예제 #1
0
    throw new Exception('Required URL query parameter [service] not provided. (CAS Server)');
}
$service = $_GET['service'];
if (!array_key_exists('ticket', $_GET)) {
    throw new Exception('Required URL query parameter [ticket] not provided. (CAS Server)');
}
$ticket = $_GET['ticket'];
$renew = FALSE;
if (array_key_exists('renew', $_GET)) {
    $renew = TRUE;
}
try {
    /* Load simpleSAMLphp, configuration and metadata */
    $casconfig = SimpleSAML_Configuration::getConfig('module_casserver.php');
    $path = $casconfig->resolvePath($casconfig->getValue('ticketcache', 'ticketcache'));
    $ticketcontent = retrieveTicket($ticket, $path);
    $usernamefield = $casconfig->getValue('attrname', 'eduPersonPrincipalName');
    $dosendattributes = $casconfig->getValue('attributes', FALSE);
    if (array_key_exists($usernamefield, $ticketcontent)) {
        returnResponse('YES', $ticketcontent[$usernamefield][0], $dosendattributes ? $ticketcontent : array());
    } else {
        returnResponse('NO');
    }
} catch (Exception $e) {
    returnResponse('NO', $e->getMessage());
}
function returnResponse($value, $content = '', $attributes = array())
{
    if ($value === 'YES') {
        $attributesxml = "";
        foreach ($attributes as $attributename => $attributelist) {
예제 #2
0
 *  ptg
 *  
 */
if (array_key_exists('targetService', $_GET)) {
    $targetService = $_GET['targetService'];
    $pgt = $_GET['pgt'];
} else {
    throw new Exception('Required URL query parameter [targetService] not provided. (CAS Server)');
}
$casconfig = SimpleSAML_Configuration::getConfig('module_casserver.php');
$legal_service_urls = $casconfig->getValue('legal_service_urls');
if (!checkServiceURL($targetService, $legal_service_urls)) {
    throw new Exception('Service parameter provided to CAS server is not listed as a legal service: [service] = ' . $service);
}
$path = $casconfig->resolvePath($casconfig->getValue('ticketcache', 'ticketcache'));
$ticket = retrieveTicket($pgt, $path, false);
if ($ticket['validbefore'] > time()) {
    $pt = str_replace('_', 'PT-', SimpleSAML\Utils\Random::generateID());
    storeTicket($pt, $path, array('service' => $targetService, 'forceAuthn' => false, 'attributes' => $ticket['attributes'], 'proxies' => $ticket['proxies'], 'validbefore' => time() + 5));
    print <<<eox
<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
    <cas:proxySuccess>
        <cas:proxyTicket>{$pt}</cas:proxyTicket>
    </cas:proxySuccess>
</cas:serviceResponse>
eox;
} else {
    print <<<eox
<cas:serviceResponse xmlns:cas='http://www.yale.edu/tp/cas'>
    <cas:proxyFailure code="INVALID_REQUEST">
        Proxygranting ticket to old - ssp casserver only supports shortlived (30 secs) pgts.