phpCAS  version 1.4.0
Static Public Member Functions | Static Private Member Functions | Static Private Attributes | List of all members
phpCAS Class Reference

Static Public Member Functions

static client ($server_version, $server_hostname, $server_port, $server_uri, $changeSessionID=true, \SessionHandlerInterface $sessionHandler=null)
 
static proxy ($server_version, $server_hostname, $server_port, $server_uri, $changeSessionID=true, \SessionHandlerInterface $sessionHandler=null)
 
static isInitialized ()
 
static setLogger ($logger=null)
 
static setDebug ($filename='')
 
static setVerbose ($verbose)
 
static getVerbose ()
 
static log ($str)
 
static error ($msg)
 
static trace ($str)
 
static traceBegin ()
 
static traceEnd ($res='')
 
static traceExit ()
 
static setLang ($lang)
 
static getVersion ()
 
static getSupportedProtocols ()
 
static setHTMLHeader ($header)
 
static setHTMLFooter ($footer)
 
static setPGTStorage ($storage)
 
static setPGTStorageDb ($dsn_or_pdo, $username='', $password='', $table='', $driver_options=null)
 
static setPGTStorageFile ($path='')
 
static getProxiedService ($type)
 
static initializeProxiedService (CAS_ProxiedService $proxiedService)
 
static serviceWeb ($url, & $err_code, & $output)
 
static serviceMail ($url, $service, $flags, & $err_code, & $err_msg, & $pt)
 
static setCacheTimesForAuthRecheck ($n)
 
static setCasAttributeParserCallback ($function, array $additionalArgs=array())
 
static setPostAuthenticateCallback ($function, array $additionalArgs=array())
 
static setSingleSignoutCallback ($function, array $additionalArgs=array())
 
static checkAuthentication ()
 
static forceAuthentication ()
 
static renewAuthentication ()
 
static isAuthenticated ()
 
static isSessionAuthenticated ()
 
static getUser ()
 
static getAttributes ()
 
static hasAttributes ()
 
static hasAttribute ($key)
 
static getAttribute ($key)
 
static handleLogoutRequests ($check_client=true, $allowed_clients=array())
 
static getServerLoginURL ()
 
static setServerLoginURL ($url='')
 
static setServerServiceValidateURL ($url='')
 
static setServerProxyValidateURL ($url='')
 
static setServerSamlValidateURL ($url='')
 
static getServerLogoutURL ()
 
static setServerLogoutURL ($url='')
 
static logout ($params="")
 
static logoutWithRedirectService ($service)
 
static logoutWithUrl ($url)
 
static logoutWithRedirectServiceAndUrl ($service, $url)
 
static setFixedCallbackURL ($url='')
 
static setFixedServiceURL ($url)
 
static getServiceURL ()
 
static retrievePT ($target_service, & $err_code, & $err_msg)
 
static setCasServerCACert ($cert, $validate_cn=true)
 
static setNoCasServerValidation ()
 
static setNoClearTicketsFromUrl ()
 
static setExtraCurlOption ($key, $value)
 
static setSessionIdSalt ($salt)
 
static allowProxyChain (CAS_ProxyChain_Interface $proxy_chain)
 
static getProxies ()
 
static addRebroadcastNode ($rebroadcastNodeUrl)
 
static addRebroadcastHeader ($header)
 
static getCasClient ()
 
static setCasClient (\CAS_Client $client)
 

Static Private Member Functions

static _validateClientExists ()
 
static _validateProxyExists ()
 

Static Private Attributes

static $_PHPCAS_CLIENT
 
static $_PHPCAS_INIT_CALL
 
static $_PHPCAS_DEBUG
 
static $_PHPCAS_VERBOSE
 

Detailed Description

The phpCAS class is a simple container for the phpCAS library. It provides CAS authentication for web applications written in PHP.

Examples:
example_custom_urls.php, example_gateway.php, example_html.php, example_lang.php, example_logout.php, example_pgt_storage_db.php, example_pgt_storage_file.php, example_proxy_GET.php, example_proxy_POST.php, example_proxy_serviceWeb.php, example_proxy_serviceWeb_chaining.php, example_service_that_proxies.php, and example_simple.php.

Definition at line 281 of file CAS.php.

Member Function Documentation

◆ _validateClientExists()

static phpCAS::_validateClientExists ( )
staticprivate

◆ _validateProxyExists()

static phpCAS::_validateProxyExists ( )
staticprivate

◆ addRebroadcastHeader()

static phpCAS::addRebroadcastHeader (   $header)
static

This method is used to add header parameters when rebroadcasting pgtIou/pgtId or logoutRequest.

Parameters
String$headerHeader to send when rebroadcasting.
Returns
void

Definition at line 1860 of file CAS.php.

References _validateClientExists(), error(), traceBegin(), and traceEnd().

◆ addRebroadcastNode()

static phpCAS::addRebroadcastNode (   $rebroadcastNodeUrl)
static

Add a pgtIou/pgtId and logoutRequest rebroadcast node.

Parameters
string$rebroadcastNodeUrlThe rebroadcast node URL. Can be hostname or IP.
Returns
void

Definition at line 1837 of file CAS.php.

References _validateClientExists(), error(), log(), traceBegin(), and traceEnd().

◆ allowProxyChain()

static phpCAS::allowProxyChain ( CAS_ProxyChain_Interface  $proxy_chain)
static

If you want your service to be proxied you have to enable it (default disabled) and define an accepable list of proxies that are allowed to proxy your service.

Add each allowed proxy definition object. For the normal CAS_ProxyChain class, the constructor takes an array of proxies to match. The list is in reverse just as seen from the service. Proxies have to be defined in reverse from the service to the user. If a user hits service A and gets proxied via B to service C the list of acceptable on C would be array(B,A). The definition of an individual proxy can be either a string or a regexp (preg_match is used) that will be matched against the proxy list supplied by the cas server when validating the proxy tickets. The strings are compared starting from the beginning and must fully match with the proxies in the list. Example: phpCAS::allowProxyChain(new CAS_ProxyChain(array( 'https://app.example.com/' ))); phpCAS::allowProxyChain(new CAS_ProxyChain(array( '/^https:\/\/app[0-9].example.com\/rest\//', 'http://client.example.com/' )));

For quick testing or in certain production screnarios you might want to allow allow any other valid service to proxy your service. To do so, add the "Any" chain: phpCAS::allowProxyChain(new CAS_ProxyChain_Any); THIS SETTING IS HOWEVER NOT RECOMMENDED FOR PRODUCTION AND HAS SECURITY IMPLICATIONS: YOU ARE ALLOWING ANY SERVICE TO ACT ON BEHALF OF A USER ON THIS SERVICE.

Parameters
CAS_ProxyChain_Interface$proxy_chainA proxy-chain that will be matched against the proxies requesting access
Returns
void
Examples:
example_service.php, example_service_POST.php, and example_service_that_proxies.php.

Definition at line 1795 of file CAS.php.

References _validateClientExists(), CAS_VERSION_2_0, CAS_VERSION_3_0, error(), traceBegin(), and traceEnd().

◆ getCasClient()

static phpCAS::getCasClient ( )
static
Returns
CAS_Client

Definition at line 1905 of file CAS.php.

◆ getProxies()

static phpCAS::getProxies ( )
static

Answer an array of proxies that are sitting in front of this application. This method will only return a non-empty array if we have received and validated a Proxy Ticket.

Returns
array public
Since
6/25/09

Definition at line 1818 of file CAS.php.

References _validateProxyExists().

◆ setCasClient()

static phpCAS::setCasClient ( \CAS_Client  $client)
static

For testing purposes, use this method to set the client to a test double

Returns
void

Definition at line 1915 of file CAS.php.

References $client.

◆ setExtraCurlOption()

static phpCAS::setExtraCurlOption (   $key,
  $value 
)
static

Change CURL options. CURL is used to connect through HTTPS to CAS server

Parameters
string$keythe option key
string$valuethe value to set
Returns
void

Definition at line 1729 of file CAS.php.

References _validateClientExists(), traceBegin(), and traceEnd().

◆ setSessionIdSalt()

static phpCAS::setSessionIdSalt (   $salt)
static

Set a salt/seed for the session-id hash to make it harder to guess.

When $changeSessionID = true phpCAS will create a session-id that is derived from the service ticket. Doing so allows phpCAS to look-up and destroy the proper session on single-log-out requests. While the service tickets provided by the CAS server may include enough data to generate a strong hash, clients may provide an additional salt to ensure that session ids are not guessable if the session tickets do not have enough entropy.

Parameters
string$saltThe salt to combine with the session ticket.
Returns
void

Definition at line 1752 of file CAS.php.

References _validateClientExists(), traceBegin(), and traceEnd().

Member Data Documentation

◆ $_PHPCAS_CLIENT

phpCAS::$_PHPCAS_CLIENT
staticprivate

Definition at line 290 of file CAS.php.

◆ $_PHPCAS_DEBUG

phpCAS::$_PHPCAS_DEBUG
staticprivate

Definition at line 307 of file CAS.php.

◆ $_PHPCAS_INIT_CALL

phpCAS::$_PHPCAS_INIT_CALL
staticprivate

Definition at line 299 of file CAS.php.

◆ $_PHPCAS_VERBOSE

phpCAS::$_PHPCAS_VERBOSE
staticprivate

This variable is used to enable verbose mode This pevents debug info to be show to the user. Since it's a security feature the default is false

Definition at line 316 of file CAS.php.