Method | Description | |
---|---|---|
__construct ( string $server_version, boolean $proxy, string $server_hostname, integer $server_port, string $server_uri, boolean $changeSessionID = true ) : a | CAS_Client constructor. | |
addRebroadcastHeader ( string $header ) : void | This method is used to add header parameters when rebroadcasting pgtIou/pgtId or logoutRequest. | |
addRebroadcastNode ( string $rebroadcastNodeUrl ) : void | Store the rebroadcast node for pgtIou/pgtId and logout requests. | |
checkAuthentication ( ) : true | This method is called to check whether the user is authenticated or not. | |
ensureAuthenticationCallSuccessful ( ) : void | Ensure that authentication was checked. Terminate with exception if no authentication was performed | |
ensureIsProxy ( ) : void | Ensure that this is actually a proxy object or fail with an exception | |
forceAuthentication ( ) : true | This method is called to be sure that the user is authenticated. When not authenticated, halt by redirecting to the CAS server; otherwise return true. | |
getAllowedProxyChains ( ) : CAS_ProxyChain_AllowedList | Answer the CAS_ProxyChain_AllowedList object for this client. | |
getAttribute ( string $key ) : string | Get a specific attribute by name | |
getAttributes ( ) : arry | Get an key values arry of attributes | |
getAuthenticationCallerFile ( ) : array | Answer information about the authentication caller. | |
getAuthenticationCallerLine ( ) : array | Answer information about the authentication caller. | |
getAuthenticationCallerMethod ( ) : array | Answer information about the authentication caller. | |
getChangeSessionID ( ) : boolean | Get whether phpCas is allowed to change session_id | |
getLangObj ( ) : CAS_Languages_LanguageInterface | Create the language | |
getProxiedService ( string $type ) : CAS_ProxiedService | Answer a proxy-authenticated service handler. | |
getProxies ( ) : array | Answer an array of proxies that are sitting in front of this application. | |
getServerLoginURL ( boolean $gateway = false, boolean $renew = false ) : a | This method is used to retrieve the login URL of the CAS server. | |
getServerLogoutURL ( ) : string | This method is used to retrieve the logout URL of the CAS server. | |
getServerProxyURL ( ) : string | This method is used to retrieve the proxy URL of the CAS server. | |
getServerProxyValidateURL ( ) : string | This method is used to retrieve the proxy validating URL of the CAS server. | |
getServerSamlValidateURL ( ) : string | This method is used to retrieve the SAML validating URL of the CAS server. | |
getServerServiceValidateURL ( ) : string | This method is used to retrieve the service validating URL of the CAS server. | |
getServerVersion ( ) : string | This method is used to retrieve the version of the CAS server. | |
getTicket ( ) : string | This method returns the Service Ticket provided in the URL of the request. | |
getURL ( ) : The | This method returns the URL of the current request (without any ticket CGI parameter). | |
getUser ( ) : string | This method returns the CAS user's login name. | |
handleLogoutRequests ( boolean $check_client = true, boolean $allowed_clients = false ) : void | This method handles logout requests. | |
hasAttribute ( string $key ) : boolean | Check whether a specific attribute with a name is available | |
hasAttributes ( ) : boolean | Check whether attributes are available | |
hasTicket ( ) : boolean | This method tells if a Service Ticket was stored. | |
initializeProxiedService ( CAS_ProxiedService $proxiedService ) : void | Initialize a proxied-service handler with the proxy-ticket it should use. | |
isAuthenticated ( boolean $renew = false ) : true | This method is called to check if the user is authenticated (previously or by tickets given in the URL). | |
isProxy ( ) : true | Tells if a CAS client is a CAS proxy or not | |
isSessionAuthenticated ( ) : true | This method tells if the current session is authenticated. | |
logout ( array $params ) : void | This method is used to logout from CAS. | |
markAuthenticationCall ( boolean $auth ) : null | Mark the caller of authentication. This will help client integraters determine problems with their code flow if they call a function such as getUser() before authentication has occurred. | |
printHTMLFooter ( ) : void | This method prints the footer of the HTML output (after filtering). If CAS_Client::setHTMLFooter() was not used, a default footer is output. | |
printHTMLHeader ( string $title ) : void | This method prints the header of the HTML output (after filtering). If CAS_Client::setHTMLHeader() was not used, a default header is output. | |
redirectToCas ( boolean $gateway = false, boolean $renew = false ) : void | This method is used to redirect the client to the CAS server. | |
renewAuthentication ( ) : true | This method is called to renew the authentication of the user If the user is authenticated, renew the connection If not, redirect to CAS | |
retrievePT ( string $target_service, &$err_code, &$err_msg ) : a | This method is used to retrieve PT's from the CAS server thanks to a PGT. | |
serviceMail ( string $url, string $serviceUrl, string $flags, &$err_code, &$err_msg, &$pt ) : object | This method is used to access an IMAP/POP3/NNTP service. | |
serviceWeb ( string $url, &$err_code, &$output ) : true | This method is used to access an HTTP[S] service. | |
setAttributes ( array $attributes ) : void | Set an array of attributes | |
setBaseURL ( string $url ) : string | This method sets the base URL of the CAS server. | |
setCacheTimesForAuthRecheck ( integer $n ) : void | Set the number of times authentication will be cached before rechecked. | |
setCallbackURL ( string $url ) : void | This method sets the callback url. | |
setCasAttributeParserCallback ( string $function, array $additionalArgs = [] ) : void | Set a callback function to be run when parsing CAS attributes | |
setCasServerCACert ( string $cert, boolean $validate_cn ) : void | Set the CA certificate of the CAS server. | |
setExtraCurlOption ( string $key, string $value ) : void | This method is used to set additional user curl options. | |
setHTMLFooter ( string $footer ) : void | This method set the HTML footer used for all outputs. | |
setHTMLHeader ( string $header ) : void | This method set the HTML header used for all outputs. | |
setLang ( string $lang ) : void | This method is used to set the language used by phpCAS. | |
setNoCasServerValidation ( ) : void | Set no SSL validation for the CAS server. | |
setNoClearTicketsFromUrl ( ) : void | Configure the client to not send redirect headers and call exit() on authentication success. The normal redirect is used to remove the service ticket from the client's URL, but for running unit tests we need to continue without exiting. | |
setPGTStorage ( CAS_PGTStorage_AbstractStorage $storage ) : void | This method can be used to set a custom PGT storage object. | |
setPGTStorageDb ( string $dsn_or_pdo, string $username = '', string $password = '', string $table = '', string $driver_options = null ) : void | This method is used to tell phpCAS to store the response of the CAS server to PGT requests in a database. | |
setPGTStorageFile ( string $path = '' ) : void | This method is used to tell phpCAS to store the response of the CAS server to PGT requests onto the filesystem. | |
setPostAuthenticateCallback ( string $function, array $additionalArgs = [] ) : void | Set a callback function to be run when a user authenticates. | |
setRequestImplementation ( string $className ) : void | Override the default implementation used to make web requests in readUrl(). | |
setServerLoginURL ( string $url ) : string | This method sets the login URL of the CAS server. | |
setServerLogoutURL ( string $url ) : string | This method sets the logout URL of the CAS server. | |
setServerProxyValidateURL ( string $url ) : string | This method sets the proxyValidate URL of the CAS server. | |
setServerSamlValidateURL ( string $url ) : string | This method sets the samlValidate URL of the CAS server. | |
setServerServiceValidateURL ( string $url ) : string | This method sets the serviceValidate URL of the CAS server. | |
setSingleSignoutCallback ( string $function, array $additionalArgs = [] ) : void | Set a callback function to be run when a single-signout request is received. | |
setTicket ( string $st ) : void | This method stores the Service Ticket. | |
setURL ( string $url ) : void | This method sets the URL of the current request | |
validateCAS10 ( &$validate_url, &$text_response, &$tree_response, boolean $renew = false ) : boolean | This method is used to validate a CAS 1,0 ticket; halt on failure, and sets $validate_url, $text_reponse and $tree_response on success. | |
validateCAS20 ( &$validate_url, &$text_response, &$tree_response, boolean $renew = false ) : boolean | This method is used to validate a cas 2.0 ST or PT; halt on failure Used for all CAS 2.0 validations | |
validateSA ( &$validate_url, &$text_response, &$tree_response, boolean $renew = false ) : boolean | This method is used to validate a SAML TICKET; halt on failure, and sets $validate_url, $text_reponse and $tree_response on success. These parameters are used later by CAS_Client::_validatePGT() for CAS proxies. | |
wasAuthenticationCallSuccessful ( ) : boolean | Answer the result of the authentication call. | |
wasAuthenticationCalled ( ) : boolean | Answer true if authentication has been checked. |
Method | Description | |
---|---|---|
_addAttributeToArray ( array &$attributeArray, string $name, string $value ) : void | Add an attribute value to an array of attributes. | |
_authError ( string $failure, string $cas_url, boolean $no_response, boolean $bad_response = '', string $cas_response = '', integer $err_code = '', string $err_msg = '' ) : void | This method is used to print the HTML output when the user was not authenticated. | |
_buildQueryUrl ( string $url, string $query ) : url | This method is used to append query parameters to an url. Since the url might already contain parameter it has to be detected and to build a proper URL | |
_buildSAMLPayload ( ) : the | This method is used to build the SAML POST body sent to /samlValidate URL. | |
_callback ( ) : void | This method is called by CAS_Client::CAS_Client() when running in callback mode. It stores the PGT and its PGT Iou, prints its output and halts. | |
_ensureAuthenticationCalled ( ) : void | Ensure that authentication was checked. Terminate with exception if no authentication was performed | |
_getCallbackURL ( ) : The | This method returns the URL that should be used for the PGT callback (in fact the URL of the current request without any CGI parameter, except if phpCAS::setFixedCallbackURL() was used). | |
_getClientUrl ( ) : string | Try to figure out the phpCas client URL with possible Proxys / Ports etc. | |
_getNodeType ( String $nodeURL ) : string | Determine the node type from the URL. | |
_getPGT ( ) : string | This method returns the Proxy Granting Ticket given by the CAS server. | |
_getServerBaseURL ( ) : string | This method is used to retrieve the base URL of the CAS server. | |
_getServerHostname ( ) : string | This method is used to retrieve the hostname of the CAS server. | |
_getServerPort ( ) : string | This method is used to retrieve the port of the CAS server. | |
_getServerURI ( ) : string | This method is used to retrieve the URI of the CAS server. | |
_getUser ( ) : string | This method returns the CAS user's login name. | |
_hasAttribute ( string $key ) : boolean | Check whether a specific attribute with a name is available | |
_hasPGT ( ) : true | This method tells if a Proxy Granting Ticket was stored. | |
_htmlFilterOutput ( string $str ) : void | This method filters a string by replacing special tokens by appropriate values and prints it. The corresponding tokens are taken into account: - __CAS_VERSION__ - __PHPCAS_VERSION__ - __SERVER_BASE_URL__ | |
_initPGTStorage ( ) : void | This method is used to initialize the storage of PGT's. | |
_isCallbackMode ( ) : A | This method returns true when the CAs client is running i callback mode, false otherwise. | |
_isHttps ( ) : boolean | This method checks to see if the request is secured via HTTPS | |
_isLogoutRequest ( ) : boolean | Check of the current request is a logout request | |
_loadPGT ( string $pgt_iou ) : mul | This method reads a PGT from its Iou and deletes the corresponding storage entry. | |
_readExtraAttributesCas20 ( string $success_elements ) : boolean | This method will parse the DOM and pull out the attributes from the XML payload and put them into an array, then put the array into the session. | |
_readURL ( string $url, &$headers, &$body, &$err_msg ) : true | This method is used to acces a remote URL. | |
_rebroadcast ( integer $type ) : void | This method rebroadcasts logout/pgtIou requests. Can be LOGOUT,PGTIOU | |
_removeParameterFromQueryString ( string $parameterName, string $queryString ) : string | Removes a parameter from a query string | |
_renameSession ( string $ticket ) : void | Renaming the session | |
_setCallbackMode ( boolean $callback_mode ) : void | This method sets/unsets callback mode. | |
_setChangeSessionID ( boolean $allowed ) : void | Set a parameter whether to allow phpCas to change session_id | |
_setPGT ( string $pgt ) : void | This method stores the Proxy Granting Ticket. | |
_setProxies ( array $proxies ) : void | Set the Proxy array, probably from persistant storage. | |
_setSessionAttributes ( string $text_response ) : boolean | This method will parse the DOM and pull out the attributes from the SAML payload and put them into an array, then put the array into the session. | |
_setUser ( string $user ) : void | This method sets the CAS user's login name. | |
_storePGT ( string $pgt, string $pgt_iou ) : void | This method stores a PGT. Halts on error. | |
_validatePGT ( &$validate_url, string $text_response, string $tree_response ) : boolean | This method is used to validate a PGT; halt on failure. | |
_wasPreviouslyAuthenticated ( ) : true | This method tells if the user has already been (previously) authenticated by looking into the session variables. |
public __construct ( string $server_version, boolean $proxy, string $server_hostname, integer $server_port, string $server_uri, boolean $changeSessionID = true ) : a | ||
$server_version | string | the version of the CAS server |
$proxy | boolean | true if the CAS client is a CAS proxy |
$server_hostname | string | the hostname of the CAS server |
$server_port | integer | the port the CAS server is running on |
$server_uri | string | the URI the CAS server is responding on |
$changeSessionID | boolean | Allow phpCAS to change the session_id (Single Sign Out/handleLogoutRequests is based on that change) |
return | a | newly created CAS_Client object |
public addRebroadcastHeader ( string $header ) : void | ||
$header | string | Header to send when rebroadcasting. |
return | void |
public addRebroadcastNode ( string $rebroadcastNodeUrl ) : void | ||
$rebroadcastNodeUrl | string | The rebroadcast node URL. |
return | void |
public checkAuthentication ( ) : true | ||
return | true | when the user is authenticated, false when a previous gateway login failed or the function will not return if the user is redirected to the cas server for a gateway login attempt |
public ensureAuthenticationCallSuccessful ( ) : void | ||
return | void |
public ensureIsProxy ( ) : void | ||
return | void |
public forceAuthentication ( ) : true | ||
return | true | when the user is authenticated; otherwise halt. |
public getAllowedProxyChains ( ) : CAS_ProxyChain_AllowedList | ||
return | CAS_ProxyChain_AllowedList |
public getAttribute ( string $key ) : string | ||
$key | string | name of attribute |
return | string | attribute values |
public getAttributes ( ) : arry | ||
return | arry | of attributes |
public getAuthenticationCallerFile ( ) : array | ||
return | array | Keys are 'file', 'line', and 'method' |
public getAuthenticationCallerLine ( ) : array | ||
return | array | Keys are 'file', 'line', and 'method' |
public getAuthenticationCallerMethod ( ) : array | ||
return | array | Keys are 'file', 'line', and 'method' |
public getChangeSessionID ( ) : boolean | ||
return | boolean |
public getLangObj ( ) : CAS_Languages_LanguageInterface | ||
return | CAS_Languages_LanguageInterface | object implementing the class |
public getProxiedService ( string $type ) : CAS_ProxiedService | ||
$type | string | The service type. One of: PHPCAS_PROXIED_SERVICE_HTTP_GET, PHPCAS_PROXIED_SERVICE_HTTP_POST, PHPCAS_PROXIED_SERVICE_IMAP |
return | CAS_ProxiedService |
public getProxies ( ) : array | ||
return | array |
public getServerLoginURL ( boolean $gateway = false, boolean $renew = false ) : a | ||
$gateway | boolean | true to check authentication, false to force it |
$renew | boolean | true to force the authentication with the CAS server |
return | a | URL. |
public getServerLogoutURL ( ) : string | ||
return | string | logout URL. |
public getServerProxyURL ( ) : string | ||
return | string | proxy URL. |
public getServerProxyValidateURL ( ) : string | ||
return | string | proxyValidate URL. |
public getServerSamlValidateURL ( ) : string | ||
return | string | samlValidate URL. |
public getServerServiceValidateURL ( ) : string | ||
return | string | serviceValidate URL. |
public getServerVersion ( ) : string | ||
return | string | the version of the CAS server. |
public getURL ( ) : The | ||
return | The | URL |
public handleLogoutRequests ( boolean $check_client = true, boolean $allowed_clients = false ) : void | ||
$check_client | boolean | true to check the client bofore handling the request, false not to perform any access control. True by default. |
$allowed_clients | boolean | an array of host names allowed to send logout requests. |
return | void |
public hasAttribute ( string $key ) : boolean | ||
$key | string | name of attribute |
return | boolean | is attribute available |
public hasAttributes ( ) : boolean | ||
return | boolean | attributes available |
public initializeProxiedService ( CAS_ProxiedService $proxiedService ) : void | ||
$proxiedService | CAS_ProxiedService | service handler |
return | void |
public isAuthenticated ( boolean $renew = false ) : true | ||
$renew | boolean | true to force the authentication with the CAS server |
return | true | when the user is authenticated. Also may redirect to the same URL without the ticket. |
public isProxy ( ) : true | ||
return | true | when the CAS client is a CAs proxy, false otherwise |
public isSessionAuthenticated ( ) : true | ||
return | true | if authenticated based soley on $_SESSION variable |
public markAuthenticationCall ( boolean $auth ) : null | ||
$auth | boolean | True if authentication was successful, false otherwise. |
return | null |
public printHTMLHeader ( string $title ) : void | ||
$title | string | the title of the page |
return | void |
public renewAuthentication ( ) : true | ||
return | true | when the user is authenticated; otherwise halt. |
public retrievePT ( string $target_service, &$err_code, &$err_msg ) : a | ||
$target_service | string | the service to ask for with the PT. |
return | a | Proxy Ticket, or false on error. |
public serviceMail ( string $url, string $serviceUrl, string $flags, &$err_code, &$err_msg, &$pt ) : object | ||
$url | string | a string giving the URL of the service, including the mailing box for IMAP URLs, as accepted by imap_open(). |
$serviceUrl | string | a string giving for CAS retrieve Proxy ticket |
$flags | string | options given to imap_open(). |
return | object | an IMAP stream on success, false otherwise (in this later case, $err_code gives the reason why it failed and $err_msg contains an error message). |
public serviceWeb ( string $url, &$err_code, &$output ) : true | ||
$url | string | the service to access. |
return | true | on success, false otherwise (in this later case, $err_code gives the reason why it failed and $output contains an error message). |
public setAttributes ( array $attributes ) : void | ||
$attributes | array | a key value array of attributes |
return | void |
public setBaseURL ( string $url ) : string | ||
$url | string | the base URL |
return | string | base url |
public setCacheTimesForAuthRecheck ( integer $n ) : void | ||
$n | integer | number of times to wait for a recheck |
return | void |
public setCallbackURL ( string $url ) : void | ||
$url | string | url to set callback |
return | void |
public setHTMLHeader ( string $header ) : void | ||
$header | string | the HTML header. |
return | void |
public setNoCasServerValidation ( ) : void | ||
return | void |
public setNoClearTicketsFromUrl ( ) : void | ||
return | void |
public setPGTStorage ( CAS_PGTStorage_AbstractStorage $storage ) : void | ||
$storage | CAS_PGTStorage_AbstractStorage | a PGT storage object that inherits from the CAS_PGTStorage_AbstractStorage class |
return | void |
public setPGTStorageDb ( string $dsn_or_pdo, string $username = '', string $password = '', string $table = '', string $driver_options = null ) : void | ||
$dsn_or_pdo | string | a dsn string to use for creating a PDO object or a PDO object |
$username | string | the username to use when connecting to the database |
$password | string | the password to use when connecting to the database |
$table | string | the table to use for storing and retrieving PGTs |
$driver_options | string | any driver options to use when connecting to the database |
return | void |
public setPGTStorageFile ( string $path = '' ) : void | ||
$path | string | the path where the PGT's should be stored |
return | void |
public setRequestImplementation ( string $className ) : void | ||
$className | string | name of the RequestImplementation class |
return | void |
public setServerLoginURL ( string $url ) : string | ||
$url | string | the login URL |
return | string | login url |
public setServerLogoutURL ( string $url ) : string | ||
$url | string | the logout URL |
return | string | logout url |
public setServerProxyValidateURL ( string $url ) : string | ||
$url | string | the proxyValidate URL |
return | string | proxyValidate URL |
public setServerSamlValidateURL ( string $url ) : string | ||
$url | string | the samlValidate URL |
return | string | samlValidate URL |
public setServerServiceValidateURL ( string $url ) : string | ||
$url | string | the serviceValidate URL |
return | string | serviceValidate URL |
public validateCAS10 ( &$validate_url, &$text_response, &$tree_response, boolean $renew = false ) : boolean | ||
$renew | boolean | true to force the authentication with the CAS server |
return | boolean | true when successfull and issue a CAS_AuthenticationException and false on an error |
public validateCAS20 ( &$validate_url, &$text_response, &$tree_response, boolean $renew = false ) : boolean | ||
$renew | boolean | true to force the authentication with the CAS server |
return | boolean | true when successfull and issue a CAS_AuthenticationException and false on an error |
public validateSA ( &$validate_url, &$text_response, &$tree_response, boolean $renew = false ) : boolean | ||
$renew | boolean | true to force the authentication with the CAS server |
return | boolean | true when successfull and issue a CAS_AuthenticationException and false on an error |
public wasAuthenticationCallSuccessful ( ) : boolean | ||
return | boolean |
public wasAuthenticationCalled ( ) : boolean | ||
return | boolean |