/
CASUser.php
149 lines (119 loc) · 3.5 KB
/
CASUser.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
<?php
//Relevant settings. Declared globally in gen_Defines.php
/*define( 'SITE_CAS_HOSTNAME',"signin.mygcx.org" );
define( 'SITE_CAS_PORT',443 );
define( 'SITE_CAS_PATH','/cas' );
define("SITE_CAS_SESSION", 0);
define("SITE_CAS_VERSION", CAS_VERSION_2_0);
define("SITE_CAS_CONNEXIONBAR_URL", "https://www.mygcx.org/public/module/omnibar/omnibar");
define("SITE_CAS_CALLBACK", "http://dev.intranet.campusforchrist.org/callback.php");
define("SITE_CAS_PGT_STORE", "/var/www/campus/dev.intranet.campusforchrist.org/pgt");*/
class CASUser
{
function setup()
{
//Only setup if we haven't already
global $PHPCAS_CLIENT;
if ( !is_object($PHPCAS_CLIENT))
{
phpCAS::setDebug("/var/www/campus/dev.intranet.campusforchrist.org/cas.log");
phpCAS::proxy(SITE_CAS_VERSION, SITE_CAS_HOSTNAME, SITE_CAS_PORT, SITE_CAS_PATH, SITE_CAS_SESSION);
phpCAS::setFixedCallbackURL(SITE_CAS_CALLBACK);
//No SSL
phpCAS::setNoCasServerValidation();
phpCAS::setPGTStorageFile('xml', SITE_CAS_PGT_STORE);//session_save_path());
return true;
}
return false;
}
function login_link()
{
CASUser::setup();
return phpCAS::getServerLoginURL();
}
function isAuthenticated()
{
CASUser::setup();
return phpCAS::isAuthenticated();
}
function forceAuth()
{
if(!CASUser::isAuthenticated())
{
phpCAS::forceAuthentication();
return false;
}
return true;
}
// Doesn't force a login, uses gateway auth
function checkAuth()
{
if(CASUser::setup())
{
//Allow it to be called multiple times, and return the auth info
//Normally it will force a login if this isn't done
return phpCAS::checkAuthentication();
}
else
{
return CASUser::isAuthenticated();
}
}
function logout()
{
CASUser::setup();
phpCAS::logout();
}
function getConnexionBar()
{
if ( CASUser::checkAuth() )
{
$service = SITE_CAS_CONNEXIONBAR_URL;
phpCAS::serviceWeb($service,$err_code,$output);
$xml = simplexml_load_string($output);
$result = $xml->xpath('/reportoutput/reportdata');
return html_entity_decode($result[0]->asXML());
}
else
{
return "";
}
}
/* Retired Code */
/* For use with Proxy only */
/*function getLoginInfo($ticket = null)
{
CASUser::setup();
$return = false;
if(!empty($ticket))
{
// If a ticket was sent to us, use it
// Note: This will find a GUID based on a ticket without causing the ticket to expire
global $PHPCAS_CLIENT;
// Validate proxy ticket
if($PHPCAS_CLIENT->validatePT($lnk, $txt, $tree))
{
$return = CASUser::extractInfo($txt);
$return['ticket'] = $PHPCAS_CLIENT->getPT();
}
}
return $return;
}*/
/*function extractInfo($txt)
{
// XML Format
$ret['guid'] = CASUser::extractInfoFromTag($txt, "ssoGuid");
$ret['username'] = CASUser::extractInfoFromTag($txt, "cas:user");
$ret['firstname'] = CASUser::extractInfoFromTag($txt, "firstName");
$ret['lastname'] = CASUser::extractInfoFromTag($txt, "lastName");
return $ret;
}*/
/*function extractInfoFromTag($txt, $tagname)
{
$taglen = strlen($tagname) + 2;
$begin = strpos($txt, "<$tagname>") + $taglen;
$length = strpos($txt, "</$tagname>") - $begin;
return substr($txt, $begin, $length);
}*/
}
?>