test-cas-client

@@ -0,0 +1,302 @@

+<?php

+

+/*

+

+ ************************************

+ *          Configuration           *

+ ************************************

+

+*/

+

+// PhpCAS library path

+$phpCAS_path="CAS.php";

+

+// All valid CAS servers

+$cas_servers=array(

+	// CAS server hostname

+	$_SERVER['SERVER_NAME'] => array(

+		// Context of the CAS Server

+		'context' => '/cas',

+		// CAS server port

+		'port' => 443,

+		// Disable CAS server Validation

+		'ssl_validation' => false,

+		// If ssl_validation is enable you must define

+		'ssl_cacert_path' => '/path/to/cacert.crt',

+		'ssl_cn_validation' => true

+	)

+);

+

+// FQDN of CAS server

+$default_cas_server=key($cas_servers);

+

+// PhpCAS log file

+$phpCAS_logfile='/tmp/cas.log';

+

+/*

+

+ ************************************

+ *               Main               *

+ ************************************

+

+*/

+

+$warnings=array();

+

+session_start();

+require $phpCAS_path;

+CAS_GracefullTerminationException::throwInsteadOfExiting();

+

+if (isset($_REQUEST['server']) && !isset($cas_servers[$_REQUEST['server']])) {

+	$warnings[]="Invalid CAS server choiced";

+	unset($_REQUEST['server']);

+}

+if (isset($_REQUEST['server'])) {

+	$cas_host=$_REQUEST['server'];

+	if ($_SESSION['cas_server']!=$cas_host) {

+		$_SESSION['cas_server']=$cas_host;

+		unset($_SESSION['phpCAS']['user']);

+	}

+}

+elseif (isset($_SESSION['cas_server'])) {

+	$cas_host=$_SESSION['cas_server'];

+}

+else {

+	$cas_host=$default_cas_server;

+	$_SESSION['cas_server']=$cas_host;

+	unset($_SESSION['phpCAS']['user']);

+}

+$_SESSION['cas_server']=$cas_host;

+

+$_show_cas_client_config=false;

+function show_cas_client_config() {

+	global $phpCAS_config, $_show_cas_client_config;

+	if ($_show_cas_client_config) return true;

+	$_show_cas_client_config=true;

+	echo "<h3>CAS Client configuration</h3><ul>";

+	foreach($phpCAS_config as $cfg_name => $cfg_val) {

+		echo "<li><strong>$cfg_name :</strong> <em>$cfg_val</em></li>";

+	}

+	echo "</ul>";

+}

+

+$_show_warnings=false;

+function show_warnings() {

+	global $warnings,$_show_warnings;

+	if ($_show_warnings) return true;

+	$_show_warnings=true;

+	if (!empty($warnings)) {

+		echo "<h2 style='color: #f00'>Warnings message</h2><ul>";

+		foreach ($warnings as $msg) {

+			echo "<li>$msg</li>";

+		}

+		echo "</ul>";

+	}

+}

+

+function show_cas_log() {

+	global $phpCAS_logfile;

+

+	echo "<h2>PhpCAS Debug Log</h2>";

+	if (is_writable($phpCAS_logfile)) {

+		$lines=file($phpCAS_logfile);

+		if (is_array($lines)) {

+			echo '<pre>'.implode('',$lines).'</pre>';

+		}

+		else {

+			echo "<strong>Error reading PhpCAS debug log file ($phpCAS_logfile).</strong>";

+		}

+	}

+	else {

+		echo "<strong>PhpCAS debug log file does not exists or is not writable ($phpCAS_logfile).</strong>";

+	}

+}

+

+function show_user_infos() {

+	echo "<strong>Login :</strong> <em>".phpCAS::getUser()."</em><br/>";

+	echo "<strong>Attributes : </strong><pre>".print_r(phpCAS::getAttributes(),True).'</pre>';

+}

+

+?>

+<html>

+<head>

+	<title>Test CAS</title>

+

+<style>

+strong {

+	font-size: 0.9em;

+}

+

+em {

+	font-size: 0.8em;

+}

+

+pre {

+	margin-left: 1em;

+	padding: 1em;

+	border-left: 1px solid;

+	background-color: #eee;

+	font-size: 0.9em;

+}

+

+div.success, div.error {

+	padding: 0.2em;

+	width: 50%;

+	font-weight: bold;

+	margin: 1em;

+	text-align: center;

+}

+

+div.success {

+	color: #0E4700;

+	border: 1px solid #0E4700;

+	background-color: #99E774;

+}

+

+div.error {

+	color: #f00;

+	border: 1px solid #f00;

+	padding: 1em;

+	background-color: #C56E6E;

+}

+

+h2 {

+	border-bottom: 1px solid;

+}

+</style>

+<body>

+<h1>Test CAS Application</h1>

+

+<h2>CAS server selection</h2>

+<form action='index.php' method='POST'>

+<label for='server'>CAS server</label> :

+<select name='server' id='server' onchange="javascript:submit();">

+<?php

+foreach($cas_servers as $srv => $opts) {

+	echo "<option value='$srv'".(($cas_host==$srv)?'selected':'').">$srv</option>\n";

+}

+?>

+</select>

+<input type='submit' value='Change'/>

+</form>

+<h2>Menu</h2>

+<ul>

+ <li><a href='?do=login'>Login</a></li>

+ <li><a href='?do=caslogout'>Logout on CAS server</a></li>

+ <li><a href='?do=locallogout'>Logout on local application</a></li>

+<?php

+if (is_writable($phpCAS_logfile)) {

+  echo "<li><a href='?truncatelog=true'>Truncate Debug log file content</a></li>";

+}

+?>

+</ul>

+

+<h2>CAS Client Initialization ...</h2>

+<?php

+try {

+

+$phpCAS_config=array(

+	'CAS Hostname' => $cas_host,

+	'CAS server port' => $cas_servers[$cas_host]['port'],

+	'CAS server context' => $cas_servers[$cas_host]['context'],

+);

+

+if (is_writable($phpCAS_logfile)) {

+	if (isset($_REQUEST['truncatelog'])) {

+		$fh = fopen($phpCAS_logfile, 'w');

+		fclose($fh);

+	}

+	$phpCAS_config['Debug file'] = $phpCAS_logfile;

+	phpCAS::setDebug($phpCAS_logfile);

+}

+

+phpCAS::client(CAS_VERSION_2_0, $cas_host, $cas_servers[$cas_host]['port'], $cas_servers[$cas_host]['context']);

+

+echo "<div class='success'>Client successfully initialized</div>";

+

+if ($cas_servers[$cas_host]['ssl_validation']===true) {

+	if (is_readable($cas_servers[$cas_host]['ssl_cacert_path'])) {

+		$phpCAS_config['SSL Validation']='Enabled';

+		$phpCAS_config['SSL CA Cert Validation File']=$cas_servers[$cas_host]['ssl_cacert_path'];

+		$phpCAS_config['SSL CN Validation']=($cas_servers[$cas_host]['ssl_cn_validation']?'Enabled':'Disabled');

+		phpCAS::setCasServerCACert($cas_servers[$cas_host]['ssl_cacert_path'],$cas_servers[$cas_host]['ssl_cn_validation']);

+	}

+	else {

+		$warnings[]='SSL validation enable for this server but CA Cert file configured does not exists or is not readable';

+		$phpCAS_config['SSL Validation']='Disabled';

+		phpCAS::setNoCasServerValidation();

+	}

+}

+else {

+	$phpCAS_config['SSL Validation']='Disabled';

+	phpCAS::setNoCasServerValidation();

+}

+

+phpCAS::setCacheTimesForAuthRecheck(0);

+

+show_cas_client_config();

+show_warnings();

+

+?>

+

+<h2>Action</h2>

+<h3>State before running action</h3>

+<?php

+if (phpCAS::isAuthenticated()) {

+	echo "Authenticated";

+}

+else {

+	echo "Not authenticated";

+}

+?>

+<h3>Running action...</h3>

+<?php

+

+if (isset($_REQUEST['do'])) {

+

+	switch($_REQUEST['do']) {

+		case 'login':

+			phpCAS::forceAuthentication();

+			echo "<div class='success'>Successfully authenticated</div>";

+			break;

+		case 'caslogout':

+			phpCAS::forceAuthentication();

+			phpCAS::logout();

+			break;

+		case 'locallogout':

+			unset($_SESSION['phpCAS']);

+			if (!isset($_SESSION['phpCAS'])) {

+				echo "<div class='success'>Successfully logout</div>";

+			}

+			else {

+				echo "<div class='error'>Failed to unset phpCAS session informations</div>";

+			}

+			break;

+		default:

+			echo "<div class='error'>Incorrect parameters</div>";

+	}

+}

+else {

+	echo "Nothing to do";

+}

+

+if (phpCAS::isAuthenticated()) {

+	echo "<h2>Authenticated user informations</h2>";

+	show_user_infos();

+}

+

+// End of catch

+}

+catch (CAS_GracefullTerminationException $e) {

+	echo "<div class='error'>PhpCAS return exception</div>";

+	show_cas_client_config();

+	show_warnings();

+}

+

+show_cas_log();

+

+

+?>

+

+</body>

+</html>