From cc5e2904619f00482ca79a75f4e073795850c8ca Mon Sep 17 00:00:00 2001 From: Jacek Kowalski <jkowalsk@student.agh.edu.pl> Date: Thu, 03 Sep 2015 17:09:44 +0000 Subject: [PATCH] Add $returnUrl parameter to logout() method --- uphpCAS.php | 59 +++++++++++++++++++++++++++++++++++++++++++++-------------- 1 files changed, 45 insertions(+), 14 deletions(-) diff --git a/uphpCAS.php b/uphpCAS.php index 63bfc51..b757153 100644 --- a/uphpCAS.php +++ b/uphpCAS.php @@ -1,7 +1,7 @@ <?php // Thrown when internal error occurs class JasigException extends Exception {} -// Thrown when CAS server return authentication error +// Thrown when CAS server returns authentication error class JasigAuthException extends JasigException {} class JasigUser { @@ -46,10 +46,16 @@ } } + public function getServerUrl() { + return $this->serverUrl; + } public function setServerUrl($serverUrl) { $this->serverUrl = $serverUrl; } + public function getServiceUrl() { + return $this->serviceUrl; + } public function setServiceUrl($serviceUrl) { $this->serviceUrl = $serviceUrl; } @@ -58,22 +64,29 @@ return $this->serverUrl.'/login?method=POST&service='.urlencode($this->serviceUrl); } - public function logoutUrl() { - return $this->serverUrl.'/logout'; + public function logoutUrl($returnUrl = NULL) { + return $this->serverUrl.'/logout'.($returnUrl ? '?service='.urlencode($returnUrl) : ''); } - public function logout() { + public function logout($returnUrl = NULL) { session_start(); - if(isset($_SESSION['uphpCAS-user'])) { + if($this->isAuthenticated()) { unset($_SESSION['uphpCAS-user']); + header('Location: '.$this->logoutUrl($returnUrl)); + die(); + } elseif($returnUrl) { + header('Location: '.$returnUrl); + die(); } - header('Location: '.$this->logoutUrl()); - die(); + } + + public function isAuthenticated() { + return isset($_SESSION['uphpCAS-user']); } public function authenticate() { session_start(); - if(isset($_SESSION['uphpCAS-user'])) { + if($this->isAuthenticated()) { return $_SESSION['uphpCAS-user']; } elseif(isset($_REQUEST['ticket'])) { $user = $this->verifyTicket($_REQUEST['ticket']); @@ -101,6 +114,27 @@ ), ); + if(version_compare(PHP_VERSION, '5.6', '<')) { + $cafiles = array( + '/etc/ssl/certs/ca-certificates.crt', + '/etc/ssl/certs/ca-bundle.crt', + '/etc/pki/tls/certs/ca-bundle.crt', + ); + $cafile = NULL; + foreach($cafiles as $file) { + if(is_file($file)) { + $cafile = $file; + break; + } + } + + $url = parse_url($this->serverUrl); + $context['ssl']['cafile'] = $cafile; + $context['ssl']['ciphers'] = 'ECDH:DH:AES:CAMELLIA:!SSLv2:!aNULL' + .':!eNULL:!EXPORT:!DES:!3DES:!MD5:!RC4:!ADH:!PSK:!SRP'; + $context['ssl']['CN_match'] = $url['host']; + } + $data = file_get_contents($this->serverUrl .'/serviceValidate?service='.urlencode($this->serviceUrl) .'&ticket='.urlencode($ticket), @@ -126,8 +160,7 @@ break; } } - } - catch(Exception $e) { + } catch(Exception $e) { throw new JasigException('Authentication error: CAS server' .' response invalid - parse error', 0, $e); } finally { @@ -161,7 +194,7 @@ } $user = trim($user->item(0)->textContent); - if(strlen($user)<1) { + if(strlen($user) < 1) { throw new JasigException('Authentication error: CAS server' .' response invalid - user value'); } @@ -178,9 +211,7 @@ } return $jusr; - } - else - { + } else { throw new JasigException('Authentication error: CAS server' .' response invalid - required tag not found'); } -- Gitblit v1.9.1