Zionetrix::Git
Repositories
Help
Report an Issue
test-cas-client
Code
Commits
Branches
Tags
Search
Tree:
0a785d9
Branches
Tags
master
test-cas-client
index.php
Use phpCAS::logoutWithUrl() on logout to ask for redirection to local app
Benjamin Renard
commited
0a785d9
at 2020-12-03 14:25:44
index.php
Blame
History
Raw
<?php /* ************************************ * Configuration * ************************************ */ // PhpCAS library path $phpCAS_path="CAS.php"; // All valid CAS servers $cas_servers=array( // CAS server hostname $_SERVER['SERVER_NAME'] => array( // Context of the CAS Server 'context' => '/cas', // CAS server port 'port' => 443, // If you running this application in HTTP only, uncomment following parameter //'insecure' => true, // Disable CAS server Validation 'ssl_validation' => false, // If ssl_validation is enable you must define 'ssl_cacert_path' => '/path/to/cacert.crt', 'ssl_cn_validation' => true ) ); // FQDN of CAS server $default_cas_server=key($cas_servers); // PhpCAS log file $phpCAS_logfile='cas.log'; // Local app URL (auto-detect on first acces if null) $service_url=null; /* ************************************ * Main * ************************************ */ $warnings=array(); session_start(); require $phpCAS_path; CAS_GracefullTerminationException::throwInsteadOfExiting(); // Make sure service URL is defined (otherwise, load it from session or auto-detect) if (is_null($service_url)) { if (isset($_SESSION['service_url'])) { $service_url = $_SESSION['service_url']; } else { $https = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off'); $request_uri = $_SERVER['REQUEST_URI']; $request_uri = preg_replace('/\?.*$/', '', $request_uri); $service_url = "http".($https?"s":"")."://".$_SERVER['SERVER_NAME']; if (($_SERVER['SERVER_PORT'] != 443 && $https) || ($_SERVER['SERVER_PORT'] != 80 && !$https)) $service_url .= ":".$_SERVER['SERVER_PORT']; $service_url .= $request_uri; $_SESSION['service_url'] = $service_url; } } if (isset($_REQUEST['server']) && !isset($cas_servers[$_REQUEST['server']])) { $warnings[]="Invalid CAS server choiced"; unset($_REQUEST['server']); } if (isset($_REQUEST['server'])) { $cas_host=$_REQUEST['server']; if ($_SESSION['cas_server']!=$cas_host) { $_SESSION['cas_server']=$cas_host; unset($_SESSION['phpCAS']['user']); } } elseif (isset($_SESSION['cas_server'])) { $cas_host=$_SESSION['cas_server']; } else { $cas_host=$default_cas_server; $_SESSION['cas_server']=$cas_host; unset($_SESSION['phpCAS']['user']); } $_SESSION['cas_server']=$cas_host; $_show_cas_client_config=false; function show_cas_client_config() { global $phpCAS_config, $_show_cas_client_config; if ($_show_cas_client_config) return true; $_show_cas_client_config=true; echo "<h3>CAS Client configuration</h3><ul>"; foreach($phpCAS_config as $cfg_name => $cfg_val) { echo "<li><strong>$cfg_name :</strong> <em>$cfg_val</em></li>"; } echo "</ul>"; } $_show_warnings=false; function show_warnings() { global $warnings,$_show_warnings; if ($_show_warnings) return true; $_show_warnings=true; if (!empty($warnings)) { echo "<h2 style='color: #f00'>Warnings message</h2><ul>"; foreach ($warnings as $msg) { echo "<li>$msg</li>"; } echo "</ul>"; } } function show_cas_log() { global $phpCAS_logfile; echo "<h2>PhpCAS Debug Log</h2>"; if (is_writable($phpCAS_logfile)) { $lines=file($phpCAS_logfile); if (is_array($lines)) { echo '<pre>'.implode('',$lines).'</pre>'; } else { echo "<strong>Error reading PhpCAS debug log file ($phpCAS_logfile).</strong>"; } } else { echo "<strong>PhpCAS debug log file does not exists or is not writable ($phpCAS_logfile).</strong>"; } } function show_user_infos() { echo "<strong>Login :</strong> <em>".phpCAS::getUser()."</em><br/>"; echo "<strong>Attributes : </strong><pre>".print_r(phpCAS::getAttributes(),True).'</pre>'; } ?> <html> <head> <title>Test CAS</title> <style> strong { font-size: 0.9em; } em { font-size: 0.8em; } pre { margin-left: 1em; padding: 1em; border-left: 1px solid; background-color: #eee; font-size: 0.9em; } div.success, div.error { padding: 0.2em; width: 50%; font-weight: bold; margin: 1em; text-align: center; } div.success { color: #0E4700; border: 1px solid #0E4700; background-color: #99E774; } div.error { color: #f00; border: 1px solid #f00; padding: 1em; background-color: #C56E6E; } h2 { border-bottom: 1px solid; } </style> <body> <h1>Test CAS Application</h1> <h2>CAS server selection</h2> <form action='index.php' method='POST'> <label for='server'>CAS server</label> : <select name='server' id='server' onchange="javascript:submit();"> <?php foreach($cas_servers as $srv => $opts) { echo "<option value='$srv'".(($cas_host==$srv)?'selected':'').">$srv</option>\n"; } ?> </select> <input type='submit' value='Change'/> </form> <h2>Menu</h2> <ul> <li><a href='?do=login'>Login</a></li> <li><a href='?do=caslogout'>Logout on CAS server</a></li> <li><a href='?do=locallogout'>Logout on local application</a></li> <?php if (is_writable($phpCAS_logfile)) { echo "<li><a href='?truncatelog=true'>Truncate Debug log file content</a></li>"; } ?> </ul> <h2>CAS Client Initialization ...</h2> <?php try { $phpCAS_config=array( 'CAS Hostname' => $cas_host, 'CAS server port' => $cas_servers[$cas_host]['port'], 'CAS server context' => $cas_servers[$cas_host]['context'], 'Service URL' => $service_url, ); if (is_writable($phpCAS_logfile)) { if (isset($_REQUEST['truncatelog'])) { $fh = fopen($phpCAS_logfile, 'w'); fclose($fh); } $phpCAS_config['Debug file'] = $phpCAS_logfile; phpCAS::setDebug($phpCAS_logfile); } phpCAS::client(CAS_VERSION_2_0, $cas_host, $cas_servers[$cas_host]['port'], $cas_servers[$cas_host]['context']); phpCAS::setFixedServiceURL($service_url); if ($cas_servers[$cas_host]['insecure']) { $phpCAS_config['Insecure'] = 'Yes'; $phpCAS_config['Base URL'] = 'http://'.$cas_host.($cas_servers[$cas_host]['port']?':'.$cas_servers[$cas_host]['port']:'').$cas_servers[$cas_host]['context']; // Remove trailing slash if present if (substr($phpCAS_config['Base URL'], -1)=='/') $phpCAS_config['Base URL'] = substr($phpCAS_config['Base URL'], 0, -1); $login_url = "$base_url/login"; $service_validate_url = "$base_url/serviceValidate"; $logout_url = "$base_url/logout"; $phpCAS_config['Login URL'] = $phpCAS_config['Base URL']."/login?service=".urlencode($service_url); $phpCAS_config['Logout URL'] = $phpCAS_config['Base URL']."/logout"; $phpCAS_config['Service validate URL'] = $phpCAS_config['Base URL']."/serviceValidate"; phpCAS::setServerLoginURL($phpCAS_config['Login URL']); phpCAS::setServerLogoutURL($phpCAS_config['Logout URL']); phpCAS::setServerServiceValidateURL($phpCAS_config['Service validate URL']); // Be sure SSL validation is disabled $cas_servers[$cas_host]['ssl_validation'] = false; } else $phpCAS_config['Insecure'] = 'No'; echo "<div class='success'>Client successfully initialized</div>"; if ($cas_servers[$cas_host]['ssl_validation']===true) { if (is_readable($cas_servers[$cas_host]['ssl_cacert_path'])) { $phpCAS_config['SSL Validation']='Enabled'; $phpCAS_config['SSL CA Cert Validation File']=$cas_servers[$cas_host]['ssl_cacert_path']; $phpCAS_config['SSL CN Validation']=($cas_servers[$cas_host]['ssl_cn_validation']?'Enabled':'Disabled'); phpCAS::setCasServerCACert($cas_servers[$cas_host]['ssl_cacert_path'],$cas_servers[$cas_host]['ssl_cn_validation']); } else { $warnings[]='SSL validation enable for this server but CA Cert file configured does not exists or is not readable'; $phpCAS_config['SSL Validation']='Disabled'; phpCAS::setNoCasServerValidation(); } } else { $phpCAS_config['SSL Validation']='Disabled'; phpCAS::setNoCasServerValidation(); } phpCAS::setCacheTimesForAuthRecheck(0); show_cas_client_config(); show_warnings(); ?> <h2>Action</h2> <h3>State before running action</h3> <?php if (phpCAS::isAuthenticated()) { echo "Authenticated"; } else { echo "Not authenticated"; } ?> <h3>Running action...</h3> <?php if (isset($_REQUEST['do'])) { switch($_REQUEST['do']) { case 'login': phpCAS::forceAuthentication(); echo "<div class='success'>Successfully authenticated</div>"; break; case 'caslogout': phpCAS::forceAuthentication(); phpCAS::logoutWithUrl($service_url); break; case 'locallogout': unset($_SESSION['session_url']); unset($_SESSION['phpCAS']); if (!isset($_SESSION['phpCAS'])) { echo "<div class='success'>Successfully logout</div>"; } else { echo "<div class='error'>Failed to unset phpCAS session informations</div>"; } break; default: echo "<div class='error'>Incorrect parameters</div>"; } } else { echo "Nothing to do"; } if (phpCAS::isAuthenticated()) { echo "<h2>Authenticated user informations</h2>"; show_user_infos(); } // End of catch } catch (CAS_GracefullTerminationException $e) { echo "<div class='error'>PhpCAS return exception</div>"; show_cas_client_config(); show_warnings(); } show_cas_log(); ?> </body> </html>
