Skip to content

Commit

Permalink
Support single sign off
Browse files Browse the repository at this point in the history
  • Loading branch information
@kevinoconnor7
kevinoconnor7 committed Sep 25, 2015
1 parent 367fae9 commit e9ca69c
Show file tree
Hide file tree
Showing 2 changed files with 77 additions and 33 deletions.
8 changes: 4 additions & 4 deletions auth-cas/authentication.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,13 +14,13 @@ public function bootstrap()
$enabled = $config->get('cas-enabled');
if (in_array($enabled, array('all', 'staff'))) {
require_once 'cas.php';
StaffAuthenticationBackend::register(
new CasStaffAuthBackend($this->getConfig()));
CasStaffAuthBackend::bootstrap($this->getConfig());
StaffAuthenticationBackend::register(new CasStaffAuthBackend());
}
if (in_array($enabled, array('all', 'client'))) {
require_once 'cas.php';
UserAuthenticationBackend::register(
new CasClientAuthBackend($this->getConfig()));
CasClientAuthBackend::bootstrap($this->getConfig());
UserAuthenticationBackend::register(new CasClientAuthBackend());
}
}
}
Expand Down
102 changes: 73 additions & 29 deletions auth-cas/cas.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,14 +8,20 @@ function __construct($config) {
$this->config = $config;
}

function triggerAuth($service_url = null) {
$self = $this;
private static function buildClient($hostname, $port, $context) {
phpCAS::client(
CAS_VERSION_2_0,
$this->config->get('cas-hostname'),
intval($this->config->get('cas-port')),
$this->config->get('cas-context'),
$hostname,
intval($port),
$context,
false);
}

public function triggerAuth($service_url = null) {
self::buildClient(
$this->config->get('cas-hostname'),
$this->config->get('cas-port'),
$this->config->get('cas-context'));

// Force set the CAS service URL to the osTicket login page.
if ($service_url) {
Expand All @@ -39,15 +45,32 @@ function triggerAuth($service_url = null) {
}
}

function setUser() {
public static function signOut($config, $return_url = null) {
self::buildClient(
$config->get('cas-hostname'),
$config->get('cas-port'),
$config->get('cas-context'));

unset($_SESSION[':cas']);

if ($config->get('cas-single-sign-off')) {
if (empty($return_url)) {
phpCAS::logout();
} else {
phpCAS::logoutWithRedirectService($return_url);
}
}
}

public function setUser() {
$_SESSION[':cas']['user'] = phpCAS::getUser();
}

function getUser() {
public function getUser() {
return $_SESSION[':cas']['user'];
}

function setEmail() {
private function setEmail() {
if($this->config->get('cas-email-attribute-key') !== null && phpCAS::hasAttribute($this->config->get('cas-email-attribute-key'))) {
$_SESSION[':cas']['email'] = phpCAS::getAttribute(
$this->config->get('cas-email-attribute-key'));
Expand All @@ -60,11 +83,11 @@ function setEmail() {
}
}

function getEmail() {
public function getEmail() {
return $_SESSION[':cas']['email'];
}

function setName() {
private function setName() {
if($this->config->get('cas-name-attribute-key') !== null && phpCAS::hasAttribute($this->config->get('cas-name-attribute-key'))) {
$_SESSION[':cas']['name'] = phpCAS::getAttribute(
$this->config->get('cas-name-attribute-key'));
Expand All @@ -73,11 +96,11 @@ function setName() {
}
}

function getName() {
public function getName() {
return $_SESSION[':cas']['name'];
}

function getProfile() {
public function getProfile() {
return array(
'email' => $this->getEmail(),
'name' => $this->getName());
Expand All @@ -90,22 +113,25 @@ class CasStaffAuthBackend extends ExternalStaffAuthenticationBackend {

static $service_name = "CAS";

var $config;
private static $config;

function __construct($config) {
$this->config = $config;
$this->cas = new CasAuth($config);
function __construct() {
$this->cas = new CasAuth(self::$config);
}

public static function bootstrap($config) {
self::$config = $config;
}

function getName() {
$config = $this->config;
$config = self::$config;
list($__, $_N) = $config::translate();
return $__(static::$name);
}

function signOn() {
if (isset($_SESSION[':cas']['user'])) {
if (($staff = StaffSession::lookup($_SESSION[':cas']['email']))
if (($staff = StaffSession::lookup($this->cas->getEmail()))
&& $staff->getId()) {
if (!$staff instanceof StaffSession) {
// osTicket <= v1.9.7 or so
Expand All @@ -119,8 +145,15 @@ function signOn() {
}

static function signOut($user) {
global $cfg;

parent::signOut($user);
unset($_SESSION[':cas']);

$return_url = null;
if ($cfg != null && !empty($cfg->getUrl())) {
$return_url = $cfg->getUrl() . "scp/";
}
CasAuth::signOut(self::$config, $return_url);
}

function getServiceUrl() {
Expand All @@ -145,13 +178,18 @@ class CasClientAuthBackend extends ExternalUserAuthenticationBackend {

static $service_name = "CAS";

function __construct($config) {
$this->config = $config;
$this->cas = new CasAuth($config);
private static $config;

function __construct() {
$this->cas = new CasAuth(self::$config);
}

public static function bootstrap($config) {
self::$config = $config;
}

function getName() {
$config = $this->config;
$config = self::$config;
list($__, $_N) = $config::translate();
return $__(static::$name);
}
Expand All @@ -161,25 +199,31 @@ function supportsInteractiveAuthentication() {
}

function signOn() {
if (isset($_SESSION[':cas']['user'])) {
if (isset($_SESSION[':cas'])) {
$acct = ClientAccount::lookupByUsername($this->cas->getEmail());
$client = null;
if ($acct && $acct->getId()) {
$client = new ClientSession(new EndUser($acct->getUser()));
}

if ($client) {
return $client;
} else {
return new ClientCreateRequest(
if (!$client) {
$client = new ClientCreateRequest(
$this, $this->cas->getEmail(), $this->cas->getProfile());
}
return $client;
}
}

static function signOut($user) {
global $cfg;

parent::signOut($user);
unset($_SESSION[':cas']);

$return_url = null;
if ($cfg != null && !empty($cfg->getUrl())) {
$return_url = $cfg->getUrl() . "login.php";
}
CasAuth::signOut(self::$config, $return_url);
}

function getServiceUrl() {
Expand Down

0 comments on commit e9ca69c

Please sign in to comment.