Cas.php 6.2 KB
Newer Older
Bertrand Gauthier's avatar
Bertrand Gauthier committed
1
2
3
<?php
namespace UnicaenAuth\Authentication\Adapter;

4
5
use phpCAS;
use UnicaenApp\Exception;
Bertrand Gauthier's avatar
Bertrand Gauthier committed
6
use UnicaenAuth\Options\ModuleOptions;
Bertrand Gauthier's avatar
Bertrand Gauthier committed
7
8
use Zend\Authentication\Exception\UnexpectedValueException;
use Zend\Authentication\Result as AuthenticationResult;
Bertrand Gauthier's avatar
Bertrand Gauthier committed
9
10
11
use Zend\EventManager\EventManager;
use Zend\EventManager\EventManagerAwareInterface;
use Zend\EventManager\EventManagerInterface;
12
use Zend\Mvc\Router\Http\TreeRouteStack;
Bertrand Gauthier's avatar
Bertrand Gauthier committed
13
14
15
16
17
use Zend\ServiceManager\ServiceManager;
use Zend\ServiceManager\ServiceManagerAwareInterface;
use ZfcUser\Authentication\Adapter\AbstractAdapter;
use ZfcUser\Authentication\Adapter\AdapterChainEvent as AuthEvent;
use ZfcUser\Authentication\Adapter\ChainableAdapter;
Bertrand Gauthier's avatar
Bertrand Gauthier committed
18
19
20
21
22
23

/**
 * CAS authentication adpater
 *
 * @author Bertrand GAUTHIER <bertrand.gauthier@unicaen.fr>
 */
Bertrand Gauthier's avatar
Bertrand Gauthier committed
24
class Cas extends AbstractAdapter implements ServiceManagerAwareInterface, EventManagerAwareInterface
Bertrand Gauthier's avatar
Bertrand Gauthier committed
25
{
Bertrand Gauthier's avatar
Bertrand Gauthier committed
26
27
28
29
30
31
32
33
34
    /**
     * @var ServiceManager
     */
    protected $serviceManager;

    /**
     * @var EventManager
     */
    protected $eventManager;
Bertrand Gauthier's avatar
Bertrand Gauthier committed
35

Bertrand Gauthier's avatar
Bertrand Gauthier committed
36
37
38
39
    /**
     * @var ModuleOptions
     */
    protected $options;
40
41
42
43
44
45
46
47
48
49

    /**
     * @var array
     */
    protected $casOptions;

    /**
     * @var phpCAS
     */
    protected $casClient;
Bertrand Gauthier's avatar
Bertrand Gauthier committed
50
    
Bertrand Gauthier's avatar
Bertrand Gauthier committed
51
    /**
52
     * Réalise l'authentification.
Bertrand Gauthier's avatar
Bertrand Gauthier committed
53
54
55
56
57
58
59
60
     * 
     * @param AuthEvent $e
     * @return boolean
     * @throws UnexpectedValueException
     * @see ChainableAdapter
     */
    public function authenticate(AuthEvent $e)
    {
Bertrand Gauthier's avatar
Bertrand Gauthier committed
61
62
63
64
65
        $config = $this->getOptions()->getCas();
        if (!$config) {
            return; // NB: l'authentification CAS est désactivée ssi le tableau des options est vide
        }
        
Bertrand Gauthier's avatar
Bertrand Gauthier committed
66
67
        error_reporting($oldErrorReporting = error_reporting() & ~E_NOTICE);

68
        $this->getCasClient()->forceAuthentication();
Bertrand Gauthier's avatar
Bertrand Gauthier committed
69
70
71
72

        // at this step, the user has been authenticated by the CAS server
        // and the user's login name can be read with phpCAS::getUser().

73
74
        $identity = $this->getCasClient(false)->getUser();
        
Bertrand Gauthier's avatar
Bertrand Gauthier committed
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
        error_reporting($oldErrorReporting);
        
        $e->setIdentity($identity);
        $this->setSatisfied(true);
        $storage = $this->getStorage()->read();
        $storage['identity'] = $e->getIdentity();
        $this->getStorage()->write($storage);
        $e->setCode(AuthenticationResult::SUCCESS)
          ->setMessages(array('Authentication successful.'));
        
        $this->getEventManager()->trigger('userAuthenticated', $e);

        $e->stopPropagation();
        
        return true;
    }
91
92
93
94
95
96
97
98
99
100
101
102
    
    /**
     * 
     * @param AuthEvent $e
     * @see ChainableAdapter
     */
    public function logout(AuthEvent $e)
    {
        if (!$this->getOptions()->getCas()) {
            return; // NB: l'authentification CAS est désactivée ssi le tableau des options est vide
        }
        
103
104
105
106
        if ($this->getCasClient()->isAuthenticated()) {
            $router = $this->getServiceManager()->get('router'); /* @var $router TreeRouteStack */
            $returnUrl = $router->getRequestUri()->setPath($router->getBaseUrl())->toString();
            $this->getCasClient(false)->logoutWithRedirectService($returnUrl);
107
108
109
110
        }
    }
    
    /**
111
     * Retourne le client CAS.
112
     * 
113
114
115
     * @param boolean $initClient
     * @return phpCAS
     * @throws Exception
116
     */
117
    protected function getCasClient($initClient = true)
118
119
120
    {
        require_once __VENDOR_DIR__ . '/gorg/phpcas/CAS.php';
        
121
122
        if (null === $this->casClient) {
            $this->casClient = new phpCAS();
123
        }
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
        
        if (!$initClient) {
            return $this->casClient;
        }
        
        if (null === $this->casOptions) {
            $config = $this->getOptions()->getCas();
            if (!isset($config['connection']['default']['params']) || !$config['connection']['default']['params']) {
                throw new Exception("Les paramètres de connexion au serveur CAS sont invalides.");
            }
            $this->casOptions = $config['connection']['default']['params'];
        }
        
        $options = $this->casOptions;
                
139
        if (array_key_exists('debug', $options) && (bool) $options['debug']) {
140
            $this->casClient->setDebug();
141
        }
142
        
143
        // initialize phpCAS
144
        $this->casClient->client($options['version'], $options['hostname'], $options['port'], $options['uri'], true);
145
        // no SSL validation for the CAS server
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
        $this->casClient->setNoCasServerValidation();
        
        return $this->casClient;
    }
    
    /**
     * Spécifie le client CAS.
     * 
     * @param phpCAS $casClient
     * @return self
     */
    public function setCasClient(phpCAS $casClient)
    {
        $this->casClient = $casClient;
        return $this;
161
162
    }
    
Bertrand Gauthier's avatar
Bertrand Gauthier committed
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
    /**
     * @param ModuleOptions $options
     */
    public function setOptions(ModuleOptions $options)
    {
        $this->options = $options;
    }

    /**
     * @return ModuleOptions
     */
    public function getOptions()
    {
        if (!$this->options instanceof ModuleOptions) {
            $options = array_merge(
                    $this->getServiceManager()->get('zfcuser_module_options')->toArray(),
                    $this->getServiceManager()->get('unicaen-auth_module_options')->toArray());
            $this->setOptions(new ModuleOptions($options));
        }
        return $this->options;
    }

    /**
     * Get service manager
     *
     * @return ServiceManager
     */
    public function getServiceManager()
    {
        return $this->serviceManager;
    }

    /**
     * Set service manager
     *
     * @param ServiceManager $serviceManager
199
     * @return self
Bertrand Gauthier's avatar
Bertrand Gauthier committed
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
     */
    public function setServiceManager(ServiceManager $serviceManager)
    {
        $this->serviceManager = $serviceManager;
        return $this;
    }
    
    /**
     * Retrieve EventManager instance
     *
     * @return EventManagerInterface
     */
    public function getEventManager()
    {
        return $this->eventManager;
    }
    
    /**
     * Inject an EventManager instance
     *
     * @param  EventManagerInterface $eventManager
221
     * @return self
Bertrand Gauthier's avatar
Bertrand Gauthier committed
222
223
224
225
226
227
     */
    public function setEventManager(EventManagerInterface $eventManager)
    {
        $this->eventManager = $eventManager;
        return $this;
    }
Bertrand Gauthier's avatar
Bertrand Gauthier committed
228
}