Révision a2baadd1
Ajouté par Assos Assos il y a environ 10 ans
drupal7/sites/all/modules/cas/cas_server.module | ||
---|---|---|
64 | 64 |
'variables' => array('ticket' => NULL, 'error_code' => NULL), |
65 | 65 |
'file' => 'cas_server.response.inc', |
66 | 66 |
), |
67 |
'cas_service_logout_request' => array( |
|
68 |
'variables' => array('ticket' => NULL, 'date' => NULL, 'id' => NULL), |
|
69 |
'file' => 'cas_server.response.inc', |
|
70 |
), |
|
67 | 71 |
); |
68 | 72 |
} |
69 | 73 |
|
... | ... | |
131 | 135 |
* This provides the simple non-xml based |
132 | 136 |
*/ |
133 | 137 |
function cas_server_validate() { |
138 |
// Prevent this page from being cached. |
|
139 |
drupal_page_is_cacheable(FALSE); |
|
140 |
|
|
141 |
// Set content type. |
|
142 |
drupal_add_http_header('Content-Type', 'text/plain; charset=utf-8'); |
|
143 |
|
|
134 | 144 |
//Obtain the ticket from the url and validate it. |
135 | 145 |
$ticket = isset($_REQUEST['ticket']) ? $_REQUEST['ticket'] : ''; |
136 | 146 |
$service = isset($_REQUEST['service']) ? $_REQUEST['service'] : ''; |
... | ... | |
149 | 159 |
* Returns data in xml |
150 | 160 |
*/ |
151 | 161 |
function cas_server_service_validate() { |
162 |
// Prevent this page from being cached. |
|
163 |
drupal_page_is_cacheable(FALSE); |
|
164 |
|
|
165 |
// Set content type. |
|
166 |
drupal_add_http_header('Content-Type', 'text/xml; charset=utf-8'); |
|
167 |
|
|
152 | 168 |
$ticket = isset($_REQUEST['ticket']) ? $_REQUEST['ticket'] : ''; |
153 | 169 |
$service = isset($_REQUEST['service']) ? $_REQUEST['service'] : ''; |
154 | 170 |
$user_name = _cas_server_validate($service, $ticket); |
155 | 171 |
if (!$user_name) $cas_error='INVALID_TICKET'; |
156 | 172 |
if (!$ticket || !$service) $cas_error='INVALID_REQUEST'; |
157 | 173 |
|
158 |
header('Content-type:', 'text/xml'); |
|
159 | 174 |
if ($user_name) { |
160 | 175 |
//@TODO Generate proxy granting ticket |
161 | 176 |
$account = user_load_by_name($user_name); |
... | ... | |
189 | 204 |
// Look up the ticket |
190 | 205 |
$user_name=''; |
191 | 206 |
$ticket_info=array(':service' => $service, ':ticket' => $ticket); |
192 |
$result = db_query_range("SELECT u.name FROM {cas_server_tickets} t JOIN {users} u ON t.uid=u.uid WHERE t.service = :service and t.ticket = :ticket", 0, 1, $ticket_info); |
|
207 |
$result = db_query_range("SELECT u.name FROM {cas_server_tickets} t JOIN {users} u ON t.uid=u.uid WHERE t.service = :service and t.ticket = :ticket AND valid=1", 0, 1, $ticket_info);
|
|
193 | 208 |
if ($result !== FALSE) { |
194 | 209 |
foreach ($result as $ticket_data) { |
195 | 210 |
$user_name = $ticket_data->name; |
196 | 211 |
} |
197 | 212 |
} |
198 |
db_delete('cas_server_tickets') |
|
213 |
db_update('cas_server_tickets') |
|
214 |
->fields(array('valid' => 0)) |
|
199 | 215 |
->condition('ticket', $ticket) |
200 | 216 |
->execute(); |
201 | 217 |
|
... | ... | |
211 | 227 |
// Generate the ticket |
212 | 228 |
$time = REQUEST_TIME; |
213 | 229 |
$ticket = 'ST-' . user_password(); |
214 |
$ticket_data = array('uid' => $uid, 'service' => $service, 'ticket' => $ticket, 'timestamp' => $time); |
|
230 |
$ticket_data = array('uid' => $uid, 'service' => $service, 'ticket' => $ticket, 'timestamp' => $time, 'valid' => 1);
|
|
215 | 231 |
// Save the ticket to the db |
216 | 232 |
if ($uid && $service) { |
217 | 233 |
db_insert('cas_server_tickets')->fields($ticket_data)->execute(); |
... | ... | |
221 | 237 |
|
222 | 238 |
/** |
223 | 239 |
* Menu callback; triggers a CAS logout. |
224 |
* |
|
225 |
* @TODO: Implement single sign out support |
|
226 | 240 |
*/ |
227 | 241 |
function cas_server_logout() { |
228 | 242 |
global $user; |
... | ... | |
240 | 254 |
} |
241 | 255 |
return $output; |
242 | 256 |
} |
257 |
|
|
258 |
/** |
|
259 |
* Send CAS a logout requests for each of the user's CAS tickets. |
|
260 |
* |
|
261 |
* @param $account |
|
262 |
* The user for whom to send CAS logout requests. |
|
263 |
*/ |
|
264 |
function cas_server_logout_clients($account) { |
|
265 |
$result = db_query("SELECT service, ticket, valid FROM {cas_server_tickets} WHERE uid= :uid", array(':uid' => $account->uid)); |
|
266 |
if ($result !== FALSE) { |
|
267 |
$expired_tickets = array(); |
|
268 |
foreach ($result as $client) { |
|
269 |
$expired_tickets[] = $client->ticket; |
|
270 |
if (!$client->valid) { |
|
271 |
$id = 'LR-' . user_password(); |
|
272 |
$date = date('c'); |
|
273 |
$logout_request = theme('cas_service_logout_request', array('id' => $id, 'date' => $date, 'ticket' => $client->ticket)); |
|
274 |
// Send POST request |
|
275 |
$response = drupal_http_request( |
|
276 |
$client->service, |
|
277 |
array( |
|
278 |
'headers' => array('Content-Type' => 'application/x-www-form-urlencoded'), |
|
279 |
'method' => 'POST', |
|
280 |
'data' => 'logoutRequest=' . urlencode($logout_request), |
|
281 |
) |
|
282 |
); |
|
283 |
if (@$response->error) { |
|
284 |
watchdog('error', 'Error in CAS logout Request - %code : %message', array('%code' => $response->code, '%error' => $response->error)); |
|
285 |
} |
|
286 |
} |
|
287 |
// Remove ticket |
|
288 |
} |
|
289 |
if ($expired_tickets) { |
|
290 |
db_delete('cas_server_tickets') |
|
291 |
->condition('ticket', $expired_tickets, 'IN') |
|
292 |
->execute(); |
|
293 |
} |
|
294 |
} |
|
295 |
} |
|
296 |
|
|
297 |
/** |
|
298 |
* Implements hook_user_logout(). |
|
299 |
*/ |
|
300 |
function cas_server_user_logout($account) { |
|
301 |
cas_server_logout_clients($account); |
|
302 |
} |
Formats disponibles : Unified diff
Weekly update of contrib modules