[module.cas] DELETE for logout | GET for callback now works with tested system for pop-up
This commit is contained in:
parent
b9c2d119f5
commit
b537644258
|
@ -25,17 +25,48 @@ class casController{
|
|||
public static function get($args){
|
||||
|
||||
// login: https://sso.univ-pau.fr/cas/login?service=http://ptut.com:8080/api/v/1.0/cas
|
||||
// validate: https://sso.univ-pau.fr/cas/serviceValidate?ticket=***TICKET***&service=http://ptut.com:8080/api/v/1.0/cas
|
||||
|
||||
|
||||
// Communicate over popups
|
||||
// ----------------------------
|
||||
// window.pop = { closed: false };
|
||||
//
|
||||
// window.cas_callback = function(cas_login){
|
||||
//
|
||||
// setTimeout( function(){
|
||||
//
|
||||
// if( window.pop.closed )
|
||||
// console.log('CAS login (null means error): '+cas_login);
|
||||
//
|
||||
// }, 1);
|
||||
//
|
||||
// };
|
||||
|
||||
// Launch PopUp
|
||||
// window.pop = window.open('https://sso.univ-pau.fr/cas/login?service=http://ptut.com:8080/api/v/1.0/cas', '_blank', 'location=no,height=1024,width=1024,scrollbars=yes,status=no');
|
||||
|
||||
/* (0) Global DOWNLOAD data
|
||||
---------------------------------------------------------*/
|
||||
$headers = ['Content-Type' => 'text/html; charset=UTF-8' ];
|
||||
$body_start = "Veuillez patienter...<br>Vous allez être redirigés<script type='text/javascript'>window.opener.cas_callback(";
|
||||
$body_end = ");window.close();</script>";
|
||||
|
||||
|
||||
/* (1) Check if already connected
|
||||
---------------------------------------------------------*/
|
||||
/* (1) If already -> return @cas_login */
|
||||
if( in_array('cas_user', $_SESSION['AUTH']) )
|
||||
return ['cas_login' => $_SESSION['CAS']['login']];
|
||||
if( in_array('cas_user', $_SESSION['AUTH']) ){
|
||||
|
||||
return [
|
||||
'headers' => $headers,
|
||||
'body' => $body_start."'".$_SESSION['CAS']['login']."'".$body_end
|
||||
];
|
||||
|
||||
}
|
||||
|
||||
/* (2) Fail if no ticket */
|
||||
if( !isset($_GET['ticket']) || !is_string($_GET['ticket']) || strlen($_GET['ticket']) < 1 )
|
||||
return ['error' => new Error(Err::PermissionError, 'missing ticket')];
|
||||
return [ 'headers' => $headers, 'body' => $body_start.'null'.$body_end ];
|
||||
|
||||
|
||||
|
||||
|
@ -58,14 +89,14 @@ class casController{
|
|||
|
||||
/* (4) Fail if not validated */
|
||||
if( strpos($output, 'user') === false )
|
||||
return ['error' => new Error(Err::PermissionError, 'invalid ticket')];
|
||||
return [ 'headers' => $headers, 'body' => $body_start.'null'.$body_end ];
|
||||
|
||||
/* (5) Extract cas_login */
|
||||
$cas_login = trim(strip_tags($output));
|
||||
|
||||
/* (6) Check empty */
|
||||
if( strlen($cas_login) < 1 )
|
||||
return ['error' => new Error(Err::PermissionError, 'cannot find cas login')];
|
||||
return [ 'headers' => $headers, 'body' => $body_start.'null'.$body_end ];
|
||||
|
||||
|
||||
/* (3) Store data in session
|
||||
|
@ -76,8 +107,29 @@ class casController{
|
|||
];
|
||||
|
||||
|
||||
/* (2) Success CAS login */
|
||||
return [
|
||||
'headers' => $headers,
|
||||
'body' => $body_start."'".$_SESSION['CAS']['login']."'".$body_end
|
||||
];
|
||||
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
public function delete(){
|
||||
|
||||
/* (1) Remove CAS credentials */
|
||||
$_SESSION['CAS'] = [];
|
||||
|
||||
/* (2) Re-process AuthSystemDefault */
|
||||
new \api\core\AuthSystemDefault();
|
||||
|
||||
/* (3) Return if logged out */
|
||||
return ['logged_out' => in_array('cas_user', $_SESSION['AUTH'])];
|
||||
|
||||
return ['cas_login' => $cas_login ];
|
||||
|
||||
}
|
||||
|
||||
|
|
|
@ -12,7 +12,8 @@
|
|||
"GET": {
|
||||
"des": "Authenticatation callback (used by third-party OAuth)",
|
||||
"per": [],
|
||||
"par": {}
|
||||
"par": {},
|
||||
"opt": { "download": true }
|
||||
},
|
||||
|
||||
"POST": {
|
||||
|
|
Loading…
Reference in New Issue