diff --git a/src/Xavrsl/Cas/Sso.php b/src/Xavrsl/Cas/Sso.php index e8e3fb3..1dbea3c 100644 --- a/src/Xavrsl/Cas/Sso.php +++ b/src/Xavrsl/Cas/Sso.php @@ -42,6 +42,7 @@ private function initializeCas() $this->configureCasClient(); $this->configureSslValidation(); + $this->configureServerValidateURL(); phpCAS::handleLogoutRequests(); $this->configureProxyChain(); @@ -99,6 +100,35 @@ private function configureSslValidation() } } + /** + * Configure a non-standard url for ticket validation + * + */ + private function configureServerValidateURL() + { + // set a non-standard url for ticket validation + if ($this->config['cas_validation_url']) + { + if ($this->config['cas_proxy']) { + // Set the proxyValidate URL of the CAS server. /proxyValidate [CAS 2.0] + // https://apereo.github.io/cas/5.0.x/protocol/CAS-Protocol-Specification.html#proxyvalidate-cas-20 + phpCAS::setServerProxyValidateURL($this->config['cas_validation_url']); + } + else if ($this->config['cas_saml']) + { + // Set the samlValidate URL of the CAS server. /samlValidate [CAS 3.0] + // https://apereo.github.io/cas/5.0.x/protocol/CAS-Protocol-Specification.html#samlvalidate-cas-30 + phpCAS::setServerSamlValidateURL($this->config['cas_validation_url']); + } + else + { + // Set the serviceValidate URL of the CAS server. /serviceValidate [CAS 2.0] + // https://apereo.github.io/cas/5.0.x/protocol/CAS-Protocol-Specification.html#servicevalidate-cas-20 + phpCAS::setServerServiceValidateURL($this->config['cas_validation_url']); + } + } + } + /** * Configure Cas Proxy Chain * @@ -218,6 +248,8 @@ public function user() */ public function getAttributes() { + if($this->isPretending()) return $this->config['cas_pretend_user_attributes']; + return phpCAS::getAttributes(); } diff --git a/src/config/cas.php b/src/config/cas.php index ff49325..892f91a 100644 --- a/src/config/cas.php +++ b/src/config/cas.php @@ -63,6 +63,23 @@ 'cas_validation' => env('CAS_VALIDATION', ''), + /* + |-------------------------------------------------------------------------- + | Custom CAS url for ticker validation + |-------------------------------------------------------------------------- + | + | Configure a non-standard url for ticket validation. + | This feature is supported in phpCAS since version 1.1.0RC2. + | The validation urls can be set for service, proxy and saml validation. + | + | Example: + | https://github.com/Jasig/phpCAS/blob/master/docs/examples/example_custom_urls.php + | + */ + + 'cas_validation_url' => env('CAS_VALIDATION_URL', false), + + /* |-------------------------------------------------------------------------- | CAS Certificate @@ -87,6 +104,24 @@ 'cas_pretend_user' => env('CAS_PRETEND_USER', ''), + + /* + |-------------------------------------------------------------------------- + | Pretend CAS user attributes + |-------------------------------------------------------------------------- + | + | This is useful in development mode when using 'cas_pretend_user' + | configuration we need to defined some defaults attributes for the + | user. This attributes are returned if ::getAttributes() is called. + | + | Exemple: + | When a user is logged in his attributes we can find + | out his role in the system: + | 'cas_pretend_user_attributes' => array('role' => 'ADMIN'), + */ + + 'cas_pretend_user_attributes' => array(), + /* |-------------------------------------------------------------------------- | Use as Cas proxy ?