PageRenderTime 53ms CodeModel.GetById 7ms RepoModel.GetById 1ms app.codeStats 0ms

/auth/cas/CAS/CAS.php

https://bitbucket.org/ngmares/moodle
PHP | 1531 lines | 695 code | 165 blank | 671 comment | 145 complexity | eee09fa1185b09fdd92704b471e67453 MD5 | raw file
Possible License(s): LGPL-2.1, AGPL-3.0, MPL-2.0-no-copyleft-exception, GPL-3.0, Apache-2.0, BSD-3-Clause 
    

  1. <?php

    2. 

  2. 

    3. 

  3. /*

    4. 

  4.  * Copyright © 2003-2010, The ESUP-Portail consortium & the JA-SIG Collaborative.

    5. 

  5.  * All rights reserved.

    6. 

  6.  * 

    7. 

  7.  * Redistribution and use in source and binary forms, with or without

    8. 

  8.  * modification, are permitted provided that the following conditions are met:

    9. 

  9.  * 

    10. 

  10.  *     * Redistributions of source code must retain the above copyright notice,

    11. 

  11.  *       this list of conditions and the following disclaimer.

    12. 

  12.  *     * Redistributions in binary form must reproduce the above copyright notice,

    13. 

  13.  *       this list of conditions and the following disclaimer in the documentation

    14. 

  14.  *       and/or other materials provided with the distribution.

    15. 

  15.  *     * Neither the name of the ESUP-Portail consortium & the JA-SIG

    16. 

  16.  *       Collaborative nor the names of its contributors may be used to endorse or

    17. 

  17.  *       promote products derived from this software without specific prior

    18. 

  18.  *       written permission.

    19. 

  19. 

    20. 

  20.  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND

    21. 

  21.  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED

    22. 

  22.  * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE

    23. 

  23.  * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR

    24. 

  24.  * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES

    25. 

  25.  * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;

    26. 

  26.  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON

    27. 

  27.  * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT

    28. 

  28.  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS

    29. 

  29.  * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

    30. 

  30.  */

    31. 

  31. 

    32. 

  32. //

    33. 

  33. // hack by Vangelis Haniotakis to handle the absence of $_SERVER['REQUEST_URI'] in IIS

    34. 

  34. //

    35. 

  35. if (!isset($_SERVER['REQUEST_URI'])) {

    36. 

  36. 	$_SERVER['REQUEST_URI'] = $_SERVER['SCRIPT_NAME'] . '?' . $_SERVER['QUERY_STRING'];

    37. 

  37. }

    38. 

  38. 

    39. 

  39. //

    40. 

  40. // another one by Vangelis Haniotakis also to make phpCAS work with PHP5

    41. 

  41. //

    42. 

  42. if (version_compare(PHP_VERSION, '5', '>=') && !(function_exists('domxml_new_doc'))) {

    43. 

  43. 	require_once (dirname(__FILE__) . '/CAS/domxml-php4-to-php5.php');

    44. 

  44. }

    45. 

  45. 

    46. 

  46. /**

    47. 

  47.  * @file CAS/CAS.php

    48. 

  48.  * Interface class of the phpCAS library

    49. 

  49.  *

    50. 

  50.  * @ingroup public

    51. 

  51.  */

    52. 

  52. 

    53. 

  53. // ########################################################################

    54. 

  54. //  CONSTANTS

    55. 

  55. // ########################################################################

    56. 

  56. 

    57. 

  57. // ------------------------------------------------------------------------

    58. 

  58. //  CAS VERSIONS

    59. 

  59. // ------------------------------------------------------------------------

    60. 

  60. 

    61. 

  61. /**

    62. 

  62.  * phpCAS version. accessible for the user by phpCAS::getVersion().

    63. 

  63.  */

    64. 

  64. define('PHPCAS_VERSION', '1.1.3');

    65. 

  65. 

    66. 

  66. // ------------------------------------------------------------------------

    67. 

  67. //  CAS VERSIONS

    68. 

  68. // ------------------------------------------------------------------------

    69. 

  69. /**

    70. 

  70.  * @addtogroup public

    71. 

  71.  * @{

    72. 

  72.  */

    73. 

  73. 

    74. 

  74. /**

    75. 

  75.  * CAS version 1.0

    76. 

  76.  */

    77. 

  77. define("CAS_VERSION_1_0", '1.0');

    78. 

  78. /*!

    79. 

  79.  * CAS version 2.0

    80. 

  80.  */

    81. 

  81. define("CAS_VERSION_2_0", '2.0');

    82. 

  82. 

    83. 

  83. // ------------------------------------------------------------------------

    84. 

  84. //  SAML defines

    85. 

  85. // ------------------------------------------------------------------------

    86. 

  86. 

    87. 

  87. /**

    88. 

  88.  * SAML protocol

    89. 

  89.  */

    90. 

  90. define("SAML_VERSION_1_1", 'S1');

    91. 

  91. 

    92. 

  92. /**

    93. 

  93.  * XML header for SAML POST

    94. 

  94.  */

    95. 

  95. define("SAML_XML_HEADER", '<?xml version="1.0" encoding="UTF-8"?>');

    96. 

  96. 

    97. 

  97. /**

    98. 

  98.  * SOAP envelope for SAML POST

    99. 

  99.  */

    100. 

  100. define("SAML_SOAP_ENV", '<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"><SOAP-ENV:Header/>');

    101. 

  101. 

    102. 

  102. /**

    103. 

  103.  * SOAP body for SAML POST

    104. 

  104.  */

    105. 

  105. define("SAML_SOAP_BODY", '<SOAP-ENV:Body>');

    106. 

  106. 

    107. 

  107. /**

    108. 

  108.  * SAMLP request

    109. 

  109.  */

    110. 

  110. define("SAMLP_REQUEST", '<samlp:Request xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol"  MajorVersion="1" MinorVersion="1" RequestID="_192.168.16.51.1024506224022" IssueInstant="2002-06-19T17:03:44.022Z">');

    111. 

  111. define("SAMLP_REQUEST_CLOSE", '</samlp:Request>');

    112. 

  112. 

    113. 

  113. /**

    114. 

  114.  * SAMLP artifact tag (for the ticket)

    115. 

  115.  */

    116. 

  116. define("SAML_ASSERTION_ARTIFACT", '<samlp:AssertionArtifact>');

    117. 

  117. 

    118. 

  118. /**

    119. 

  119.  * SAMLP close

    120. 

  120.  */

    121. 

  121. define("SAML_ASSERTION_ARTIFACT_CLOSE", '</samlp:AssertionArtifact>');

    122. 

  122. 

    123. 

  123. /**

    124. 

  124.  * SOAP body close

    125. 

  125.  */

    126. 

  126. define("SAML_SOAP_BODY_CLOSE", '</SOAP-ENV:Body>');

    127. 

  127. 

    128. 

  128. /**

    129. 

  129.  * SOAP envelope close

    130. 

  130.  */

    131. 

  131. define("SAML_SOAP_ENV_CLOSE", '</SOAP-ENV:Envelope>');

    132. 

  132. 

    133. 

  133. /**

    134. 

  134.  * SAML Attributes

    135. 

  135.  */

    136. 

  136. define("SAML_ATTRIBUTES", 'SAMLATTRIBS');

    137. 

  137. 

    138. 

  138. /** @} */

    139. 

  139. /**

    140. 

  140.  * @addtogroup publicPGTStorage

    141. 

  141.  * @{

    142. 

  142.  */

    143. 

  143. // ------------------------------------------------------------------------

    144. 

  144. //  FILE PGT STORAGE

    145. 

  145. // ------------------------------------------------------------------------

    146. 

  146. /**

    147. 

  147.  * Default path used when storing PGT's to file

    148. 

  148.  */

    149. 

  149. define("CAS_PGT_STORAGE_FILE_DEFAULT_PATH", '/tmp');

    150. 

  150. /**

    151. 

  151.  * phpCAS::setPGTStorageFile()'s 2nd parameter to write plain text files

    152. 

  152.  */

    153. 

  153. define("CAS_PGT_STORAGE_FILE_FORMAT_PLAIN", 'plain');

    154. 

  154. /**

    155. 

  155.  * phpCAS::setPGTStorageFile()'s 2nd parameter to write xml files

    156. 

  156.  */

    157. 

  157. define("CAS_PGT_STORAGE_FILE_FORMAT_XML", 'xml');

    158. 

  158. /**

    159. 

  159.  * Default format used when storing PGT's to file

    160. 

  160.  */

    161. 

  161. define("CAS_PGT_STORAGE_FILE_DEFAULT_FORMAT", CAS_PGT_STORAGE_FILE_FORMAT_PLAIN);

    162. 

  162. /** @} */

    163. 

  163. // ------------------------------------------------------------------------

    164. 

  164. // SERVICE ACCESS ERRORS

    165. 

  165. // ------------------------------------------------------------------------

    166. 

  166. /**

    167. 

  167.  * @addtogroup publicServices

    168. 

  168.  * @{

    169. 

  169.  */

    170. 

  170. 

    171. 

  171. /**

    172. 

  172.  * phpCAS::service() error code on success

    173. 

  173.  */

    174. 

  174. define("PHPCAS_SERVICE_OK", 0);

    175. 

  175. /**

    176. 

  176.  * phpCAS::service() error code when the PT could not retrieve because

    177. 

  177.  * the CAS server did not respond.

    178. 

  178.  */

    179. 

  179. define("PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE", 1);

    180. 

  180. /**

    181. 

  181.  * phpCAS::service() error code when the PT could not retrieve because

    182. 

  182.  * the response of the CAS server was ill-formed.

    183. 

  183.  */

    184. 

  184. define("PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE", 2);

    185. 

  185. /**

    186. 

  186.  * phpCAS::service() error code when the PT could not retrieve because

    187. 

  187.  * the CAS server did not want to.

    188. 

  188.  */

    189. 

  189. define("PHPCAS_SERVICE_PT_FAILURE", 3);

    190. 

  190. /**

    191. 

  191.  * phpCAS::service() error code when the service was not available.

    192. 

  192.  */

    193. 

  193. define("PHPCAS_SERVICE_NOT AVAILABLE", 4);

    194. 

  194. 

    195. 

  195. /** @} */

    196. 

  196. // ------------------------------------------------------------------------

    197. 

  197. //  LANGUAGES

    198. 

  198. // ------------------------------------------------------------------------

    199. 

  199. /**

    200. 

  200.  * @addtogroup publicLang

    201. 

  201.  * @{

    202. 

  202.  */

    203. 

  203. 

    204. 

  204. define("PHPCAS_LANG_ENGLISH", 'english');

    205. 

  205. define("PHPCAS_LANG_FRENCH", 'french');

    206. 

  206. define("PHPCAS_LANG_GREEK", 'greek');

    207. 

  207. define("PHPCAS_LANG_GERMAN", 'german');

    208. 

  208. define("PHPCAS_LANG_JAPANESE", 'japanese');

    209. 

  209. define("PHPCAS_LANG_SPANISH", 'spanish');

    210. 

  210. define("PHPCAS_LANG_CATALAN", 'catalan');

    211. 

  211. 

    212. 

  212. /** @} */

    213. 

  213. 

    214. 

  214. /**

    215. 

  215.  * @addtogroup internalLang

    216. 

  216.  * @{

    217. 

  217.  */

    218. 

  218. 

    219. 

  219. /**

    220. 

  220.  * phpCAS default language (when phpCAS::setLang() is not used)

    221. 

  221.  */

    222. 

  222. define("PHPCAS_LANG_DEFAULT", PHPCAS_LANG_ENGLISH);

    223. 

  223. 

    224. 

  224. /** @} */

    225. 

  225. // ------------------------------------------------------------------------

    226. 

  226. //  DEBUG

    227. 

  227. // ------------------------------------------------------------------------

    228. 

  228. /**

    229. 

  229.  * @addtogroup publicDebug

    230. 

  230.  * @{

    231. 

  231.  */

    232. 

  232. 

    233. 

  233. /**

    234. 

  234.  * The default directory for the debug file under Unix.

    235. 

  235.  */

    236. 

  236. define('DEFAULT_DEBUG_DIR', '/tmp/');

    237. 

  237. 

    238. 

  238. /** @} */

    239. 

  239. // ------------------------------------------------------------------------

    240. 

  240. //  MISC

    241. 

  241. // ------------------------------------------------------------------------

    242. 

  242. /**

    243. 

  243.  * @addtogroup internalMisc

    244. 

  244.  * @{

    245. 

  245.  */

    246. 

  246. 

    247. 

  247. /**

    248. 

  248.  * This global variable is used by the interface class phpCAS.

    249. 

  249.  *

    250. 

  250.  * @hideinitializer

    251. 

  251.  */

    252. 

  252. $GLOBALS['PHPCAS_CLIENT'] = null;

    253. 

  253. 

    254. 

  254. /**

    255. 

  255.  * This global variable is used to store where the initializer is called from 

    256. 

  256.  * (to print a comprehensive error in case of multiple calls).

    257. 

  257.  *

    258. 

  258.  * @hideinitializer

    259. 

  259.  */

    260. 

  260. $GLOBALS['PHPCAS_INIT_CALL'] = array (

    261. 

  261. 	'done' => FALSE,

    262. 

  262. 	'file' => '?',

    263. 

  263. 	'line' => -1,

    264. 

  264. 	'method' => '?'

    265. 

  265. );

    266. 

  266. 

    267. 

  267. /**

    268. 

  268.  * This global variable is used to store where the method checking

    269. 

  269.  * the authentication is called from (to print comprehensive errors)

    270. 

  270.  *

    271. 

  271.  * @hideinitializer

    272. 

  272.  */

    273. 

  273. $GLOBALS['PHPCAS_AUTH_CHECK_CALL'] = array (

    274. 

  274. 	'done' => FALSE,

    275. 

  275. 	'file' => '?',

    276. 

  276. 	'line' => -1,

    277. 

  277. 	'method' => '?',

    278. 

  278. 	'result' => FALSE

    279. 

  279. );

    280. 

  280. 

    281. 

  281. /**

    282. 

  282.  * This global variable is used to store phpCAS debug mode.

    283. 

  283.  *

    284. 

  284.  * @hideinitializer

    285. 

  285.  */

    286. 

  286. $GLOBALS['PHPCAS_DEBUG'] = array (

    287. 

  287. 	'filename' => FALSE,

    288. 

  288. 	'indent' => 0,

    289. 

  289. 	'unique_id' => ''

    290. 

  290. );

    291. 

  291. 

    292. 

  292. /** @} */

    293. 

  293. 

    294. 

  294. // ########################################################################

    295. 

  295. //  CLIENT CLASS

    296. 

  296. // ########################################################################

    297. 

  297. 

    298. 

  298. // include client class

    299. 

  299. include_once (dirname(__FILE__) . '/CAS/client.php');

    300. 

  300. 

    301. 

  301. // ########################################################################

    302. 

  302. //  INTERFACE CLASS

    303. 

  303. // ########################################################################

    304. 

  304. 

    305. 

  305. /**

    306. 

  306.  * @class phpCAS

    307. 

  307.  * The phpCAS class is a simple container for the phpCAS library. It provides CAS

    308. 

  308.  * authentication for web applications written in PHP.

    309. 

  309.  *

    310. 

  310.  * @ingroup public

    311. 

  311.  * @author Pascal Aubry <pascal.aubry at univ-rennes1.fr>

    312. 

  312.  *

    313. 

  313.  * \internal All its methods access the same object ($PHPCAS_CLIENT, declared 

    314. 

  314.  * at the end of CAS/client.php).

    315. 

  315.  */

    316. 

  316. 

    317. 

  317. class phpCAS {

    318. 

  318. 

    319. 

  319. 	// ########################################################################

    320. 

  320. 	//  INITIALIZATION

    321. 

  321. 	// ########################################################################

    322. 

  322. 

    323. 

  323. 	/**

    324. 

  324. 	 * @addtogroup publicInit

    325. 

  325. 	 * @{

    326. 

  326. 	 */

    327. 

  327. 

    328. 

  328. 	/**

    329. 

  329. 	 * phpCAS client initializer.

    330. 

  330. 	 * @note Only one of the phpCAS::client() and phpCAS::proxy functions should be

    331. 

  331. 	 * called, only once, and before all other methods (except phpCAS::getVersion()

    332. 

  332. 	 * and phpCAS::setDebug()).

    333. 

  333. 	 *

    334. 

  334. 	 * @param $server_version the version of the CAS server

    335. 

  335. 	 * @param $server_hostname the hostname of the CAS server

    336. 

  336. 	 * @param $server_port the port the CAS server is running on

    337. 

  337. 	 * @param $server_uri the URI the CAS server is responding on

    338. 

  338. 	 * @param $start_session Have phpCAS start PHP sessions (default true)

    339. 

  339. 	 *

    340. 

  340. 	 * @return a newly created CASClient object

    341. 

  341. 	 */

    342. 

  342. 	function client($server_version, $server_hostname, $server_port, $server_uri, $start_session = true) {

    343. 

  343. 		global $PHPCAS_CLIENT, $PHPCAS_INIT_CALL;

    344. 

  344. 

    345. 

  345. 		phpCAS :: traceBegin();

    346. 

  346. 		if (is_object($PHPCAS_CLIENT)) {

    347. 

  347. 			phpCAS :: error($PHPCAS_INIT_CALL['method'] . '() has already been called (at ' . $PHPCAS_INIT_CALL['file'] . ':' . $PHPCAS_INIT_CALL['line'] . ')');

    348. 

  348. 		}

    349. 

  349. 		if (gettype($server_version) != 'string') {

    350. 

  350. 			phpCAS :: error('type mismatched for parameter $server_version (should be `string\')');

    351. 

  351. 		}

    352. 

  352. 		if (gettype($server_hostname) != 'string') {

    353. 

  353. 			phpCAS :: error('type mismatched for parameter $server_hostname (should be `string\')');

    354. 

  354. 		}

    355. 

  355. 		if (gettype($server_port) != 'integer') {

    356. 

  356. 			phpCAS :: error('type mismatched for parameter $server_port (should be `integer\')');

    357. 

  357. 		}

    358. 

  358. 		if (gettype($server_uri) != 'string') {

    359. 

  359. 			phpCAS :: error('type mismatched for parameter $server_uri (should be `string\')');

    360. 

  360. 		}

    361. 

  361. 

    362. 

  362. 		// store where the initializer is called from

    363. 

  363. 		$dbg = phpCAS :: backtrace();

    364. 

  364. 		$PHPCAS_INIT_CALL = array (

    365. 

  365. 			'done' => TRUE,

    366. 

  366. 			'file' => $dbg[0]['file'],

    367. 

  367. 			'line' => $dbg[0]['line'],

    368. 

  368. 			'method' => __CLASS__ . '::' . __FUNCTION__

    369. 

  369. 		);

    370. 

  370. 

    371. 

  371. 		// initialize the global object $PHPCAS_CLIENT

    372. 

  372. 		$PHPCAS_CLIENT = new CASClient($server_version, FALSE /*proxy*/

    373. 

  373. 		, $server_hostname, $server_port, $server_uri, $start_session);

    374. 

  374. 		phpCAS :: traceEnd();

    375. 

  375. 	}

    376. 

  376. 

    377. 

  377. 	/**

    378. 

  378. 	 * phpCAS proxy initializer.

    379. 

  379. 	 * @note Only one of the phpCAS::client() and phpCAS::proxy functions should be

    380. 

  380. 	 * called, only once, and before all other methods (except phpCAS::getVersion()

    381. 

  381. 	 * and phpCAS::setDebug()).

    382. 

  382. 	 *

    383. 

  383. 	 * @param $server_version the version of the CAS server

    384. 

  384. 	 * @param $server_hostname the hostname of the CAS server

    385. 

  385. 	 * @param $server_port the port the CAS server is running on

    386. 

  386. 	 * @param $server_uri the URI the CAS server is responding on

    387. 

  387. 	 * @param $start_session Have phpCAS start PHP sessions (default true)

    388. 

  388. 	 *

    389. 

  389. 	 * @return a newly created CASClient object

    390. 

  390. 	 */

    391. 

  391. 	function proxy($server_version, $server_hostname, $server_port, $server_uri, $start_session = true) {

    392. 

  392. 		global $PHPCAS_CLIENT, $PHPCAS_INIT_CALL;

    393. 

  393. 

    394. 

  394. 		phpCAS :: traceBegin();

    395. 

  395. 		if (is_object($PHPCAS_CLIENT)) {

    396. 

  396. 			phpCAS :: error($PHPCAS_INIT_CALL['method'] . '() has already been called (at ' . $PHPCAS_INIT_CALL['file'] . ':' . $PHPCAS_INIT_CALL['line'] . ')');

    397. 

  397. 		}

    398. 

  398. 		if (gettype($server_version) != 'string') {

    399. 

  399. 			phpCAS :: error('type mismatched for parameter $server_version (should be `string\')');

    400. 

  400. 		}

    401. 

  401. 		if (gettype($server_hostname) != 'string') {

    402. 

  402. 			phpCAS :: error('type mismatched for parameter $server_hostname (should be `string\')');

    403. 

  403. 		}

    404. 

  404. 		if (gettype($server_port) != 'integer') {

    405. 

  405. 			phpCAS :: error('type mismatched for parameter $server_port (should be `integer\')');

    406. 

  406. 		}

    407. 

  407. 		if (gettype($server_uri) != 'string') {

    408. 

  408. 			phpCAS :: error('type mismatched for parameter $server_uri (should be `string\')');

    409. 

  409. 		}

    410. 

  410. 

    411. 

  411. 		// store where the initialzer is called from

    412. 

  412. 		$dbg = phpCAS :: backtrace();

    413. 

  413. 		$PHPCAS_INIT_CALL = array (

    414. 

  414. 			'done' => TRUE,

    415. 

  415. 			'file' => $dbg[0]['file'],

    416. 

  416. 			'line' => $dbg[0]['line'],

    417. 

  417. 			'method' => __CLASS__ . '::' . __FUNCTION__

    418. 

  418. 		);

    419. 

  419. 

    420. 

  420. 		// initialize the global object $PHPCAS_CLIENT

    421. 

  421. 		$PHPCAS_CLIENT = new CASClient($server_version, TRUE /*proxy*/

    422. 

  422. 		, $server_hostname, $server_port, $server_uri, $start_session);

    423. 

  423. 		phpCAS :: traceEnd();

    424. 

  424. 	}

    425. 

  425. 

    426. 

  426. 	/** @} */

    427. 

  427. 	// ########################################################################

    428. 

  428. 	//  DEBUGGING

    429. 

  429. 	// ########################################################################

    430. 

  430. 

    431. 

  431. 	/**

    432. 

  432. 	 * @addtogroup publicDebug

    433. 

  433. 	 * @{

    434. 

  434. 	 */

    435. 

  435. 

    436. 

  436. 	/**

    437. 

  437. 	 * Set/unset debug mode

    438. 

  438. 	 *

    439. 

  439. 	 * @param $filename the name of the file used for logging, or FALSE to stop debugging.

    440. 

  440. 	 */

    441. 

  441. 	function setDebug($filename = '') {

    442. 

  442. 		global $PHPCAS_DEBUG;

    443. 

  443. 

    444. 

  444. 		if ($filename != FALSE && gettype($filename) != 'string') {

    445. 

  445. 			phpCAS :: error('type mismatched for parameter $dbg (should be FALSE or the name of the log file)');

    446. 

  446. 		}

    447. 

  447. 

    448. 

  448. 		if (empty ($filename)) {

    449. 

  449. 			if (preg_match('/^Win.*/', getenv('OS'))) {

    450. 

  450. 				if (isset ($_ENV['TMP'])) {

    451. 

  451. 					$debugDir = $_ENV['TMP'] . '/';

    452. 

  452. 				} else

    453. 

  453. 					if (isset ($_ENV['TEMP'])) {

    454. 

  454. 						$debugDir = $_ENV['TEMP'] . '/';

    455. 

  455. 					} else {

    456. 

  456. 						$debugDir = '';

    457. 

  457. 					}

    458. 

  458. 			} else {

    459. 

  459. 				$debugDir = DEFAULT_DEBUG_DIR;

    460. 

  460. 			}

    461. 

  461. 			$filename = $debugDir . 'phpCAS.log';

    462. 

  462. 		}

    463. 

  463. 

    464. 

  464. 		if (empty ($PHPCAS_DEBUG['unique_id'])) {

    465. 

  465. 			$PHPCAS_DEBUG['unique_id'] = substr(strtoupper(md5(uniqid(''))), 0, 4);

    466. 

  466. 		}

    467. 

  467. 

    468. 

  468. 		$PHPCAS_DEBUG['filename'] = $filename;

    469. 

  469. 

    470. 

  470. 		phpCAS :: trace('START phpCAS-' . PHPCAS_VERSION . ' ******************');

    471. 

  471. 	}

    472. 

  472. 

    473. 

  473. 	/** @} */

    474. 

  474. 	/**

    475. 

  475. 	 * @addtogroup internalDebug

    476. 

  476. 	 * @{

    477. 

  477. 	 */

    478. 

  478. 

    479. 

  479. 	/**

    480. 

  480. 	 * This method is a wrapper for debug_backtrace() that is not available 

    481. 

  481. 	 * in all PHP versions (>= 4.3.0 only)

    482. 

  482. 	 */

    483. 

  483. 	function backtrace() {

    484. 

  484. 		if (function_exists('debug_backtrace')) {

    485. 

  485. 			return debug_backtrace();

    486. 

  486. 		} else {

    487. 

  487. 			// poor man's hack ... but it does work ...

    488. 

  488. 			return array ();

    489. 

  489. 		}

    490. 

  490. 	}

    491. 

  491. 

    492. 

  492. 	/**

    493. 

  493. 	 * Logs a string in debug mode.

    494. 

  494. 	 *

    495. 

  495. 	 * @param $str the string to write

    496. 

  496. 	 *

    497. 

  497. 	 * @private

    498. 

  498. 	 */

    499. 

  499. 	function log($str) {

    500. 

  500. 		$indent_str = ".";

    501. 

  501. 		global $PHPCAS_DEBUG;

    502. 

  502. 

    503. 

  503. 		if ($PHPCAS_DEBUG['filename']) {

    504. 

  504. 			for ($i = 0; $i < $PHPCAS_DEBUG['indent']; $i++) {

    505. 

  505. 				$indent_str .= '|    ';

    506. 

  506. 			}

    507. 

  507. 			error_log($PHPCAS_DEBUG['unique_id'] . ' ' . $indent_str . $str . "\n", 3, $PHPCAS_DEBUG['filename']);

    508. 

  508. 		}

    509. 

  509. 

    510. 

  510. 	}

    511. 

  511. 

    512. 

  512. 	/**

    513. 

  513. 	 * This method is used by interface methods to print an error and where the function

    514. 

  514. 	 * was originally called from.

    515. 

  515. 	 *

    516. 

  516. 	 * @param $msg the message to print

    517. 

  517. 	 *

    518. 

  518. 	 * @private

    519. 

  519. 	 */

    520. 

  520. 	function error($msg) {

    521. 

  521. 		$dbg = phpCAS :: backtrace();

    522. 

  522. 		$function = '?';

    523. 

  523. 		$file = '?';

    524. 

  524. 		$line = '?';

    525. 

  525. 		if (is_array($dbg)) {

    526. 

  526. 			for ($i = 1; $i < sizeof($dbg); $i++) {

    527. 

  527. 				if (is_array($dbg[$i])) {

    528. 

  528. 					if ($dbg[$i]['class'] == __CLASS__) {

    529. 

  529. 						$function = $dbg[$i]['function'];

    530. 

  530. 						$file = $dbg[$i]['file'];

    531. 

  531. 						$line = $dbg[$i]['line'];

    532. 

  532. 					}

    533. 

  533. 				}

    534. 

  534. 			}

    535. 

  535. 		}

    536. 

  536. 		echo "<br />\n<b>phpCAS error</b>: <font color=\"FF0000\"><b>" . __CLASS__ . "::" . $function . '(): ' . htmlentities($msg) . "</b></font> in <b>" . $file . "</b> on line <b>" . $line . "</b><br />\n";

    537. 

  537. 		phpCAS :: trace($msg);

    538. 

  538. 		phpCAS :: traceExit();

    539. 

  539. 		exit ();

    540. 

  540. 	}

    541. 

  541. 

    542. 

  542. 	/**

    543. 

  543. 	 * This method is used to log something in debug mode.

    544. 

  544. 	 */

    545. 

  545. 	function trace($str) {

    546. 

  546. 		$dbg = phpCAS :: backtrace();

    547. 

  547. 		phpCAS :: log($str . ' [' . basename($dbg[1]['file']) . ':' . $dbg[1]['line'] . ']');

    548. 

  548. 	}

    549. 

  549. 

    550. 

  550. 	/**

    551. 

  551. 	 * This method is used to indicate the start of the execution of a function in debug mode.

    552. 

  552. 	 */

    553. 

  553. 	function traceBegin() {

    554. 

  554. 		global $PHPCAS_DEBUG;

    555. 

  555. 

    556. 

  556. 		$dbg = phpCAS :: backtrace();

    557. 

  557. 		$str = '=> ';

    558. 

  558. 		if (!empty ($dbg[2]['class'])) {

    559. 

  559. 			$str .= $dbg[2]['class'] . '::';

    560. 

  560. 		}

    561. 

  561. 		$str .= $dbg[2]['function'] . '(';

    562. 

  562. 		if (is_array($dbg[2]['args'])) {

    563. 

  563. 			foreach ($dbg[2]['args'] as $index => $arg) {

    564. 

  564. 				if ($index != 0) {

    565. 

  565. 					$str .= ', ';

    566. 

  566. 				}

    567. 

  567. 				$str .= str_replace("\n", "", var_export($arg, TRUE));

    568. 

  568. 			}

    569. 

  569. 		}

    570. 

  570. 		$str .= ') [' . basename($dbg[2]['file']) . ':' . $dbg[2]['line'] . ']';

    571. 

  571. 		phpCAS :: log($str);

    572. 

  572. 		$PHPCAS_DEBUG['indent']++;

    573. 

  573. 	}

    574. 

  574. 

    575. 

  575. 	/**

    576. 

  576. 	 * This method is used to indicate the end of the execution of a function in debug mode.

    577. 

  577. 	 *

    578. 

  578. 	 * @param $res the result of the function

    579. 

  579. 	 */

    580. 

  580. 	function traceEnd($res = '') {

    581. 

  581. 		global $PHPCAS_DEBUG;

    582. 

  582. 

    583. 

  583. 		$PHPCAS_DEBUG['indent']--;

    584. 

  584. 		$dbg = phpCAS :: backtrace();

    585. 

  585. 		$str = '';

    586. 

  586. 		$str .= '<= ' . str_replace("\n", "", var_export($res, TRUE));

    587. 

  587. 		phpCAS :: log($str);

    588. 

  588. 	}

    589. 

  589. 

    590. 

  590. 	/**

    591. 

  591. 	 * This method is used to indicate the end of the execution of the program

    592. 

  592. 	 */

    593. 

  593. 	function traceExit() {

    594. 

  594. 		global $PHPCAS_DEBUG;

    595. 

  595. 

    596. 

  596. 		phpCAS :: log('exit()');

    597. 

  597. 		while ($PHPCAS_DEBUG['indent'] > 0) {

    598. 

  598. 			phpCAS :: log('-');

    599. 

  599. 			$PHPCAS_DEBUG['indent']--;

    600. 

  600. 		}

    601. 

  601. 	}

    602. 

  602. 

    603. 

  603. 	/** @} */

    604. 

  604. 	// ########################################################################

    605. 

  605. 	//  INTERNATIONALIZATION

    606. 

  606. 	// ########################################################################

    607. 

  607. 	/**

    608. 

  608. 	 * @addtogroup publicLang

    609. 

  609. 	 * @{

    610. 

  610. 	 */

    611. 

  611. 

    612. 

  612. 	/**

    613. 

  613. 	 * This method is used to set the language used by phpCAS. 

    614. 

  614. 	 * @note Can be called only once.

    615. 

  615. 	 *

    616. 

  616. 	 * @param $lang a string representing the language.

    617. 

  617. 	 *

    618. 

  618. 	 * @sa PHPCAS_LANG_FRENCH, PHPCAS_LANG_ENGLISH

    619. 

  619. 	 */

    620. 

  620. 	function setLang($lang) {

    621. 

  621. 		global $PHPCAS_CLIENT;

    622. 

  622. 		if (!is_object($PHPCAS_CLIENT)) {

    623. 

  623. 			phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');

    624. 

  624. 		}

    625. 

  625. 		if (gettype($lang) != 'string') {

    626. 

  626. 			phpCAS :: error('type mismatched for parameter $lang (should be `string\')');

    627. 

  627. 		}

    628. 

  628. 		$PHPCAS_CLIENT->setLang($lang);

    629. 

  629. 	}

    630. 

  630. 

    631. 

  631. 	/** @} */

    632. 

  632. 	// ########################################################################

    633. 

  633. 	//  VERSION

    634. 

  634. 	// ########################################################################

    635. 

  635. 	/**

    636. 

  636. 	 * @addtogroup public

    637. 

  637. 	 * @{

    638. 

  638. 	 */

    639. 

  639. 

    640. 

  640. 	/**

    641. 

  641. 	 * This method returns the phpCAS version.

    642. 

  642. 	 *

    643. 

  643. 	 * @return the phpCAS version.

    644. 

  644. 	 */

    645. 

  645. 	function getVersion() {

    646. 

  646. 		return PHPCAS_VERSION;

    647. 

  647. 	}

    648. 

  648. 

    649. 

  649. 	/** @} */

    650. 

  650. 	// ########################################################################

    651. 

  651. 	//  HTML OUTPUT

    652. 

  652. 	// ########################################################################

    653. 

  653. 	/**

    654. 

  654. 	 * @addtogroup publicOutput

    655. 

  655. 	 * @{

    656. 

  656. 	 */

    657. 

  657. 

    658. 

  658. 	/**

    659. 

  659. 	 * This method sets the HTML header used for all outputs.

    660. 

  660. 	 *

    661. 

  661. 	 * @param $header the HTML header.

    662. 

  662. 	 */

    663. 

  663. 	function setHTMLHeader($header) {

    664. 

  664. 		global $PHPCAS_CLIENT;

    665. 

  665. 		if (!is_object($PHPCAS_CLIENT)) {

    666. 

  666. 			phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');

    667. 

  667. 		}

    668. 

  668. 		if (gettype($header) != 'string') {

    669. 

  669. 			phpCAS :: error('type mismatched for parameter $header (should be `string\')');

    670. 

  670. 		}

    671. 

  671. 		$PHPCAS_CLIENT->setHTMLHeader($header);

    672. 

  672. 	}

    673. 

  673. 

    674. 

  674. 	/**

    675. 

  675. 	 * This method sets the HTML footer used for all outputs.

    676. 

  676. 	 *

    677. 

  677. 	 * @param $footer the HTML footer.

    678. 

  678. 	 */

    679. 

  679. 	function setHTMLFooter($footer) {

    680. 

  680. 		global $PHPCAS_CLIENT;

    681. 

  681. 		if (!is_object($PHPCAS_CLIENT)) {

    682. 

  682. 			phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');

    683. 

  683. 		}

    684. 

  684. 		if (gettype($footer) != 'string') {

    685. 

  685. 			phpCAS :: error('type mismatched for parameter $footer (should be `string\')');

    686. 

  686. 		}

    687. 

  687. 		$PHPCAS_CLIENT->setHTMLFooter($footer);

    688. 

  688. 	}

    689. 

  689. 

    690. 

  690. 	/** @} */

    691. 

  691. 	// ########################################################################

    692. 

  692. 	//  PGT STORAGE

    693. 

  693. 	// ########################################################################

    694. 

  694. 	/**

    695. 

  695. 	 * @addtogroup publicPGTStorage

    696. 

  696. 	 * @{

    697. 

  697. 	 */

    698. 

  698. 

    699. 

  699. 	/**

    700. 

  700. 	 * This method is used to tell phpCAS to store the response of the

    701. 

  701. 	 * CAS server to PGT requests onto the filesystem. 

    702. 

  702. 	 *

    703. 

  703. 	 * @param $format the format used to store the PGT's (`plain' and `xml' allowed)

    704. 

  704. 	 * @param $path the path where the PGT's should be stored

    705. 

  705. 	 */

    706. 

  706. 	function setPGTStorageFile($format = '', $path = '') {

    707. 

  707. 		global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;

    708. 

  708. 

    709. 

  709. 		phpCAS :: traceBegin();

    710. 

  710. 		if (!is_object($PHPCAS_CLIENT)) {

    711. 

  711. 			phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');

    712. 

  712. 		}

    713. 

  713. 		if (!$PHPCAS_CLIENT->isProxy()) {

    714. 

  714. 			phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');

    715. 

  715. 		}

    716. 

  716. 		if ($PHPCAS_AUTH_CHECK_CALL['done']) {

    717. 

  717. 			phpCAS :: error('this method should only be called before ' . $PHPCAS_AUTH_CHECK_CALL['method'] . '() (called at ' . $PHPCAS_AUTH_CHECK_CALL['file'] . ':' . $PHPCAS_AUTH_CHECK_CALL['line'] . ')');

    718. 

  718. 		}

    719. 

  719. 		if (gettype($format) != 'string') {

    720. 

  720. 			phpCAS :: error('type mismatched for parameter $format (should be `string\')');

    721. 

  721. 		}

    722. 

  722. 		if (gettype($path) != 'string') {

    723. 

  723. 			phpCAS :: error('type mismatched for parameter $format (should be `string\')');

    724. 

  724. 		}

    725. 

  725. 		$PHPCAS_CLIENT->setPGTStorageFile($format, $path);

    726. 

  726. 		phpCAS :: traceEnd();

    727. 

  727. 	}

    728. 

  728. 

    729. 

  729. 

    730. 

  730. 	/** @} */

    731. 

  731. 	// ########################################################################

    732. 

  732. 	// ACCESS TO EXTERNAL SERVICES

    733. 

  733. 	// ########################################################################

    734. 

  734. 	/**

    735. 

  735. 	 * @addtogroup publicServices

    736. 

  736. 	 * @{

    737. 

  737. 	 */

    738. 

  738. 

    739. 

  739. 	/**

    740. 

  740. 	 * This method is used to access an HTTP[S] service.

    741. 

  741. 	 * 

    742. 

  742. 	 * @param $url the service to access.

    743. 

  743. 	 * @param $err_code an error code Possible values are PHPCAS_SERVICE_OK (on

    744. 

  744. 	 * success), PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE, PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE,

    745. 

  745. 	 * PHPCAS_SERVICE_PT_FAILURE, PHPCAS_SERVICE_NOT AVAILABLE.

    746. 

  746. 	 * @param $output the output of the service (also used to give an error

    747. 

  747. 	 * message on failure).

    748. 

  748. 	 *

    749. 

  749. 	 * @return TRUE on success, FALSE otherwise (in this later case, $err_code

    750. 

  750. 	 * gives the reason why it failed and $output contains an error message).

    751. 

  751. 	 */

    752. 

  752. 	function serviceWeb($url, & $err_code, & $output) {

    753. 

  753. 		global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;

    754. 

  754. 

    755. 

  755. 		phpCAS :: traceBegin();

    756. 

  756. 		if (!is_object($PHPCAS_CLIENT)) {

    757. 

  757. 			phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');

    758. 

  758. 		}

    759. 

  759. 		if (!$PHPCAS_CLIENT->isProxy()) {

    760. 

  760. 			phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');

    761. 

  761. 		}

    762. 

  762. 		if (!$PHPCAS_AUTH_CHECK_CALL['done']) {

    763. 

  763. 			phpCAS :: error('this method should only be called after the programmer is sure the user has been authenticated (by calling ' . __CLASS__ . '::checkAuthentication() or ' . __CLASS__ . '::forceAuthentication()');

    764. 

  764. 		}

    765. 

  765. 		if (!$PHPCAS_AUTH_CHECK_CALL['result']) {

    766. 

  766. 			phpCAS :: error('authentication was checked (by ' . $PHPCAS_AUTH_CHECK_CALL['method'] . '() at ' . $PHPCAS_AUTH_CHECK_CALL['file'] . ':' . $PHPCAS_AUTH_CHECK_CALL['line'] . ') but the method returned FALSE');

    767. 

  767. 		}

    768. 

  768. 		if (gettype($url) != 'string') {

    769. 

  769. 			phpCAS :: error('type mismatched for parameter $url (should be `string\')');

    770. 

  770. 		}

    771. 

  771. 

    772. 

  772. 		$res = $PHPCAS_CLIENT->serviceWeb($url, $err_code, $output);

    773. 

  773. 

    774. 

  774. 		phpCAS :: traceEnd($res);

    775. 

  775. 		return $res;

    776. 

  776. 	}

    777. 

  777. 

    778. 

  778. 	/**

    779. 

  779. 	 * This method is used to access an IMAP/POP3/NNTP service.

    780. 

  780. 	 * 

    781. 

  781. 	 * @param $url a string giving the URL of the service, including the mailing box

    782. 

  782. 	 * for IMAP URLs, as accepted by imap_open().

    783. 

  783. 	 * @param $service a string giving for CAS retrieve Proxy ticket

    784. 

  784. 	 * @param $flags options given to imap_open().

    785. 

  785. 	 * @param $err_code an error code Possible values are PHPCAS_SERVICE_OK (on

    786. 

  786. 	 * success), PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE, PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE,

    787. 

  787. 	 * PHPCAS_SERVICE_PT_FAILURE, PHPCAS_SERVICE_NOT AVAILABLE.

    788. 

  788. 	 * @param $err_msg an error message on failure

    789. 

  789. 	 * @param $pt the Proxy Ticket (PT) retrieved from the CAS server to access the URL

    790. 

  790. 	 * on success, FALSE on error).

    791. 

  791. 	 *

    792. 

  792. 	 * @return an IMAP stream on success, FALSE otherwise (in this later case, $err_code

    793. 

  793. 	 * gives the reason why it failed and $err_msg contains an error message).

    794. 

  794. 	 */

    795. 

  795. 	function serviceMail($url, $service, $flags, & $err_code, & $err_msg, & $pt) {

    796. 

  796. 		global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;

    797. 

  797. 

    798. 

  798. 		phpCAS :: traceBegin();

    799. 

  799. 		if (!is_object($PHPCAS_CLIENT)) {

    800. 

  800. 			phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');

    801. 

  801. 		}

    802. 

  802. 		if (!$PHPCAS_CLIENT->isProxy()) {

    803. 

  803. 			phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');

    804. 

  804. 		}

    805. 

  805. 		if (!$PHPCAS_AUTH_CHECK_CALL['done']) {

    806. 

  806. 			phpCAS :: error('this method should only be called after the programmer is sure the user has been authenticated (by calling ' . __CLASS__ . '::checkAuthentication() or ' . __CLASS__ . '::forceAuthentication()');

    807. 

  807. 		}

    808. 

  808. 		if (!$PHPCAS_AUTH_CHECK_CALL['result']) {

    809. 

  809. 			phpCAS :: error('authentication was checked (by ' . $PHPCAS_AUTH_CHECK_CALL['method'] . '() at ' . $PHPCAS_AUTH_CHECK_CALL['file'] . ':' . $PHPCAS_AUTH_CHECK_CALL['line'] . ') but the method returned FALSE');

    810. 

  810. 		}

    811. 

  811. 		if (gettype($url) != 'string') {

    812. 

  812. 			phpCAS :: error('type mismatched for parameter $url (should be `string\')');

    813. 

  813. 		}

    814. 

  814. 

    815. 

  815. 		if (gettype($flags) != 'integer') {

    816. 

  816. 			phpCAS :: error('type mismatched for parameter $flags (should be `integer\')');

    817. 

  817. 		}

    818. 

  818. 

    819. 

  819. 		$res = $PHPCAS_CLIENT->serviceMail($url, $service, $flags, $err_code, $err_msg, $pt);

    820. 

  820. 

    821. 

  821. 		phpCAS :: traceEnd($res);

    822. 

  822. 		return $res;

    823. 

  823. 	}

    824. 

  824. 

    825. 

  825. 	/** @} */

    826. 

  826. 	// ########################################################################

    827. 

  827. 	//  AUTHENTICATION

    828. 

  828. 	// ########################################################################

    829. 

  829. 	/**

    830. 

  830. 	 * @addtogroup publicAuth

    831. 

  831. 	 * @{

    832. 

  832. 	 */

    833. 

  833. 

    834. 

  834. 	/**

    835. 

  835. 	 * Set the times authentication will be cached before really accessing the CAS server in gateway mode: 

    836. 

  836. 	 * - -1: check only once, and then never again (until you pree login)

    837. 

  837. 	 * - 0: always check

    838. 

  838. 	 * - n: check every "n" time

    839. 

  839. 	 *

    840. 

  840. 	 * @param $n an integer.

    841. 

  841. 	 */

    842. 

  842. 	function setCacheTimesForAuthRecheck($n) {

    843. 

  843. 		global $PHPCAS_CLIENT;

    844. 

  844. 		if (!is_object($PHPCAS_CLIENT)) {

    845. 

  845. 			phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');

    846. 

  846. 		}

    847. 

  847. 		if (gettype($n) != 'integer') {

    848. 

  848. 			phpCAS :: error('type mismatched for parameter $header (should be `string\')');

    849. 

  849. 		}

    850. 

  850. 		$PHPCAS_CLIENT->setCacheTimesForAuthRecheck($n);

    851. 

  851. 	}

    852. 

  852. 

    853. 

  853. 	/**

    854. 

  854. 	 * This method is called to check if the user is authenticated (use the gateway feature).

    855. 

  855. 	 * @return TRUE when the user is authenticated; otherwise FALSE.

    856. 

  856. 	 */

    857. 

  857. 	function checkAuthentication() {

    858. 

  858. 		global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;

    859. 

  859. 

    860. 

  860. 		phpCAS :: traceBegin();

    861. 

  861. 		if (!is_object($PHPCAS_CLIENT)) {

    862. 

  862. 			phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');

    863. 

  863. 		}

    864. 

  864. 

    865. 

  865. 		$auth = $PHPCAS_CLIENT->checkAuthentication();

    866. 

  866. 

    867. 

  867. 		// store where the authentication has been checked and the result

    868. 

  868. 		$dbg = phpCAS :: backtrace();

    869. 

  869. 		$PHPCAS_AUTH_CHECK_CALL = array (

    870. 

  870. 			'done' => TRUE,

    871. 

  871. 			'file' => $dbg[0]['file'],

    872. 

  872. 			'line' => $dbg[0]['line'],

    873. 

  873. 			'method' => __CLASS__ . '::' . __FUNCTION__,

    874. 

  874. 			'result' => $auth

    875. 

  875. 		);

    876. 

  876. 		phpCAS :: traceEnd($auth);

    877. 

  877. 		return $auth;

    878. 

  878. 	}

    879. 

  879. 

    880. 

  880. 	/**

    881. 

  881. 	 * This method is called to force authentication if the user was not already 

    882. 

  882. 	 * authenticated. If the user is not authenticated, halt by redirecting to 

    883. 

  883. 	 * the CAS server.

    884. 

  884. 	 */

    885. 

  885. 	function forceAuthentication() {

    886. 

  886. 		global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;

    887. 

  887. 

    888. 

  888. 		phpCAS :: traceBegin();

    889. 

  889. 		if (!is_object($PHPCAS_CLIENT)) {

    890. 

  890. 			phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');

    891. 

  891. 		}

    892. 

  892. 

    893. 

  893. 		$auth = $PHPCAS_CLIENT->forceAuthentication();

    894. 

  894. 

    895. 

  895. 		// store where the authentication has been checked and the result

    896. 

  896. 		$dbg = phpCAS :: backtrace();

    897. 

  897. 		$PHPCAS_AUTH_CHECK_CALL = array (

    898. 

  898. 			'done' => TRUE,

    899. 

  899. 			'file' => $dbg[0]['file'],

    900. 

  900. 			'line' => $dbg[0]['line'],

    901. 

  901. 			'method' => __CLASS__ . '::' . __FUNCTION__,

    902. 

  902. 			'result' => $auth

    903. 

  903. 		);

    904. 

  904. 

    905. 

  905. 		if (!$auth) {

    906. 

  906. 			phpCAS :: trace('user is not authenticated, redirecting to the CAS server');

    907. 

  907. 			$PHPCAS_CLIENT->forceAuthentication();

    908. 

  908. 		} else {

    909. 

  909. 			phpCAS :: trace('no need to authenticate (user `' . phpCAS :: getUser() . '\' is already authenticated)');

    910. 

  910. 		}

    911. 

  911. 

    912. 

  912. 		phpCAS :: traceEnd();

    913. 

  913. 		return $auth;

    914. 

  914. 	}

    915. 

  915. 

    916. 

  916. 	/**

    917. 

  917. 	 * This method is called to renew the authentication.

    918. 

  918. 	 **/

    919. 

  919. 	function renewAuthentication() {

    920. 

  920. 		global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;

    921. 

  921. 

    922. 

  922. 		phpCAS :: traceBegin();

    923. 

  923. 		if (!is_object($PHPCAS_CLIENT)) {

    924. 

  924. 			phpCAS :: error('this method should not be called before' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');

    925. 

  925. 		}

    926. 

  926. 

    927. 

  927. 		// store where the authentication has been checked and the result

    928. 

  928. 		$dbg = phpCAS :: backtrace();

    929. 

  929. 		$PHPCAS_AUTH_CHECK_CALL = array (

    930. 

  930. 			'done' => TRUE,

    931. 

  931. 			'file' => $dbg[0]['file'],

    932. 

  932. 			'line' => $dbg[0]['line'],

    933. 

  933. 			'method' => __CLASS__ . '::' . __FUNCTION__,

    934. 

  934. 			'result' => $auth

    935. 

  935. 		);

    936. 

  936. 

    937. 

  937. 		$PHPCAS_CLIENT->renewAuthentication();

    938. 

  938. 		phpCAS :: traceEnd();

    939. 

  939. 	}

    940. 

  940. 

    941. 

  941. 	/**

    942. 

  942. 	 * This method has been left from version 0.4.1 for compatibility reasons.

    943. 

  943. 	 */

    944. 

  944. 	function authenticate() {

    945. 

  945. 		phpCAS :: error('this method is deprecated. You should use ' . __CLASS__ . '::forceAuthentication() instead');

    946. 

  946. 	}

    947. 

  947. 

    948. 

  948. 	/**

    949. 

  949. 	 * This method is called to check if the user is authenticated (previously or by

    950. 

  950. 	 * tickets given in the URL).

    951. 

  951. 	 *

    952. 

  952. 	 * @return TRUE when the user is authenticated.

    953. 

  953. 	 */

    954. 

  954. 	function isAuthenticated() {

    955. 

  955. 		global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;

    956. 

  956. 

    957. 

  957. 		phpCAS :: traceBegin();

    958. 

  958. 		if (!is_object($PHPCAS_CLIENT)) {

    959. 

  959. 			phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');

    960. 

  960. 		}

    961. 

  961. 

    962. 

  962. 		// call the isAuthenticated method of the global $PHPCAS_CLIENT object

    963. 

  963. 		$auth = $PHPCAS_CLIENT->isAuthenticated();

    964. 

  964. 

    965. 

  965. 		// store where the authentication has been checked and the result

    966. 

  966. 		$dbg = phpCAS :: backtrace();

    967. 

  967. 		$PHPCAS_AUTH_CHECK_CALL = array (

    968. 

  968. 			'done' => TRUE,

    969. 

  969. 			'file' => $dbg[0]['file'],

    970. 

  970. 			'line' => $dbg[0]['line'],

    971. 

  971. 			'method' => __CLASS__ . '::' . __FUNCTION__,

    972. 

  972. 			'result' => $auth

    973. 

  973. 		);

    974. 

  974. 		phpCAS :: traceEnd($auth);

    975. 

  975. 		return $auth;

    976. 

  976. 	}

    977. 

  977. 

    978. 

  978. 	/**

    979. 

  979. 	 * Checks whether authenticated based on $_SESSION. Useful to avoid

    980. 

  980. 	 * server calls.

    981. 

  981. 	 * @return true if authenticated, false otherwise.

    982. 

  982. 	 * @since 0.4.22 by Brendan Arnold

    983. 

  983. 	 */

    984. 

  984. 	function isSessionAuthenticated() {

    985. 

  985. 		global $PHPCAS_CLIENT;

    986. 

  986. 		if (!is_object($PHPCAS_CLIENT)) {

    987. 

  987. 			phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');

    988. 

  988. 		}

    989. 

  989. 		return ($PHPCAS_CLIENT->isSessionAuthenticated());

    990. 

  990. 	}

    991. 

  991. 

    992. 

  992. 	/**

    993. 

  993. 	 * This method returns the CAS user's login name.

    994. 

  994. 	 * @warning should not be called only after phpCAS::forceAuthentication()

    995. 

  995. 	 * or phpCAS::checkAuthentication().

    996. 

  996. 	 *

    997. 

  997. 	 * @return the login name of the authenticated user

    998. 

  998. 	 */

    999. 

  999. 	function getUser() {

    1000. 

  1000. 		global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;

    1001. 

  1001. 		if (!is_object($PHPCAS_CLIENT)) {

    1002. 

  1002. 			phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');

    1003. 

  1003. 		}

    1004. 

  1004. 		if (!$PHPCAS_AUTH_CHECK_CALL['done']) {

    1005. 

  1005. 			phpCAS :: error('this method should only be called after ' . __CLASS__ . '::forceAuthentication() or ' . __CLASS__ . '::isAuthenticated()');

    1006. 

  1006. 		}

    1007. 

  1007. 		if (!$PHPCAS_AUTH_CHECK_CALL['result']) {

    1008. 

  1008. 			phpCAS :: error('authentication was checked (by ' . $PHPCAS_AUTH_CHECK_CALL['method'] . '() at ' . $PHPCAS_AUTH_CHECK_CALL['file'] . ':' . $PHPCAS_AUTH_CHECK_CALL['line'] . ') but the method returned FALSE');

    1009. 

  1009. 		}

    1010. 

  1010. 		return $PHPCAS_CLIENT->getUser();

    1011. 

  1011. 	}

    1012. 

  1012. 

    1013. 

  1013. 	/**

    1014. 

  1014. 	 * This method returns the CAS user's login name.

    1015. 

  1015. 	 * @warning should not be called only after phpCAS::forceAuthentication()

    1016. 

  1016. 	 * or phpCAS::checkAuthentication().

    1017. 

  1017. 	 *

    1018. 

  1018. 	 * @return the login name of the authenticated user

    1019. 

  1019. 	 */

    1020. 

  1020. 	function getAttributes() {

    1021. 

  1021. 		global $PHPCAS_CLIENT, $PHPCAS_AUTH_CHECK_CALL;

    1022. 

  1022. 		if (!is_object($PHPCAS_CLIENT)) {

    1023. 

  1023. 			phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');

    1024. 

  1024. 		}

    1025. 

  1025. 		if (!$PHPCAS_AUTH_CHECK_CALL['done']) {

    1026. 

  1026. 			phpCAS :: error('this method should only be called after ' . __CLASS__ . '::forceAuthentication() or ' . __CLASS__ . '::isAuthenticated()');

    1027. 

  1027. 		}

    1028. 

  1028. 		if (!$PHPCAS_AUTH_CHECK_CALL['result']) {

    1029. 

  1029. 			phpCAS :: error('authentication was checked (by ' . $PHPCAS_AUTH_CHECK_CALL['method'] . '() at ' . $PHPCAS_AUTH_CHECK_CALL['file'] . ':' . $PHPCAS_AUTH_CHECK_CALL['line'] . ') but the method returned FALSE');

    1030. 

  1030. 		}

    1031. 

  1031. 		return $PHPCAS_CLIENT->getAttributes();

    1032. 

  1032. 	}

    1033. 

  1033. 	/**

    1034. 

  1034. 	 * Handle logout requests.

    1035. 

  1035. 	 */

    1036. 

  1036. 	function handleLogoutRequests($check_client = true, $allowed_clients = false) {

    1037. 

  1037. 		global $PHPCAS_CLIENT;

    1038. 

  1038. 		if (!is_object($PHPCAS_CLIENT)) {

    1039. 

  1039. 			phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');

    1040. 

  1040. 		}

    1041. 

  1041. 		return ($PHPCAS_CLIENT->handleLogoutRequests($check_client, $allowed_clients));

    1042. 

  1042. 	}

    1043. 

  1043. 

    1044. 

  1044. 	/**

    1045. 

  1045. 	 * This method returns the URL to be used to login.

    1046. 

  1046. 	 * or phpCAS::isAuthenticated().

    1047. 

  1047. 	 *

    1048. 

  1048. 	 * @return the login name of the authenticated user

    1049. 

  1049. 	 */

    1050. 

  1050. 	function getServerLoginURL() {

    1051. 

  1051. 		global $PHPCAS_CLIENT;

    1052. 

  1052. 		if (!is_object($PHPCAS_CLIENT)) {

    1053. 

  1053. 			phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');

    1054. 

  1054. 		}

    1055. 

  1055. 		return $PHPCAS_CLIENT->getServerLoginURL();

    1056. 

  1056. 	}

    1057. 

  1057. 

    1058. 

  1058. 	/**

    1059. 

  1059. 	 * Set the login URL of the CAS server.

    1060. 

  1060. 	 * @param $url the login URL

    1061. 

  1061. 	 * @since 0.4.21 by Wyman Chan

    1062. 

  1062. 	 */

    1063. 

  1063. 	function setServerLoginURL($url = '') {

    1064. 

  1064. 		global $PHPCAS_CLIENT;

    1065. 

  1065. 		phpCAS :: traceBegin();

    1066. 

  1066. 		if (!is_object($PHPCAS_CLIENT)) {

    1067. 

  1067. 			phpCAS :: error('this method should only be called after

    1068. 

  1068. 							' . __CLASS__ . '::client()');

    1069. 

  1069. 		}

    1070. 

  1070. 		if (gettype($url) != 'string') {

    1071. 

  1071. 			phpCAS :: error('type mismatched for parameter $url (should be

    1072. 

  1072. 						`string\')');

    1073. 

  1073. 		}

    1074. 

  1074. 		$PHPCAS_CLIENT->setServerLoginURL($url);

    1075. 

  1075. 		phpCAS :: traceEnd();

    1076. 

  1076. 	}

    1077. 

  1077. 

    1078. 

  1078. 	/**

    1079. 

  1079. 	 * Set the serviceValidate URL of the CAS server.

    1080. 

  1080. 	 * Used only in CAS 1.0 validations

    1081. 

  1081. 	 * @param $url the serviceValidate URL

    1082. 

  1082. 	 * @since 1.1.0 by Joachim Fritschi

    1083. 

  1083. 	 */

    1084. 

  1084. 	function setServerServiceValidateURL($url = '') {

    1085. 

  1085. 		global $PHPCAS_CLIENT;

    1086. 

  1086. 		phpCAS :: traceBegin();

    1087. 

  1087. 		if (!is_object($PHPCAS_CLIENT)) {

    1088. 

  1088. 			phpCAS :: error('this method should only be called after

    1089. 

  1089. 							' . __CLASS__ . '::client()');

    1090. 

  1090. 		}

    1091. 

  1091. 		if (gettype($url) != 'string') {

    1092. 

  1092. 			phpCAS :: error('type mismatched for parameter $url (should be

    1093. 

  1093. 						`string\')');

    1094. 

  1094. 		}

    1095. 

  1095. 		$PHPCAS_CLIENT->setServerServiceValidateURL($url);

    1096. 

  1096. 		phpCAS :: traceEnd();

    1097. 

  1097. 	}

    1098. 

  1098. 

    1099. 

  1099. 	/**

    1100. 

  1100. 	 * Set the proxyValidate URL of the CAS server.

    1101. 

  1101. 	 * Used for all CAS 2.0 validations

    1102. 

  1102. 	 * @param $url the proxyValidate URL

    1103. 

  1103. 	 * @since 1.1.0 by Joachim Fritschi

    1104. 

  1104. 	 */

    1105. 

  1105. 	function setServerProxyValidateURL($url = '') {

    1106. 

  1106. 		global $PHPCAS_CLIENT;

    1107. 

  1107. 		phpCAS :: traceBegin();

    1108. 

  1108. 		if (!is_object($PHPCAS_CLIENT)) {

    1109. 

  1109. 			phpCAS :: error('this method should only be called after

    1110. 

  1110. 							' . __CLASS__ . '::client()');

    1111. 

  1111. 		}

    1112. 

  1112. 		if (gettype($url) != 'string') {

    1113. 

  1113. 			phpCAS :: error('type mismatched for parameter $url (should be

    1114. 

  1114. 						`string\')');

    1115. 

  1115. 		}

    1116. 

  1116. 		$PHPCAS_CLIENT->setServerProxyValidateURL($url);

    1117. 

  1117. 		phpCAS :: traceEnd();

    1118. 

  1118. 	}

    1119. 

  1119. 

    1120. 

  1120. 	/**

    1121. 

  1121. 	 * Set the samlValidate URL of the CAS server.

    1122. 

  1122. 	 * @param $url the samlValidate URL

    1123. 

  1123. 	 * @since 1.1.0 by Joachim Fritschi

    1124. 

  1124. 	 */

    1125. 

  1125. 	function setServerSamlValidateURL($url = '') {

    1126. 

  1126. 		global $PHPCAS_CLIENT;

    1127. 

  1127. 		phpCAS :: traceBegin();

    1128. 

  1128. 		if (!is_object($PHPCAS_CLIENT)) {

    1129. 

  1129. 			phpCAS :: error('this method should only be called after

    1130. 

  1130. 							' . __CLASS__ . '::client()');

    1131. 

  1131. 		}

    1132. 

  1132. 		if (gettype($url) != 'string') {

    1133. 

  1133. 			phpCAS :: error('type mismatched for parameter $url (should be

    1134. 

  1134. 						`string\')');

    1135. 

  1135. 		}

    1136. 

  1136. 		$PHPCAS_CLIENT->setServerSamlValidateURL($url);

    1137. 

  1137. 		phpCAS :: traceEnd();

    1138. 

  1138. 	}

    1139. 

  1139. 

    1140. 

  1140. 	/**

    1141. 

  1141. 	 * This method returns the URL to be used to login.

    1142. 

  1142. 	 * or phpCAS::isAuthenticated().

    1143. 

  1143. 	 *

    1144. 

  1144. 	 * @return the login name of the authenticated user

    1145. 

  1145. 	 */

    1146. 

  1146. 	function getServerLogoutURL() {

    1147. 

  1147. 		global $PHPCAS_CLIENT;

    1148. 

  1148. 		if (!is_object($PHPCAS_CLIENT)) {

    1149. 

  1149. 			phpCAS :: error('this method should not be called before ' . __CLASS__ . '::client() or ' . __CLASS__ . '::proxy()');

    1150. 

  1150. 		}

    1151. 

  1151. 		return $PHPCAS_CLIENT->getServerLogoutURL();

    1152. 

  1152. 	}

    1153. 

  1153. 

    1154. 

  1154. 	/**

    1155. 

  1155. 	 * Set the logout URL of the CAS server.

    1156. 

  1156. 	 * @param $url the logout URL

    1157. 

  1157. 	 * @since 0.4.21 by Wyman Chan

    1158. 

  1158. 	 */

    1159. 

  1159. 	function setServerLogoutURL($url = '') {

    1160. 

  1160. 		global $PHPCAS_CLIENT;

    1161. 

  1161. 		phpCAS :: traceBegin();

    1162. 

  1162. 		if (!is_object($PHPCAS_CLIENT)) {

    1163. 

  1163. 			phpCAS :: error('this method should only be called after

    1164. 

  1164. 							' . __CLASS__ . '::client()');

    1165. 

  1165. 		}

    1166. 

  1166. 		if (gettype($url) != 'string') {

    1167. 

  1167. 			phpCAS :: error('type mismatched for parameter $url (should be

    1168. 

  1168. 						`string\')');

    1169. 

  1169. 		}

    1170. 

  1170. 		$PHPCAS_CLIENT->setServerLogoutURL($url);

    1171. 

  1171. 		phpCAS :: traceEnd();

    1172. 

  1172. 	}

    1173. 

  1173. 

    1174. 

  1174. 	/**

    1175. 

  1175. 	 * This method is used to logout from CAS.

    1176. 

  1176. 	 * @params $params an array that contains the optional url and service parameters that will be passed to the CAS server

    1177. 

  1177. 	 * @public

    1178. 

  1178. 	 */

    1179. 

  1179. 	function logout($params = "") {

    1180. 

  1180. 		global $PHPCAS_CLIENT;

    1181. 

  1181. 		phpCAS :: traceBegin();

    1182. 

  1182. 		if (!is_object($PHPCAS_CLIENT)) {

    1183. 

  1183. 			phpCAS :: error('this method should only be called after ' . __CLASS__ . '::client() or' . __CLASS__ . '::proxy()');

    1184. 

  1184. 		}

    1185. 

  1185. 		$parsedParams = array ();

    1186. 

  1186. 		if ($params != "") {

    1187. 

  1187. 			if (is_string($params)) {

    1188. 

  1188. 				phpCAS :: error('method `phpCAS::logout($url)\' is now deprecated, use `phpCAS::logoutWithUrl($url)\' instead');

    1189. 

  1189. 			}

    1190. 

  1190. 			if (!is_array($params)) {

    1191. 

  1191. 				phpCAS :: error('type mismatched for parameter $params (should be `array\')');

    1192. 

  1192. 			}

    1193. 

  1193. 			foreach ($params as $key => $value) {

    1194. 

  1194. 				if ($key != "service" && $key != "url") {

    1195. 

  1195. 					phpCAS :: error('only `url\' and `service\' parameters are allowed for method `phpCAS::logout($params)\'');

    1196. 

  1196. 				}

    1197. 

  1197. 				$parsedParams[$key] = $value;

    1198. 

  1198. 			}

    1199. 

  1199. 		}

    1200. 

  1200. 		$PHPCAS_CLIENT->logout($parsedParams);

    1201. 

  1201. 		// never reached

    1202. 

  1202. 		phpCAS :: traceEnd();

    1203. 

  1203. 	}

    1204. 

  1204. 

    1205. 

  1205. 	/**

    1206. 

  1206. 	 * This method is used to logout from CAS. Halts by redirecting to the CAS server.

    1207. 

  1207. 	 * @param $service a URL that will be transmitted to the CAS server

    1208. 

  1208. 	 */

    1209. 

  1209. 	function logoutWithRedirectService($service) {

    1210. 

  1210. 		global $PHPCAS_CLIENT;

    1211. 

  1211. 		phpCAS :: traceBegin();

    1212. 

  1212. 		if (!is_object($PHPCAS_CLIENT)) {

    1213. 

  1213. 			phpCAS :: error('this method should only be called after ' . __CLASS__ . '::client() or' . __CLASS__ . '::proxy()');

    1214. 

  1214. 		}

    1215. 

  1215. 		if (!is_string($service)) {

    1216. 

  1216. 			phpCAS :: error('type mismatched for parameter $service (should be `string\')');

    1217. 

  1217. 		}

    1218. 

  1218. 		$PHPCAS_CLIENT->logout(array (

    1219. 

  1219. 			"service" => $service

    1220. 

  1220. 		));

    1221. 

  1221. 		// never reached

    1222. 

  1222. 		phpCAS :: traceEnd();

    1223. 

  1223. 	}

    1224. 

  1224. 

    1225. 

  1225. 	/**

    1226. 

  1226. 	 * This method is used to logout from CAS. Halts by redirecting to the CAS server.

    1227. 

  1227. 	 * @param $url a URL that will be transmitted to the CAS server

    1228. 

  1228. 	 */

    1229. 

  1229. 	function logoutWithUrl($url) {

    1230. 

  1230. 		global $PHPCAS_CLIENT;

    1231. 

  1231. 		phpCAS :: traceBegin();

    1232. 

  1232. 		if (!is_object($PHPCAS_CLIENT)) {

    1233. 

  1233. 			phpCAS :: error('this method should only be called after ' . __CLASS__ . '::client() or' . __CLASS__ . '::proxy()');

    1234. 

  1234. 		}

    1235. 

  1235. 		if (!is_string($url)) {

    1236. 

  1236. 			phpCAS :: error('type mismatched for parameter $url (should be `string\')');

    1237. 

  1237. 		}

    1238. 

  1238. 		$PHPCAS_CLIENT->logout(array (

    1239. 

  1239. 			"url" => $url

    1240. 

  1240. 		));

    1241. 

  1241. 		// never reached

    1242. 

  1242. 		phpCAS :: traceEnd();

    1243. 

  1243. 	}

    1244. 

  1244. 

    1245. 

  1245. 	/**

    1246. 

  1246. 	 * This method is used to logout from CAS. Halts by redirecting to the CAS server.

    1247. 

  1247. 	 * @param $service a URL that will be transmitted to the CAS server

    1248. 

  1248. 	 * @param $url a URL that will be transmitted to the CAS server

    1249. 

  1249. 	 */

    1250. 

  1250. 	function logoutWithRedirectServiceAndUrl($service, $url) {

    1251. 

  1251. 		global $PHPCAS_CLIENT;

    1252. 

  1252. 		phpCAS :: traceBegin();

    1253. 

  1253. 		if (!is_object($PHPCAS_CLIENT)) {

    1254. 

  1254. 			phpCAS :: error('this method should only be called after ' . __CLASS__ . '::client() or' . __CLASS__ . '::proxy()');

    1255. 

  1255. 		}

    1256. 

  1256. 		if (!is_string($service)) {

    1257. 

  1257. 			phpCAS :: error('type mismatched for parameter $service (should be `string\')');

    1258. 

  1258. 		}

    1259. 

  1259. 		if (!is_string($url)) {

    1260. 

  1260. 			phpCAS :: error('type mismatched for parameter $url (should be `string\')');

    1261. 

  1261. 		}

    1262. 

  1262. 		$PHPCAS_CLIENT->logout(array (

    1263. 

  1263. 			"service" => $service,

    1264. 

  1264. 			"url" => $url

    1265. 

  1265. 		));

    1266. 

  1266. 		// never reached

    1267. 

  1267. 		phpCAS :: traceEnd();

    1268. 

  1268. 	}

    1269. 

  1269. 

    1270. 

  1270. 	/**

    1271. 

  1271. 	 * Set the fixed URL that will be used by the CAS server to transmit the PGT.

    1272. 

  1272. 	 * When this method is not called, a phpCAS script uses its own URL for the callback.

    1273. 

  1273. 	 *

    1274. 

  1274. 	 * @param $url the URL

    1275. 

  1275. 	 */

    1276. 

  1276. 	function setFixedCallbackURL($url = '') {

    1277. 

  1277. 		global $PHPCAS_CLIENT;

    1278. 

  1278. 		phpCAS :: traceBegin();

    1279. 

  1279. 		if (!is_object($PHPCAS_CLIENT)) {

    1280. 

  1280. 			phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');

    1281. 

  1281. 		}

    1282. 

  1282. 		if (!$PHPCAS_CLIENT->isProxy()) {

    1283. 

  1283. 			phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');

    1284. 

  1284. 		}

    1285. 

  1285. 		if (gettype($url) != 'string') {

    1286. 

  1286. 			phpCAS :: error('type mismatched for parameter $url (should be `string\')');

    1287. 

  1287. 		}

    1288. 

  1288. 		$PHPCAS_CLIENT->setCallbackURL($url);

    1289. 

  1289. 		phpCAS :: traceEnd();

    1290. 

  1290. 	}

    1291. 

  1291. 

    1292. 

  1292. 	/**

    1293. 

  1293. 	 * Set the fixed URL that will be set as the CAS service parameter. When this

    1294. 

  1294. 	 * method is not called, a phpCAS script uses its own URL.

    1295. 

  1295. 	 *

    1296. 

  1296. 	 * @param $url the URL

    1297. 

  1297. 	 */

    1298. 

  1298. 	function setFixedServiceURL($url) {

    1299. 

  1299. 		global $PHPCAS_CLIENT;

    1300. 

  1300. 		phpCAS :: traceBegin();

    1301. 

  1301. 		if (!is_object($PHPCAS_CLIENT)) {

    1302. 

  1302. 			phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');

    1303. 

  1303. 		}

    1304. 

  1304. 		if (gettype($url) != 'string') {

    1305. 

  1305. 			phpCAS :: error('type mismatched for parameter $url (should be `string\')');

    1306. 

  1306. 		}

    1307. 

  1307. 		$PHPCAS_CLIENT->setURL($url);

    1308. 

  1308. 		phpCAS :: traceEnd();

    1309. 

  1309. 	}

    1310. 

  1310. 

    1311. 

  1311. 	/**

    1312. 

  1312. 	 * Get the URL that is set as the CAS service parameter.

    1313. 

  1313. 	 */

    1314. 

  1314. 	function getServiceURL() {

    1315. 

  1315. 		global $PHPCAS_CLIENT;

    1316. 

  1316. 		if (!is_object($PHPCAS_CLIENT)) {

    1317. 

  1317. 			phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');

    1318. 

  1318. 		}

    1319. 

  1319. 		return ($PHPCAS_CLIENT->getURL());

    1320. 

  1320. 	}

    1321. 

  1321. 

    1322. 

  1322. 	/**

    1323. 

  1323. 	 * Retrieve a Proxy Ticket from the CAS server.

    1324. 

  1324. 	 */

    1325. 

  1325. 	function retrievePT($target_service, & $err_code, & $err_msg) {

    1326. 

  1326. 		global $PHPCAS_CLIENT;

    1327. 

  1327. 		if (!is_object($PHPCAS_CLIENT)) {

    1328. 

  1328. 			phpCAS :: error('this method should only be called after ' . __CLASS__ . '::proxy()');

    1329. 

  1329. 		}

    1330. 

  1330. 		if (gettype($target_service) != 'string') {

    1331. 

  1331. 			phpCAS :: error('type mismatched for parameter $target_service(should be `string\')');

    1332. 

  1332. 		}

    1333. 

  1333. 		return ($PHPCAS_CLIENT->retrievePT($target_service, $err_code, $err_msg));

    1334. 

  1334. 	}

    1335. 

  1335. 

    1336. 

  1336. 	/**

    1337. 

  1337. 	 * Set the certificate of the CAS server.

    1338. 

  1338. 	 *

    1339. 

  1339. 	 * @param $cert the PEM certificate

    1340. 

  1340. 	 */

    1341. 

  1341. 	function setCasServerCert($cert) {

    1342. 

  1342. 		global $PHPCAS_CLIENT;

    1343. 

  1343. 		phpCAS :: traceBegin();

    1344. 

  1344. 		if (!is_object($PHPCAS_CLIENT)) {

    1345. 

  1345. 			phpCAS :: error('this method should only be called after ' . __CLASS__ . '::client() or' . __CLASS__ . '::proxy()');

    1346. 

  1346. 		}

    1347. 

  1347. 		if (gettype($cert) != 'string') {

    1348. 

  1348. 			phpCAS :: error('type mismatched for parameter $cert (should be `string\')');

    1349. 

  1349. 		}

    1350. 

  1350. 		$PHPCAS_CLIENT->setCasServerCert($cert);

    1351. 

  1351. 		phpCAS :: traceEnd();

    1352. 

  1352. 	}

    1353. 

  1353. 

    1354. 

  1354. 	/**

    1355. 

  1355. 	 * Set the certificate of the CAS server CA.

    1356. 

  1356. 	 *

    1357. 

  1357. 	 * @param $cert the CA certificate

    1358. 

  1358. 	 */

    1359. 

  1359. 	function setCasServerCACert($cert) {

    1360. 

  1360. 		global $PHPCAS_CLIENT;

    1361. 

  1361. 		phpCAS :: traceBegin();

    1362. 

  1362. 		if (!is_object($PHPCAS_CLIENT)) {

    1363. 

  1363. 			phpCAS :: error('this method should only be called after ' . __CLASS__ . '::client() or' . __CLASS__ . '::proxy()');

    1364. 

  1364. 		}

    1365. 

  1365. 		if (gettype($cert) != 'string') {

    1366. 

  1366. 			phpCAS :: error('type mismatched for parameter $cert (should be `string\')');

    1367. 

  1367. 		}

    1368. 

  1368. 		$PHPCAS_CLIENT->setCasServerCACert($cert);

    1369. 

  1369. 		phpCAS :: traceEnd();

    1370. 

  1370. 	}

    1371. 

  1371. 

    1372. 

  1372. 	/**

    1373. 

  1373. 	 * Set no SSL validation for the CAS server.

    1374. 

  1374. 	 */

    1375. 

  1375. 	function setNoCasServerValidation() {

    1376. 

  1376. 		global $PHPCAS_CLIENT;

    1377. 

  1377. 		phpCAS :: traceBegin();

    1378. 

  1378. 		if (!is_object($PHPCAS_CLIENT)) {

    1379. 

  1379. 			phpCAS :: error('this method should only be called after ' . __CLASS__ . '::client() or' . __CLASS__ . '::proxy()');

    1380. 

  1380. 		}

    1381. 

  1381. 		$PHPCAS_CLIENT->setNoCasServerValidation();

    1382. 

  1382. 		phpCAS :: traceEnd();

    1383. 

  1383. 	}

    1384. 

  1384. 

    1385. 

  1385. 	/** @} */

    1386. 

  1386. 

    1387. 

  1387. 	/**

    1388. 

  1388. 	 * Change CURL options.

    1389. 

  1389. 	 * CURL is used to connect through HTTPS to CAS server

    1390. 

  1390. 	 * @param $key the option key

    1391. 

  1391. 	 * @param $value the value to set

    1392. 

  1392. 	 */

    1393. 

  1393. 	function setExtraCurlOption($key, $value) {

    1394. 

  1394. 		global $PHPCAS_CLIENT;

    1395. 

  1395. 		phpCAS :: traceBegin();

    1396. 

  1396. 		if (!is_object($PHPCAS_CLIENT)) {

    1397. 

  1397. 			phpCAS :: error('this method should only be called after ' . __CLASS__ . '::client() or' . __CLASS__ . '::proxy()');

    1398. 

  1398. 		}

    1399. 

  1399. 		$PHPCAS_CLIENT->setExtraCurlOption($key, $value);

    1400. 

  1400. 		phpCAS :: traceEnd();

    1401. 

  1401. 	}

    1402. 

  1402. 

    1403. 

  1403. }

    1404. 

  1404. 

    1405. 

  1405. // ########################################################################

    1406. 

  1406. // DOCUMENTATION

    1407. 

  1407. // ########################################################################

    1408. 

  1408. 

    1409. 

  1409. // ########################################################################

    1410. 

  1410. //  MAIN PAGE

    1411. 

  1411. 

    1412. 

  1412. /**

    1413. 

  1413.  * @mainpage

    1414. 

  1414.  *

    1415. 

  1415.  * The following pages only show the source documentation.

    1416. 

  1416.  *

    1417. 

  1417.  */

    1418. 

  1418. 

    1419. 

  1419. // ########################################################################

    1420. 

  1420. //  MODULES DEFINITION

    1421. 

  1421. 

    1422. 

  1422. /** @defgroup public User interface */

    1423. 

  1423. 

    1424. 

  1424. /** @defgroup publicInit Initialization

    1425. 

  1425.  *  @ingroup public */

    1426. 

  1426. 

    1427. 

  1427. /** @defgroup publicAuth Authentication

    1428. 

  1428.  *  @ingroup public */

    1429. 

  1429. 

    1430. 

  1430. /** @defgroup publicServices Access to external services

    1431. 

  1431.  *  @ingroup public */

    1432. 

  1432. 

    1433. 

  1433. /** @defgroup publicConfig Configuration

    1434. 

  1434.  *  @ingroup public */

    1435. 

  1435. 

    1436. 

  1436. /** @defgroup publicLang Internationalization

    1437. 

  1437.  *  @ingroup publicConfig */

    1438. 

  1438. 

    1439. 

  1439. /** @defgroup publicOutput HTML output

    1440. 

  1440.  *  @ingroup publicConfig */

    1441. 

  1441. 

    1442. 

  1442. /** @defgroup publicPGTStorage PGT storage

    1443. 

  1443.  *  @ingroup publicConfig */

    1444. 

  1444. 

    1445. 

  1445. /** @defgroup publicDebug Debugging

    1446. 

  1446.  *  @ingroup public */

    1447. 

  1447. 

    1448. 

  1448. /** @defgroup internal Implementation */

    1449. 

  1449. 

    1450. 

  1450. /** @defgroup internalAuthentication Authentication

    1451. 

  1451.  *  @ingroup internal */

    1452. 

  1452. 

    1453. 

  1453. /** @defgroup internalBasic CAS Basic client features (CAS 1.0, Service Tickets)

    1454. 

  1454.  *  @ingroup internal */

    1455. 

  1455. 

    1456. 

  1456. /** @defgroup internalProxy CAS Proxy features (CAS 2.0, Proxy Granting Tickets)

    1457. 

  1457.  *  @ingroup internal */

    1458. 

  1458. 

    1459. 

  1459. /** @defgroup internalPGTStorage PGT storage

    1460. 

  1460.  *  @ingroup internalProxy */

    1461. 

  1461. 

    1462. 

  1462. /** @defgroup internalPGTStorageFile PGT storage on the filesystem

    1463. 

  1463.  *  @ingroup internalPGTStorage */

    1464. 

  1464. 

    1465. 

  1465. /** @defgroup internalCallback Callback from the CAS server

    1466. 

  1466.  *  @ingroup internalProxy */

    1467. 

  1467. 

    1468. 

  1468. /** @defgroup internalProxied CAS proxied client features (CAS 2.0, Proxy Tickets)

    1469. 

  1469.  *  @ingroup internal */

    1470. 

  1470. 

    1471. 

  1471. /** @defgroup internalConfig Configuration

    1472. 

  1472.  *  @ingroup internal */

    1473. 

  1473. 

    1474. 

  1474. /** @defgroup internalOutput HTML output

    1475. 

  1475.  *  @ingroup internalConfig */

    1476. 

  1476. 

    1477. 

  1477. /** @defgroup internalLang Internationalization

    1478. 

  1478.  *  @ingroup internalConfig

    1479. 

  1479.  *

    1480. 

  1480.  * To add a new language:

    1481. 

  1481.  * - 1. define a new constant PHPCAS_LANG_XXXXXX in CAS/CAS.php

    1482. 

  1482.  * - 2. copy any file from CAS/languages to CAS/languages/XXXXXX.php

    1483. 

  1483.  * - 3. Make the translations

    1484. 

  1484.  */

    1485. 

  1485. 

    1486. 

  1486. /** @defgroup internalDebug Debugging

    1487. 

  1487.  *  @ingroup internal */

    1488. 

  1488. 

    1489. 

  1489. /** @defgroup internalMisc Miscellaneous

    1490. 

  1490.  *  @ingroup internal */

    1491. 

  1491. 

    1492. 

  1492. // ########################################################################

    1493. 

  1493. //  EXAMPLES

    1494. 

  1494. 

    1495. 

  1495. /**

    1496. 

  1496.  * @example example_simple.php

    1497. 

  1497.  */

    1498. 

  1498. /**

    1499. 

  1499.  * @example example_proxy.php

    1500. 

  1500.  */

    1501. 

  1501. /**

    1502. 

  1502.  * @example example_proxy2.php

    1503. 

  1503.  */

    1504. 

  1504. /**

    1505. 

  1505.  * @example example_lang.php

    1506. 

  1506.  */

    1507. 

  1507. /**

    1508. 

  1508.  * @example example_html.php

    1509. 

  1509.  */

    1510. 

  1510. /**

    1511. 

  1511.  * @example example_file.php

    1512. 

  1512.  */

    1513. 

  1513. /**

    1514. 

  1514.  * @example example_db.php

    1515. 

  1515.  */

    1516. 

  1516. /**

    1517. 

  1517.  * @example example_service.php

    1518. 

  1518.  */

    1519. 

  1519. /**

    1520. 

  1520.  * @example example_session_proxy.php

    1521. 

  1521.  */

    1522. 

  1522. /**

    1523. 

  1523.  * @example example_session_service.php

    1524. 

  1524.  */

    1525. 

  1525. /**

    1526. 

  1526.  * @example example_gateway.php

    1527. 

  1527.  */

    1528. 

  1528. /**

    1529. 

  1529.  * @example example_custom_urls.php

    1530. 

  1530.  */

    1531. 

  1531. ?>

    1532. 

  1532.