Cas.php 6.33 KB
Newer Older
Bertrand Gauthier's avatar
Bertrand Gauthier committed
1
2
3
<?php
namespace UnicaenAuth\Authentication\Adapter;

4
5
use phpCAS;
use UnicaenApp\Exception;
Bertrand Gauthier's avatar
Bertrand Gauthier committed
6
use UnicaenAuth\Options\ModuleOptions;
Bertrand Gauthier's avatar
Bertrand Gauthier committed
7
8
use Zend\Authentication\Exception\UnexpectedValueException;
use Zend\Authentication\Result as AuthenticationResult;
Bertrand Gauthier's avatar
Bertrand Gauthier committed
9
10
11
12
13
14
15
16
use Zend\EventManager\EventManager;
use Zend\EventManager\EventManagerAwareInterface;
use Zend\EventManager\EventManagerInterface;
use Zend\ServiceManager\ServiceManager;
use Zend\ServiceManager\ServiceManagerAwareInterface;
use ZfcUser\Authentication\Adapter\AbstractAdapter;
use ZfcUser\Authentication\Adapter\AdapterChainEvent as AuthEvent;
use ZfcUser\Authentication\Adapter\ChainableAdapter;
Bertrand Gauthier's avatar
Bertrand Gauthier committed
17
18
19
20
21
22

/**
 * CAS authentication adpater
 *
 * @author Bertrand GAUTHIER <bertrand.gauthier@unicaen.fr>
 */
Bertrand Gauthier's avatar
Bertrand Gauthier committed
23
class Cas extends AbstractAdapter implements ServiceManagerAwareInterface, EventManagerAwareInterface
Bertrand Gauthier's avatar
Bertrand Gauthier committed
24
{
Bertrand Gauthier's avatar
Bertrand Gauthier committed
25
26
27
28
29
30
31
32
33
    /**
     * @var ServiceManager
     */
    protected $serviceManager;

    /**
     * @var EventManager
     */
    protected $eventManager;
Bertrand Gauthier's avatar
Bertrand Gauthier committed
34

Bertrand Gauthier's avatar
Bertrand Gauthier committed
35
36
37
38
    /**
     * @var ModuleOptions
     */
    protected $options;
39
40
41
42
43
44
45
46
47
48

    /**
     * @var array
     */
    protected $casOptions;

    /**
     * @var phpCAS
     */
    protected $casClient;
49

Bertrand Gauthier's avatar
Bertrand Gauthier committed
50
    /**
51
     * Réalise l'authentification.
52
     *
Bertrand Gauthier's avatar
Bertrand Gauthier committed
53
54
55
56
57
58
59
     * @param AuthEvent $e
     * @return boolean
     * @throws UnexpectedValueException
     * @see ChainableAdapter
     */
    public function authenticate(AuthEvent $e)
    {
60
61
62
63
64
65
66
67
//        if ($e->getIdentity()) {
//            return;
//        }
	/* DS : modification liée à une boucle infinie lors de l'authentification CAS */
	if ($this->isSatisfied()) {
            $storage = $this->getStorage()->read();
            $e->setIdentity($storage['identity'])
                    ->setCode(AuthenticationResult::SUCCESS)
68
                    ->setMessages(['Authentication successful.']);
69
70
            return;
        }
71

Bertrand Gauthier's avatar
Bertrand Gauthier committed
72
73
74
75
        $config = $this->getOptions()->getCas();
        if (!$config) {
            return; // NB: l'authentification CAS est désactivée ssi le tableau des options est vide
        }
76

Bertrand Gauthier's avatar
Bertrand Gauthier committed
77
78
        error_reporting($oldErrorReporting = error_reporting() & ~E_NOTICE);

79
        $this->getCasClient()->forceAuthentication();
Bertrand Gauthier's avatar
Bertrand Gauthier committed
80
81
82
83

        // at this step, the user has been authenticated by the CAS server
        // and the user's login name can be read with phpCAS::getUser().

84
        $identity = $this->getCasClient(false)->getUser();
85

Bertrand Gauthier's avatar
Bertrand Gauthier committed
86
        error_reporting($oldErrorReporting);
87

Bertrand Gauthier's avatar
Bertrand Gauthier committed
88
89
90
91
92
93
        $e->setIdentity($identity);
        $this->setSatisfied(true);
        $storage = $this->getStorage()->read();
        $storage['identity'] = $e->getIdentity();
        $this->getStorage()->write($storage);
        $e->setCode(AuthenticationResult::SUCCESS)
94
95
          ->setMessages(['Authentication successful.']);

Bertrand Gauthier's avatar
Bertrand Gauthier committed
96
97
        $this->getEventManager()->trigger('userAuthenticated', $e);
    }
98

99
    /**
100
     *
101
102
103
104
105
106
107
108
     * @param AuthEvent $e
     * @see ChainableAdapter
     */
    public function logout(AuthEvent $e)
    {
        if (!$this->getOptions()->getCas()) {
            return; // NB: l'authentification CAS est désactivée ssi le tableau des options est vide
        }
109

110
111
112
113
        if ($this->getCasClient()->isAuthenticated()) {
            $router = $this->getServiceManager()->get('router'); /* @var $router TreeRouteStack */
            $returnUrl = $router->getRequestUri()->setPath($router->getBaseUrl())->toString();
            $this->getCasClient(false)->logoutWithRedirectService($returnUrl);
114
115
        }
    }
116

117
    /**
118
     * Retourne le client CAS.
119
     *
120
121
122
     * @param boolean $initClient
     * @return phpCAS
     * @throws Exception
123
     */
124
    public function getCasClient($initClient = true)
125
    {
126
127
        if (null === $this->casClient) {
            $this->casClient = new phpCAS();
128
        }
129

130
131
132
        if (!$initClient) {
            return $this->casClient;
        }
133

134
135
136
137
138
139
140
        if (null === $this->casOptions) {
            $config = $this->getOptions()->getCas();
            if (!isset($config['connection']['default']['params']) || !$config['connection']['default']['params']) {
                throw new Exception("Les paramètres de connexion au serveur CAS sont invalides.");
            }
            $this->casOptions = $config['connection']['default']['params'];
        }
141

142
        $options = $this->casOptions;
143

144
        if (array_key_exists('debug', $options) && (bool) $options['debug']) {
145
            $this->casClient->setDebug();
146
        }
147

148
        // initialize phpCAS
149
        $this->casClient->client($options['version'], $options['hostname'], $options['port'], $options['uri'], true);
150
        // no SSL validation for the CAS server
151
        $this->casClient->setNoCasServerValidation();
152

153
154
        return $this->casClient;
    }
155

156
157
    /**
     * Spécifie le client CAS.
158
     *
159
160
161
162
163
164
165
     * @param phpCAS $casClient
     * @return self
     */
    public function setCasClient(phpCAS $casClient)
    {
        $this->casClient = $casClient;
        return $this;
166
    }
167

Bertrand Gauthier's avatar
Bertrand Gauthier committed
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
    /**
     * @param ModuleOptions $options
     */
    public function setOptions(ModuleOptions $options)
    {
        $this->options = $options;
    }

    /**
     * @return ModuleOptions
     */
    public function getOptions()
    {
        if (!$this->options instanceof ModuleOptions) {
            $options = array_merge(
                    $this->getServiceManager()->get('zfcuser_module_options')->toArray(),
                    $this->getServiceManager()->get('unicaen-auth_module_options')->toArray());
            $this->setOptions(new ModuleOptions($options));
        }
        return $this->options;
    }

    /**
     * Get service manager
     *
     * @return ServiceManager
     */
    public function getServiceManager()
    {
        return $this->serviceManager;
    }

    /**
     * Set service manager
     *
     * @param ServiceManager $serviceManager
204
     * @return self
Bertrand Gauthier's avatar
Bertrand Gauthier committed
205
206
207
208
209
210
     */
    public function setServiceManager(ServiceManager $serviceManager)
    {
        $this->serviceManager = $serviceManager;
        return $this;
    }
211

Bertrand Gauthier's avatar
Bertrand Gauthier committed
212
213
214
215
216
217
218
219
220
    /**
     * Retrieve EventManager instance
     *
     * @return EventManagerInterface
     */
    public function getEventManager()
    {
        return $this->eventManager;
    }
221

Bertrand Gauthier's avatar
Bertrand Gauthier committed
222
223
224
225
    /**
     * Inject an EventManager instance
     *
     * @param  EventManagerInterface $eventManager
226
     * @return self
Bertrand Gauthier's avatar
Bertrand Gauthier committed
227
228
229
230
231
232
     */
    public function setEventManager(EventManagerInterface $eventManager)
    {
        $this->eventManager = $eventManager;
        return $this;
    }
Bertrand Gauthier's avatar
Bertrand Gauthier committed
233
}