Skip to content

Commit

Permalink
Merge pull request #8 from pbarabe/7-clientname
Browse files Browse the repository at this point in the history 
Update for breaking changes introduced in apereo/phpcas 1.6
  • Loading branch information
@pbarabe
pbarabe committed Oct 4, 2023
2 parents bd91560 + bac0b1d commit 10bafd9
Show file tree
Hide file tree
Showing 2 changed files with 90 additions and 46 deletions.
44 changes: 27 additions & 17 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ For existing applications you can add the following to your composer.json file:
}
],
"require": {
"uazgraduatecollege/cakephp-casauth": "~1.0"
"uazgraduatecollege/cakephp-casauth": "~2.0"
}
```

Expand All @@ -33,8 +33,9 @@ $this->Auth->config(
'authenticate',
[
'CasAuth.Cas' => [
'hostname' => 'cas.mydomain.com',
'uri' => 'authpath'
'cas_host => 'cas.mydomain.com',
'cas_context => '/cas,
'client_service_name => 'https://clientapplication.otherdomain.com',
]
]
);
Expand All @@ -48,36 +49,45 @@ $this->loadComponent(
[
'authenticate' => [
'CasAuth.Cas' => [
'hostname' => 'cas.mydomain.com',
'uri' => 'authpath'
'cas_host => 'cas.mydomain.com',
'cas_context => '/cas,
'client_service_name => 'https://clientapplication.otherdomain.com',
]
]
]
);

```

CAS parameters can be specified during `Auth->config` as above,
or by writing to the "CAS" key in Configure::write, e.g.
```php
Configure::write('CAS.hostname', 'cas.myhost.com');
Configure::write('CAS.port', 8443);
```

## Parameters

* **hostname** is required
* **port** defaults to 443
* **uri** defaults to '' (an empty string)
* *client_name* (optional) defaults to `$_SERVER['SERVER_NAME']`
* *debug* (optional) if true, then phpCAS will write debug info to logs/phpCAS.log
* **cas_host** is required.
* **cas_context** defaults to '' (an empty string)
* *client_service_name* (optional) defaults to `$_SERVER['SERVER_NAME']`
* *cas_port* defaults to 443
* *debug* (optional) if true, then phpCAS will write debug info to your configured logger.
* *cert_path* (optional) if set, then phpCAS will use the specified CA certificate file to verify the CAS server
* *curlopts* (optional) key/value paired array of additional CURL parameters to pass through to phpCAS::setExtraCurlOption, e.g.

```php
'curlopts' => [CURLOPT_PROXY => 'http://proxy:5543', CURLOPT_CRLF => true]
```

### Note about parameter key changes

Prior to release 2.0.0, several parameter used different keys.
Release 2.0.0 updates `apereo/phpcas` to use at least version 1.6, which contains breaking changes.
For better clarity, the previous parameter key names have been re-mapped to the new names, which
match variable names as used in the `apereo/phpcas`
[example client usage](https://github.com/apereo/phpCAS/blob/master/docs/examples/example_simple.php).

- `hostname` changed to `cas_host`
- `port` changed to `cas_port`
- `uri` changed to `cas_context`

cakephp-casauth looks for input parameters using the old keys to try to remain backwards compatible.
Your mileage may vary.

## License

This project was forked from
Expand Down
92 changes: 63 additions & 29 deletions src/Auth/CasAuthenticate.php
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,6 @@
<?php
declare(strict_types=1);

/**
* Copyright 2015 Glen Sawyer
Expand All @@ -20,8 +22,8 @@
namespace CasAuth\Auth;

use Cake\Auth\BaseAuthenticate;
use Cake\Controller\ComponentRegistry;
use Cake\Controller\Component\AuthComponent;
use Cake\Controller\ComponentRegistry;
use Cake\Core\Configure;
use Cake\Event\Event;
use Cake\Event\EventDispatcherTrait;
Expand All @@ -34,46 +36,79 @@ class CasAuthenticate extends BaseAuthenticate
{
use EventDispatcherTrait;

/**
* $_defaultConfig
*
* Default configuration array of variables passed to phpcas::client().
* Example usage of these settings can be viewed in the apereo/phpcas documentation
* at https://github.com/apereo/phpCAS/blob/master/docs/examples/example_simple.php
*
* @var array $_defaultConfig The array of settings values to configure the CAS client
* @var string $_defaultConfig['cas_host'] The CAS host/domain name, eg. example.domain.com
* @var int $_defaultConfig['cas_port'] The port where CAS can be reached. Default 443
* @var string $_defaultConfig['cas_context'] The URL path that triggers authentication, eg. /cas
* @var string $_defaultConfig['client_service_name'] The base URL of the client service in protocol://domain:port format.
* @var bool $_defaultConfig['debug'] Whether debugging is on and should trigger log output. Default false
*/
protected $_defaultConfig = [
'hostname' => null,
'port' => 443,
'uri' => '',
'client_name' => null,
'cas_host' => null,
'cas_port' => 443,
'cas_context' => '',
'client_service_name' => null,
'debug' => false,
];

/**
* {@inheritDoc}
* @inheritDoc
*/
public function __construct(ComponentRegistry $registry, array $config = [])
{
//Configuration params can be set via global Configure::write or via Auth->config
//Auth->config params override global Configure, so we'll pass them in last
// For backwards-compatibility, re-map older settings keys to new ones
if (empty($config['cas_host']) && !empty($config['hostname'])) {
$config['cas_host'] = $config['hostname'];
unset($config['hostname']);
}
if (empty($config['cas_port']) && !empty($config['port'])) {
$config['cas_port'] = $config['port'];
unset($config['port']);
}
if (empty($config['cas_context']) && !empty($config['uri'])) {
$config['cas_context'] = $config['uri'];
unset($config['uri']);
}
// Set default value of $service_base_url passed to phpCAS::client()
if (empty($config['client_service_name'])) {
$config['client_service_name'] =
$_SERVER['REQUEST_SCHEME']
. '://'
. $_SERVER['HTTP_HOST'];
}

// Configuration params can be set via global Configure::write or via Auth->config
// Auth->config params override global Configure, so we'll pass them in last
parent::__construct($registry, (array)Configure::read('CAS'));
$this->setConfig($config);

//Get the merged config settings
// Get the merged config settings
$settings = $this->getConfig();

// Enable logging/debugging
if (!empty($settings['debug'])) {
phpCAS::setLogger();
}

if (empty($settings['client_name'])) {
$settings['client_name'] = $_SERVER['SERVER_NAME'];
}

//The "isInitialized" check isn't necessary during normal use,
//but during *testing* if Authentication is tested more than once, then
//the fact that phpCAS uses a static global initialization can
//cause problems
// The "isInitialized" check isn't necessary during normal use,
// but during *testing* if Authentication is tested more than once, then
// the fact that phpCAS uses a static global initialization can
// cause problems
if (!phpCAS::isInitialized()) {
phpCAS::client(
CAS_VERSION_2_0,
$settings['hostname'],
$settings['port'],
$settings['uri'],
$settings['client_name'],
);
phpCAS::client(
CAS_VERSION_2_0,
$settings['cas_host'], // $cas_host
$settings['cas_port'], // $cas_port
$settings['cas_context'], // $cas_context
$settings['client_service_name'] // $client_service_name
);
}

if (!empty($settings['curlopts'])) {
Expand All @@ -97,7 +132,7 @@ public function __construct(ComponentRegistry $registry, array $config = [])
}

/**
* {@inheritDoc}
* @inheritDoc
*/
public function authenticate(ServerRequest $request, Response $response)
{
Expand All @@ -118,7 +153,7 @@ public function authenticate(ServerRequest $request, Response $response)
}

/**
* {@inheritDoc}
* @inheritDoc
*/
public function getUser(ServerRequest $request)
{
Expand All @@ -144,8 +179,7 @@ public function getUser(ServerRequest $request)
* Log a user out. Interrupts initial call to AuthComponent logout
* to handle CAS logout, which happens on separate CAS server
*
* @param Event $event Auth.logout event
*
* @param \Cake\Event\Event $event Auth.logout event
* @return void
*/
public function logout(Event $event)
Expand Down Expand Up @@ -181,4 +215,4 @@ public function implementedEvents(): array
{
return ['Auth.logout' => 'logout'];
}
}
}

0 comments on commit 10bafd9

Please sign in to comment.