SimpleCAS dir for cas_auth_unl

plugins/cas_auth_unl/SimpleCAS/Autoload.php

+<?php
+function SimpleCAS_Autoload($class)
+{
+    if (substr($class, 0, 9) !== 'SimpleCAS') {
+        return false;
+    }
+    $fp = @fopen(str_replace('_', '/', $class) . '.php', 'r', true);
+    if ($fp) {
+        fclose($fp);
+        require str_replace('_', '/', $class) . '.php';
+        if (!class_exists($class, false) && !interface_exists($class, false)) {
+            die(new Exception('Class ' . $class . ' was not present in ' .
+                str_replace('_', '/', $class) . '.php (include_path="' . get_include_path() .
+                '") [SimpleCAS_Autoload version 0.1.0]'));
+        }
+        return true;
+    }
+    $e = new Exception('Class ' . $class . ' could not be loaded from ' .
+        str_replace('_', '/', $class) . '.php, file does not exist (include_path="' . get_include_path() .
+        '") [SimpleCAS_Autoload version 0.1.0]');
+    $trace = $e->getTrace();
+    if (isset($trace[2]) && isset($trace[2]['function']) &&
+          in_array($trace[2]['function'], array('class_exists', 'interface_exists'))) {
+        return false;
+    }
+    if (isset($trace[1]) && isset($trace[1]['function']) &&
+          in_array($trace[1]['function'], array('class_exists', 'interface_exists'))) {
+        return false;
+    }
+    die ((string) $e);
+}
+
+// set up __autoload
+if (function_exists('spl_autoload_register')) {
+    if (!($_____t = spl_autoload_functions()) || !in_array('SimpleCAS_Autoload', spl_autoload_functions())) {
+        spl_autoload_register('SimpleCAS_Autoload');
+        if (function_exists('__autoload') && ($_____t === false)) {
+            // __autoload() was being used, but now would be ignored, add
+            // it to the autoload stack
+            spl_autoload_register('__autoload');
+        }
+    }
+    unset($_____t);
+} elseif (!function_exists('__autoload')) {
+    function __autoload($class) { return SimpleCAS_Autoload($class); }
+}
+
+// set up include_path if it doesn't register our current location
+$____paths = explode(PATH_SEPARATOR, get_include_path());
+$____found = false;
+foreach ($____paths as $____path) {
+    if ($____path == dirname(dirname(__FILE__))) {
+        $____found = true;
+        break;
+    }
+}
+if (!$____found) {
+    set_include_path(get_include_path() . PATH_SEPARATOR . dirname(dirname(__FILE__)));
+}
+unset($____paths);
+unset($____path);
+unset($____found);

plugins/cas_auth_unl/SimpleCAS/Protocol.php

+<?php
+/**
+ * Interface all CAS servers must implement.
+ * 
+ * Each concrete class which implements this server interface must provide
+ * all the following functions.
+ * 
+ * PHP version 5
+ * 
+ * @category  Authentication 
+ * @package   SimpleCAS
+ * @author    Brett Bieber <brett.bieber@gmail.com>
+ * @copyright 2008 Regents of the University of Nebraska
+ * @license   http://www1.unl.edu/wdn/wiki/Software_License BSD License
+ * @link      http://code.google.com/p/simplecas/
+ */
+abstract class SimpleCAS_Protocol
+{
+    const DEFAULT_REQUEST_CLASS = 'HTTP_Request2';
+    
+    protected $requestClass;
+    protected $request;
+    
+    /**
+     * Returns the login URL for the cas server.
+     *
+     * @param string $service The URL to the service requesting authentication.
+     * 
+     * @return string
+     */
+    abstract function getLoginURL($service);
+    
+    /**
+     * Returns the logout url for the CAS server.
+     *
+     * @param string $service A URL to provide the user upon logout.
+     * 
+     * @return string
+     */
+    abstract function getLogoutURL($service = null);
+    
+    /**
+     * Returns the version of this cas server.
+     * 
+     * @return string
+     */
+    abstract function getVersion();
+    
+    /**
+     * Function to validate a ticket and service combination.
+     *
+     * @param string $ticket  Ticket given by the CAS Server
+     * @param string $service Service requesting authentication
+     * 
+     * @return false|string False on failure, user name on success.
+     */
+    abstract function validateTicket($ticket, $service);
+    
+    /**
+     * Get the HTTP_Request2 object.
+     *
+     * @return HTTP_Request
+     */
+    function getRequest()
+    {
+        $class = empty($this->requestClass) ? self::DEFAULT_REQUEST_CLASS : $this->requestClass;
+        if (!$this->request instanceof $class) {
+            $this->request = new $class();
+        }
+        return $this->request; 
+    }
+    
+    /**
+     * Set the HTTP Request object.
+     *
+     * @param $request
+     */
+    function setRequest($request)
+    {
+        $this->request = $request;
+    }
+}
+?>
\ No newline at end of file

plugins/cas_auth_unl/SimpleCAS/Protocol/Version1.php

+<?php
+/**
+ * Class representing a CAS server which supports the CAS1 protocol.
+ * 
+ * PHP version 5
+ * 
+ * @category  Authentication 
+ * @package   SimpleCAS
+ * @author    Brett Bieber <brett.bieber@gmail.com>
+ * @copyright 2008 Regents of the University of Nebraska
+ * @license   http://www1.unl.edu/wdn/wiki/Software_License BSD License
+ * @link      http://code.google.com/p/simplecas/
+ */
+class SimpleCAS_Protocol_Version1 extends SimpleCAS_Protocol
+{
+    const VERSION = '1.0';
+    
+    protected $request;
+    
+    /**
+     * Construct a new SimpleCAS server object.
+     *
+     *  <code>
+     *  $options = array('hostname' => 'login.unl.edu',
+     *                   'port'     => 443,
+     *                   'uri'      => 'cas');
+     *  $protocol = new SimpleCAS_Protocol_Version1($options);
+     *  </code>
+     *
+     * @param array()
+     */
+    function __construct($options)
+    {
+        foreach ($options as $option=>$val) {
+            $this->$option = $val;
+        }
+    }
+    
+    /**
+     * Returns the URL used to validate a ticket.
+     *
+     * @param string $ticket  Ticket to validate
+     * @param string $service URL to the service requesting authentication
+     * 
+     * @return string
+     */
+    function getValidationURL($ticket, $service)
+    {
+        return 'https://' . $this->hostname . '/'
+                          . $this->uri . '/validate?'
+                          . 'service=' . urlencode($service)
+                          . '&ticket=' . $ticket;
+    }
+    
+    /**
+     * Returns the URL to login form for the CAS server.
+     *
+     * @param string $service Service url requesting authentication.
+     * 
+     * @return string
+     */
+    function getLoginURL($service)
+    {
+        return 'https://' . $this->hostname
+                          . '/'.$this->uri
+                          . '/login?service='
+                          . urlencode($service);
+    }
+    
+    /**
+     * Returns the URL to logout of the CAS server.
+     *
+     * @param string $service Service url provided to the user.
+     * 
+     * @return string
+     */
+    function getLogoutURL($service = '')
+    {
+        if (isset($service)) {
+            $service = '?url='.urlencode($service);
+        }
+        
+        return 'https://' . $this->hostname
+                          . '/'.$this->uri
+                          . '/logout'
+                          . $service;
+    }
+    
+    /**
+     * Function to validate a ticket and service combination.
+     *
+     * @param string $ticket  Ticket given by the CAS Server
+     * @param string $service Service requesting authentication
+     * 
+     * @return false|string False on failure, user name on success.
+     */
+    function validateTicket($ticket, $service)
+    {
+        $validation_url = $this->getValidationURL($ticket, $service);
+        
+        $http_request = clone $this->getRequest();
+        
+        $defaultClass = SimpleCAS_Protocol::DEFAULT_REQUEST_CLASS;
+        if ($http_request instanceof $defaultClass) {
+            $http_request->setURL($validation_url);
+            
+            $response = $http_request->send();
+        } else {
+            $http_request->setUri($validation_url);
+            
+            $response = $http_request->request();
+        }
+        
+        
+        if ($response->getStatus() == 200
+            && substr($response->getBody(), 0, 3) == 'yes') {
+            list($message, $uid) = explode("\n", $response->getBody());
+            return $uid;
+        }
+        return false;
+    }
+    
+    /**
+     * Returns the CAS server protocol this object implements.
+     *
+     * @return string
+     */
+    function getVersion()
+    {
+        return self::VERSION;
+    }
+}
+?>
\ No newline at end of file

plugins/cas_auth_unl/SimpleCAS/Protocol/Version2.php

+<?php
+/**
+ * Class representing a CAS server which supports the CAS2 protocol.
+ *
+ * PHP version 5
+ *
+ * @category  Authentication
+ * @package   SimpleCAS
+ * @author    Brett Bieber <brett.bieber@gmail.com>
+ * @copyright 2008 Regents of the University of Nebraska
+ * @license   http://www1.unl.edu/wdn/wiki/Software_License BSD License
+ * @link      http://code.google.com/p/simplecas/
+ */
+class SimpleCAS_Protocol_Version2 extends SimpleCAS_Protocol_Version1 implements SimpleCAS_SingleSignOut, SimpleCAS_ProxyGranting
+{
+    const VERSION = '2.0';
+    
+    /**
+     * Returns the URL used to validate a ticket.
+     *
+     * @param string $ticket  Ticket to validate
+     * @param string $service URL to the service requesting authentication
+     *
+     * @return string
+     */
+    function getValidationURL($ticket, $service, $pgtUrl = null)
+    {
+        return 'https://' . $this->hostname . '/'
+                          . $this->uri . '/serviceValidate?'
+                          . 'service=' . urlencode($service)
+                          . '&ticket=' . $ticket
+                          . '&pgtUrl=' . urlencode($pgtUrl);
+    }
+    
+    /**
+     * Function to validate a ticket and service combination.
+     *
+     * @param string $ticket  Ticket given by the CAS Server
+     * @param string $service Service requesting authentication
+     *
+     * @return false|string False on failure, user name on success.
+     */
+    function validateTicket($ticket, $service)
+    {
+        $validation_url = $this->getValidationURL($ticket, $service);
+        
+        $http_request = clone $this->getRequest();
+        
+        $defaultClass = SimpleCAS_Protocol::DEFAULT_REQUEST_CLASS;
+        if ($http_request instanceof $defaultClass) {
+            $http_request->setURL($validation_url);
+            
+            $response = $http_request->send();
+        } else {
+            $http_request->setUri($validation_url);
+            
+            $response = $http_request->request();
+        }
+        
+        if ($response->getStatus() == 200) {
+            $validationResponse = new SimpleCAS_Protocol_Version2_ValidationResponse($response->getBody());
+            if ($validationResponse->authenticationSuccess()) {
+                return $validationResponse->__toString();
+            }
+        }
+        return false;
+    }
+    
+    /**
+     * Validates a single sign out logout request.
+     *
+     * @param mixed $post $_POST data
+     *
+     * @return bool
+     */
+    function validateLogoutRequest($post)
+    {
+        if (false) {
+            return $ticket;
+        }
+        return false;
+    }
+    
+    function getProxyTicket()
+    {
+        throw new Exception('not implemented');
+    }
+    
+    function validateProxyTicket($ticket)
+    {
+        throw new Exception('not implemented');
+    }
+}
+?>
\ No newline at end of file

plugins/cas_auth_unl/SimpleCAS/Protocol/Version2/ValidationResponse.php

+<?php
+class SimpleCAS_Protocol_Version2_ValidationResponse
+{
+    protected $authenticationSuccess = false;
+    protected $user    = false;
+    protected $pgtiou  = false;
+    protected $proxies = array();
+
+    /**
+     * Construct a validation repsonse object from the CAS server's response.
+     * 
+     * @param string $response
+     */
+    function __construct($response)
+    {
+        $xml = new DOMDocument();
+        if ($xml->loadXML($response)) {
+            if ($success = $xml->getElementsByTagName('authenticationSuccess')) {
+                if ($success->length > 0
+                    && $uid = $success->item(0)->getElementsByTagName('user')) {
+                    // We have the user name, check for PGTIOU
+                    if ($iou = $success->item(0)->getElementsByTagName('proxyGrantingTicket')) {
+                        if ($iou->length) {
+                            $this->pgtiou = $iou->item(0)->nodeValue;
+                        }
+                    }
+                    $this->authenticationSuccess = true;
+                    $this->user = $uid->item(0)->nodeValue;
+                }
+            }
+        }
+    }
+    
+    function authenticationSuccess()
+    {
+        return $this->authenticationSuccess;
+    }
+    
+    function getPGTIOU()
+    {
+        return $this->pgtiou;
+    }
+    
+    function getUser()
+    {
+        return $this->userid;
+    }
+
+    function __toString()
+    {
+        if ($this->authenticationSuccess()) {
+            return $this->user;
+        }
+        throw new Exception('Validation was not successful');
+    }
+    
+    function logout()
+    {
+        
+    }
+}
+?>
\ No newline at end of file

plugins/cas_auth_unl/SimpleCAS/ProxyGranting.php

+<?php
+/**
+ * Interface for servers that implement proxy granting tickets.
+ *
+ * PHP version 5
+ *
+ * @category  Authentication
+ * @package   SimpleCAS
+ * @author    Brett Bieber <brett.bieber@gmail.com>
+ * @copyright 2008 Regents of the University of Nebraska
+ * @license   http://www1.unl.edu/wdn/wiki/Software_License BSD License
+ * @link      http://code.google.com/p/simplecas/
+ */
+interface SimpleCAS_ProxyGranting
+{
+    
+    /**
+     * get a proxy ticket
+     *
+     * @return string
+     */
+    function getProxyTicket();
+    
+    /**
+     * try and validate a proxy ticket
+     *
+     * @param unknown_type $ticket
+     */
+    function validateProxyTicket($ticket);
+}
+?>
\ No newline at end of file

plugins/cas_auth_unl/SimpleCAS/ProxyGranting/Storage.php

+<?php
+interface SimpleCAS_ProxyGranting_Storage
+{
+    function saveIOU($iou);
+    function getProxyGrantingTicket($iou);
+}
+?>
\ No newline at end of file

plugins/cas_auth_unl/SimpleCAS/ProxyGranting/Storage/File.php

+<?php
+class SimpleCAS_ProxyGranting_Storage_File implements SimpleCAS_ProxyGranting_Storage
+{
+    function saveIOU($iou)
+    {
+        throw new Exception('not implemented');
+    }
+    
+    function getProxyGrantingTicket($iou)
+    {
+        throw new Exception('not implemented');
+    }
+}
+?>
\ No newline at end of file

plugins/cas_auth_unl/SimpleCAS/SingleSignOut.php

+<?php
+/**
+ * Interface for servers that implement single sign out.
+ * 
+ * PHP version 5
+ * 
+ * @category  Authentication 
+ * @package   SimpleCAS
+ * @author    Brett Bieber <brett.bieber@gmail.com>
+ * @copyright 2008 Regents of the University of Nebraska
+ * @license   http://www1.unl.edu/wdn/wiki/Software_License BSD License
+ * @link      http://code.google.com/p/simplecas/
+ */
+interface SimpleCAS_SingleSignOut
+{
+    /**
+     * Determines if the posted request is a valid single sign out request.
+     *
+     * @param mixed $post $_POST data sent to the service.
+     * 
+     * @return bool
+     */
+    function validateLogoutRequest($post);
+}
\ No newline at end of file