Initial commit

2014-12-29 21:54:44 +01:00 · 2014-12-29 21:54:44 +01:00 · 699ab244d2
commit 699ab244d2
1 changed files with 302 additions and 0 deletions
--- a/index.php
+++ b/index.php
@ -0,0 +1,302 @@
+<?php
+
+/*
+
+ ************************************
+ *          Configuration           *
+ ************************************
+
+*/
+
+// PhpCAS library path
+$phpCAS_path="CAS.php";
+
+// All valid CAS servers
+$cas_servers=array(
+	// CAS server hostname
+	$_SERVER['SERVER_NAME'] => array(
+		// Context of the CAS Server
+		'context' => '/cas',
+		// CAS server port
+		'port' => 443,
+		// Disable CAS server Validation
+		'ssl_validation' => false,
+		// If ssl_validation is enable you must define
+		'ssl_cacert_path' => '/path/to/cacert.crt',
+		'ssl_cn_validation' => true
+	)
+);
+
+// FQDN of CAS server
+$default_cas_server=key($cas_servers);
+
+// PhpCAS log file
+$phpCAS_logfile='/tmp/cas.log';
+
+/*
+
+ ************************************
+ *               Main               *
+ ************************************
+
+*/
+
+$warnings=array();
+
+session_start();
+require $phpCAS_path;
+CAS_GracefullTerminationException::throwInsteadOfExiting();
+
+if (isset($_REQUEST['server']) && !isset($cas_servers[$_REQUEST['server']])) {
+	$warnings[]="Invalid CAS server choiced";
+	unset($_REQUEST['server']);
+}
+if (isset($_REQUEST['server'])) {
+	$cas_host=$_REQUEST['server'];
+	if ($_SESSION['cas_server']!=$cas_host) {
+		$_SESSION['cas_server']=$cas_host;
+		unset($_SESSION['phpCAS']['user']);
+	}
+}
+elseif (isset($_SESSION['cas_server'])) {
+	$cas_host=$_SESSION['cas_server'];
+}
+else {
+	$cas_host=$default_cas_server;
+	$_SESSION['cas_server']=$cas_host;
+	unset($_SESSION['phpCAS']['user']);
+}
+$_SESSION['cas_server']=$cas_host;
+
+$_show_cas_client_config=false;
+function show_cas_client_config() {
+	global $phpCAS_config, $_show_cas_client_config;
+	if ($_show_cas_client_config) return true;
+	$_show_cas_client_config=true;
+	echo "<h3>CAS Client configuration</h3><ul>";
+	foreach($phpCAS_config as $cfg_name => $cfg_val) {
+		echo "<li><strong>$cfg_name :</strong> <em>$cfg_val</em></li>";
+	}
+	echo "</ul>";
+}
+
+$_show_warnings=false;
+function show_warnings() {
+	global $warnings,$_show_warnings;
+	if ($_show_warnings) return true;
+	$_show_warnings=true;
+	if (!empty($warnings)) {
+		echo "<h2 style='color: #f00'>Warnings message</h2><ul>";
+		foreach ($warnings as $msg) {
+			echo "<li>$msg</li>";
+		}
+		echo "</ul>";
+	}
+}
+
+function show_cas_log() {
+	global $phpCAS_logfile;
+
+	echo "<h2>PhpCAS Debug Log</h2>";
+	if (is_writable($phpCAS_logfile)) {
+		$lines=file($phpCAS_logfile);
+		if (is_array($lines)) {
+			echo '<pre>'.implode('',$lines).'</pre>';
+		}
+		else {
+			echo "<strong>Error reading PhpCAS debug log file ($phpCAS_logfile).</strong>";
+		}
+	}
+	else {
+		echo "<strong>PhpCAS debug log file does not exists or is not writable ($phpCAS_logfile).</strong>";
+	}
+}
+
+function show_user_infos() {
+	echo "<strong>Login :</strong> <em>".phpCAS::getUser()."</em><br/>";
+	echo "<strong>Attributes : </strong><pre>".print_r(phpCAS::getAttributes(),True).'</pre>';
+}
+
+?>
+<html>
+<head>
+	<title>Test CAS</title>
+
+<style>
+strong {
+	font-size: 0.9em;
+}
+
+em {
+	font-size: 0.8em;
+}
+
+pre {
+	margin-left: 1em;
+	padding: 1em;
+	border-left: 1px solid;
+	background-color: #eee;
+	font-size: 0.9em;
+}
+
+div.success, div.error {
+	padding: 0.2em;
+	width: 50%;
+	font-weight: bold;
+	margin: 1em;
+	text-align: center;
+}
+
+div.success {
+	color: #0E4700;
+	border: 1px solid #0E4700;
+	background-color: #99E774;
+}
+
+div.error {
+	color: #f00;
+	border: 1px solid #f00;
+	padding: 1em;
+	background-color: #C56E6E;
+}
+
+h2 {
+	border-bottom: 1px solid;
+}
+</style>
+<body>
+<h1>Test CAS Application</h1>
+
+<h2>CAS server selection</h2>
+<form action='index.php' method='POST'>
+<label for='server'>CAS server</label> :
+<select name='server' id='server' onchange="javascript:submit();">
+<?php
+foreach($cas_servers as $srv => $opts) {
+	echo "<option value='$srv'".(($cas_host==$srv)?'selected':'').">$srv</option>\n";
+}
+?>
+</select>
+<input type='submit' value='Change'/>
+</form>
+<h2>Menu</h2>
+<ul>
+ <li><a href='?do=login'>Login</a></li>
+ <li><a href='?do=caslogout'>Logout on CAS server</a></li>
+ <li><a href='?do=locallogout'>Logout on local application</a></li>
+<?php
+if (is_writable($phpCAS_logfile)) {
+  echo "<li><a href='?truncatelog=true'>Truncate Debug log file content</a></li>";
+}
+?>
+</ul>
+
+<h2>CAS Client Initialization ...</h2>
+<?php
+try {
+
+$phpCAS_config=array(
+	'CAS Hostname' => $cas_host,
+	'CAS server port' => $cas_servers[$cas_host]['port'],
+	'CAS server context' => $cas_servers[$cas_host]['context'],
+);
+
+if (is_writable($phpCAS_logfile)) {
+	if (isset($_REQUEST['truncatelog'])) {
+		$fh = fopen($phpCAS_logfile, 'w');
+		fclose($fh);
+	}
+	$phpCAS_config['Debug file'] = $phpCAS_logfile;
+	phpCAS::setDebug($phpCAS_logfile);
+}
+
+phpCAS::client(CAS_VERSION_2_0, $cas_host, $cas_servers[$cas_host]['port'], $cas_servers[$cas_host]['context']);
+
+echo "<div class='success'>Client successfully initialized</div>";
+
+if ($cas_servers[$cas_host]['ssl_validation']===true) {
+	if (is_readable($cas_servers[$cas_host]['ssl_cacert_path'])) {
+		$phpCAS_config['SSL Validation']='Enabled';
+		$phpCAS_config['SSL CA Cert Validation File']=$cas_servers[$cas_host]['ssl_cacert_path'];
+		$phpCAS_config['SSL CN Validation']=($cas_servers[$cas_host]['ssl_cn_validation']?'Enabled':'Disabled');
+		phpCAS::setCasServerCACert($cas_servers[$cas_host]['ssl_cacert_path'],$cas_servers[$cas_host]['ssl_cn_validation']);
+	}
+	else {
+		$warnings[]='SSL validation enable for this server but CA Cert file configured does not exists or is not readable';
+		$phpCAS_config['SSL Validation']='Disabled';
+		phpCAS::setNoCasServerValidation();
+	}
+}
+else {
+	$phpCAS_config['SSL Validation']='Disabled';
+	phpCAS::setNoCasServerValidation();
+}
+
+phpCAS::setCacheTimesForAuthRecheck(0);
+
+show_cas_client_config();
+show_warnings();
+
+?>
+
+<h2>Action</h2>
+<h3>State before running action</h3>
+<?php
+if (phpCAS::isAuthenticated()) {
+	echo "Authenticated";
+}
+else {
+	echo "Not authenticated";
+}
+?>
+<h3>Running action...</h3>
+<?php
+
+if (isset($_REQUEST['do'])) {
+
+	switch($_REQUEST['do']) {
+		case 'login':
+			phpCAS::forceAuthentication();
+			echo "<div class='success'>Successfully authenticated</div>";
+			break;
+		case 'caslogout':
+			phpCAS::forceAuthentication();
+			phpCAS::logout();
+			break;
+		case 'locallogout':
+			unset($_SESSION['phpCAS']);
+			if (!isset($_SESSION['phpCAS'])) {
+				echo "<div class='success'>Successfully logout</div>";
+			}
+			else {
+				echo "<div class='error'>Failed to unset phpCAS session informations</div>";
+			}
+			break;
+		default:
+			echo "<div class='error'>Incorrect parameters</div>";
+	}
+}
+else {
+	echo "Nothing to do";
+}
+
+if (phpCAS::isAuthenticated()) {
+	echo "<h2>Authenticated user informations</h2>";
+	show_user_infos();
+}
+
+// End of catch
+}
+catch (CAS_GracefullTerminationException $e) {
+	echo "<div class='error'>PhpCAS return exception</div>";
+	show_cas_client_config();
+	show_warnings();
+}
+
+show_cas_log();
+
+
+?>
+
+</body>
+</html>