test-cas-client/index.php

<?php

/*

 ************************************
 *          Configuration           *
 ************************************

*/

// PhpCAS library path
$phpCAS_path="CAS.php";

// All valid CAS servers
$cas_servers=array(
	// CAS server hostname
	$_SERVER['SERVER_NAME'] => array(
		// Context of the CAS Server
		'context' => '/idp/cas',
		// CAS server port
		'port' => 443,
		// If you running this application in HTTP only, uncomment following parameter
		//'insecure' => true,
		// Disable CAS server Validation
		'ssl_validation' => true,
		// If ssl_validation is enable you must define
		'ssl_cacert_path' => '/etc/ssl/certs/ca-certificates.crt',
		'ssl_cn_validation' => true,
		// Extra CURL options (for phpCAS client)
		'extra_curl_options' => array(
			// Uncomment it in case of 'dh key too small' error
			// 'CURLOPT_SSL_CIPHER_LIST' => 'DEFAULT@SECLEVEL=1',
		),
	),
);

// FQDN of CAS server
$default_cas_server=key($cas_servers);

// PhpCAS debug logs

// Log directory path
$phpCAS_logdir='logs';

// Log filename format
// Compose with :
//  - {cas_server} : the CAS server
//  - {remote_addr} : connected user remote IP address
//  - {session_id} : connected user session_id
$phpCAS_logfile_format='{session_id}-{cas_server}.log';

// Local app URL (auto-detect on first acces if null)
$service_url=null;

/*

 ************************************
 *               Main               *
 ************************************

*/

$warnings=array();

session_start();
require $phpCAS_path;
CAS_GracefullTerminationException::throwInsteadOfExiting();

// Make sure service URL is defined (otherwise, load it from session or auto-detect) 
if (is_null($service_url)) {
	if (isset($_SESSION['service_url'])) {
		$service_url = $_SESSION['service_url'];
	}
	else {
		$https = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off');
		$request_uri = $_SERVER['REQUEST_URI'];
		$request_uri = preg_replace('/\?.*$/', '', $request_uri);
		$service_url = "http".($https?"s":"")."://".$_SERVER['SERVER_NAME'];
		if (($_SERVER['SERVER_PORT'] != 443 && $https) || ($_SERVER['SERVER_PORT'] != 80 && !$https))
			$service_url .= ":".$_SERVER['SERVER_PORT'];
		$service_url .= $request_uri;
		$_SESSION['service_url'] = $service_url;
	}
}

if (isset($_REQUEST['server']) && !isset($cas_servers[$_REQUEST['server']])) {
	$warnings[]="Invalid CAS server choiced";
	unset($_REQUEST['server']);
}
if (isset($_REQUEST['server'])) {
	$cas_host=$_REQUEST['server'];
	if ($_SESSION['cas_server']!=$cas_host) {
		$_SESSION['cas_server']=$cas_host;
		unset($_SESSION['phpCAS']['user']);
	}
}
elseif (isset($_SESSION['cas_server'])) {
	$cas_host=$_SESSION['cas_server'];
}
else {
	$cas_host=$default_cas_server;
	$_SESSION['cas_server']=$cas_host;
	unset($_SESSION['phpCAS']['user']);
}
$_SESSION['cas_server']=$cas_host;

$_show_cas_client_config=false;
function show_cas_client_config() {
	global $phpCAS_config, $_show_cas_client_config;
	if ($_show_cas_client_config) return true;
	$_show_cas_client_config=true;
	echo "<h3>CAS Client configuration</h3><ul>";
	foreach($phpCAS_config as $cfg_name => $cfg_val) {
		echo "<li><strong>$cfg_name :</strong> <em>$cfg_val</em></li>";
	}
	echo "</ul>";
}

$_show_warnings=false;
function show_warnings() {
	global $warnings,$_show_warnings;
	if ($_show_warnings) return true;
	$_show_warnings=true;
	if (!empty($warnings)) {
		echo "<h2 style='color: #f00'>Warnings message</h2><ul>";
		foreach ($warnings as $msg) {
			echo "<li>$msg</li>";
		}
		echo "</ul>";
	}
}

function show_cas_log() {
	global $phpCAS_logfile;

	echo "<h2>PhpCAS Debug Log</h2>";
	if (is_writable($phpCAS_logfile)) {
		$lines=file($phpCAS_logfile);
		if (is_array($lines)) {
			echo '<pre>'.implode('',$lines).'</pre>';
		}
		else {
			echo "<strong>Error reading PhpCAS debug log file ($phpCAS_logfile).</strong>";
		}
	}
	else {
		echo "<strong>PhpCAS debug log file does not exists or is not writable ($phpCAS_logfile).</strong>";
	}
}

function show_user_infos() {
	echo "<strong>Login :</strong> <em>".phpCAS::getUser()."</em><br/>";
	echo "<strong>Attributes : </strong><pre>".print_r(phpCAS::getAttributes(),True).'</pre>';
}

?>
<html>
<head>
	<title>Test CAS</title>

<style>
strong {
	font-size: 0.9em;
}

em {
	font-size: 0.8em;
}

pre {
	margin-left: 1em;
	padding: 1em;
	border-left: 1px solid;
	background-color: #eee;
	font-size: 0.9em;
}

div.success, div.error {
	padding: 0.2em;
	width: 50%;
	font-weight: bold;
	margin: 1em;
	text-align: center;
}

div.success {
	color: #0E4700;
	border: 1px solid #0E4700;
	background-color: #99E774;
}

div.error {
	color: #f00;
	border: 1px solid #f00;
	padding: 1em;
	background-color: #C56E6E;
}

h2 {
	border-bottom: 1px solid;
}
</style>
<body>
<h1>Test CAS Application</h1>

<h2>CAS server selection</h2>
<form action='index.php' method='POST'>
<label for='server'>CAS server</label> :
<select name='server' id='server' onchange="javascript:submit();">
<?php
foreach($cas_servers as $srv => $opts) {
	echo "<option value='$srv'".(($cas_host==$srv)?'selected':'').">$srv</option>\n";
}
?>
</select>
<input type='submit' value='Change'/>
</form>
<h2>Menu</h2>
<ul>
 <li><a href='?do=login'>Login</a></li>
 <li><a href='?do=caslogout'>Logout on CAS server</a></li>
 <li><a href='?do=locallogout'>Logout on local application</a></li>
<?php

// Generate phpCAS debug log file path
$phpCAS_logfile="$phpCAS_logdir/$phpCAS_logfile_format";
$phpCAS_logfile=str_replace('{cas_server}', $cas_host, $phpCAS_logfile);
$phpCAS_logfile=str_replace('{remote_addr}', $_SERVER['REMOTE_ADDR'], $phpCAS_logfile);
$phpCAS_logfile=str_replace('{session_id}', session_id(), $phpCAS_logfile);

if (is_writable($phpCAS_logfile)) {
  echo "<li><a href='?truncatelog=true'>Truncate Debug log file content</a></li>";
}
?>
</ul>

<h2>CAS Client Initialization ...</h2>
<?php
try {

$phpCAS_config=array(
	'CAS Hostname' => $cas_host,
	'CAS server port' => $cas_servers[$cas_host]['port'],
	'CAS server context' => $cas_servers[$cas_host]['context'],
	'Service URL' => $service_url,
);

if (is_writable($phpCAS_logfile) || (!is_file($phpCAS_logfile) && is_writable(dirname($phpCAS_logfile)))) {
	if (is_file($phpCAS_logfile) && isset($_REQUEST['truncatelog'])) {
		$fh = fopen($phpCAS_logfile, 'w');
		fclose($fh);
	}
	$phpCAS_config['Debug file'] = $phpCAS_logfile;
	phpCAS::setDebug($phpCAS_logfile);
}

// phpCAS client initialization
$init_args = [
	CAS_VERSION_2_0,
	$cas_host,
	$cas_servers[$cas_host]['port'],
	$cas_servers[$cas_host]['context'],
];

// Note: Determine phpCAS version to correctly handle the $service_base_url parameter added in 1.6.0.
// Note: this parameter is also required for Debian Buster 1.3.6-1+deb10u1 package, because
// to fix CVE-2022-39369, this version was patched and this parameter have been added. Use Reflection
// to correctly handle this case.
$init_method = new ReflectionMethod("phpCAS", "client");
if (
	intval(str_replace('.', '000', phpCAS::getVersion()).'000') >= 100060000000
	|| $init_method->getNumberOfRequiredParameters() > 4
)
	$init_args[] = $service_url;

call_user_func_array(["phpCAS", "client"], $init_args);
phpCAS::setFixedServiceURL($service_url);

// Set extra CURL options
if (isset($cas_servers[$cas_host]['extra_curl_options']) && is_array($cas_servers[$cas_host]['extra_curl_options'])) {
	foreach($cas_servers[$cas_host]['extra_curl_options'] as $opt => $value) {
		if (is_string($opt) && substr($opt, 0, 7) == 'CURLOPT' && defined($opt))
			$opt = constant($opt);
		phpCAS::setExtraCurlOption($opt, $value);
	}
}

if ($cas_servers[$cas_host]['insecure']) {
	$phpCAS_config['Insecure'] = 'Yes';
	$phpCAS_config['Base URL'] = 'http://'.$cas_host.($cas_servers[$cas_host]['port']?':'.$cas_servers[$cas_host]['port']:'').$cas_servers[$cas_host]['context'];
	// Remove trailing slash if present
	if (substr($phpCAS_config['Base URL'], -1)=='/')
		$phpCAS_config['Base URL'] = substr($phpCAS_config['Base URL'], 0, -1);
	$login_url = "$base_url/login";
	$service_validate_url = "$base_url/serviceValidate";
	$logout_url = "$base_url/logout";
	$phpCAS_config['Login URL'] = $phpCAS_config['Base URL']."/login?service=".urlencode($service_url);
	$phpCAS_config['Logout URL'] = $phpCAS_config['Base URL']."/logout";
	$phpCAS_config['Service validate URL'] = $phpCAS_config['Base URL']."/serviceValidate";
	phpCAS::setServerLoginURL($phpCAS_config['Login URL']);
	phpCAS::setServerLogoutURL($phpCAS_config['Logout URL']);
	phpCAS::setServerServiceValidateURL($phpCAS_config['Service validate URL']);
	// Be sure SSL validation is disabled
	$cas_servers[$cas_host]['ssl_validation'] = false;
}
else
	$phpCAS_config['Insecure'] = 'No';

echo "<div class='success'>Client successfully initialized</div>";

if ($cas_servers[$cas_host]['ssl_validation']===true) {
	if (is_readable($cas_servers[$cas_host]['ssl_cacert_path'])) {
		$phpCAS_config['SSL Validation']='Enabled';
		$phpCAS_config['SSL CA Cert Validation File']=$cas_servers[$cas_host]['ssl_cacert_path'];
		$phpCAS_config['SSL CN Validation']=($cas_servers[$cas_host]['ssl_cn_validation']?'Enabled':'Disabled');
		phpCAS::setCasServerCACert($cas_servers[$cas_host]['ssl_cacert_path'],$cas_servers[$cas_host]['ssl_cn_validation']);
	}
	else {
		$warnings[]='SSL validation enable for this server but CA Cert file configured does not exists or is not readable';
		$phpCAS_config['SSL Validation']='Disabled';
		phpCAS::setNoCasServerValidation();
	}
}
else {
	$phpCAS_config['SSL Validation']='Disabled';
	phpCAS::setNoCasServerValidation();
}

phpCAS::setCacheTimesForAuthRecheck(0);

show_cas_client_config();
show_warnings();

?>

<h2>Action</h2>
<h3>State before running action</h3>
<?php
if (phpCAS::isAuthenticated()) {
	echo "Authenticated";
}
else {
	echo "Not authenticated";
}
?>
<h3>Running action...</h3>
<?php

if (isset($_REQUEST['do'])) {

	switch($_REQUEST['do']) {
		case 'login':
			phpCAS::forceAuthentication();
			echo "<div class='success'>Successfully authenticated</div>";
			break;
		case 'caslogout':
			phpCAS::forceAuthentication();
			phpCAS::logoutWithRedirectService($service_url);
			break;
		case 'locallogout':
			unset($_SESSION['session_url']);
			unset($_SESSION['phpCAS']);
			if (!isset($_SESSION['phpCAS'])) {
				echo "<div class='success'>Successfully logout</div>";
			}
			else {
				echo "<div class='error'>Failed to unset phpCAS session informations</div>";
			}
			break;
		default:
			echo "<div class='error'>Incorrect parameters</div>";
	}
}
else {
	echo "Nothing to do";
}

if (phpCAS::isAuthenticated()) {
	echo "<h2>Authenticated user informations</h2>";
	show_user_infos();
}

// End of catch
}
catch (CAS_GracefullTerminationException $e) {
	echo "<div class='error'>PhpCAS return exception</div>";
	show_cas_client_config();
	show_warnings();
}

show_cas_log();


?>

</body>
</html>
Initial commit 2014-12-29 21:54:44 +01:00			`<?php`

			`/*`

			`************************************`
			`* Configuration *`
			`************************************`

			`*/`

			`// PhpCAS library path`
			`$phpCAS_path="CAS.php";`

			`// All valid CAS servers`
			`$cas_servers=array(`
			`// CAS server hostname`
			`$_SERVER['SERVER_NAME'] => array(`
			`// Context of the CAS Server`
Make default configuration adapted to Authentic2 context 2021-03-31 12:14:40 +02:00			`'context' => '/idp/cas',`
Initial commit 2014-12-29 21:54:44 +01:00			`// CAS server port`
			`'port' => 443,`
Add insecure parameter to allow connection on HTTP only CAS server 2020-12-03 15:22:47 +01:00			`// If you running this application in HTTP only, uncomment following parameter`
			`//'insecure' => true,`
Initial commit 2014-12-29 21:54:44 +01:00			`// Disable CAS server Validation`
Make default configuration adapted to Authentic2 context 2021-03-31 12:14:40 +02:00			`'ssl_validation' => true,`
Initial commit 2014-12-29 21:54:44 +01:00			`// If ssl_validation is enable you must define`
Make default configuration adapted to Authentic2 context 2021-03-31 12:14:40 +02:00			`'ssl_cacert_path' => '/etc/ssl/certs/ca-certificates.crt',`
Fix PHP syntax error in previous commit 2021-11-15 11:08:42 +01:00			`'ssl_cn_validation' => true,`
Add config parameter to defined extra CURL options for phpCAS client 2021-10-07 10:52:38 +02:00			`// Extra CURL options (for phpCAS client)`
			`'extra_curl_options' => array(`
			`// Uncomment it in case of 'dh key too small' error`
			`// 'CURLOPT_SSL_CIPHER_LIST' => 'DEFAULT@SECLEVEL=1',`
			`),`
			`),`
Initial commit 2014-12-29 21:54:44 +01:00			`);`

			`// FQDN of CAS server`
			`$default_cas_server=key($cas_servers);`

Improve log file support 2021-03-31 12:45:52 +02:00			`// PhpCAS debug logs`

			`// Log directory path`
			`$phpCAS_logdir='logs';`

			`// Log filename format`
			`// Compose with :`
			`// - {cas_server} : the CAS server`
			`// - {remote_addr} : connected user remote IP address`
			`// - {session_id} : connected user session_id`
			`$phpCAS_logfile_format='{session_id}-{cas_server}.log';`
Initial commit 2014-12-29 21:54:44 +01:00
Add insecure parameter to allow connection on HTTP only CAS server 2020-12-03 15:22:47 +01:00			`// Local app URL (auto-detect on first acces if null)`
			`$service_url=null;`

Initial commit 2014-12-29 21:54:44 +01:00			`/*`

			`************************************`
			`* Main *`
			`************************************`

			`*/`

			`$warnings=array();`

			`session_start();`
			`require $phpCAS_path;`
			`CAS_GracefullTerminationException::throwInsteadOfExiting();`

Add insecure parameter to allow connection on HTTP only CAS server 2020-12-03 15:22:47 +01:00			`// Make sure service URL is defined (otherwise, load it from session or auto-detect)`
			`if (is_null($service_url)) {`
			`if (isset($_SESSION['service_url'])) {`
			`$service_url = $_SESSION['service_url'];`
			`}`
			`else {`
			`$https = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off');`
			`$request_uri = $_SERVER['REQUEST_URI'];`
			`$request_uri = preg_replace('/\?.*$/', '', $request_uri);`
			`$service_url = "http".($https?"s":"")."://".$_SERVER['SERVER_NAME'];`
			`if (($_SERVER['SERVER_PORT'] != 443 && $https) \|\| ($_SERVER['SERVER_PORT'] != 80 && !$https))`
			`$service_url .= ":".$_SERVER['SERVER_PORT'];`
			`$service_url .= $request_uri;`
			`$_SESSION['service_url'] = $service_url;`
			`}`
			`}`

Initial commit 2014-12-29 21:54:44 +01:00			`if (isset($_REQUEST['server']) && !isset($cas_servers[$_REQUEST['server']])) {`
			`$warnings[]="Invalid CAS server choiced";`
			`unset($_REQUEST['server']);`
			`}`
			`if (isset($_REQUEST['server'])) {`
			`$cas_host=$_REQUEST['server'];`
			`if ($_SESSION['cas_server']!=$cas_host) {`
			`$_SESSION['cas_server']=$cas_host;`
			`unset($_SESSION['phpCAS']['user']);`
			`}`
			`}`
			`elseif (isset($_SESSION['cas_server'])) {`
			`$cas_host=$_SESSION['cas_server'];`
			`}`
			`else {`
			`$cas_host=$default_cas_server;`
			`$_SESSION['cas_server']=$cas_host;`
			`unset($_SESSION['phpCAS']['user']);`
			`}`
			`$_SESSION['cas_server']=$cas_host;`

			`$_show_cas_client_config=false;`
			`function show_cas_client_config() {`
			`global $phpCAS_config, $_show_cas_client_config;`
			`if ($_show_cas_client_config) return true;`
			`$_show_cas_client_config=true;`
			`echo "<h3>CAS Client configuration</h3><ul>";`
			`foreach($phpCAS_config as $cfg_name => $cfg_val) {`
			`echo "<li><strong>$cfg_name :</strong> <em>$cfg_val</em></li>";`
			`}`
			`echo "</ul>";`
			`}`

			`$_show_warnings=false;`
			`function show_warnings() {`
			`global $warnings,$_show_warnings;`
			`if ($_show_warnings) return true;`
			`$_show_warnings=true;`
			`if (!empty($warnings)) {`
			`echo "<h2 style='color: #f00'>Warnings message</h2><ul>";`
			`foreach ($warnings as $msg) {`
			`echo "<li>$msg</li>";`
			`}`
			`echo "</ul>";`
			`}`
			`}`

			`function show_cas_log() {`
			`global $phpCAS_logfile;`

			`echo "<h2>PhpCAS Debug Log</h2>";`
			`if (is_writable($phpCAS_logfile)) {`
			`$lines=file($phpCAS_logfile);`
			`if (is_array($lines)) {`
			`echo '<pre>'.implode('',$lines).'</pre>';`
			`}`
			`else {`
			`echo "<strong>Error reading PhpCAS debug log file ($phpCAS_logfile).</strong>";`
			`}`
			`}`
			`else {`
			`echo "<strong>PhpCAS debug log file does not exists or is not writable ($phpCAS_logfile).</strong>";`
			`}`
			`}`

			`function show_user_infos() {`
			`echo "<strong>Login :</strong> <em>".phpCAS::getUser()."</em><br/>";`
			`echo "<strong>Attributes : </strong><pre>".print_r(phpCAS::getAttributes(),True).'</pre>';`
			`}`

			`?>`
			`<html>`
			`<head>`
			`<title>Test CAS</title>`

			`<style>`
			`strong {`
			`font-size: 0.9em;`
			`}`

			`em {`
			`font-size: 0.8em;`
			`}`

			`pre {`
			`margin-left: 1em;`
			`padding: 1em;`
			`border-left: 1px solid;`
			`background-color: #eee;`
			`font-size: 0.9em;`
			`}`

			`div.success, div.error {`
			`padding: 0.2em;`
			`width: 50%;`
			`font-weight: bold;`
			`margin: 1em;`
			`text-align: center;`
			`}`

			`div.success {`
			`color: #0E4700;`
			`border: 1px solid #0E4700;`
			`background-color: #99E774;`
			`}`

			`div.error {`
			`color: #f00;`
			`border: 1px solid #f00;`
			`padding: 1em;`
			`background-color: #C56E6E;`
			`}`

			`h2 {`
			`border-bottom: 1px solid;`
			`}`
			`</style>`
			`<body>`
			`<h1>Test CAS Application</h1>`

			`<h2>CAS server selection</h2>`
			`<form action='index.php' method='POST'>`
			`<label for='server'>CAS server</label> :`
			`<select name='server' id='server' onchange="javascript:submit();">`
			`<?php`
			`foreach($cas_servers as $srv => $opts) {`
			`echo "<option value='$srv'".(($cas_host==$srv)?'selected':'').">$srv</option>\n";`
			`}`
			`?>`
			`</select>`
			`<input type='submit' value='Change'/>`
			`</form>`
			`<h2>Menu</h2>`
			`<ul>`
			`<li><a href='?do=login'>Login</a></li>`
			`<li><a href='?do=caslogout'>Logout on CAS server</a></li>`
			`<li><a href='?do=locallogout'>Logout on local application</a></li>`
			`<?php`
Improve log file support 2021-03-31 12:45:52 +02:00
			`// Generate phpCAS debug log file path`
			`$phpCAS_logfile="$phpCAS_logdir/$phpCAS_logfile_format";`
			`$phpCAS_logfile=str_replace('{cas_server}', $cas_host, $phpCAS_logfile);`
			`$phpCAS_logfile=str_replace('{remote_addr}', $_SERVER['REMOTE_ADDR'], $phpCAS_logfile);`
			`$phpCAS_logfile=str_replace('{session_id}', session_id(), $phpCAS_logfile);`

Initial commit 2014-12-29 21:54:44 +01:00			`if (is_writable($phpCAS_logfile)) {`
			`echo "<li><a href='?truncatelog=true'>Truncate Debug log file content</a></li>";`
			`}`
			`?>`
			`</ul>`

			`<h2>CAS Client Initialization ...</h2>`
			`<?php`
			`try {`

			`$phpCAS_config=array(`
			`'CAS Hostname' => $cas_host,`
			`'CAS server port' => $cas_servers[$cas_host]['port'],`
			`'CAS server context' => $cas_servers[$cas_host]['context'],`
Add insecure parameter to allow connection on HTTP only CAS server 2020-12-03 15:22:47 +01:00			`'Service URL' => $service_url,`
Initial commit 2014-12-29 21:54:44 +01:00			`);`

Improve log file support 2021-03-31 12:45:52 +02:00			`if (is_writable($phpCAS_logfile) \|\| (!is_file($phpCAS_logfile) && is_writable(dirname($phpCAS_logfile)))) {`
			`if (is_file($phpCAS_logfile) && isset($_REQUEST['truncatelog'])) {`
Initial commit 2014-12-29 21:54:44 +01:00			`$fh = fopen($phpCAS_logfile, 'w');`
			`fclose($fh);`
			`}`
			`$phpCAS_config['Debug file'] = $phpCAS_logfile;`
			`phpCAS::setDebug($phpCAS_logfile);`
			`}`

Fix support of phpCAS >= 1.6 2024-07-30 13:44:21 +02:00			`// phpCAS client initialization`
			`$init_args = [`
			`CAS_VERSION_2_0,`
			`$cas_host,`
			`$cas_servers[$cas_host]['port'],`
			`$cas_servers[$cas_host]['context'],`
			`];`

			`// Note: Determine phpCAS version to correctly handle the $service_base_url parameter added in 1.6.0.`
			`// Note: this parameter is also required for Debian Buster 1.3.6-1+deb10u1 package, because`
			`// to fix CVE-2022-39369, this version was patched and this parameter have been added. Use Reflection`
			`// to correctly handle this case.`
			`$init_method = new ReflectionMethod("phpCAS", "client");`
			`if (`
			`intval(str_replace('.', '000', phpCAS::getVersion()).'000') >= 100060000000`
			`\|\| $init_method->getNumberOfRequiredParameters() > 4`
			`)`
			`$init_args[] = $service_url;`

			`call_user_func_array(["phpCAS", "client"], $init_args);`
Add insecure parameter to allow connection on HTTP only CAS server 2020-12-03 15:22:47 +01:00			`phpCAS::setFixedServiceURL($service_url);`

Add config parameter to defined extra CURL options for phpCAS client 2021-10-07 10:52:38 +02:00			`// Set extra CURL options`
			`if (isset($cas_servers[$cas_host]['extra_curl_options']) && is_array($cas_servers[$cas_host]['extra_curl_options'])) {`
			`foreach($cas_servers[$cas_host]['extra_curl_options'] as $opt => $value) {`
			`if (is_string($opt) && substr($opt, 0, 7) == 'CURLOPT' && defined($opt))`
			`$opt = constant($opt);`
			`phpCAS::setExtraCurlOption($opt, $value);`
			`}`
			`}`

Add insecure parameter to allow connection on HTTP only CAS server 2020-12-03 15:22:47 +01:00			`if ($cas_servers[$cas_host]['insecure']) {`
			`$phpCAS_config['Insecure'] = 'Yes';`
			`$phpCAS_config['Base URL'] = 'http://'.$cas_host.($cas_servers[$cas_host]['port']?':'.$cas_servers[$cas_host]['port']:'').$cas_servers[$cas_host]['context'];`
			`// Remove trailing slash if present`
			`if (substr($phpCAS_config['Base URL'], -1)=='/')`
			`$phpCAS_config['Base URL'] = substr($phpCAS_config['Base URL'], 0, -1);`
			`$login_url = "$base_url/login";`
			`$service_validate_url = "$base_url/serviceValidate";`
			`$logout_url = "$base_url/logout";`
			`$phpCAS_config['Login URL'] = $phpCAS_config['Base URL']."/login?service=".urlencode($service_url);`
			`$phpCAS_config['Logout URL'] = $phpCAS_config['Base URL']."/logout";`
			`$phpCAS_config['Service validate URL'] = $phpCAS_config['Base URL']."/serviceValidate";`
			`phpCAS::setServerLoginURL($phpCAS_config['Login URL']);`
			`phpCAS::setServerLogoutURL($phpCAS_config['Logout URL']);`
			`phpCAS::setServerServiceValidateURL($phpCAS_config['Service validate URL']);`
			`// Be sure SSL validation is disabled`
			`$cas_servers[$cas_host]['ssl_validation'] = false;`
			`}`
			`else`
			`$phpCAS_config['Insecure'] = 'No';`
Initial commit 2014-12-29 21:54:44 +01:00
			`echo "<div class='success'>Client successfully initialized</div>";`

			`if ($cas_servers[$cas_host]['ssl_validation']===true) {`
			`if (is_readable($cas_servers[$cas_host]['ssl_cacert_path'])) {`
			`$phpCAS_config['SSL Validation']='Enabled';`
			`$phpCAS_config['SSL CA Cert Validation File']=$cas_servers[$cas_host]['ssl_cacert_path'];`
			`$phpCAS_config['SSL CN Validation']=($cas_servers[$cas_host]['ssl_cn_validation']?'Enabled':'Disabled');`
			`phpCAS::setCasServerCACert($cas_servers[$cas_host]['ssl_cacert_path'],$cas_servers[$cas_host]['ssl_cn_validation']);`
			`}`
			`else {`
			`$warnings[]='SSL validation enable for this server but CA Cert file configured does not exists or is not readable';`
			`$phpCAS_config['SSL Validation']='Disabled';`
			`phpCAS::setNoCasServerValidation();`
			`}`
			`}`
			`else {`
			`$phpCAS_config['SSL Validation']='Disabled';`
			`phpCAS::setNoCasServerValidation();`
			`}`

			`phpCAS::setCacheTimesForAuthRecheck(0);`

			`show_cas_client_config();`
			`show_warnings();`

			`?>`

			`<h2>Action</h2>`
			`<h3>State before running action</h3>`
			`<?php`
			`if (phpCAS::isAuthenticated()) {`
			`echo "Authenticated";`
			`}`
			`else {`
			`echo "Not authenticated";`
			`}`
			`?>`
			`<h3>Running action...</h3>`
			`<?php`

			`if (isset($_REQUEST['do'])) {`

			`switch($_REQUEST['do']) {`
			`case 'login':`
			`phpCAS::forceAuthentication();`
			`echo "<div class='success'>Successfully authenticated</div>";`
			`break;`
			`case 'caslogout':`
			`phpCAS::forceAuthentication();`
Fix CAS logout with redirection to original service 2022-02-09 12:31:34 +01:00			`phpCAS::logoutWithRedirectService($service_url);`
Initial commit 2014-12-29 21:54:44 +01:00			`break;`
			`case 'locallogout':`
Add insecure parameter to allow connection on HTTP only CAS server 2020-12-03 15:22:47 +01:00			`unset($_SESSION['session_url']);`
Initial commit 2014-12-29 21:54:44 +01:00			`unset($_SESSION['phpCAS']);`
			`if (!isset($_SESSION['phpCAS'])) {`
			`echo "<div class='success'>Successfully logout</div>";`
			`}`
			`else {`
			`echo "<div class='error'>Failed to unset phpCAS session informations</div>";`
			`}`
			`break;`
			`default:`
			`echo "<div class='error'>Incorrect parameters</div>";`
			`}`
			`}`
			`else {`
			`echo "Nothing to do";`
			`}`

			`if (phpCAS::isAuthenticated()) {`
			`echo "<h2>Authenticated user informations</h2>";`
			`show_user_infos();`
			`}`

			`// End of catch`
			`}`
			`catch (CAS_GracefullTerminationException $e) {`
			`echo "<div class='error'>PhpCAS return exception</div>";`
			`show_cas_client_config();`
			`show_warnings();`
			`}`

			`show_cas_log();`


			`?>`

			`</body>`
			`</html>`