[config.modules] added 'cas' permissions [module.cas] added PUT to really logout (from CAS server) but do not work (except from document.location)

This commit is contained in:
xdrm-brackets 2018-03-20 23:35:16 +01:00
parent 7db2a41027
commit 100b09c695
2 changed files with 79 additions and 38 deletions

View File

@ -20,7 +20,11 @@ class casController{
/* (1) Authentication callback /* (1) Authentication callback
* *
* @return professors<array> The professor(s) data * GET arguments
*
* @ticket<String> CAS callback @ticket
*
* @return headers|body<array> The download content
* *
---------------------------------------------------------*/ ---------------------------------------------------------*/
public static function get($args){ public static function get($args){
@ -85,14 +89,14 @@ class casController{
$validate_url = "https://sso.univ-pau.fr/cas/serviceValidate?ticket=$ticket&service=$service"; $validate_url = "https://sso.univ-pau.fr/cas/serviceValidate?ticket=$ticket&service=$service";
/* (2) Configure & Prepare CURL */ /* (2) Configure & Prepare CURL */
$ch = curl_init(); $ch = \curl_init();
curl_setopt($ch, CURLOPT_URL, $validate_url); \curl_setopt($ch, CURLOPT_URL, $validate_url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); \curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
/* (3) Execute CURL & Close it */ /* (3) Execute CURL & Close it */
$output = curl_exec($ch); $output = \curl_exec($ch);
curl_close($ch); \curl_close($ch);
/* (4) Fail if not validated */ /* (4) Fail if not validated */
if( strpos($output, 'user') === false ) if( strpos($output, 'user') === false )
@ -167,8 +171,49 @@ class casController{
/* (2) Logout from CAS server
*
* @return logged_out<bool> Whether you have been logged out
*
---------------------------------------------------------*/
public function put(){
/* (1) Call logout script
---------------------------------------------------------*/
/* (1) Build useful variables */
$service = ($_SERVER['SERVER_NAME'] == 'ptut.com' ) ? 'http' : 'https';
$service .= '://'.$_SERVER['HTTP_HOST'].'/api/v/1.0/cas';
$logout_url = "https://sso.univ-pau.fr/cas/logout?service=$service";
/* (2) Configure & Prepare CURL */
$ch = \curl_init();
\curl_setopt($ch, CURLOPT_URL, $logout_url);
\curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
/* (3) Execute CURL & Close it */
$output = \curl_exec($ch);
\curl_close($ch);
/* (4) Error if no output */
if( strlen($output) < 1 )
return ['logged_out' => false, 'redirect_url' => $logout_url];
/* (4) Destroy session */
\session_destroy();
/* (5) Return if logged out */
return ['logged_out' => true, 'redirect_url' => $logout_url];
}
/* (3) Logout (not from CAS server)
*
* @return logged_out<bool> Whether you have been logged out
*
---------------------------------------------------------*/
public function delete(){ public function delete(){
\session_destroy(); \session_destroy();

View File

@ -26,25 +26,21 @@
"GET": { "GET": {
"des": "Authenticatation callback (used by third-party OAuth)", "des": "Authenticatation callback (used by third-party OAuth)",
"per": [], "per": [],
"par": {}, "par": {
"URL0": { "des": "Whether to manage a popup", "typ": "boolean", "opt": true, "ren": "popup_mode", "def": false }
},
"opt": { "download": true } "opt": { "download": true }
}, },
"POST": {
"des": "Login if not already authenticated",
"per": [],
"par": {}
},
"PUT": { "PUT": {
"des": "Check if authenticated", "des": "Real logout to change login",
"per": [], "per": [["cas_user"]],
"par": {} "par": {}
}, },
"DELETE": { "DELETE": {
"des": "Logout", "des": "Logout",
"per": [], "per": [["cas_user"]],
"par": {} "par": {}
} }
@ -67,7 +63,7 @@
"excel":{ "excel":{
"POST": { "POST": {
"des": "Import data from an Excel file", "des": "Import data from an Excel file",
"per": [], "per": [["cas_admin"]],
"par": { "par": {
} }
} }
@ -88,7 +84,7 @@
"PUT":{ "PUT":{
"des": "Switch the user on another department database", "des": "Switch the user on another department database",
"per": [], "per": [["cas_user"]],
"par": { "par": {
"URL0": {"des": "Department id", "typ": "id", "ren": "department" } "URL0": {"des": "Department id", "typ": "id", "ren": "department" }
}, },
@ -100,7 +96,7 @@
"errors":{ "errors":{
"GET": { "GET": {
"des": "Get the list of incoherence of the department", "des": "Get the list of incoherence of the department",
"per": [], "per": [["cas_admin"]],
"par": { "par": {
} }
} }
@ -108,7 +104,7 @@
"stats":{ "stats":{
"GET": { "GET": {
"des": "Get the statistics about the department", "des": "Get the statistics about the department",
"per": [], "per": [["cas_admin"]],
"par": { "par": {
} }
} }
@ -237,7 +233,7 @@
"POST": { "POST": {
"des": "Creates a new UE", "des": "Creates a new UE",
"per": [], "per": [["cas_admin"]],
"par": { "par": {
"code": { "des": "UE code.", "typ": "varchar(4,20,alphanumeric)" }, "code": { "des": "UE code.", "typ": "varchar(4,20,alphanumeric)" },
"label": { "des": "UE label", "typ": "varchar(4,30,alphanumeric)" }, "label": { "des": "UE label", "typ": "varchar(4,30,alphanumeric)" },
@ -255,7 +251,7 @@
"GET": { "GET": {
"des": "Get one or all UE", "des": "Get one or all UE",
"per": [], "per": [["cas_admin"]],
"par": { "par": {
"URL0": { "des": "Optional UE code.", "typ": "varchar(4,20,alphanumeric)", "ren": "code", "opt": true } "URL0": { "des": "Optional UE code.", "typ": "varchar(4,20,alphanumeric)", "ren": "code", "opt": true }
}, },
@ -267,7 +263,7 @@
"DELETE": { "DELETE": {
"des": "Deletes an existing UE", "des": "Deletes an existing UE",
"per": [], "per": [["cas_admin"]],
"par": { "par": {
"URL0": { "des": "UE code.", "typ": "varchar(4,20,alphanumeric)", "ren": "code" } "URL0": { "des": "UE code.", "typ": "varchar(4,20,alphanumeric)", "ren": "code" }
}, },
@ -278,7 +274,7 @@
"PUT": { "PUT": {
"des": "Edits an existing UE", "des": "Edits an existing UE",
"per": [], "per": [["cas_admin"]],
"par": { "par": {
"URL0": { "des": "UE code.", "typ": "varchar(4,20,alphanumeric)", "ren": "code" }, "URL0": { "des": "UE code.", "typ": "varchar(4,20,alphanumeric)", "ren": "code" },
"new_code": { "des": "UE new code", "typ": "varchar(4,20,alphanumeric)", "opt": true }, "new_code": { "des": "UE new code", "typ": "varchar(4,20,alphanumeric)", "opt": true },
@ -299,7 +295,7 @@
"POST": { "POST": {
"des" : "Creates a new Cours for an UE", "des" : "Creates a new Cours for an UE",
"per": [], "per": [["cas_admin"]],
"par": { "par": {
"code": { "des": "Code of the UE", "typ": "varchar(4,20,alphanumeric)" }, "code": { "des": "Code of the UE", "typ": "varchar(4,20,alphanumeric)" },
"idProf": { "des": "Id of the professor", "typ": "id", "opt": true }, "idProf": { "des": "Id of the professor", "typ": "id", "opt": true },
@ -313,7 +309,7 @@
"GET": { "GET": {
"des" : "Get all cours data about a given UE", "des" : "Get all cours data about a given UE",
"per": [], "per": [["cas_admin"]],
"par": { "par": {
"URL0": { "des": "Code of the UE", "typ": "varchar(4,20,alphanumeric)", "ren": "code" } "URL0": { "des": "Code of the UE", "typ": "varchar(4,20,alphanumeric)", "ren": "code" }
} }
@ -321,7 +317,7 @@
"PUT": { "PUT": {
"des" : "Updates an existing Cours", "des" : "Updates an existing Cours",
"per": [], "per": [["cas_admin"]],
"par": { "par": {
"URL0": { "des": "Id of the Cours", "typ": "id", "ren": "idCours" }, "URL0": { "des": "Id of the Cours", "typ": "id", "ren": "idCours" },
"idProf": { "des": "Id of the professor (-1 to unset)", "typ": "int", "opt": true }, "idProf": { "des": "Id of the professor (-1 to unset)", "typ": "int", "opt": true },
@ -336,7 +332,7 @@
"DELETE": { "DELETE": {
"des" : "Deletes an existing Cours", "des" : "Deletes an existing Cours",
"per": [], "per": [["cas_admin"]],
"par": { "par": {
"URL0": { "des": "Id of the Cours", "typ": "id", "ren": "idCours" } "URL0": { "des": "Id of the Cours", "typ": "id", "ren": "idCours" }
}, },
@ -351,7 +347,7 @@
"POST": { "POST": {
"des" : "Creates a new TD for an UE", "des" : "Creates a new TD for an UE",
"per": [], "per": [["cas_admin"]],
"par": { "par": {
"code": { "des": "Code of the UE", "typ": "varchar(4,20,alphanumeric)" }, "code": { "des": "Code of the UE", "typ": "varchar(4,20,alphanumeric)" },
"idProf": { "des": "Id of the professor", "typ": "id", "opt": true }, "idProf": { "des": "Id of the professor", "typ": "id", "opt": true },
@ -365,7 +361,7 @@
"GET": { "GET": {
"des" : "Get all TD data about a given UE", "des" : "Get all TD data about a given UE",
"per": [], "per": [["cas_admin"]],
"par": { "par": {
"URL0": { "des": "Code of the UE", "typ": "varchar(4,20,alphanumeric)", "ren": "code" } "URL0": { "des": "Code of the UE", "typ": "varchar(4,20,alphanumeric)", "ren": "code" }
} }
@ -373,7 +369,7 @@
"PUT": { "PUT": {
"des" : "Updates an existing TD", "des" : "Updates an existing TD",
"per": [], "per": [["cas_admin"]],
"par": { "par": {
"URL0": { "des": "Id of the TD", "typ": "id", "ren": "idTD" }, "URL0": { "des": "Id of the TD", "typ": "id", "ren": "idTD" },
"idProf": { "des": "Id of the professor (-1 to unset)", "typ": "int", "opt": true }, "idProf": { "des": "Id of the professor (-1 to unset)", "typ": "int", "opt": true },
@ -388,7 +384,7 @@
"DELETE": { "DELETE": {
"des" : "Deletes an existing TD", "des" : "Deletes an existing TD",
"per": [], "per": [["cas_admin"]],
"par": { "par": {
"URL0": { "des": "Id of the TD", "typ": "id", "ren": "idTD" } "URL0": { "des": "Id of the TD", "typ": "id", "ren": "idTD" }
}, },
@ -403,7 +399,7 @@
"POST": { "POST": {
"des" : "Creates a new TP for an UE", "des" : "Creates a new TP for an UE",
"per": [], "per": [["cas_admin"]],
"par": { "par": {
"code": { "des": "Code of the UE", "typ": "varchar(4,20,alphanumeric)" }, "code": { "des": "Code of the UE", "typ": "varchar(4,20,alphanumeric)" },
"idProf": { "des": "Id of the professor", "typ": "id", "opt": true }, "idProf": { "des": "Id of the professor", "typ": "id", "opt": true },
@ -417,7 +413,7 @@
"GET": { "GET": {
"des" : "Get all TP data about a given UE", "des" : "Get all TP data about a given UE",
"per": [], "per": [["cas_admin"]],
"par": { "par": {
"URL0": { "des": "Code of the UE", "typ": "varchar(4,20,alphanumeric)", "ren": "code" } "URL0": { "des": "Code of the UE", "typ": "varchar(4,20,alphanumeric)", "ren": "code" }
} }
@ -425,7 +421,7 @@
"PUT": { "PUT": {
"des" : "Updates an existing TP", "des" : "Updates an existing TP",
"per": [], "per": [["cas_admin"]],
"par": { "par": {
"URL0": { "des": "Id of the TP", "typ": "id", "ren": "idTP" }, "URL0": { "des": "Id of the TP", "typ": "id", "ren": "idTP" },
"idProf": { "des": "Id of the professor (-1 to unset)", "typ": "int", "opt": true }, "idProf": { "des": "Id of the professor (-1 to unset)", "typ": "int", "opt": true },
@ -440,7 +436,7 @@
"DELETE": { "DELETE": {
"des" : "Deletes an existing TP", "des" : "Deletes an existing TP",
"per": [], "per": [["cas_admin"]],
"par": { "par": {
"URL0": { "des": "Id of the TP", "typ": "id", "ren": "idTP" } "URL0": { "des": "Id of the TP", "typ": "id", "ren": "idTP" }
}, },
@ -456,7 +452,7 @@
"formation": { "formation": {
"GET":{ "GET":{
"des": "Get all data about a formation", "des": "Get all data about a formation",
"per": [], "per": [["cas_admin"]],
"par": { "par": {
"URL0":{"des" : "Id of the formation", "typ": "id", "ren": "form_id", "opt" : true } "URL0":{"des" : "Id of the formation", "typ": "id", "ren": "form_id", "opt" : true }
} }
@ -466,7 +462,7 @@
"category": { "category": {
"GET": { "GET": {
"des" : "Get all data about a given category | all", "des" : "Get all data about a given category | all",
"per": [], "per": [["cas_admin"]],
"par": { "par": {
"URL0": { "des": "Id of the category", "typ": "id", "ren": "cat_id", "opt": true } "URL0": { "des": "Id of the category", "typ": "id", "ren": "cat_id", "opt": true }
} }