LSldapObject :: validateAttrData() : Fixed error in search filter specified by user
[ldapsaisie.git] / public_html / includes / class / class.LSauthCAS.php
1 <?php
2 /*******************************************************************************
3  * Copyright (C) 2007 Easter-eggs
4  * http://ldapsaisie.labs.libre-entreprise.org
5  *
6  * Author: See AUTHORS file in top-level directory.
7  *
8  * This program is free software; you can redistribute it and/or
9  * modify it under the terms of the GNU General Public License version 2
10  * as published by the Free Software Foundation.
11  *
12  * This program is distributed in the hope that it will be useful,
13  * but WITHOUT ANY WARRANTY; without even the implied warranty of
14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15  * GNU General Public License for more details.
16  *
17  * You should have received a copy of the GNU General Public License
18  * along with this program; if not, write to the Free Software
19  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA    02111-1307, USA.
20
21 ******************************************************************************/
22
23 /**
24  * Gestion de l'authentification d'un utilisateur via une authentification 
25  * CAS
26  *
27  * @author Benjamin Renard <brenard@easter-eggs.com>
28  */
29 class LSauthCAS extends LSauth {
30         
31         var $params = array (
32                 'displayLoginForm' => false,
33                 'displayLogoutBtn' => true
34         );
35
36  /**
37   * Constructor
38         */
39         public function LSauthCAS() {
40                 if (LSsession :: includeFile(PHP_CAS_PATH)) {
41                         if (defined('PHP_CAS_DEBUG_FILE')) {
42                                 phpCAS::setDebug(PHP_CAS_DEBUG_FILE);
43                         }
44                         phpCAS::client(constant(LSAUTH_CAS_VERSION),LSAUTH_CAS_SERVER_HOSTNAME,LSAUTH_CAS_SERVER_PORT,LSAUTH_CAS_SERVER_URI,false);
45                         if (LSAUTH_CAS_SERVER_NO_SSL_VALIDATION) {
46                                 phpCAS::setNoCasServerValidation();
47                         }
48
49                         if (defined(LSAUTH_CAS_SERVER_SSL_CERT)) {
50                                 phpCAS::setCasServerCert(LSAUTH_CAS_SERVER_SSL_CERT);
51                         }
52
53                         if (defined(LSAUTH_CAS_SERVER_SSL_CACERT)) {
54                                 phpCAS::setCasServerCACert(LSAUTH_CAS_SERVER_SSL_CACERT);
55                         }
56
57                         if (LSAUTH_CAS_DISABLE_LOGOUT) {
58                                 $this -> params['displayLogoutBtn'] = false;
59                         }
60
61                         return true;
62                 }
63                 else {
64                         LSerror :: addErrorCode('LSauthCAS_01');
65                 }
66                 return false;
67         }
68
69         /**
70          * Check Post Data
71          * 
72          * @retval array|False Array of post data if exist or False
73          **/
74         public function getPostData() {
75                 if (class_exists('phpCAS')) {
76                         // Launch Auth
77                         phpCAS::forceAuthentication();
78
79                         $this -> authData = array(
80                                 'username' => phpCAS::getUser(),
81                                 'password' => '',
82                                 'ldapserver' => $_REQUEST['LSsession_ldapserver'],
83                                 'topDn' => $_REQUEST['LSsession_topDn']
84                         );
85                         return true;
86                 }
87                 return;
88         }
89         
90         /**
91          * Check user login
92          *
93          * @param[in] $username The username
94          * @param[in] $password The password
95          *
96          * @retval LSldapObject|false The LSldapObject of the user authificated or false 
97          */
98         public function authenticate() {
99                 if (LSsession :: loadLSobject(LSsession :: $ldapServer['authObjectType'])) {
100                         $authobject = new LSsession :: $ldapServer['authObjectType']();
101                         $result = $authobject -> searchObject(
102                                 $this ->        authData['username'],
103                                 LSsession :: getTopDn(),
104                                 LSsession :: $ldapServer['authObjectFilter']
105                         );
106                         $nbresult=count($result);
107                         
108                         if ($nbresult==0) {
109                                 // identifiant incorrect
110                                 LSdebug('identifiant incorrect');
111                                 LSerror :: addErrorCode('LSauth_01');
112                         }
113                         else if ($nbresult>1) {
114                                 // duplication d'authentit√©
115                                 LSerror :: addErrorCode('LSauth_02');
116                         }
117                         else {
118                                 // Authentication succeeded
119                                 return $result[0];
120                         }
121                 }
122                 else {
123                         LSerror :: addErrorCode('LSauth_03');
124                 }
125                 return;
126         }
127
128         public function logout() {
129                 if(class_exists('phpCAS')) {
130                         if ($this -> params['displayLogoutBtn']) {
131                                 phpCAS :: forceAuthentication();
132                                 phpCAS :: logout();
133                         }
134                 }
135         }
136 }
137 /*
138  * Error Codes
139  */
140 LSerror :: defineError('LSauthCAS_01',
141 _("LSauthCAS : Failed to load phpCAS.")
142 );
143 ?>