$ticketStore = new $ticketStoreClass($casconfig); $ticketFactoryClass = SimpleSAML_Module::resolveClass('casserver:TicketFactory', 'Cas_Ticket'); $ticketFactory = new $ticketFactoryClass($casconfig); $serviceTicket = $ticketStore->getTicket($_GET['ticket']); if (!is_null($serviceTicket) && ($ticketFactory->isServiceTicket($serviceTicket) || $ticketFactory->isProxyTicket($serviceTicket) && $method == 'proxyValidate')) { $ticketStore->deleteTicket($_GET['ticket']); $attributes = $serviceTicket['attributes']; if (!$ticketFactory->isExpired($serviceTicket) && sanitize($serviceTicket['service']) == sanitize($_GET['service']) && (!$forceAuthn || $serviceTicket['forceAuthn'])) { $protocol->setAttributes($attributes); if (isset($_GET['pgtUrl'])) { $sessionTicket = $ticketStore->getTicket($serviceTicket['sessionId']); $pgtUrl = $_GET['pgtUrl']; if (!is_null($sessionTicket) && $ticketFactory->isSessionTicket($sessionTicket) && !$ticketFactory->isExpired($sessionTicket)) { $proxyGrantingTicket = $ticketFactory->createProxyGrantingTicket(array('userName' => $serviceTicket['userName'], 'attributes' => $attributes, 'forceAuthn' => false, 'proxies' => array_merge(array($_GET['service']), $serviceTicket['proxies']), 'sessionId' => $serviceTicket['sessionId'])); try { SimpleSAML\Utils\HTTP::fetch($pgtUrl . '?pgtIou=' . $proxyGrantingTicket['iou'] . '&pgtId=' . $proxyGrantingTicket['id']); $protocol->setProxyGrantingTicketIOU($proxyGrantingTicket['iou']); $ticketStore->addTicket($proxyGrantingTicket); } catch (Exception $e) { } } } echo $protocol->getValidateSuccessResponse($serviceTicket['userName']); } else { if ($ticketFactory->isExpired($serviceTicket)) { $message = 'Ticket ' . var_export($_GET['ticket'], true) . ' has expired'; SimpleSAML_Logger::debug('casserver:' . $message); echo $protocol->getValidateFailureResponse('INVALID_TICKET', $message); } else { if (sanitize($serviceTicket['service']) != sanitize($_GET['service'])) { $message = 'Mismatching service parameters: expected ' . var_export($serviceTicket['service'], true) . ' but was: ' . var_export($_GET['service'], true);