mirror of
https://gitlab.easter-eggs.com/ee/ldapsaisie.git
synced 2024-12-18 14:33:49 +01:00
LSauthMethod_CAS : improve logging
This commit is contained in:
parent
dc61d24f25
commit
9a2c41d8ad
4 changed files with 83 additions and 27 deletions
|
@ -27,6 +27,9 @@
|
||||||
*/
|
*/
|
||||||
class LSauthMethod_CAS extends LSauthMethod {
|
class LSauthMethod_CAS extends LSauthMethod {
|
||||||
|
|
||||||
|
// Configured flag
|
||||||
|
private $configured = false;
|
||||||
|
|
||||||
public function __construct() {
|
public function __construct() {
|
||||||
LSauth :: disableLoginForm();
|
LSauth :: disableLoginForm();
|
||||||
|
|
||||||
|
@ -35,29 +38,56 @@ class LSauthMethod_CAS extends LSauthMethod {
|
||||||
|
|
||||||
if (LSsession :: includeFile(PHP_CAS_PATH)) {
|
if (LSsession :: includeFile(PHP_CAS_PATH)) {
|
||||||
if (defined('PHP_CAS_DEBUG_FILE')) {
|
if (defined('PHP_CAS_DEBUG_FILE')) {
|
||||||
|
LSlog :: debug('LSauthMethod_CAS : enable debug file '.PHP_CAS_DEBUG_FILE);
|
||||||
phpCAS::setDebug(PHP_CAS_DEBUG_FILE);
|
phpCAS::setDebug(PHP_CAS_DEBUG_FILE);
|
||||||
}
|
}
|
||||||
phpCAS::client(constant(LSAUTH_CAS_VERSION),LSAUTH_CAS_SERVER_HOSTNAME,LSAUTH_CAS_SERVER_PORT,LSAUTH_CAS_SERVER_URI,false);
|
LSlog :: debug('LSauthMethod_CAS : initialise phpCAS :: client with CAS server URL https://'.LSAUTH_CAS_SERVER_HOSTNAME.':'.LSAUTH_CAS_SERVER_PORT.(defined('LSAUTH_CAS_SERVER_URI')?LSAUTH_CAS_SERVER_URI: ''));
|
||||||
if (LSAUTH_CAS_SERVER_NO_SSL_VALIDATION) {
|
phpCAS::client (
|
||||||
phpCAS::setNoCasServerValidation();
|
constant(LSAUTH_CAS_VERSION),
|
||||||
}
|
LSAUTH_CAS_SERVER_HOSTNAME,
|
||||||
|
LSAUTH_CAS_SERVER_PORT,
|
||||||
|
(defined('LSAUTH_CAS_SERVER_URI')?LSAUTH_CAS_SERVER_URI: ''),
|
||||||
|
false
|
||||||
|
);
|
||||||
|
|
||||||
|
// Configure CAS server SSL validation
|
||||||
|
$cas_server_ssl_validation_configured = false;
|
||||||
|
if (defined('LSAUTH_CAS_SERVER_NO_SSL_VALIDATION') && LSAUTH_CAS_SERVER_NO_SSL_VALIDATION) {
|
||||||
|
LSlog :: debug('LSauthMethod_CAS : disable CAS server SSL validation => /!\ NOT RECOMMENDED IN PRODUCTION ENVIRONMENT /!\\');
|
||||||
|
phpCAS::setNoCasServerValidation();
|
||||||
|
$cas_server_ssl_validation_configured = true;
|
||||||
|
}
|
||||||
|
|
||||||
if (defined('LSAUTH_CAS_SERVER_SSL_CERT')) {
|
if (defined('LSAUTH_CAS_SERVER_SSL_CERT')) {
|
||||||
|
LSlog :: debug('LSauthMethod_CAS : validate CAS server SSL certificate using '.LSAUTH_CAS_SERVER_SSL_CERT.' certificate file.');
|
||||||
phpCAS::setCasServerCert(LSAUTH_CAS_SERVER_SSL_CERT);
|
phpCAS::setCasServerCert(LSAUTH_CAS_SERVER_SSL_CERT);
|
||||||
|
$cas_server_ssl_validation_configured = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (defined('LSAUTH_CAS_SERVER_SSL_CACERT')) {
|
if (defined('LSAUTH_CAS_SERVER_SSL_CACERT')) {
|
||||||
|
LSlog :: debug('LSauthMethod_CAS : validate CAS server SSL certificate using '.LSAUTH_CAS_SERVER_SSL_CACERT.' CA certificate file.');
|
||||||
phpCAS::setCasServerCACert(LSAUTH_CAS_SERVER_SSL_CACERT);
|
phpCAS::setCasServerCACert(LSAUTH_CAS_SERVER_SSL_CACERT);
|
||||||
|
$cas_server_ssl_validation_configured = true;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Check CAS server SSL validation is now configured
|
||||||
|
if (!$cas_server_ssl_validation_configured) {
|
||||||
|
LSerror :: addErrorCode('LSauthMethod_CAS_02');
|
||||||
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (defined('LSAUTH_CAS_CURL_SSLVERION')) {
|
if (defined('LSAUTH_CAS_CURL_SSLVERION')) {
|
||||||
|
LSlog :: debug('LSauthMethod_CAS : use specific SSL version '.LSAUTH_CAS_CURL_SSLVERION);
|
||||||
phpCAS::setExtraCurlOption(CURLOPT_SSLVERSION,LSAUTH_CAS_CURL_SSLVERION);
|
phpCAS::setExtraCurlOption(CURLOPT_SSLVERSION,LSAUTH_CAS_CURL_SSLVERION);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (LSAUTH_CAS_DISABLE_LOGOUT) {
|
if (LSAUTH_CAS_DISABLE_LOGOUT) {
|
||||||
|
LSlog :: debug('LSauthMethod_CAS : disable logout');
|
||||||
LSauth :: disableLogoutBtn();
|
LSauth :: disableLogoutBtn();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Set configured flag
|
||||||
|
$this -> configured = true;
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
|
@ -74,15 +104,15 @@ class LSauthMethod_CAS extends LSauthMethod {
|
||||||
* @retval Array|false Array of authentication data or False
|
* @retval Array|false Array of authentication data or False
|
||||||
**/
|
**/
|
||||||
public function getAuthData() {
|
public function getAuthData() {
|
||||||
|
if ($this -> configured) {
|
||||||
if (class_exists('phpCAS')) {
|
|
||||||
|
|
||||||
// Launch Auth
|
// Launch Auth
|
||||||
|
LSlog :: debug('LSauthMethod_CAS : force authentication');
|
||||||
phpCAS::forceAuthentication();
|
phpCAS::forceAuthentication();
|
||||||
|
|
||||||
$this -> authData = array(
|
$this -> authData = array(
|
||||||
'username' => phpCAS::getUser()
|
'username' => phpCAS::getUser()
|
||||||
);
|
);
|
||||||
|
LSlog :: debug('LSauthMethod_CAS : auth data : '.varDump($this -> authData));
|
||||||
return $this -> authData;
|
return $this -> authData;
|
||||||
}
|
}
|
||||||
return;
|
return;
|
||||||
|
@ -94,12 +124,15 @@ class LSauthMethod_CAS extends LSauthMethod {
|
||||||
* @retval boolean True on success or False
|
* @retval boolean True on success or False
|
||||||
**/
|
**/
|
||||||
public function logout() {
|
public function logout() {
|
||||||
if(class_exists('phpCAS')) {
|
if($this -> configured) {
|
||||||
if (LSauth :: displayLogoutBtn()) {
|
if (LSauth :: displayLogoutBtn()) {
|
||||||
phpCAS :: forceAuthentication();
|
phpCAS :: forceAuthentication();
|
||||||
|
LSlog :: debug("LSauthMethod_CAS :: logout() : trigger CAS logout");
|
||||||
phpCAS :: logout();
|
phpCAS :: logout();
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
else
|
||||||
|
LSlog :: warning("LSauthMethod_CAS :: logout() : logout is disabled");
|
||||||
}
|
}
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
@ -112,4 +145,7 @@ class LSauthMethod_CAS extends LSauthMethod {
|
||||||
LSerror :: defineError('LSauthMethod_CAS_01',
|
LSerror :: defineError('LSauthMethod_CAS_01',
|
||||||
_("LSauthMethod_CAS : Failed to load phpCAS.")
|
_("LSauthMethod_CAS : Failed to load phpCAS.")
|
||||||
);
|
);
|
||||||
|
LSerror :: defineError('LSauthMethod_CAS_02',
|
||||||
|
_("LSauthMethod_CAS : Please check your configuration : you must configure CAS server SSL certificate validation using one of the following constant : LSAUTH_CAS_SERVER_SSL_CERT, LSAUTH_CAS_SERVER_SSL_CACERT or LSAUTH_CAS_SERVER_NO_SSL_VALIDATION")
|
||||||
|
);
|
||||||
|
|
||||||
|
|
Binary file not shown.
|
@ -8,7 +8,7 @@ msgstr ""
|
||||||
"Project-Id-Version: LdapSaisie\n"
|
"Project-Id-Version: LdapSaisie\n"
|
||||||
"Report-Msgid-Bugs-To: \n"
|
"Report-Msgid-Bugs-To: \n"
|
||||||
"POT-Creation-Date: \n"
|
"POT-Creation-Date: \n"
|
||||||
"PO-Revision-Date: 2019-06-28 18:08+0200\n"
|
"PO-Revision-Date: 2019-07-02 14:20+0200\n"
|
||||||
"Last-Translator: Benjamin Renard <brenard@zionetrix.net>\n"
|
"Last-Translator: Benjamin Renard <brenard@zionetrix.net>\n"
|
||||||
"Language-Team: LdapSaisie <ldapsaisie-users@lists.labs.libre-entreprise."
|
"Language-Team: LdapSaisie <ldapsaisie-users@lists.labs.libre-entreprise."
|
||||||
"org>\n"
|
"org>\n"
|
||||||
|
@ -1521,10 +1521,22 @@ msgstr "Ajouter ce site internet à mes favoris."
|
||||||
msgid "Generate the value"
|
msgid "Generate the value"
|
||||||
msgstr "Générer une valeur"
|
msgstr "Générer une valeur"
|
||||||
|
|
||||||
#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSauthMethod_CAS.php:113
|
#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSauthMethod_CAS.php:146
|
||||||
msgid "LSauthMethod_CAS : Failed to load phpCAS."
|
msgid "LSauthMethod_CAS : Failed to load phpCAS."
|
||||||
msgstr "LSauthMethod_CAS : Impossible de charger phpCAS."
|
msgstr "LSauthMethod_CAS : Impossible de charger phpCAS."
|
||||||
|
|
||||||
|
#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSauthMethod_CAS.php:149
|
||||||
|
msgid ""
|
||||||
|
"LSauthMethod_CAS : Please check your configuration : you must configure CAS "
|
||||||
|
"server SSL certificate validation using one of the following constant : "
|
||||||
|
"LSAUTH_CAS_SERVER_SSL_CERT, LSAUTH_CAS_SERVER_SSL_CACERT or "
|
||||||
|
"LSAUTH_CAS_SERVER_NO_SSL_VALIDATION"
|
||||||
|
msgstr ""
|
||||||
|
"LSauthMethod_CAS : Merci de vérifier votre configuration : vous devez "
|
||||||
|
"configurer la validation du certificat SSL du serveur CAS en utilisant une "
|
||||||
|
"des constantes suivantes : LSAUTH_CAS_SERVER_SSL_CERT, "
|
||||||
|
"LSAUTH_CAS_SERVER_SSL_CACERT or LSAUTH_CAS_SERVER_NO_SSL_VALIDATION"
|
||||||
|
|
||||||
#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:98
|
#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:98
|
||||||
msgid "Add a field to add another values."
|
msgid "Add a field to add another values."
|
||||||
msgstr "Ajouter une autre valeur à ce champ."
|
msgstr "Ajouter une autre valeur à ce champ."
|
||||||
|
@ -1559,37 +1571,37 @@ msgstr "Les données de l'attribut %{label} sont incorrectes."
|
||||||
msgid "Mandatory field"
|
msgid "Mandatory field"
|
||||||
msgstr "Champ obligatoire"
|
msgstr "Champ obligatoire"
|
||||||
|
|
||||||
#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:762
|
#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:779
|
||||||
msgid "LSform : Error during the recovery of the values of the form."
|
msgid "LSform : Error during the recovery of the values of the form."
|
||||||
msgstr "LSform : Erreur durant la récupération des valeurs du formulaire."
|
msgstr "LSform : Erreur durant la récupération des valeurs du formulaire."
|
||||||
|
|
||||||
#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:765
|
#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:782
|
||||||
msgid ""
|
msgid ""
|
||||||
"LSform : Error durring the recovery of the value of the field '%{element}'."
|
"LSform : Error durring the recovery of the value of the field '%{element}'."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
"LSform : Erreur durant la recupération de la valeur du champ %{element}."
|
"LSform : Erreur durant la recupération de la valeur du champ %{element}."
|
||||||
|
|
||||||
#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:772
|
#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:789
|
||||||
msgid "LSform : The field %{element} doesn't exist."
|
msgid "LSform : The field %{element} doesn't exist."
|
||||||
msgstr "LSform : Le champ %{element} n'existe pas."
|
msgstr "LSform : Le champ %{element} n'existe pas."
|
||||||
|
|
||||||
#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:775
|
#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:792
|
||||||
msgid "LSfom : Field type unknow (%{type})."
|
msgid "LSfom : Field type unknow (%{type})."
|
||||||
msgstr "LSform : Type de champ inconnu (%{type})."
|
msgstr "LSform : Type de champ inconnu (%{type})."
|
||||||
|
|
||||||
#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:778
|
#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:795
|
||||||
msgid "LSform : Error during the creation of the element '%{element}'."
|
msgid "LSform : Error during the creation of the element '%{element}'."
|
||||||
msgstr "LSform : Erreur durant la création de l'élément %{element}."
|
msgstr "LSform : Erreur durant la création de l'élément %{element}."
|
||||||
|
|
||||||
#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:781
|
#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:798
|
||||||
msgid "LSform : The data entry form %{name} doesn't exist."
|
msgid "LSform : The data entry form %{name} doesn't exist."
|
||||||
msgstr "LSform : Le masque de saisie %{name} n'existe pas."
|
msgstr "LSform : Le masque de saisie %{name} n'existe pas."
|
||||||
|
|
||||||
#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:784
|
#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:801
|
||||||
msgid "LSform : The data entry form %{name} is not correctly configured."
|
msgid "LSform : The data entry form %{name} is not correctly configured."
|
||||||
msgstr "LSform : Le masque de saisie %{name} n'est pas correctement configuré."
|
msgstr "LSform : Le masque de saisie %{name} n'est pas correctement configuré."
|
||||||
|
|
||||||
#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:787
|
#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:804
|
||||||
msgid ""
|
msgid ""
|
||||||
"LSform : The element %{name}, listed as displayed in data entry form "
|
"LSform : The element %{name}, listed as displayed in data entry form "
|
||||||
"configuration, doesn't exist."
|
"configuration, doesn't exist."
|
||||||
|
|
|
@ -1278,10 +1278,18 @@ msgstr ""
|
||||||
msgid "Generate the value"
|
msgid "Generate the value"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSauthMethod_CAS.php:113
|
#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSauthMethod_CAS.php:146
|
||||||
msgid "LSauthMethod_CAS : Failed to load phpCAS."
|
msgid "LSauthMethod_CAS : Failed to load phpCAS."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
|
#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSauthMethod_CAS.php:149
|
||||||
|
msgid ""
|
||||||
|
"LSauthMethod_CAS : Please check your configuration : you must configure CAS "
|
||||||
|
"server SSL certificate validation using one of the following constant : "
|
||||||
|
"LSAUTH_CAS_SERVER_SSL_CERT, LSAUTH_CAS_SERVER_SSL_CACERT or "
|
||||||
|
"LSAUTH_CAS_SERVER_NO_SSL_VALIDATION"
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:98
|
#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:98
|
||||||
msgid "Add a field to add another values."
|
msgid "Add a field to add another values."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
@ -1314,36 +1322,36 @@ msgstr ""
|
||||||
msgid "Mandatory field"
|
msgid "Mandatory field"
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:762
|
#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:779
|
||||||
msgid "LSform : Error during the recovery of the values of the form."
|
msgid "LSform : Error during the recovery of the values of the form."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:765
|
#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:782
|
||||||
msgid ""
|
msgid ""
|
||||||
"LSform : Error durring the recovery of the value of the field '%{element}'."
|
"LSform : Error durring the recovery of the value of the field '%{element}'."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:772
|
#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:789
|
||||||
msgid "LSform : The field %{element} doesn't exist."
|
msgid "LSform : The field %{element} doesn't exist."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:775
|
#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:792
|
||||||
msgid "LSfom : Field type unknow (%{type})."
|
msgid "LSfom : Field type unknow (%{type})."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:778
|
#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:795
|
||||||
msgid "LSform : Error during the creation of the element '%{element}'."
|
msgid "LSform : Error during the creation of the element '%{element}'."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:781
|
#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:798
|
||||||
msgid "LSform : The data entry form %{name} doesn't exist."
|
msgid "LSform : The data entry form %{name} doesn't exist."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:784
|
#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:801
|
||||||
msgid "LSform : The data entry form %{name} is not correctly configured."
|
msgid "LSform : The data entry form %{name} is not correctly configured."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:787
|
#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:804
|
||||||
msgid ""
|
msgid ""
|
||||||
"LSform : The element %{name}, listed as displayed in data entry form "
|
"LSform : The element %{name}, listed as displayed in data entry form "
|
||||||
"configuration, doesn't exist."
|
"configuration, doesn't exist."
|
||||||
|
|
Loading…
Reference in a new issue