ptut-vhost/build/api/module/casController.php

136 lines
3.4 KiB
PHP
Raw Normal View History

<?php
/**
* Created by PhpStorm.
* User: lucas
* Date: 27/02/18
* Time: 16:19
*/
namespace api\module;
use database\core\Repo;
use database\repo\professor;
use error\core\Error;
use error\core\Err;
class casController{
/* (1) Authentication callback
*
* @return professors<array> The professor(s) data
*
---------------------------------------------------------*/
public static function get($args){
// login: https://sso.univ-pau.fr/cas/login?service=http://ptut.com:8080/api/v/1.0/cas
// Communicate over popups
// ----------------------------
// window.pop = { closed: false };
//
// window.cas_callback = function(cas_login){
//
// setTimeout( function(){
//
// if( window.pop.closed )
// console.log('CAS login (null means error): '+cas_login);
//
// }, 1);
//
// };
// Launch PopUp
// window.pop = window.open('https://sso.univ-pau.fr/cas/login?service=http://ptut.com:8080/api/v/1.0/cas', '_blank', 'location=no,height=1024,width=1024,scrollbars=yes,status=no');
/* (0) Global DOWNLOAD data
---------------------------------------------------------*/
$headers = ['Content-Type' => 'text/html; charset=UTF-8' ];
$body_start = "Veuillez patienter...<br>Vous allez être redirigés<script type='text/javascript'>window.opener.cas_callback(";
$body_end = ");window.close();</script>";
/* (1) Check if already connected
---------------------------------------------------------*/
/* (1) If already -> return @cas_login */
if( in_array('cas_user', $_SESSION['AUTH']) ){
return [
'headers' => $headers,
'body' => $body_start."'".$_SESSION['CAS']['login']."'".$body_end
];
}
/* (2) Fail if no ticket */
if( !isset($_GET['ticket']) || !is_string($_GET['ticket']) || strlen($_GET['ticket']) < 1 )
return [ 'headers' => $headers, 'body' => $body_start.'null'.$body_end ];
/* (2) Check ticket (validate)
---------------------------------------------------------*/
/* (1) Build useful variables */
$service = $_SERVER['REQUEST_SCHEME'].'://'.$_SERVER['HTTP_HOST'].'/api/v/1.0/cas';
$ticket = urlencode($_GET['ticket']);
$validate_url = "https://sso.univ-pau.fr/cas/serviceValidate?ticket=$ticket&service=$service";
/* (2) Configure & Prepare CURL */
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $validate_url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
/* (3) Execute CURL & Close it */
$output = curl_exec($ch);
curl_close($ch);
/* (4) Fail if not validated */
if( strpos($output, 'user') === false )
return [ 'headers' => $headers, 'body' => $body_start.'null'.$body_end ];
/* (5) Extract cas_login */
$cas_login = trim(strip_tags($output));
/* (6) Check empty */
if( strlen($cas_login) < 1 )
return [ 'headers' => $headers, 'body' => $body_start.'null'.$body_end ];
/* (3) Store data in session
---------------------------------------------------------*/
$_SESSION['CAS'] = [
'login' => $cas_login,
'ticket' => $ticket
];
/* (2) Success CAS login */
return [
'headers' => $headers,
'body' => $body_start."'".$_SESSION['CAS']['login']."'".$body_end
];
}
public function delete(){
/* (1) Remove CAS credentials */
$_SESSION['CAS'] = [];
/* (2) Re-process AuthSystemDefault */
new \api\core\AuthSystemDefault();
/* (3) Return if logged out */
return ['logged_out' => in_array('cas_user', $_SESSION['AUTH'])];
}
}