ptut-vhost/build/api/module/casController.php

84 lines
2.2 KiB
PHP

<?php
/**
* Created by PhpStorm.
* User: lucas
* Date: 27/02/18
* Time: 16:19
*/
namespace api\module;
use database\core\Repo;
use database\repo\professor;
use error\core\Error;
use error\core\Err;
class casController{
/* (1) Authentication callback
*
* @return professors<array> The professor(s) data
*
---------------------------------------------------------*/
public static function get($args){
// login: https://sso.univ-pau.fr/cas/login?service=http://ptut.com:8080/api/v/1.0/cas
// validate: https://sso.univ-pau.fr/cas/serviceValidate?ticket=***TICKET***&service=http://ptut.com:8080/api/v/1.0/cas
/* (1) Check if already connected
---------------------------------------------------------*/
/* (1) If already -> return @cas_login */
if( in_array('cas_user', $_SESSION['AUTH']) )
return ['cas_login' => $_SESSION['CAS']['login']];
/* (2) Fail if no ticket */
if( !isset($_GET['ticket']) || !is_string($_GET['ticket']) || strlen($_GET['ticket']) < 1 )
return ['error' => new Error(Err::PermissionError, 'missing ticket')];
/* (2) Check ticket (validate)
---------------------------------------------------------*/
/* (1) Build useful variables */
$service = 'http://ptut.com:8080/api/v/1.0/cas';
$ticket = urlencode($_GET['ticket']);
$validate_url = "https://sso.univ-pau.fr/cas/serviceValidate?ticket=$ticket&service=$service";
/* (2) Configure & Prepare CURL */
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $validate_url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
/* (3) Execute CURL & Close it */
$output = curl_exec($ch);
curl_close($ch);
/* (4) Fail if not validated */
if( strpos($output, 'user') === false )
return ['error' => new Error(Err::PermissionError, 'invalid ticket')];
/* (5) Extract cas_login */
$cas_login = trim(strip_tags($output));
/* (6) Check empty */
if( strlen($cas_login) < 1 )
return ['error' => new Error(Err::PermissionError, 'cannot find cas login')];
/* (3) Store data in session
---------------------------------------------------------*/
$_SESSION['CAS'] = [
'login' => $cas_login,
'ticket' => $ticket
];
return ['cas_login' => $cas_login ];
}
}