dlundgren · January 21, 2025 14:40
diff --git a/CasProxyValidate.php b/CasProxyValidate.php
 <?php

 namespace SimpleSAML\Module\client\Controller;

 use SAML2\DOMDocumentFactory;
 use SimpleSAML\Module;
 use SimpleSAML\Module\client\Http\Concern\IsStatefulAction;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\Yaml\Yaml;

 /**
 * Handles the CAS proxyValidate action
 *
 * @package SimpleSAML\Module\client\Http\Action
 */
 class CasProxyValidate
 {
 	use IsStatefulAction;

 	public function handle(Request $request)
 	{
 		$csmPath = Module::getModuleDir('casserver');

 		ob_start();
 		require_once("{$csmPath}/public/utility/validateTicket.php");

 		$response = ob_get_clean();

 		if ($request->server->get('HTTP_USER_AGENT') === 'Ruby' &&
 			strpos($response, 'cas:authenticationSuccess') !== false &&
 			isset($attributes)
 		) {
 			// due to rubycas-client's non-standard compliance with CAS, we need to perform some xml translations...
 			// translate the attributes for Ruby
 			/** @var array $attributes This is from validateTicket */
 			$response = $this->applyAttributes($response, $attributes);
 		}

 		return new Response($response);
 	}

 	/**
 	 * Adds the attributes to the response for rubycas-client requests
 	 *
 	 * @param $response
 	 * @param $attributes
 	 *
 	 * @return false|string
 	 */
 	protected function applyAttributes($response, $attributes)
 	{
 		$xml   = DOMDocumentFactory::fromString($response);
 		$xpath = new \DOMXPath($xml);

 		$attrs = $xpath->query("/cas:serviceResponse/cas:authenticationSuccess/cas:attributes")->item(0);
 		if (!$attrs) {
 			// cas:attributes is missing, create it
 			$success = $xpath->query("/cas:serviceResponse/cas:authenticationSuccess")->item(0);
 			$attrs = $xml->createElement('cas:attributes');
 			$success->appendChild($attrs);
 		}

 		foreach ($attributes as $name => $values) {
 			$attr = $xml->createElement($name);
 			$attr->appendChild($xml->createCDATASection("---\n" . Yaml::dump($values)));
 			$attrs->appendChild($attr);
 		}

 		return $xml->saveXML();
 	}
 }
	<?php

	namespace SimpleSAML\Module\client\Controller;

	use SAML2\DOMDocumentFactory;
	use SimpleSAML\Module;
	use SimpleSAML\Module\client\Http\Concern\IsStatefulAction;
	use Symfony\Component\HttpFoundation\Request;
	use Symfony\Component\HttpFoundation\Response;
	use Symfony\Component\Yaml\Yaml;

	/**
	* Handles the CAS proxyValidate action
	*
	* @package SimpleSAML\Module\client\Http\Action
	*/
	class CasProxyValidate
	{
	use IsStatefulAction;

	public function handle(Request $request)
	{
	$csmPath = Module::getModuleDir('casserver');

	ob_start();
	require_once("{$csmPath}/public/utility/validateTicket.php");

	$response = ob_get_clean();

	if ($request->server->get('HTTP_USER_AGENT') === 'Ruby' &&
	strpos($response, 'cas:authenticationSuccess') !== false &&
	isset($attributes)
	) {
	// due to rubycas-client's non-standard compliance with CAS, we need to perform some xml translations...
	// translate the attributes for Ruby
	/** @var array $attributes This is from validateTicket */
	$response = $this->applyAttributes($response, $attributes);
	}

	return new Response($response);
	}

	/**
	* Adds the attributes to the response for rubycas-client requests
	*
	* @param $response
	* @param $attributes
	*
	* @return false\|string
	*/
	protected function applyAttributes($response, $attributes)
	{
	$xml = DOMDocumentFactory::fromString($response);
	$xpath = new \DOMXPath($xml);

	$attrs = $xpath->query("/cas:serviceResponse/cas:authenticationSuccess/cas:attributes")->item(0);
	if (!$attrs) {
	// cas:attributes is missing, create it
	$success = $xpath->query("/cas:serviceResponse/cas:authenticationSuccess")->item(0);
	$attrs = $xml->createElement('cas:attributes');
	$success->appendChild($attrs);
	}

	foreach ($attributes as $name => $values) {
	$attr = $xml->createElement($name);
	$attr->appendChild($xml->createCDATASection("---\n" . Yaml::dump($values)));
	$attrs->appendChild($attr);
	}

	return $xml->saveXML();
	}
	}