<?php

/*

 ************************************
 *          Configuration           *
 ************************************

*/

// PhpCAS library path
$phpCAS_path="CAS.php";

// All valid CAS servers
$cas_servers=array(
	// CAS server hostname
	$_SERVER['SERVER_NAME'] => array(
		// Context of the CAS Server
		'context' => '/cas',
		// CAS server port
		'port' => 443,
		// Disable CAS server Validation
		'ssl_validation' => false,
		// If ssl_validation is enable you must define
		'ssl_cacert_path' => '/path/to/cacert.crt',
		'ssl_cn_validation' => true
	)
);

// FQDN of CAS server
$default_cas_server=key($cas_servers);

// PhpCAS log file
$phpCAS_logfile='/tmp/cas.log';

/*

 ************************************
 *               Main               *
 ************************************

*/

$warnings=array();

session_start();
require $phpCAS_path;
CAS_GracefullTerminationException::throwInsteadOfExiting();

if (isset($_REQUEST['server']) && !isset($cas_servers[$_REQUEST['server']])) {
	$warnings[]="Invalid CAS server choiced";
	unset($_REQUEST['server']);
}
if (isset($_REQUEST['server'])) {
	$cas_host=$_REQUEST['server'];
	if ($_SESSION['cas_server']!=$cas_host) {
		$_SESSION['cas_server']=$cas_host;
		unset($_SESSION['phpCAS']['user']);
	}
}
elseif (isset($_SESSION['cas_server'])) {
	$cas_host=$_SESSION['cas_server'];
}
else {
	$cas_host=$default_cas_server;
	$_SESSION['cas_server']=$cas_host;
	unset($_SESSION['phpCAS']['user']);
}
$_SESSION['cas_server']=$cas_host;

$_show_cas_client_config=false;
function show_cas_client_config() {
	global $phpCAS_config, $_show_cas_client_config;
	if ($_show_cas_client_config) return true;
	$_show_cas_client_config=true;
	echo "<h3>CAS Client configuration</h3><ul>";
	foreach($phpCAS_config as $cfg_name => $cfg_val) {
		echo "<li><strong>$cfg_name :</strong> <em>$cfg_val</em></li>";
	}
	echo "</ul>";
}

$_show_warnings=false;
function show_warnings() {
	global $warnings,$_show_warnings;
	if ($_show_warnings) return true;
	$_show_warnings=true;
	if (!empty($warnings)) {
		echo "<h2 style='color: #f00'>Warnings message</h2><ul>";
		foreach ($warnings as $msg) {
			echo "<li>$msg</li>";
		}
		echo "</ul>";
	}
}

function show_cas_log() {
	global $phpCAS_logfile;

	echo "<h2>PhpCAS Debug Log</h2>";
	if (is_writable($phpCAS_logfile)) {
		$lines=file($phpCAS_logfile);
		if (is_array($lines)) {
			echo '<pre>'.implode('',$lines).'</pre>';
		}
		else {
			echo "<strong>Error reading PhpCAS debug log file ($phpCAS_logfile).</strong>";
		}
	}
	else {
		echo "<strong>PhpCAS debug log file does not exists or is not writable ($phpCAS_logfile).</strong>";
	}
}

function show_user_infos() {
	echo "<strong>Login :</strong> <em>".phpCAS::getUser()."</em><br/>";
	echo "<strong>Attributes : </strong><pre>".print_r(phpCAS::getAttributes(),True).'</pre>';
}

?>
<html>
<head>
	<title>Test CAS</title>

<style>
strong {
	font-size: 0.9em;
}

em {
	font-size: 0.8em;
}

pre {
	margin-left: 1em;
	padding: 1em;
	border-left: 1px solid;
	background-color: #eee;
	font-size: 0.9em;
}

div.success, div.error {
	padding: 0.2em;
	width: 50%;
	font-weight: bold;
	margin: 1em;
	text-align: center;
}

div.success {
	color: #0E4700;
	border: 1px solid #0E4700;
	background-color: #99E774;
}

div.error {
	color: #f00;
	border: 1px solid #f00;
	padding: 1em;
	background-color: #C56E6E;
}

h2 {
	border-bottom: 1px solid;
}
</style>
<body>
<h1>Test CAS Application</h1>

<h2>CAS server selection</h2>
<form action='index.php' method='POST'>
<label for='server'>CAS server</label> :
<select name='server' id='server' onchange="javascript:submit();">
<?php
foreach($cas_servers as $srv => $opts) {
	echo "<option value='$srv'".(($cas_host==$srv)?'selected':'').">$srv</option>\n";
}
?>
</select>
<input type='submit' value='Change'/>
</form>
<h2>Menu</h2>
<ul>
 <li><a href='?do=login'>Login</a></li>
 <li><a href='?do=caslogout'>Logout on CAS server</a></li>
 <li><a href='?do=locallogout'>Logout on local application</a></li>
<?php
if (is_writable($phpCAS_logfile)) {
  echo "<li><a href='?truncatelog=true'>Truncate Debug log file content</a></li>";
}
?>
</ul>

<h2>CAS Client Initialization ...</h2>
<?php
try {

$phpCAS_config=array(
	'CAS Hostname' => $cas_host,
	'CAS server port' => $cas_servers[$cas_host]['port'],
	'CAS server context' => $cas_servers[$cas_host]['context'],
);

if (is_writable($phpCAS_logfile)) {
	if (isset($_REQUEST['truncatelog'])) {
		$fh = fopen($phpCAS_logfile, 'w');
		fclose($fh);
	}
	$phpCAS_config['Debug file'] = $phpCAS_logfile;
	phpCAS::setDebug($phpCAS_logfile);
}

phpCAS::client(CAS_VERSION_2_0, $cas_host, $cas_servers[$cas_host]['port'], $cas_servers[$cas_host]['context']);

echo "<div class='success'>Client successfully initialized</div>";

if ($cas_servers[$cas_host]['ssl_validation']===true) {
	if (is_readable($cas_servers[$cas_host]['ssl_cacert_path'])) {
		$phpCAS_config['SSL Validation']='Enabled';
		$phpCAS_config['SSL CA Cert Validation File']=$cas_servers[$cas_host]['ssl_cacert_path'];
		$phpCAS_config['SSL CN Validation']=($cas_servers[$cas_host]['ssl_cn_validation']?'Enabled':'Disabled');
		phpCAS::setCasServerCACert($cas_servers[$cas_host]['ssl_cacert_path'],$cas_servers[$cas_host]['ssl_cn_validation']);
	}
	else {
		$warnings[]='SSL validation enable for this server but CA Cert file configured does not exists or is not readable';
		$phpCAS_config['SSL Validation']='Disabled';
		phpCAS::setNoCasServerValidation();
	}
}
else {
	$phpCAS_config['SSL Validation']='Disabled';
	phpCAS::setNoCasServerValidation();
}

phpCAS::setCacheTimesForAuthRecheck(0);

show_cas_client_config();
show_warnings();

?>

<h2>Action</h2>
<h3>State before running action</h3>
<?php
if (phpCAS::isAuthenticated()) {
	echo "Authenticated";
}
else {
	echo "Not authenticated";
}
?>
<h3>Running action...</h3>
<?php

if (isset($_REQUEST['do'])) {

	switch($_REQUEST['do']) {
		case 'login':
			phpCAS::forceAuthentication();
			echo "<div class='success'>Successfully authenticated</div>";
			break;
		case 'caslogout':
			phpCAS::forceAuthentication();
			phpCAS::logout();
			break;
		case 'locallogout':
			unset($_SESSION['phpCAS']);
			if (!isset($_SESSION['phpCAS'])) {
				echo "<div class='success'>Successfully logout</div>";
			}
			else {
				echo "<div class='error'>Failed to unset phpCAS session informations</div>";
			}
			break;
		default:
			echo "<div class='error'>Incorrect parameters</div>";
	}
}
else {
	echo "Nothing to do";
}

if (phpCAS::isAuthenticated()) {
	echo "<h2>Authenticated user informations</h2>";
	show_user_infos();
}

// End of catch
}
catch (CAS_GracefullTerminationException $e) {
	echo "<div class='error'>PhpCAS return exception</div>";
	show_cas_client_config();
	show_warnings();
}

show_cas_log();


?>

</body>
</html>