LSauthMethod_CAS : improve logging

2024-07-03 08:38:49 +02:00 · 2019-07-02 14:21:04 +02:00 · 2019-07-02 14:21:04 +02:00 · 9a2c41d8ad
parent dc61d24f25
commit 9a2c41d8ad
4 changed files with 83 additions and 27 deletions
--- a/public_html/includes/class/class.LSauthMethod_CAS.php
+++ b/public_html/includes/class/class.LSauthMethod_CAS.php
@ -27,6 +27,9 @@
 */
 class LSauthMethod_CAS extends LSauthMethod {
  // Configured flag
  private $configured = false;
  public function __construct() {
 		LSauth :: disableLoginForm();
@ -35,29 +38,56 @@ class LSauthMethod_CAS extends LSauthMethod {
 		if (LSsession :: includeFile(PHP_CAS_PATH)) {
 			if (defined('PHP_CAS_DEBUG_FILE')) {
 				LSlog :: debug('LSauthMethod_CAS : enable debug file '.PHP_CAS_DEBUG_FILE);
 				phpCAS::setDebug(PHP_CAS_DEBUG_FILE);
 			}
-			phpCAS::client(constant(LSAUTH_CAS_VERSION),LSAUTH_CAS_SERVER_HOSTNAME,LSAUTH_CAS_SERVER_PORT,LSAUTH_CAS_SERVER_URI,false);
+			LSlog :: debug('LSauthMethod_CAS : initialise phpCAS :: client with CAS server URL https://'.LSAUTH_CAS_SERVER_HOSTNAME.':'.LSAUTH_CAS_SERVER_PORT.(defined('LSAUTH_CAS_SERVER_URI')?LSAUTH_CAS_SERVER_URI: ''));
-			if (LSAUTH_CAS_SERVER_NO_SSL_VALIDATION) {
+			phpCAS::client (
-				phpCAS::setNoCasServerValidation();
+				constant(LSAUTH_CAS_VERSION),
-			}
+				LSAUTH_CAS_SERVER_HOSTNAME,
 				LSAUTH_CAS_SERVER_PORT,
 				(defined('LSAUTH_CAS_SERVER_URI')?LSAUTH_CAS_SERVER_URI: ''),
 				false
 			);
 			// Configure CAS server SSL validation
 			$cas_server_ssl_validation_configured = false;
 			if (defined('LSAUTH_CAS_SERVER_NO_SSL_VALIDATION') && LSAUTH_CAS_SERVER_NO_SSL_VALIDATION) {
 				LSlog :: debug('LSauthMethod_CAS : disable CAS server SSL validation => /!\ NOT RECOMMENDED IN PRODUCTION ENVIRONMENT /!\\');
 				phpCAS::setNoCasServerValidation();
 				$cas_server_ssl_validation_configured = true;
 			}
 			if (defined('LSAUTH_CAS_SERVER_SSL_CERT')) {
 				LSlog :: debug('LSauthMethod_CAS : validate CAS server SSL certificate using '.LSAUTH_CAS_SERVER_SSL_CERT.' certificate file.');
 				phpCAS::setCasServerCert(LSAUTH_CAS_SERVER_SSL_CERT);
 				$cas_server_ssl_validation_configured = true;
 			}
 			if (defined('LSAUTH_CAS_SERVER_SSL_CACERT')) {
 				LSlog :: debug('LSauthMethod_CAS : validate CAS server SSL certificate using '.LSAUTH_CAS_SERVER_SSL_CACERT.' CA certificate file.');
 				phpCAS::setCasServerCACert(LSAUTH_CAS_SERVER_SSL_CACERT);
 				$cas_server_ssl_validation_configured = true;
 			}
 			// Check CAS server SSL validation is now configured
 			if (!$cas_server_ssl_validation_configured) {
 				LSerror :: addErrorCode('LSauthMethod_CAS_02');
 				return false;
 			}
 			if (defined('LSAUTH_CAS_CURL_SSLVERION')) {
 				LSlog :: debug('LSauthMethod_CAS : use specific SSL version '.LSAUTH_CAS_CURL_SSLVERION);
 				phpCAS::setExtraCurlOption(CURLOPT_SSLVERSION,LSAUTH_CAS_CURL_SSLVERION);
 			}
 			if (LSAUTH_CAS_DISABLE_LOGOUT) {
 				LSlog :: debug('LSauthMethod_CAS : disable logout');
 				LSauth :: disableLogoutBtn();
 			}
 			// Set configured flag
 			$this -> configured = true;
 			return true;
 		}
 		else {
@ -74,15 +104,15 @@ class LSauthMethod_CAS extends LSauthMethod {
   * @retval Array|false Array of authentication data or False
   **/
  public function getAuthData() {
-		
+		if ($this -> configured) {
 		if (class_exists('phpCAS')) {
 			// Launch Auth
 			LSlog :: debug('LSauthMethod_CAS : force authentication');
 			phpCAS::forceAuthentication();
 			$this -> authData = array(
 				'username' => phpCAS::getUser()
 			);
 			LSlog :: debug('LSauthMethod_CAS : auth data : '.varDump($this -> authData));
 			return $this -> authData;
 		}
 		return;
@ -94,12 +124,15 @@ class LSauthMethod_CAS extends LSauthMethod {
  * @retval boolean True on success or False
  **/
 	public function logout() {
-		if(class_exists('phpCAS')) {
+		if($this -> configured) {
 			if (LSauth :: displayLogoutBtn()) {
 				phpCAS :: forceAuthentication();
 				LSlog :: debug("LSauthMethod_CAS :: logout() : trigger CAS logout");
 				phpCAS :: logout();
 				return true;
 			}
 			else
 				LSlog :: warning("LSauthMethod_CAS :: logout() : logout is disabled");
 		}
 		return;
 	}
@ -112,4 +145,7 @@ class LSauthMethod_CAS extends LSauthMethod {
 LSerror :: defineError('LSauthMethod_CAS_01',
 _("LSauthMethod_CAS : Failed to load phpCAS.")
 );
 LSerror :: defineError('LSauthMethod_CAS_02',
 _("LSauthMethod_CAS : Please check your configuration : you must configure CAS server SSL certificate validation using one of the following constant : LSAUTH_CAS_SERVER_SSL_CERT, LSAUTH_CAS_SERVER_SSL_CACERT or LSAUTH_CAS_SERVER_NO_SSL_VALIDATION")
 );
--- a/public_html/lang/fr_FR.UTF8/LC_MESSAGES/ldapsaisie.mo
+++ b/public_html/lang/fr_FR.UTF8/LC_MESSAGES/ldapsaisie.mo
--- a/public_html/lang/fr_FR.UTF8/LC_MESSAGES/ldapsaisie.po
+++ b/public_html/lang/fr_FR.UTF8/LC_MESSAGES/ldapsaisie.po
@ -8,7 +8,7 @@ msgstr ""
 "Project-Id-Version: LdapSaisie\n"
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: \n"
-"PO-Revision-Date: 2019-06-28 18:08+0200\n"
+"PO-Revision-Date: 2019-07-02 14:20+0200\n"
 "Last-Translator: Benjamin Renard <brenard@zionetrix.net>\n"
 "Language-Team: LdapSaisie <ldapsaisie-users@lists.labs.libre-entreprise."
 "org>\n"
@ -1521,10 +1521,22 @@ msgstr "Ajouter ce site internet à mes favoris."
 msgid "Generate the value"
 msgstr "Générer une valeur"
-#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSauthMethod_CAS.php:113
+#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSauthMethod_CAS.php:146
 msgid "LSauthMethod_CAS : Failed to load phpCAS."
 msgstr "LSauthMethod_CAS : Impossible de charger phpCAS."
 #: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSauthMethod_CAS.php:149
 msgid ""
 "LSauthMethod_CAS : Please check your configuration : you must configure CAS "
 "server SSL certificate validation using one of the following constant : "
 "LSAUTH_CAS_SERVER_SSL_CERT, LSAUTH_CAS_SERVER_SSL_CACERT or "
 "LSAUTH_CAS_SERVER_NO_SSL_VALIDATION"
 msgstr ""
 "LSauthMethod_CAS : Merci de vérifier votre configuration : vous devez "
 "configurer la validation du certificat SSL du serveur CAS en utilisant une "
 "des constantes suivantes : LSAUTH_CAS_SERVER_SSL_CERT, "
 "LSAUTH_CAS_SERVER_SSL_CACERT or LSAUTH_CAS_SERVER_NO_SSL_VALIDATION"
 #: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:98
 msgid "Add a field to add another values."
 msgstr "Ajouter une autre valeur à ce champ."
@ -1559,37 +1571,37 @@ msgstr "Les données de l'attribut %{label} sont incorrectes."
 msgid "Mandatory field"
 msgstr "Champ obligatoire"
-#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:762
+#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:779
 msgid "LSform : Error during the recovery of the values of the form."
 msgstr "LSform : Erreur durant la récupération des valeurs du formulaire."
-#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:765
+#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:782
 msgid ""
 "LSform : Error durring the recovery of the value of the field '%{element}'."
 msgstr ""
 "LSform : Erreur durant la recupération de la valeur du champ %{element}."
-#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:772
+#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:789
 msgid "LSform : The field %{element} doesn't exist."
 msgstr "LSform : Le champ %{element} n'existe pas."
-#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:775
+#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:792
 msgid "LSfom : Field type unknow (%{type})."
 msgstr "LSform : Type de champ inconnu (%{type})."
-#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:778
+#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:795
 msgid "LSform : Error during the creation of the element '%{element}'."
 msgstr "LSform : Erreur durant la création de l'élément %{element}."
-#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:781
+#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:798
 msgid "LSform : The data entry form %{name} doesn't exist."
 msgstr "LSform : Le masque de saisie %{name} n'existe pas."
-#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:784
+#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:801
 msgid "LSform : The data entry form %{name} is not correctly configured."
 msgstr "LSform : Le masque de saisie %{name} n'est pas correctement configuré."
-#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:787
+#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:804
 msgid ""
 "LSform : The element %{name}, listed as displayed in data entry form "
 "configuration, doesn't exist."
--- a/public_html/lang/ldapsaisie.pot
+++ b/public_html/lang/ldapsaisie.pot
@ -1278,10 +1278,18 @@ msgstr ""
 msgid "Generate the value"
 msgstr ""
-#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSauthMethod_CAS.php:113
+#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSauthMethod_CAS.php:146
 msgid "LSauthMethod_CAS : Failed to load phpCAS."
 msgstr ""
 #: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSauthMethod_CAS.php:149
 msgid ""
 "LSauthMethod_CAS : Please check your configuration : you must configure CAS "
 "server SSL certificate validation using one of the following constant : "
 "LSAUTH_CAS_SERVER_SSL_CERT, LSAUTH_CAS_SERVER_SSL_CACERT or "
 "LSAUTH_CAS_SERVER_NO_SSL_VALIDATION"
 msgstr ""
 #: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:98
 msgid "Add a field to add another values."
 msgstr ""
@ -1314,36 +1322,36 @@ msgstr ""
 msgid "Mandatory field"
 msgstr ""
-#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:762
+#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:779
 msgid "LSform : Error during the recovery of the values of the form."
 msgstr ""
-#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:765
+#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:782
 msgid ""
 "LSform : Error durring the recovery of the value of the field '%{element}'."
 msgstr ""
-#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:772
+#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:789
 msgid "LSform : The field %{element} doesn't exist."
 msgstr ""
-#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:775
+#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:792
 msgid "LSfom : Field type unknow (%{type})."
 msgstr ""
-#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:778
+#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:795
 msgid "LSform : Error during the creation of the element '%{element}'."
 msgstr ""
-#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:781
+#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:798
 msgid "LSform : The data entry form %{name} doesn't exist."
 msgstr ""
-#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:784
+#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:801
 msgid "LSform : The data entry form %{name} is not correctly configured."
 msgstr ""
-#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:787
+#: /home/brenard/dev/ldapsaisie_clean3/public_html/includes/class/class.LSform.php:804
 msgid ""
 "LSform : The element %{name}, listed as displayed in data entry form "
 "configuration, doesn't exist."