mirror of https://github.com/jacekkow/uphpCAS-tests
view | history | commit | commitdiff
Jacek Kowalski
2015-09-06 e48ca57b4b2e982b4d4495f58f51a2dfee0c6550
commit | author | age
5686c9 1 <?php
JK 2 # Mockup of a CAS server
3
4 session_start();
5
6 switch($_SERVER['PATH_INFO']) {
7     case '/login':
8         if($_SERVER['REQUEST_METHOD'] == 'POST') {
9             $ticket = NULL;
10             if($_POST['user']) {
11                 $ticket = $_POST;
12             }
13             $_SESSION['ticket'] = json_encode($ticket);
14         }
15         
16         if(isset($_SESSION['ticket'])) {
17             $url = $_GET['service'];
18             $ticket = $_SESSION['ticket'];
19             
20             if(!isset($_GET['method']) OR $_GET['method'] != 'POST') {
21                 if(strpos($url, '?') === FALSE) {
22                     $url .= '?';
23                 } else {
24                     $url .= '&';
25                 }
26                 $url .= 'ticket='.$ticket;
27                 
28                 header('Location: '.$url);
29                 die();
30             } else {
31                 include('cas_login_post.php');
32                 die();
33             }
34         } elseif($_SERVER['REQUEST_METHOD'] == 'GET') {
35             include('cas_login_form.php');
36             die();
37         }
38         break;
39     
40     case '/logout':
41         unset($_SESSION['ticket']);
42         if(isset($_GET['service'])) {
43             header('Location: '.$_GET['service']);
44         }
45         die('Logged out');
46         break;
47     
48     case '/serviceValidate':
49         if(!isset($_GET['ticket'])) {
50             readfile('cas_failure_noticket.xml');
51             die();
52         }
53         if(!isset($_GET['service'])) {
54             readfile('cas_failure_noservice.xml');
55             die();
56         }
57         
58         $ticket = json_decode($_GET['ticket'], TRUE);
59         if(!is_array($ticket)) {
60             readfile('cas_failure_malformatted.xml');
61             die();
62         }
63         if(!isset($ticket['user'])) {
64             readfile('cas_failue_nouser.xml');
65             die();
66         }
67         if(!isset($ticket['service']) || $_GET['service'] != $ticket['service']) {
68             readfile('cas_failure_wrongservice.xml');
69             die();
70         }
71         
72         $dom = new DOMDocument('1.0', 'utf-8');
73         $root = $dom->createElementNS('http://www.yale.edu/tp/cas', 'cas:serviceResponse');
74         $response = $dom->createElement('cas:authenticationSuccess');
75         $user = $dom->createElement('cas:user', $ticket['user']);
76         // TODO: attributes
77         $response->appendChild($user);
78         $root->appendChild($response);
79         $dom->appendChild($root);
80         echo $dom->saveXML();
81         die();
82         
83         break;
84 }
85
86 header('HTTP/1.1 404 Not Found');
87 die('Invalid method');