper::CA_NONE: $options['verify'] = FALSE; break; case CasHelper::CA_DEFAULT: default: // This triggers for CasHelper::CA_DEFAULT. $options['verify'] = TRUE; } $validate_url = $this->casHelper->getServerValidateUrl($ticket, $service_params); $this->casHelper->log("Attempting to validate service ticket using URL {$validate_url}"); try { $response = $this->httpClient->get($validate_url, $options); $response_data = $response->getBody()->__toString(); $this->casHelper->log("Validation response received from CAS server: " . htmlspecialchars($response_data)); } catch (RequestException $e) { throw new CasValidateException("Error with request to validate ticket: " . $e->getMessage()); } $protocol_version = $this->casHelper->getCasProtocolVersion(); switch ($protocol_version) { case "1.0": return $this->validateVersion1($response_data); case "2.0": return $this->validateVersion2($response_data); } throw new CasValidateException('Unknown CAS protocol version specified: ' . $protocol_version); }
/** * Validate the service ticket parameter present in the request. * * This method will return the username of the user if valid, and raise an * exception if the ticket is not found or not valid. * * @param string $version * The protocol version of the CAS server. * @param string $ticket * The CAS authentication ticket to validate. * @param array $service_params * An array of query string parameters to add to the service URL. * * @return array * An array containing validation result data from the CAS server. * @throws CasValidateException */ public function validateTicket($version, $ticket, $service_params = array()) { try { $validate_url = $this->casHelper->getServerValidateUrl($ticket, $service_params); $this->casHelper->log("Trying to validate against {$validate_url}"); $options = array(); $cert = $this->casHelper->getCertificateAuthorityPem(); if (!empty($cert)) { $options['verify'] = $cert; } else { $options['verify'] = FALSE; } $response = $this->httpClient->get($validate_url, $options); $response_data = $response->getBody()->__toString(); $this->casHelper->log("Received " . htmlspecialchars($response_data)); } catch (ClientException $e) { throw new CasValidateException("Error with request to validate ticket: " . $e->getMessage()); } switch ($version) { case "1.0": return $this->validateVersion1($response_data); case "2.0": return $this->validateVersion2($response_data); } // If we get here, its because we had a bad CAS version specified. throw new CasValidateException("Unknown CAS protocol version specified."); }
/** * Test getting the CA PEM file. * * @covers ::getCertificateAuthorityPem * @covers ::__construct */ public function testGetCertificateAuthorityPem() { $config_factory = $this->getConfigFactoryStub(array('cas.settings' => array('server.hostname' => 'example.com', 'server.port' => 443, 'server.path' => '/cas', 'server.cert' => '/path/to/file/cert.pem'))); $cas_helper = new CasHelper($config_factory, $this->urlGenerator, $this->connection, $this->loggerFactory, $this->session); $this->assertEquals('/path/to/file/cert.pem', $cas_helper->getCertificateAuthorityPem()); }