/drupal7/sites/all/modules/cas/cas_server.module - Annoter - Club Drupal - Forge Centrale Marseille

root / drupal7 / sites / all / modules / cas / cas_server.module @ d719f12f

-ad3d82
+<?php
 /**
  * @file Provides a protocol compliant version of CAS server 2.x
  */
 define('CAS_LOGIN_COOKIE', 'cas_server_login');
 /**
  * Implementation of hook_menu
  */
 function cas_server_menu() {
   $items = array();
   $items['cas/login'] = array(
     'page callback' => 'cas_server_login',
     'title' => 'CAS Login',
     'access callback' => TRUE,
     'type' => MENU_CALLBACK,
   );
   $items['cas/validate'] = array(
     'page callback' => 'cas_server_validate',
     'title' => 'CAS Validate',
     'access callback' => TRUE,
     'type' => MENU_CALLBACK,
   );
   $items['cas/serviceValidate'] = array(
     'page callback' => 'cas_server_service_validate',
     'title' => 'CAS Service Validate',
     'access callback' => TRUE,
     'type' => MENU_CALLBACK,
   );
   $items['cas/proxyValidate'] = array(
     'page callback' => 'cas_server_service_validate',
     'title' => 'CAS Proxy Ticket Validate',
     'access callback' => TRUE,
     'type' => MENU_CALLBACK,
   );
   $items['cas/logout'] = array(
     'page callback' => 'cas_server_logout',
     'title' => 'CAS Logout',
     'access callback' => TRUE,
     'type' => MENU_CALLBACK,
   );
   return $items;
+}
 /**
  * Implements hook_theme().
  */
 function cas_server_theme() {
   return array(
     'cas_service_validate_success' => array(
       'variables' => array('name' => NULL, 'attributes' => NULL),
       'file' => 'cas_server.response.inc',
     ),
     'cas_service_validate_attributes' => array(
       'variables' => array('attributes' => NULL, 'style' => 'jasig'),
       'file' => 'cas_server.response.inc',
     ),
     'cas_service_validate_failure' => array(
       'variables' => array('ticket' => NULL, 'error_code' => NULL),
       'file' => 'cas_server.response.inc',
     ),
-            a2baadd1
+    'cas_service_logout_request' => array(
       'variables' => array('ticket' => NULL, 'date' => NULL, 'id' => NULL),
       'file' => 'cas_server.response.inc',
     ),
-ad3d82
+  );
+}
 /**
  * Implements hook_cas_server_user_attributes().
+ *
  * Returns the user's roles.
  */
 function cas_server_cas_server_user_attributes($account, $service) {
   return array(
     'uid'           => $account->uid,
     'mail'          => $account->mail,
     'created'       => $account->created,
     'timezone'      => $account->timezone,
     'language'      => $account->language,
     'drupal_roles'  => $account->roles,
   );
+}
 function cas_server_service_return() {
   global $user;
   $service = isset($_COOKIE[CAS_LOGIN_COOKIE]) ? $_COOKIE[CAS_LOGIN_COOKIE] : '';
   if ($service && $user->uid) {
     $ticket = _cas_server_save_ticket($user->uid, $service);
     setcookie(CAS_LOGIN_COOKIE, "", -3600);
     drupal_goto($service, array('query' => array('ticket' => $ticket)));
+  }
+}
 /**
  * Handle login
+ *
  */
 function cas_server_login() {
   // Set login cookie so that we know we're in the process of logging in
   global $user;
   $output='';
   $service = isset($_REQUEST['service']) ? $_REQUEST['service'] : '';
   $gateway = isset($_REQUEST['gateway']);
   if ($user->uid) {
     if ($service) {
       $_COOKIE[CAS_LOGIN_COOKIE] = $service;
+    }
     $output=t('You have successfully logged into CAS');
     cas_server_service_return();
+  }
   else {
     if ($gateway && $service) {
       drupal_goto($service);
+    }
     else {
       // Redirect to user login
       if ($service) {
         setcookie(CAS_LOGIN_COOKIE, $service);
+      }
       $output .= l(t('Login'), 'user', array('query' => array('destination' => 'cas/login')));
       drupal_goto('user', array('query' => array('destination' => 'cas/login')));
+    }
+  }
   return $output;
+}
 /**
  * Validate the ticket using a CAS 1.x methodology
  * This provides the simple non-xml based
  */
 function cas_server_validate() {
-            a2baadd1
+  // Prevent this page from being cached.
   drupal_page_is_cacheable(FALSE);
   // Set content type.
   drupal_add_http_header('Content-Type', 'text/plain; charset=utf-8');
-ad3d82
+  //Obtain the ticket from the url and validate it.
   $ticket = isset($_REQUEST['ticket']) ? $_REQUEST['ticket'] : '';
   $service = isset($_REQUEST['service']) ? $_REQUEST['service'] : '';
   $user_name = _cas_server_validate($service, $ticket);
   if ($user_name) {
     print "yes\n";
     print "$user_name\n";
+  }
   else {
     print "no\n";
     print "\n";
+  }
+}
 /**
  * serviceValidate method using cas 2.0
  * Returns data in xml
  */
 function cas_server_service_validate() {
-            a2baadd1
+  // Prevent this page from being cached.
   drupal_page_is_cacheable(FALSE);
   // Set content type.
   drupal_add_http_header('Content-Type', 'text/xml; charset=utf-8');
-ad3d82
+  $ticket = isset($_REQUEST['ticket']) ? $_REQUEST['ticket'] : '';
   $service = isset($_REQUEST['service']) ? $_REQUEST['service'] : '';
   $user_name = _cas_server_validate($service, $ticket);
   if (!$user_name) $cas_error='INVALID_TICKET';
   if (!$ticket || !$service) $cas_error='INVALID_REQUEST';
   if ($user_name) {
     //@TODO Generate proxy granting ticket
     $account = user_load_by_name($user_name);
     // Generate a list of attributes to return.
     $attributes = module_invoke_all('cas_server_user_attributes', $account, $service, $ticket);
     // Let other modules alter the list of attributes.
     $context = array(
       'service' => $service,
       'ticket' => $ticket,
     );
     drupal_alter('cas_server_user_attributes', $attributes, $account, $context);
     print theme('cas_service_validate_success', array('name' => $user_name, 'attributes' => $attributes));
     watchdog('cas', 'User %name CAS sucessully authenticated.', array('%name' => $user_name));
+  }
   else {
     print theme('cas_service_validate_failure', array('ticket' => $ticket, 'error_code' => $cas_error));
     watchdog('cas', 'Ticket %ticket for service %service not recognized.', array('%ticket' => $ticket, '%service' => $service));
+  }
+}
 /**
  * Test to see if a one time use ticket is valid
+ *
  * @param unknown_type $ticket
  * @return unknown
  */
 function _cas_server_validate($service, $ticket) {
   // Look up the ticket
   $user_name='';
   $ticket_info=array(':service' => $service, ':ticket' => $ticket);
-            a2baadd1
+  $result = db_query_range("SELECT u.name FROM {cas_server_tickets} t JOIN {users} u ON t.uid=u.uid  WHERE t.service = :service and t.ticket = :ticket AND valid=1", 0, 1, $ticket_info);
-ad3d82
+  if ($result !== FALSE) {
     foreach ($result as $ticket_data) {
       $user_name = $ticket_data->name;
+    }
+  }
-            a2baadd1
+  db_update('cas_server_tickets')
     ->fields(array('valid' => 0))
-ad3d82
+    ->condition('ticket', $ticket)
     ->execute();
   return $user_name;
+}
 /**
  * Generate a one time use login ticket for the user in question.
+ *
  * @param int $uid
  */
 function _cas_server_save_ticket($uid, $service) {
   // Generate the ticket
   $time = REQUEST_TIME;
   $ticket = 'ST-' . user_password();
-            a2baadd1
+  $ticket_data = array('uid' => $uid, 'service' => $service, 'ticket' => $ticket, 'timestamp' => $time, 'valid' => 1);
-ad3d82
+  // Save the ticket to the db
   if ($uid && $service) {
     db_insert('cas_server_tickets')->fields($ticket_data)->execute();
+  }
   return $ticket;
+}
 /**
  * Menu callback; triggers a CAS logout.
  */
 function cas_server_logout() {
   global $user;
   watchdog('user', 'Session closed for %name.', array('%name' => $user->name));
   module_invoke_all('user_logout', $user);
   // Destroy the current session, and reset $user to the anonymous user.
   session_destroy();
   $output = '<p>' . t('You have been logged out successfully.') . '</p>';
   if (isset($_REQUEST['url'])) {
     $output .= '<p>' . l(t('Continue'), $_REQUEST['url']) . '</p>';
+  }
   return $output;
+}
-            a2baadd1
+            Assos Assos
 /**
  * Send CAS a logout requests for each of the user's CAS tickets.
+ *
  * @param $account
  *   The user for whom to send CAS logout requests.
  */
 function cas_server_logout_clients($account) {
    $result = db_query("SELECT service, ticket, valid FROM {cas_server_tickets} WHERE uid= :uid", array(':uid' => $account->uid));
     if ($result !== FALSE) {
       $expired_tickets = array();
       foreach ($result as $client) {
         $expired_tickets[] = $client->ticket;
         if (!$client->valid)  {
           $id = 'LR-' . user_password();
           $date = date('c');
           $logout_request = theme('cas_service_logout_request', array('id' => $id, 'date' => $date, 'ticket' => $client->ticket));
           // Send POST request
           $response = drupal_http_request(
             $client->service,
             array(
               'headers' => array('Content-Type' => 'application/x-www-form-urlencoded'),
               'method' =>  'POST',
               'data' => 'logoutRequest=' . urlencode($logout_request),
+            )
           );
           if (@$response->error) {
             watchdog('error', 'Error in CAS logout Request - %code : %message', array('%code' => $response->code, '%error' => $response->error));
+          }
+        }
         // Remove ticket
+      }
       if ($expired_tickets) {
         db_delete('cas_server_tickets')
           ->condition('ticket', $expired_tickets, 'IN')
           ->execute();
+      }
+    }
+}
 /**
  * Implements hook_user_logout().
  */
 function cas_server_user_logout($account) {
   cas_server_logout_clients($account);
+}

Projet

Général

Profil

Club Drupal

root / drupal7 / sites / all / modules / cas / cas_server.module @ d719f12f