ptut-vhost/build/api/module/casController.php

<?php
/**
 * Created by PhpStorm.
 * User: lucas
 * Date: 27/02/18
 * Time: 16:19
 */

namespace api\module;


use database\core\Repo;
use database\repo\professor;
use error\core\Error;
use error\core\Err;

class casController{


	/* (1) Authentication callback
	*
	* @return professors<array>			The professor(s) data
	*
	---------------------------------------------------------*/
	public static function get($args){

		// login:    https://sso.univ-pau.fr/cas/login?service=http://ptut.com:8080/api/v/1.0/cas
		// validate: https://sso.univ-pau.fr/cas/serviceValidate?ticket=***TICKET***&service=http://ptut.com:8080/api/v/1.0/cas

		/* (1) Check validity
		---------------------------------------------------------*/
		/* (1) Check origin */
		// TODO


		/* (2) Fail if no ticket */
		if( !isset($_GET['ticket']) || !is_string($_GET['ticket']) || strlen($_GET['ticket']) < 1 )
			return ['error' => new Error(Err::PermissionError, 'missing ticket')];



		/* (2) Check ticket (validate)
		---------------------------------------------------------*/
		/* (1) Build useful variables */
		$service      = 'http://ptut.com:8080/api/v/1.0/cas';
		$ticket       = urlencode($_GET['ticket']);
		$validate_url = "https://sso.univ-pau.fr/cas/serviceValidate?ticket=$ticket&service=$service";

		/* (2) Configure & Prepare CURL */
		$ch = curl_init();

		curl_setopt($ch, CURLOPT_URL, $validate_url);
		curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);

		/* (3) Execute CURL & Close it */
		$output    = curl_exec($ch);
		curl_close($ch);

		/* (4) Fail if not validated */
		if( strpos($output, 'user') === false )
			return ['error' => new Error(Err::PermissionError, 'invalid ticket')];

		/* (5) Extract cas_login */
		$cas_login = trim(strip_tags($output));

		/* (6) Check empty */
		if( strlen($cas_login) < 1 )
			return ['error' => new Error(Err::PermissionError, 'cannot find cas login')];



		return ['cas_login' => $cas_login ];

	}

}