From 7107939d1228f1066cdfc478297127856c2ad49a Mon Sep 17 00:00:00 2001 From: Jacek Kowalski <jkowalsk@student.agh.edu.pl> Date: Thu, 03 Sep 2015 17:13:09 +0000 Subject: [PATCH] Extract hardcoded session variable name to separate field --- uphpCAS.php | 46 +++++++++++++++++++++++++++++----------------- 1 files changed, 29 insertions(+), 17 deletions(-) diff --git a/uphpCAS.php b/uphpCAS.php index 4119ece..bf6ab6a 100644 --- a/uphpCAS.php +++ b/uphpCAS.php @@ -1,7 +1,7 @@ <?php // Thrown when internal error occurs class JasigException extends Exception {} -// Thrown when CAS server return authentication error +// Thrown when CAS server returns authentication error class JasigAuthException extends JasigException {} class JasigUser { @@ -13,8 +13,9 @@ const VERSION = '1.0'; protected $serverUrl = ''; protected $serviceUrl; + protected $sessionName = 'uphpCAS-user'; - function __construct($serverUrl = NULL, $serviceUrl = NULL) { + function __construct($serverUrl = NULL, $serviceUrl = NULL, $sessionName = NULL) { if($serverUrl != NULL) { $this->serverUrl = rtrim($serverUrl, '/'); } @@ -44,9 +45,13 @@ $this->serviceUrl = $url; } + + if($sessionName) { + $this->sessionName = $sessionName; + } } - public function getServerUrl($serverUrl) { + public function getServerUrl() { return $this->serverUrl; } public function setServerUrl($serverUrl) { @@ -60,6 +65,13 @@ $this->serviceUrl = $serviceUrl; } + public function getSessionName($sessionName) { + return $this->sessionName; + } + public function setSessionName($sessionName) { + $this->sessionName = $sessionName; + } + public function loginUrl() { return $this->serverUrl.'/login?method=POST&service='.urlencode($this->serviceUrl); } @@ -68,26 +80,29 @@ return $this->serverUrl.'/logout'.($returnUrl ? '?service='.urlencode($returnUrl) : ''); } - public function logout() { + public function logout($returnUrl = NULL) { session_start(); - if(isset($_SESSION['uphpCAS-user'])) { - unset($_SESSION['uphpCAS-user']); + if($this->isAuthenticated()) { + unset($_SESSION[$this->sessionName]); + header('Location: '.$this->logoutUrl($returnUrl)); + die(); + } elseif($returnUrl) { + header('Location: '.$returnUrl); + die(); } - header('Location: '.$this->logoutUrl()); - die(); } public function isAuthenticated() { - return isset($_SESSION['uphpCAS-user']); + return isset($_SESSION[$this->sessionName]); } public function authenticate() { session_start(); if($this->isAuthenticated()) { - return $_SESSION['uphpCAS-user']; + return $_SESSION[$this->sessionName]; } elseif(isset($_REQUEST['ticket'])) { $user = $this->verifyTicket($_REQUEST['ticket']); - $_SESSION['uphpCAS-user'] = $user; + $_SESSION[$this->sessionName] = $user; return $user; } else { header('Location: '.$this->loginUrl()); @@ -157,8 +172,7 @@ break; } } - } - catch(Exception $e) { + } catch(Exception $e) { throw new JasigException('Authentication error: CAS server' .' response invalid - parse error', 0, $e); } finally { @@ -192,7 +206,7 @@ } $user = trim($user->item(0)->textContent); - if(strlen($user)<1) { + if(strlen($user) < 1) { throw new JasigException('Authentication error: CAS server' .' response invalid - user value'); } @@ -209,9 +223,7 @@ } return $jusr; - } - else - { + } else { throw new JasigException('Authentication error: CAS server' .' response invalid - required tag not found'); } -- Gitblit v1.9.1