ldapsaisie/public_html/includes/class/class.LSauthCAS.php

<?php
/*******************************************************************************
 * Copyright (C) 2007 Easter-eggs
 * http://ldapsaisie.labs.libre-entreprise.org
 *
 * Author: See AUTHORS file in top-level directory.
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License version 2
 * as published by the Free Software Foundation.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.	See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA	02111-1307, USA.

******************************************************************************/

/**
 * Gestion de l'authentification d'un utilisateur via une authentification 
 * CAS
 *
 * @author Benjamin Renard <brenard@easter-eggs.com>
 */
class LSauthCAS extends LSauth {
	
	var $params = array (
		'displayLoginForm' => false,
		'displayLogoutBtn' => true
	);

 /**
  * Constructor
	*/
	public function LSauthCAS() {
		if (LSsession :: includeFile(PHP_CAS_PATH)) {
			if (defined('PHP_CAS_DEBUG_FILE')) {
				phpCAS::setDebug(PHP_CAS_DEBUG_FILE);
			}
			phpCAS::client(constant(LSAUTH_CAS_VERSION),LSAUTH_CAS_SERVER_HOSTNAME,LSAUTH_CAS_SERVER_PORT,LSAUTH_CAS_SERVER_URI,false);
			if (LSAUTH_CAS_SERVER_NO_SSL_VALIDATION) {
				phpCAS::setNoCasServerValidation();
			}

			if (defined(LSAUTH_CAS_SERVER_SSL_CERT)) {
				phpCAS::setCasServerCert(LSAUTH_CAS_SERVER_SSL_CERT);
			}

			if (defined(LSAUTH_CAS_SERVER_SSL_CACERT)) {
				phpCAS::setCasServerCACert(LSAUTH_CAS_SERVER_SSL_CACERT);
			}

			if (LSAUTH_CAS_DISABLE_LOGOUT) {
				$this -> params['displayLogoutBtn'] = false;
			}

			return true;
		}
		else {
			LSerror :: addErrorCode('LSauthCAS_01');
		}
		return false;
	}

	/**
	 * Check Post Data
	 * 
	 * @retval array|False Array of post data if exist or False
	 **/
	public function getPostData() {
		if (class_exists('phpCAS')) {
			// Launch Auth
			phpCAS::forceAuthentication();

			$this -> authData = array(
				'username' => phpCAS::getUser(),
				'password' => '',
				'ldapserver' => $_REQUEST['LSsession_ldapserver'],
				'topDn' => $_REQUEST['LSsession_topDn']
			);
			return true;
		}
		return;
	}
	
	/**
	 * Check user login
	 *
	 * @param[in] $username The username
	 * @param[in] $password The password
	 *
	 * @retval LSldapObject|false The LSldapObject of the user authificated or false 
	 */
	public function authenticate() {
		if (LSsession :: loadLSobject(LSsession :: $ldapServer['authObjectType'])) {
			$authobject = new LSsession :: $ldapServer['authObjectType']();
			$result = $authobject -> searchObject(
				$this ->	authData['username'],
				LSsession :: getTopDn(),
				LSsession :: $ldapServer['authObjectFilter']
			);
			$nbresult=count($result);
			
			if ($nbresult==0) {
				// identifiant incorrect
				LSdebug('identifiant incorrect');
				LSerror :: addErrorCode('LSauth_01');
			}
			else if ($nbresult>1) {
				// duplication d'authentité
				LSerror :: addErrorCode('LSauth_02');
			}
			else {
				// Authentication succeeded
				return $result[0];
			}
		}
		else {
			LSerror :: addErrorCode('LSauth_03');
		}
		return;
	}

	public function logout() {
		if(class_exists('phpCAS')) {
			if ($this -> params['displayLogoutBtn']) {
				phpCAS :: forceAuthentication();
				phpCAS :: logout();
			}
		}
	}
}
/*
 * Error Codes
 */
LSerror :: defineError('LSauthCAS_01',
_("LSauthCAS : Failed to load phpCAS.")
);
?>
LSauthCAS : Added CAS authentification support. 2010-03-10 19:49:04 +01:00			`<?php`
			`/*******************************************************************************`
			`* Copyright (C) 2007 Easter-eggs`
			`* http://ldapsaisie.labs.libre-entreprise.org`
			`*`
			`* Author: See AUTHORS file in top-level directory.`
			`*`
			`* This program is free software; you can redistribute it and/or`
			`* modify it under the terms of the GNU General Public License version 2`
			`* as published by the Free Software Foundation.`
			`*`
			`* This program is distributed in the hope that it will be useful,`
			`* but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`* GNU General Public License for more details.`
			`*`
			`* You should have received a copy of the GNU General Public License`
			`* along with this program; if not, write to the Free Software`
			`* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.`

			`******************************************************************************/`

			`/**`
			`* Gestion de l'authentification d'un utilisateur via une authentification`
			`* CAS`
			`*`
			`* @author Benjamin Renard <brenard@easter-eggs.com>`
			`*/`
			`class LSauthCAS extends LSauth {`

			`var $params = array (`
			`'displayLoginForm' => false,`
			`'displayLogoutBtn' => true`
			`);`

			`/**`
			`* Constructor`
			`*/`
			`public function LSauthCAS() {`
			`if (LSsession :: includeFile(PHP_CAS_PATH)) {`
			`if (defined('PHP_CAS_DEBUG_FILE')) {`
			`phpCAS::setDebug(PHP_CAS_DEBUG_FILE);`
			`}`
			`phpCAS::client(constant(LSAUTH_CAS_VERSION),LSAUTH_CAS_SERVER_HOSTNAME,LSAUTH_CAS_SERVER_PORT,LSAUTH_CAS_SERVER_URI,false);`
			`if (LSAUTH_CAS_SERVER_NO_SSL_VALIDATION) {`
			`phpCAS::setNoCasServerValidation();`
			`}`

			`if (defined(LSAUTH_CAS_SERVER_SSL_CERT)) {`
			`phpCAS::setCasServerCert(LSAUTH_CAS_SERVER_SSL_CERT);`
			`}`

			`if (defined(LSAUTH_CAS_SERVER_SSL_CACERT)) {`
			`phpCAS::setCasServerCACert(LSAUTH_CAS_SERVER_SSL_CACERT);`
			`}`

			`if (LSAUTH_CAS_DISABLE_LOGOUT) {`
			`$this -> params['displayLogoutBtn'] = false;`
			`}`

			`return true;`
			`}`
			`else {`
			`LSerror :: addErrorCode('LSauthCAS_01');`
			`}`
			`return false;`
			`}`

			`/**`
			`* Check Post Data`
			`*`
			`* @retval array\|False Array of post data if exist or False`
			`**/`
			`public function getPostData() {`
			`if (class_exists('phpCAS')) {`
			`// Launch Auth`
			`phpCAS::forceAuthentication();`

			`$this -> authData = array(`
			`'username' => phpCAS::getUser(),`
			`'password' => '',`
			`'ldapserver' => $_REQUEST['LSsession_ldapserver'],`
			`'topDn' => $_REQUEST['LSsession_topDn']`
			`);`
			`return true;`
			`}`
			`return;`
			`}`

			`/**`
			`* Check user login`
			`*`
			`* @param[in] $username The username`
			`* @param[in] $password The password`
			`*`
			`* @retval LSldapObject\|false The LSldapObject of the user authificated or false`
			`*/`
			`public function authenticate() {`
			`if (LSsession :: loadLSobject(LSsession :: $ldapServer['authObjectType'])) {`
			`$authobject = new LSsession :: $ldapServer['authObjectType']();`
			`$result = $authobject -> searchObject(`
			`$this -> authData['username'],`
			`LSsession :: getTopDn(),`
			`LSsession :: $ldapServer['authObjectFilter']`
			`);`
			`$nbresult=count($result);`

			`if ($nbresult==0) {`
			`// identifiant incorrect`
			`LSdebug('identifiant incorrect');`
			`LSerror :: addErrorCode('LSauth_01');`
			`}`
			`else if ($nbresult>1) {`
			`// duplication d'authentité`
			`LSerror :: addErrorCode('LSauth_02');`
			`}`
			`else {`
			`// Authentication succeeded`
			`return $result[0];`
			`}`
			`}`
			`else {`
			`LSerror :: addErrorCode('LSauth_03');`
			`}`
			`return;`
			`}`

			`public function logout() {`
			`if(class_exists('phpCAS')) {`
			`if ($this -> params['displayLogoutBtn']) {`
			`phpCAS :: forceAuthentication();`
			`phpCAS :: logout();`
			`}`
			`}`
			`}`
			`}`
			`/*`
			`* Error Codes`
			`*/`
			`LSerror :: defineError('LSauthCAS_01',`
			`_("LSauthCAS : Failed to load phpCAS.")`
			`);`
			`?>`