-
Notifications
You must be signed in to change notification settings - Fork 396
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Refactor CAS_Client, new public API? #62
Comments
I don't know (much) the phpCAS client, though I hope my comment can help. Refactoring the large phpCAS sources is a great idea, I think it makes sense to separate things according to the different versions of the protocol from a pure source code perspective and as the client configuration is done by protocol version. The Java CAS client is "organized in a similar way". In the Java CAS client :
|
+1 for refactoring I always had this on my todo list for the last couple of years. I actually created a 2.0-future branch where i jotted down a first very rough outline on an idea. However i'm not sure if simple inheritance by protocol for the client is the right way to go. The SimpleCAS client from Brett uses another approach that has a really nice touch to it and it has pretty much stuck in my head. Your idea also makes sense but is not as modular and extendable as we should try to be in my view. I'm just thinking about the many features/protocols we have and i believe it makes sense to have them completely separate from the core workings of the client code. Especially thinking about #10 i think such a design would make more sense than a simple inheritance model. So my rough idea would be to have a core client that uses different CAS protocol implementations that inherit protocols where possible and implement interfaces for specific advanced features (single sign out, proxy?) No idea if there is another pattern which we could use to achieve such an abstraction. |
Given the direction of comments in this issue, this is probably the place to continue discussing what a new public API might look like as I think that will drive the direction of refactoring the CAS_Client. Here is a first stab at one API design -- I'll try to think of a few more to give us ideas to ponder:
Pseudo-code:
|
The CAS_Client is currently a giant omnibus hunk of code weighing in at 3600 lines with 1123 statements (counted with
grep -P ';|{' source/CAS/Client.php | wc -l
). It has been discussed in other issues that the size and complexity of this class are problems. I'm opening this issue as a place to discuss options for refactoring theCAS_Client
into smaller pieces that are easier to understand and work with.My first stab at a refactoring the
CAS_client
was to pull all of the code used to proxy access to services (when using the CAS 2.0 protocol) into a separateCAS_Proxy
class. This reduced theCAS_client
to 2800 lines/862 statements. See the branch at https://github.com/Jasig/phpCAS/tree/Split_client_and_proxy for these changes. While these changes were certainly helpful, the client still has mess of different functions for each of the different protocols we support and complex switch or if/else statements to redirect the execution flow based on which protocol is in use.Here's an initial proposal for refactoring the
CAS_Client
:CAS_Client
becomes an abstract class that provides the overall flow-control forauthentication as shared by all of the protocols as well as common functions such as the
following sections from the client:
CAS_Client_Cas10
class extends theCAS_Client
and adds support for validating CAS 1.0 tickets.CAS_Client_Cas20
class extends theCAS_Client
and adds support for validating CAS 2.0 tickets and reading of attributes from CAS 2.0 responses.CAS_Client_Cas20Proxy
class extends theCAS_Client_Cas20
and adds support for proxying to other back-end services.CAS_Client_Saml11
class extends theCAS_Client
and adds support for validating SAML 1.1 tickets and reading attributes from SAML responses.phpCAS::client()
andphpCAS::proxy()
methods would be responsible for instantiating the proper client object based on the protocol passed.The big question: Does dividing up the client based on protocol seem like a reasonable option or can you think of a better way to slice it up?
The text was updated successfully, but these errors were encountered: