Last active
January 4, 2016 21:09
-
-
Save maxrp/8679487 to your computer and use it in GitHub Desktop.
A simple top-level view of a PHP cas client integration
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /** | |
| * PHP-CAS library. | |
| */ | |
| require_once "CAS/CAS.php"; | |
| /** | |
| * d2l SSO library. | |
| */ | |
| require_once "d2l-login.php"; | |
| /** | |
| * shared API details and API path constants | |
| */ | |
| require_once "config.php"; | |
| // initialize phpCAS | |
| phpCAS::client(CAS_VERSION_2_0, CAS_DOMAIN, CAS_PORT, CAS_ENDPOINT, false); | |
| // include the a root cert for SSL verification | |
| phpCAS::setCasServerCACert(CAS_CA_CERT); | |
| // force CAS authentication | |
| #if (!phpCAS::isAuthenticated()){ | |
| d2l_log("Forcing CAS auth.", $_REQUEST); | |
| phpCAS::forceAuthentication(); | |
| #} | |
| // at this step, the user has been authenticated by the CAS server | |
| // and the user's login name can be read with phpCAS::getUser(). | |
| // logout if desired | |
| if (isset($_REQUEST['logout'])) { | |
| d2l_log("Logging out of CAS.", $_REQUEST); | |
| phpCAS::logout(); | |
| } | |
| $user = phpCAS::getUser(); | |
| d2l_log("CAS got user $user", ""); | |
| // fetch guid and log $user in | |
| if ($guid = generate_expiring_guid($user, $default_params)){ | |
| d2l_log("Preparing to execute sso_login as $user", $_REQUEST); | |
| sso_login($user, $guid); | |
| } else d2l_log("Failed to fetch guid for $user", $_REQUEST); | |
| ?> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /** | |
| * PHP-CAS library. | |
| */ | |
| require_once "CAS/CAS.php"; | |
| /** | |
| * shared API details and API path constants | |
| */ | |
| require_once "config.php"; | |
| /** | |
| * eexperience.com login funcs | |
| */ | |
| require_once 'experience.php'; | |
| // initialize phpCAS | |
| phpCAS::client(SAML_VERSION_1_1, CAS_DOMAIN, CAS_PORT, CAS_ENDPOINT); | |
| // include the a root cert for SSL verification | |
| phpCAS::setCasServerCACert(CAS_CA_CERT); | |
| // force CAS authentication | |
| phpCAS::forceAuthentication(); | |
| // at this step, the user has been authenticated by the CAS server | |
| // and the user's login name can be read with phpCAS::getUser(). | |
| // logout if desired | |
| if (isset($_REQUEST['logout'])) { | |
| phpCAS::logout(); | |
| } | |
| # get the user and the attributes | |
| $user = phpCAS::getUser(); | |
| $user_info = phpCAS::getAttributes(); | |
| # if an alternative auth_target_url is specified, use it | |
| $target_url = isset($_REQUEST['auth_target_url'])? $_REQUEST['auth_target_url'] : EXPERIENCE_TARGET; | |
| # get a login URL | |
| $url = experience_login($user, $target_url, $user_info); | |
| header("Status: 302 Found"); | |
| header("Location: $url"); | |
| ?> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment