From 576e69304927e53c3c878d16f96ee3f28c98160b Mon Sep 17 00:00:00 2001
From: "florian.azizian" <florian.azizian@maarch.org>
Date: Wed, 15 Feb 2017 14:52:58 +0100
Subject: [PATCH] FEAT #5218 connexion CAS
---
apps/maarch_entreprise/cas_connect.php | 79 +++++++++++++++++++----
apps/maarch_entreprise/logout.php | 6 +-
apps/maarch_entreprise/xml/cas_config.xml | 7 ++
3 files changed, 78 insertions(+), 14 deletions(-)
create mode 100755 apps/maarch_entreprise/xml/cas_config.xml
diff --git a/apps/maarch_entreprise/cas_connect.php b/apps/maarch_entreprise/cas_connect.php
index 4d3bab1cebb..4b778122689 100755
--- a/apps/maarch_entreprise/cas_connect.php
+++ b/apps/maarch_entreprise/cas_connect.php
@@ -1,35 +1,92 @@
<?php
include_once('apps/maarch_entreprise/tools/phpCAS/CAS.php');
+require_once('core' . DIRECTORY_SEPARATOR . 'class' . DIRECTORY_SEPARATOR . 'class_request.php');
require_once('core' . DIRECTORY_SEPARATOR . 'class' . DIRECTORY_SEPARATOR . 'class_history.php');
+require_once('core' . DIRECTORY_SEPARATOR . 'class' . DIRECTORY_SEPARATOR . 'class_core_tools.php');
+$core = new core_tools();
+
+/**** RECUPERATION DU FICHIER DE CONFIG ****/
+if (file_exists($_SESSION['config']['corepath'] . 'custom' .
+ DIRECTORY_SEPARATOR . $_SESSION['custom_override_id'] .
+ DIRECTORY_SEPARATOR . 'apps' . DIRECTORY_SEPARATOR .
+ $_SESSION['config']['app_id'] . DIRECTORY_SEPARATOR . 'xml' .
+ DIRECTORY_SEPARATOR . 'cas_config.xml')
+){
+ $xmlPath = $_SESSION['config']['corepath'] . 'custom' . DIRECTORY_SEPARATOR
+ . $_SESSION['custom_override_id'] . DIRECTORY_SEPARATOR . 'apps'
+ . DIRECTORY_SEPARATOR . $_SESSION['config']['app_id']
+ . DIRECTORY_SEPARATOR . 'xml' . DIRECTORY_SEPARATOR . 'cas_config.xml';
+} elseif (file_exists($_SESSION['config']['corepath'] . 'apps'
+ . DIRECTORY_SEPARATOR . $_SESSION['config']['app_id']
+ . DIRECTORY_SEPARATOR . 'xml' . DIRECTORY_SEPARATOR .
+ 'cas_config.xml')
+){
+ $xmlPath = $_SESSION['config']['corepath'] . DIRECTORY_SEPARATOR . 'apps'
+ . DIRECTORY_SEPARATOR . $_SESSION['config']['app_id']
+ . DIRECTORY_SEPARATOR . 'xml' . DIRECTORY_SEPARATOR . 'cas_config.xml';
+} else {
+ echo _XML_FILE_NOT_EXISTS;
+ exit;
+}
+
+$xmlconfig = simplexml_load_file($xmlPath);
+$loginRequestArray = array();
+$loginRequestArray = $core->object2array($xmlconfig);
// Les paramètres du serveur CAS
-$cas_serveur = "192.168.21.36";
-$cas_port = 443;
-$cas_context = "/cas-server-webapp-4.0.0";
+$cas_serveur = $loginRequestArray['WEB_CAS_URL'];
+$cas_port = $loginRequestArray['WEB_CAS_PORT'];
+$cas_context = $loginRequestArray['WEB_CAS_CONTEXT'];
// $cas_chemin_ac = "apps/maarch_entreprise/tools/phpCAS/AC-RGS-Certigna-Racine-SHA1.pem" ;
phpCAS::setDebug();
phpCAS::setVerbose(true);
-// Initialisation phpCAS en protocole CAS 2.0
-phpCAS::client(CAS_VERSION_2_0, $cas_serveur, $cas_port, $cas_context, true);
+// Initialisation phpCAS
+phpCAS::client(constant($loginRequestArray['CAS_VERSION']), $cas_serveur, (int)$cas_port, $cas_context, true);
// Le certificat de l'autorité racine
// phpCAS::setCasServerCACert($cas_chemin_ac);
phpCAS::setNoCasServerValidation();
-// // L'authentification.
+// L'authentification.
phpCAS::forceAuthentication();
-// // Lecture identifiant utilisateur (courriel)
-$userId = phpCAS::getUser();
-echo 'Identifiant : ' . phpCAS::getUser();
-echo '<br/> phpCAS version : ' . phpCAS::getVersion();
+if($loginRequestArray['CAS_VERSION'] == 'CAS_VERSION_2_0'){
+ // Lecture identifiant utilisateur (courriel)
+ $userId = phpCAS::getUser();
+ echo 'Identifiant : ' . phpCAS::getUser();
+ echo '<br/> phpCAS version : ' . phpCAS::getVersion();
+
+} elseif($loginRequestArray['CAS_VERSION'] == 'SAML_VERSION_1_1'){
+ // $attrSAML = phpCAS::getAttributes();
+ // var_export($attrSAML);
+ echo 'Le protocal SAML 1.1 n est pas encore géré.';
+ exit;
+
+}else {
+ echo 'Ce protocol du CAS n est pas prise en compte.';
+ exit;
+}
+
+$db = new Database();
+$query = "SELECT user_id FROM users WHERE user_id = ?";
+$stmt = $db->query($query, array($userId));
+
+if ($stmt->rowCount() == 0) {
+ echo '<br>Cet utilisateur n existe pas dans l application.';
+ exit;
+}
$loginArray['password'] = 'maarch';
-$_SESSION['web_cas_url'] = 'https://'. $cas_serveur . $cas_context .'/logout';
+$protocol = 'http://';
+if((int)$cas_port == 443){
+ $protocol = 'https://';
+}
+
+$_SESSION['web_cas_url'] = $protocol. $cas_serveur . $cas_context .'/logout';
/**** CONNECTION A MAARCH ****/
header("location: " . $_SESSION['config']['businessappurl']
diff --git a/apps/maarch_entreprise/logout.php b/apps/maarch_entreprise/logout.php
index c1f6f634641..958912d67e1 100755
--- a/apps/maarch_entreprise/logout.php
+++ b/apps/maarch_entreprise/logout.php
@@ -47,12 +47,12 @@ if ($_SESSION['history']['userlogout'] == "true"
$_SESSION['config']['databasetype']
);
}
-$custom = $_SESSION['custom_override_id'];
+$custom = $_SESSION['custom_override_id'];
$corePath = $_SESSION['config']['corepath'];
-$appUrl = $_SESSION['config']['businessappurl'];
+$appUrl = $_SESSION['config']['businessappurl'];
-$appId = $_SESSION['config']['app_id'];
+$appId = $_SESSION['config']['app_id'];
// Destruction du cookie. La session est entièrement détruite et revenir sur le site attribuera un nouvel identifiant
$args = array_merge(array(session_name(), ''), array_values(session_get_cookie_params()));
diff --git a/apps/maarch_entreprise/xml/cas_config.xml b/apps/maarch_entreprise/xml/cas_config.xml
new file mode 100755
index 00000000000..e919c73c743
--- /dev/null
+++ b/apps/maarch_entreprise/xml/cas_config.xml
@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="utf-8"?>
+<ROOT>
+ <CAS_VERSION>CAS_VERSION_2_0</CAS_VERSION><!-- CAS_VERSION_2_0 ou SAML_VERSION_1_1 -->
+ <WEB_CAS_URL>192.168.21.30</WEB_CAS_URL>
+ <WEB_CAS_PORT>443</WEB_CAS_PORT>
+ <WEB_CAS_CONTEXT>/cas-server-webapp-4.0.0</WEB_CAS_CONTEXT>
+</ROOT>
--
GitLab