From b5376442580cd1f323a4ad0b1acb42b3e1c01cde Mon Sep 17 00:00:00 2001 From: xdrm-brackets Date: Sat, 3 Mar 2018 15:50:11 +0100 Subject: [PATCH] [module.cas] DELETE for logout | GET for callback now works with tested system for pop-up --- build/api/module/casController.php | 66 ++++++++++++++++++++++++++---- config/modules.json | 3 +- 2 files changed, 61 insertions(+), 8 deletions(-) diff --git a/build/api/module/casController.php b/build/api/module/casController.php index da64137..7ce21fa 100644 --- a/build/api/module/casController.php +++ b/build/api/module/casController.php @@ -25,17 +25,48 @@ class casController{ public static function get($args){ // login: https://sso.univ-pau.fr/cas/login?service=http://ptut.com:8080/api/v/1.0/cas - // validate: https://sso.univ-pau.fr/cas/serviceValidate?ticket=***TICKET***&service=http://ptut.com:8080/api/v/1.0/cas + + + // Communicate over popups + // ---------------------------- + // window.pop = { closed: false }; + // + // window.cas_callback = function(cas_login){ + // + // setTimeout( function(){ + // + // if( window.pop.closed ) + // console.log('CAS login (null means error): '+cas_login); + // + // }, 1); + // + // }; + + // Launch PopUp + // window.pop = window.open('https://sso.univ-pau.fr/cas/login?service=http://ptut.com:8080/api/v/1.0/cas', '_blank', 'location=no,height=1024,width=1024,scrollbars=yes,status=no'); + + /* (0) Global DOWNLOAD data + ---------------------------------------------------------*/ + $headers = ['Content-Type' => 'text/html; charset=UTF-8' ]; + $body_start = "Veuillez patienter...
Vous allez ĂȘtre redirigĂ©s"; + /* (1) Check if already connected ---------------------------------------------------------*/ /* (1) If already -> return @cas_login */ - if( in_array('cas_user', $_SESSION['AUTH']) ) - return ['cas_login' => $_SESSION['CAS']['login']]; + if( in_array('cas_user', $_SESSION['AUTH']) ){ + + return [ + 'headers' => $headers, + 'body' => $body_start."'".$_SESSION['CAS']['login']."'".$body_end + ]; + + } /* (2) Fail if no ticket */ if( !isset($_GET['ticket']) || !is_string($_GET['ticket']) || strlen($_GET['ticket']) < 1 ) - return ['error' => new Error(Err::PermissionError, 'missing ticket')]; + return [ 'headers' => $headers, 'body' => $body_start.'null'.$body_end ]; @@ -58,14 +89,14 @@ class casController{ /* (4) Fail if not validated */ if( strpos($output, 'user') === false ) - return ['error' => new Error(Err::PermissionError, 'invalid ticket')]; + return [ 'headers' => $headers, 'body' => $body_start.'null'.$body_end ]; /* (5) Extract cas_login */ $cas_login = trim(strip_tags($output)); /* (6) Check empty */ if( strlen($cas_login) < 1 ) - return ['error' => new Error(Err::PermissionError, 'cannot find cas login')]; + return [ 'headers' => $headers, 'body' => $body_start.'null'.$body_end ]; /* (3) Store data in session @@ -76,8 +107,29 @@ class casController{ ]; + /* (2) Success CAS login */ + return [ + 'headers' => $headers, + 'body' => $body_start."'".$_SESSION['CAS']['login']."'".$body_end + ]; + + } + + + + + + public function delete(){ + + /* (1) Remove CAS credentials */ + $_SESSION['CAS'] = []; + + /* (2) Re-process AuthSystemDefault */ + new \api\core\AuthSystemDefault(); + + /* (3) Return if logged out */ + return ['logged_out' => in_array('cas_user', $_SESSION['AUTH'])]; - return ['cas_login' => $cas_login ]; } diff --git a/config/modules.json b/config/modules.json index 7af412f..ab7cdc5 100644 --- a/config/modules.json +++ b/config/modules.json @@ -12,7 +12,8 @@ "GET": { "des": "Authenticatation callback (used by third-party OAuth)", "per": [], - "par": {} + "par": {}, + "opt": { "download": true } }, "POST": {