diff --git a/public_html/includes/class/class.LSauthMethod_CAS.php b/public_html/includes/class/class.LSauthMethod_CAS.php
index 82b862bd..21756ae0 100644
--- a/public_html/includes/class/class.LSauthMethod_CAS.php
+++ b/public_html/includes/class/class.LSauthMethod_CAS.php
@@ -27,6 +27,9 @@
*/
class LSauthMethod_CAS extends LSauthMethod {
+ // Configured flag
+ private $configured = false;
+
public function __construct() {
LSauth :: disableLoginForm();
@@ -35,29 +38,56 @@ class LSauthMethod_CAS extends LSauthMethod {
if (LSsession :: includeFile(PHP_CAS_PATH)) {
if (defined('PHP_CAS_DEBUG_FILE')) {
+ LSlog :: debug('LSauthMethod_CAS : enable debug file '.PHP_CAS_DEBUG_FILE);
phpCAS::setDebug(PHP_CAS_DEBUG_FILE);
}
- phpCAS::client(constant(LSAUTH_CAS_VERSION),LSAUTH_CAS_SERVER_HOSTNAME,LSAUTH_CAS_SERVER_PORT,LSAUTH_CAS_SERVER_URI,false);
- if (LSAUTH_CAS_SERVER_NO_SSL_VALIDATION) {
- phpCAS::setNoCasServerValidation();
- }
+ LSlog :: debug('LSauthMethod_CAS : initialise phpCAS :: client with CAS server URL https://'.LSAUTH_CAS_SERVER_HOSTNAME.':'.LSAUTH_CAS_SERVER_PORT.(defined('LSAUTH_CAS_SERVER_URI')?LSAUTH_CAS_SERVER_URI: ''));
+ phpCAS::client (
+ constant(LSAUTH_CAS_VERSION),
+ LSAUTH_CAS_SERVER_HOSTNAME,
+ LSAUTH_CAS_SERVER_PORT,
+ (defined('LSAUTH_CAS_SERVER_URI')?LSAUTH_CAS_SERVER_URI: ''),
+ false
+ );
+ // Configure CAS server SSL validation
+ $cas_server_ssl_validation_configured = false;
+ if (defined('LSAUTH_CAS_SERVER_NO_SSL_VALIDATION') && LSAUTH_CAS_SERVER_NO_SSL_VALIDATION) {
+ LSlog :: debug('LSauthMethod_CAS : disable CAS server SSL validation => /!\ NOT RECOMMENDED IN PRODUCTION ENVIRONMENT /!\\');
+ phpCAS::setNoCasServerValidation();
+ $cas_server_ssl_validation_configured = true;
+ }
+
if (defined('LSAUTH_CAS_SERVER_SSL_CERT')) {
+ LSlog :: debug('LSauthMethod_CAS : validate CAS server SSL certificate using '.LSAUTH_CAS_SERVER_SSL_CERT.' certificate file.');
phpCAS::setCasServerCert(LSAUTH_CAS_SERVER_SSL_CERT);
+ $cas_server_ssl_validation_configured = true;
}
if (defined('LSAUTH_CAS_SERVER_SSL_CACERT')) {
+ LSlog :: debug('LSauthMethod_CAS : validate CAS server SSL certificate using '.LSAUTH_CAS_SERVER_SSL_CACERT.' CA certificate file.');
phpCAS::setCasServerCACert(LSAUTH_CAS_SERVER_SSL_CACERT);
+ $cas_server_ssl_validation_configured = true;
+ }
+
+ // Check CAS server SSL validation is now configured
+ if (!$cas_server_ssl_validation_configured) {
+ LSerror :: addErrorCode('LSauthMethod_CAS_02');
+ return false;
}
if (defined('LSAUTH_CAS_CURL_SSLVERION')) {
+ LSlog :: debug('LSauthMethod_CAS : use specific SSL version '.LSAUTH_CAS_CURL_SSLVERION);
phpCAS::setExtraCurlOption(CURLOPT_SSLVERSION,LSAUTH_CAS_CURL_SSLVERION);
}
if (LSAUTH_CAS_DISABLE_LOGOUT) {
+ LSlog :: debug('LSauthMethod_CAS : disable logout');
LSauth :: disableLogoutBtn();
}
+ // Set configured flag
+ $this -> configured = true;
return true;
}
else {
@@ -74,15 +104,15 @@ class LSauthMethod_CAS extends LSauthMethod {
* @retval Array|false Array of authentication data or False
**/
public function getAuthData() {
-
- if (class_exists('phpCAS')) {
-
+ if ($this -> configured) {
// Launch Auth
+ LSlog :: debug('LSauthMethod_CAS : force authentication');
phpCAS::forceAuthentication();
$this -> authData = array(
'username' => phpCAS::getUser()
);
+ LSlog :: debug('LSauthMethod_CAS : auth data : '.varDump($this -> authData));
return $this -> authData;
}
return;
@@ -94,12 +124,15 @@ class LSauthMethod_CAS extends LSauthMethod {
* @retval boolean True on success or False
**/
public function logout() {
- if(class_exists('phpCAS')) {
+ if($this -> configured) {
if (LSauth :: displayLogoutBtn()) {
phpCAS :: forceAuthentication();
+ LSlog :: debug("LSauthMethod_CAS :: logout() : trigger CAS logout");
phpCAS :: logout();
return true;
}
+ else
+ LSlog :: warning("LSauthMethod_CAS :: logout() : logout is disabled");
}
return;
}
@@ -112,4 +145,7 @@ class LSauthMethod_CAS extends LSauthMethod {
LSerror :: defineError('LSauthMethod_CAS_01',
_("LSauthMethod_CAS : Failed to load phpCAS.")
);
+LSerror :: defineError('LSauthMethod_CAS_02',
+_("LSauthMethod_CAS : Please check your configuration : you must configure CAS server SSL certificate validation using one of the following constant : LSAUTH_CAS_SERVER_SSL_CERT, LSAUTH_CAS_SERVER_SSL_CACERT or LSAUTH_CAS_SERVER_NO_SSL_VALIDATION")
+);
diff --git a/public_html/lang/fr_FR.UTF8/LC_MESSAGES/ldapsaisie.mo b/public_html/lang/fr_FR.UTF8/LC_MESSAGES/ldapsaisie.mo
index ca292484..7c6fd047 100644
Binary files a/public_html/lang/fr_FR.UTF8/LC_MESSAGES/ldapsaisie.mo and b/public_html/lang/fr_FR.UTF8/LC_MESSAGES/ldapsaisie.mo differ
diff --git a/public_html/lang/fr_FR.UTF8/LC_MESSAGES/ldapsaisie.po b/public_html/lang/fr_FR.UTF8/LC_MESSAGES/ldapsaisie.po
index 95ce1a1b..d6a43325 100644
--- a/public_html/lang/fr_FR.UTF8/LC_MESSAGES/ldapsaisie.po
+++ b/public_html/lang/fr_FR.UTF8/LC_MESSAGES/ldapsaisie.po
@@ -8,7 +8,7 @@ msgstr ""
"Project-Id-Version: LdapSaisie\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: \n"
-"PO-Revision-Date: 2019-06-28 18:08+0200\n"
+"PO-Revision-Date: 2019-07-02 14:20+0200\n"
"Last-Translator: Benjamin Renard \n"
"Language-Team: LdapSaisie \n"
@@ -1521,10 +1521,22 @@ msgstr "Ajouter ce site internet à mes favoris."
msgid "Generate the value"
msgstr "Générer une valeur"
-#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSauthMethod_CAS.php:113
+#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSauthMethod_CAS.php:146
msgid "LSauthMethod_CAS : Failed to load phpCAS."
msgstr "LSauthMethod_CAS : Impossible de charger phpCAS."
+#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSauthMethod_CAS.php:149
+msgid ""
+"LSauthMethod_CAS : Please check your configuration : you must configure CAS "
+"server SSL certificate validation using one of the following constant : "
+"LSAUTH_CAS_SERVER_SSL_CERT, LSAUTH_CAS_SERVER_SSL_CACERT or "
+"LSAUTH_CAS_SERVER_NO_SSL_VALIDATION"
+msgstr ""
+"LSauthMethod_CAS : Merci de vérifier votre configuration : vous devez "
+"configurer la validation du certificat SSL du serveur CAS en utilisant une "
+"des constantes suivantes : LSAUTH_CAS_SERVER_SSL_CERT, "
+"LSAUTH_CAS_SERVER_SSL_CACERT or LSAUTH_CAS_SERVER_NO_SSL_VALIDATION"
+
#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:98
msgid "Add a field to add another values."
msgstr "Ajouter une autre valeur à ce champ."
@@ -1559,37 +1571,37 @@ msgstr "Les données de l'attribut %{label} sont incorrectes."
msgid "Mandatory field"
msgstr "Champ obligatoire"
-#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:762
+#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:779
msgid "LSform : Error during the recovery of the values of the form."
msgstr "LSform : Erreur durant la récupération des valeurs du formulaire."
-#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:765
+#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:782
msgid ""
"LSform : Error durring the recovery of the value of the field '%{element}'."
msgstr ""
"LSform : Erreur durant la recupération de la valeur du champ %{element}."
-#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:772
+#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:789
msgid "LSform : The field %{element} doesn't exist."
msgstr "LSform : Le champ %{element} n'existe pas."
-#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:775
+#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:792
msgid "LSfom : Field type unknow (%{type})."
msgstr "LSform : Type de champ inconnu (%{type})."
-#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:778
+#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:795
msgid "LSform : Error during the creation of the element '%{element}'."
msgstr "LSform : Erreur durant la création de l'élément %{element}."
-#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:781
+#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:798
msgid "LSform : The data entry form %{name} doesn't exist."
msgstr "LSform : Le masque de saisie %{name} n'existe pas."
-#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:784
+#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:801
msgid "LSform : The data entry form %{name} is not correctly configured."
msgstr "LSform : Le masque de saisie %{name} n'est pas correctement configuré."
-#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:787
+#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:804
msgid ""
"LSform : The element %{name}, listed as displayed in data entry form "
"configuration, doesn't exist."
diff --git a/public_html/lang/ldapsaisie.pot b/public_html/lang/ldapsaisie.pot
index 5dba8e85..6ea2c240 100644
--- a/public_html/lang/ldapsaisie.pot
+++ b/public_html/lang/ldapsaisie.pot
@@ -1278,10 +1278,18 @@ msgstr ""
msgid "Generate the value"
msgstr ""
-#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSauthMethod_CAS.php:113
+#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSauthMethod_CAS.php:146
msgid "LSauthMethod_CAS : Failed to load phpCAS."
msgstr ""
+#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSauthMethod_CAS.php:149
+msgid ""
+"LSauthMethod_CAS : Please check your configuration : you must configure CAS "
+"server SSL certificate validation using one of the following constant : "
+"LSAUTH_CAS_SERVER_SSL_CERT, LSAUTH_CAS_SERVER_SSL_CACERT or "
+"LSAUTH_CAS_SERVER_NO_SSL_VALIDATION"
+msgstr ""
+
#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:98
msgid "Add a field to add another values."
msgstr ""
@@ -1314,36 +1322,36 @@ msgstr ""
msgid "Mandatory field"
msgstr ""
-#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:762
+#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:779
msgid "LSform : Error during the recovery of the values of the form."
msgstr ""
-#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:765
+#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:782
msgid ""
"LSform : Error durring the recovery of the value of the field '%{element}'."
msgstr ""
-#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:772
+#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:789
msgid "LSform : The field %{element} doesn't exist."
msgstr ""
-#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:775
+#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:792
msgid "LSfom : Field type unknow (%{type})."
msgstr ""
-#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:778
+#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:795
msgid "LSform : Error during the creation of the element '%{element}'."
msgstr ""
-#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:781
+#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:798
msgid "LSform : The data entry form %{name} doesn't exist."
msgstr ""
-#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:784
+#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:801
msgid "LSform : The data entry form %{name} is not correctly configured."
msgstr ""
-#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:787
+#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:804
msgid ""
"LSform : The element %{name}, listed as displayed in data entry form "
"configuration, doesn't exist."