302 lines
6.6 KiB
PHP
302 lines
6.6 KiB
PHP
<?php
|
|
|
|
/*
|
|
|
|
************************************
|
|
* Configuration *
|
|
************************************
|
|
|
|
*/
|
|
|
|
// PhpCAS library path
|
|
$phpCAS_path="CAS.php";
|
|
|
|
// All valid CAS servers
|
|
$cas_servers=array(
|
|
// CAS server hostname
|
|
$_SERVER['SERVER_NAME'] => array(
|
|
// Context of the CAS Server
|
|
'context' => '/cas',
|
|
// CAS server port
|
|
'port' => 443,
|
|
// Disable CAS server Validation
|
|
'ssl_validation' => false,
|
|
// If ssl_validation is enable you must define
|
|
'ssl_cacert_path' => '/path/to/cacert.crt',
|
|
'ssl_cn_validation' => true
|
|
)
|
|
);
|
|
|
|
// FQDN of CAS server
|
|
$default_cas_server=key($cas_servers);
|
|
|
|
// PhpCAS log file
|
|
$phpCAS_logfile='/tmp/cas.log';
|
|
|
|
/*
|
|
|
|
************************************
|
|
* Main *
|
|
************************************
|
|
|
|
*/
|
|
|
|
$warnings=array();
|
|
|
|
session_start();
|
|
require $phpCAS_path;
|
|
CAS_GracefullTerminationException::throwInsteadOfExiting();
|
|
|
|
if (isset($_REQUEST['server']) && !isset($cas_servers[$_REQUEST['server']])) {
|
|
$warnings[]="Invalid CAS server choiced";
|
|
unset($_REQUEST['server']);
|
|
}
|
|
if (isset($_REQUEST['server'])) {
|
|
$cas_host=$_REQUEST['server'];
|
|
if ($_SESSION['cas_server']!=$cas_host) {
|
|
$_SESSION['cas_server']=$cas_host;
|
|
unset($_SESSION['phpCAS']['user']);
|
|
}
|
|
}
|
|
elseif (isset($_SESSION['cas_server'])) {
|
|
$cas_host=$_SESSION['cas_server'];
|
|
}
|
|
else {
|
|
$cas_host=$default_cas_server;
|
|
$_SESSION['cas_server']=$cas_host;
|
|
unset($_SESSION['phpCAS']['user']);
|
|
}
|
|
$_SESSION['cas_server']=$cas_host;
|
|
|
|
$_show_cas_client_config=false;
|
|
function show_cas_client_config() {
|
|
global $phpCAS_config, $_show_cas_client_config;
|
|
if ($_show_cas_client_config) return true;
|
|
$_show_cas_client_config=true;
|
|
echo "<h3>CAS Client configuration</h3><ul>";
|
|
foreach($phpCAS_config as $cfg_name => $cfg_val) {
|
|
echo "<li><strong>$cfg_name :</strong> <em>$cfg_val</em></li>";
|
|
}
|
|
echo "</ul>";
|
|
}
|
|
|
|
$_show_warnings=false;
|
|
function show_warnings() {
|
|
global $warnings,$_show_warnings;
|
|
if ($_show_warnings) return true;
|
|
$_show_warnings=true;
|
|
if (!empty($warnings)) {
|
|
echo "<h2 style='color: #f00'>Warnings message</h2><ul>";
|
|
foreach ($warnings as $msg) {
|
|
echo "<li>$msg</li>";
|
|
}
|
|
echo "</ul>";
|
|
}
|
|
}
|
|
|
|
function show_cas_log() {
|
|
global $phpCAS_logfile;
|
|
|
|
echo "<h2>PhpCAS Debug Log</h2>";
|
|
if (is_writable($phpCAS_logfile)) {
|
|
$lines=file($phpCAS_logfile);
|
|
if (is_array($lines)) {
|
|
echo '<pre>'.implode('',$lines).'</pre>';
|
|
}
|
|
else {
|
|
echo "<strong>Error reading PhpCAS debug log file ($phpCAS_logfile).</strong>";
|
|
}
|
|
}
|
|
else {
|
|
echo "<strong>PhpCAS debug log file does not exists or is not writable ($phpCAS_logfile).</strong>";
|
|
}
|
|
}
|
|
|
|
function show_user_infos() {
|
|
echo "<strong>Login :</strong> <em>".phpCAS::getUser()."</em><br/>";
|
|
echo "<strong>Attributes : </strong><pre>".print_r(phpCAS::getAttributes(),True).'</pre>';
|
|
}
|
|
|
|
?>
|
|
<html>
|
|
<head>
|
|
<title>Test CAS</title>
|
|
|
|
<style>
|
|
strong {
|
|
font-size: 0.9em;
|
|
}
|
|
|
|
em {
|
|
font-size: 0.8em;
|
|
}
|
|
|
|
pre {
|
|
margin-left: 1em;
|
|
padding: 1em;
|
|
border-left: 1px solid;
|
|
background-color: #eee;
|
|
font-size: 0.9em;
|
|
}
|
|
|
|
div.success, div.error {
|
|
padding: 0.2em;
|
|
width: 50%;
|
|
font-weight: bold;
|
|
margin: 1em;
|
|
text-align: center;
|
|
}
|
|
|
|
div.success {
|
|
color: #0E4700;
|
|
border: 1px solid #0E4700;
|
|
background-color: #99E774;
|
|
}
|
|
|
|
div.error {
|
|
color: #f00;
|
|
border: 1px solid #f00;
|
|
padding: 1em;
|
|
background-color: #C56E6E;
|
|
}
|
|
|
|
h2 {
|
|
border-bottom: 1px solid;
|
|
}
|
|
</style>
|
|
<body>
|
|
<h1>Test CAS Application</h1>
|
|
|
|
<h2>CAS server selection</h2>
|
|
<form action='index.php' method='POST'>
|
|
<label for='server'>CAS server</label> :
|
|
<select name='server' id='server' onchange="javascript:submit();">
|
|
<?php
|
|
foreach($cas_servers as $srv => $opts) {
|
|
echo "<option value='$srv'".(($cas_host==$srv)?'selected':'').">$srv</option>\n";
|
|
}
|
|
?>
|
|
</select>
|
|
<input type='submit' value='Change'/>
|
|
</form>
|
|
<h2>Menu</h2>
|
|
<ul>
|
|
<li><a href='?do=login'>Login</a></li>
|
|
<li><a href='?do=caslogout'>Logout on CAS server</a></li>
|
|
<li><a href='?do=locallogout'>Logout on local application</a></li>
|
|
<?php
|
|
if (is_writable($phpCAS_logfile)) {
|
|
echo "<li><a href='?truncatelog=true'>Truncate Debug log file content</a></li>";
|
|
}
|
|
?>
|
|
</ul>
|
|
|
|
<h2>CAS Client Initialization ...</h2>
|
|
<?php
|
|
try {
|
|
|
|
$phpCAS_config=array(
|
|
'CAS Hostname' => $cas_host,
|
|
'CAS server port' => $cas_servers[$cas_host]['port'],
|
|
'CAS server context' => $cas_servers[$cas_host]['context'],
|
|
);
|
|
|
|
if (is_writable($phpCAS_logfile)) {
|
|
if (isset($_REQUEST['truncatelog'])) {
|
|
$fh = fopen($phpCAS_logfile, 'w');
|
|
fclose($fh);
|
|
}
|
|
$phpCAS_config['Debug file'] = $phpCAS_logfile;
|
|
phpCAS::setDebug($phpCAS_logfile);
|
|
}
|
|
|
|
phpCAS::client(CAS_VERSION_2_0, $cas_host, $cas_servers[$cas_host]['port'], $cas_servers[$cas_host]['context']);
|
|
|
|
echo "<div class='success'>Client successfully initialized</div>";
|
|
|
|
if ($cas_servers[$cas_host]['ssl_validation']===true) {
|
|
if (is_readable($cas_servers[$cas_host]['ssl_cacert_path'])) {
|
|
$phpCAS_config['SSL Validation']='Enabled';
|
|
$phpCAS_config['SSL CA Cert Validation File']=$cas_servers[$cas_host]['ssl_cacert_path'];
|
|
$phpCAS_config['SSL CN Validation']=($cas_servers[$cas_host]['ssl_cn_validation']?'Enabled':'Disabled');
|
|
phpCAS::setCasServerCACert($cas_servers[$cas_host]['ssl_cacert_path'],$cas_servers[$cas_host]['ssl_cn_validation']);
|
|
}
|
|
else {
|
|
$warnings[]='SSL validation enable for this server but CA Cert file configured does not exists or is not readable';
|
|
$phpCAS_config['SSL Validation']='Disabled';
|
|
phpCAS::setNoCasServerValidation();
|
|
}
|
|
}
|
|
else {
|
|
$phpCAS_config['SSL Validation']='Disabled';
|
|
phpCAS::setNoCasServerValidation();
|
|
}
|
|
|
|
phpCAS::setCacheTimesForAuthRecheck(0);
|
|
|
|
show_cas_client_config();
|
|
show_warnings();
|
|
|
|
?>
|
|
|
|
<h2>Action</h2>
|
|
<h3>State before running action</h3>
|
|
<?php
|
|
if (phpCAS::isAuthenticated()) {
|
|
echo "Authenticated";
|
|
}
|
|
else {
|
|
echo "Not authenticated";
|
|
}
|
|
?>
|
|
<h3>Running action...</h3>
|
|
<?php
|
|
|
|
if (isset($_REQUEST['do'])) {
|
|
|
|
switch($_REQUEST['do']) {
|
|
case 'login':
|
|
phpCAS::forceAuthentication();
|
|
echo "<div class='success'>Successfully authenticated</div>";
|
|
break;
|
|
case 'caslogout':
|
|
phpCAS::forceAuthentication();
|
|
phpCAS::logout();
|
|
break;
|
|
case 'locallogout':
|
|
unset($_SESSION['phpCAS']);
|
|
if (!isset($_SESSION['phpCAS'])) {
|
|
echo "<div class='success'>Successfully logout</div>";
|
|
}
|
|
else {
|
|
echo "<div class='error'>Failed to unset phpCAS session informations</div>";
|
|
}
|
|
break;
|
|
default:
|
|
echo "<div class='error'>Incorrect parameters</div>";
|
|
}
|
|
}
|
|
else {
|
|
echo "Nothing to do";
|
|
}
|
|
|
|
if (phpCAS::isAuthenticated()) {
|
|
echo "<h2>Authenticated user informations</h2>";
|
|
show_user_infos();
|
|
}
|
|
|
|
// End of catch
|
|
}
|
|
catch (CAS_GracefullTerminationException $e) {
|
|
echo "<div class='error'>PhpCAS return exception</div>";
|
|
show_cas_client_config();
|
|
show_warnings();
|
|
}
|
|
|
|
show_cas_log();
|
|
|
|
|
|
?>
|
|
|
|
</body>
|
|
</html>
|