gnu-social/vendor/apereo/phpcas/source/CAS/ProxiedService/Http/Abstract.php

361 lines
10 KiB
PHP
Raw Normal View History

<?php
/**
* Licensed to Jasig under one or more contributor license
* agreements. See the NOTICE file distributed with this work for
* additional information regarding copyright ownership.
*
* Jasig licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except in
* compliance with the License. You may obtain a copy of the License at:
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
* PHP Version 5
*
* @file CAS/ProxiedService/Http/Abstract.php
* @category Authentication
* @package PhpCAS
* @author Adam Franco <afranco@middlebury.edu>
* @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0
* @link https://wiki.jasig.org/display/CASC/phpCAS
*/
/**
* This class implements common methods for ProxiedService implementations included
* with phpCAS.
*
* @class CAS_ProxiedService_Http_Abstract
* @category Authentication
* @package PhpCAS
* @author Adam Franco <afranco@middlebury.edu>
* @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0
* @link https://wiki.jasig.org/display/CASC/phpCAS
*/
abstract class CAS_ProxiedService_Http_Abstract extends
CAS_ProxiedService_Abstract implements CAS_ProxiedService_Http
{
/**
* The HTTP request mechanism talking to the target service.
*
* @var CAS_Request_RequestInterface $requestHandler
*/
protected $requestHandler;
/**
* The storage mechanism for cookies set by the target service.
*
* @var CAS_CookieJar $_cookieJar
*/
private $_cookieJar;
/**
* Constructor.
*
* @param CAS_Request_RequestInterface $requestHandler request handler object
* @param CAS_CookieJar $cookieJar cookieJar object
*
* @return void
*/
public function __construct(CAS_Request_RequestInterface $requestHandler,
CAS_CookieJar $cookieJar
) {
$this->requestHandler = $requestHandler;
$this->_cookieJar = $cookieJar;
}
/**
* The target service url.
* @var string $_url;
*/
private $_url;
/**
* Answer a service identifier (URL) for whom we should fetch a proxy ticket.
*
* @return string
* @throws Exception If no service url is available.
*/
public function getServiceUrl()
{
if (empty($this->_url)) {
throw new CAS_ProxiedService_Exception(
'No URL set via ' . get_class($this) . '->setUrl($url).'
);
}
return $this->_url;
}
/*********************************************************
* Configure the Request
*********************************************************/
/**
* Set the URL of the Request
*
* @param string $url url to set
*
* @return void
* @throws CAS_OutOfSequenceException If called after the Request has been sent.
*/
public function setUrl($url)
{
if ($this->hasBeenSent()) {
throw new CAS_OutOfSequenceException(
'Cannot set the URL, request already sent.'
);
}
if (!is_string($url)) {
throw new CAS_InvalidArgumentException('$url must be a string.');
}
$this->_url = $url;
}
/*********************************************************
* 2. Send the Request
*********************************************************/
/**
* Perform the request.
*
* @return void
* @throws CAS_OutOfSequenceException If called multiple times.
* @throws CAS_ProxyTicketException If there is a proxy-ticket failure.
* The code of the Exception will be one of:
* PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE
* PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE
* PHPCAS_SERVICE_PT_FAILURE
* @throws CAS_ProxiedService_Exception If there is a failure sending the
* request to the target service.
*/
public function send()
{
if ($this->hasBeenSent()) {
throw new CAS_OutOfSequenceException(
'Cannot send, request already sent.'
);
}
phpCAS::traceBegin();
// Get our proxy ticket and append it to our URL.
$this->initializeProxyTicket();
$url = $this->getServiceUrl();
if (strstr($url, '?') === false) {
$url = $url . '?ticket=' . $this->getProxyTicket();
} else {
$url = $url . '&ticket=' . $this->getProxyTicket();
}
try {
$this->makeRequest($url);
} catch (Exception $e) {
phpCAS::traceEnd();
throw $e;
}
}
/**
* Indicator of the number of requests (including redirects performed.
*
* @var int $_numRequests;
*/
private $_numRequests = 0;
/**
* The response headers.
*
* @var array $_responseHeaders;
*/
private $_responseHeaders = array();
/**
* The response status code.
*
* @var int $_responseStatusCode;
*/
private $_responseStatusCode = '';
/**
* The response headers.
*
* @var string $_responseBody;
*/
private $_responseBody = '';
/**
* Build and perform a request, following redirects
*
* @param string $url url for the request
*
* @return void
* @throws CAS_ProxyTicketException If there is a proxy-ticket failure.
* The code of the Exception will be one of:
* PHPCAS_SERVICE_PT_NO_SERVER_RESPONSE
* PHPCAS_SERVICE_PT_BAD_SERVER_RESPONSE
* PHPCAS_SERVICE_PT_FAILURE
* @throws CAS_ProxiedService_Exception If there is a failure sending the
* request to the target service.
*/
protected function makeRequest($url)
{
// Verify that we are not in a redirect loop
$this->_numRequests++;
if ($this->_numRequests > 4) {
$message = 'Exceeded the maximum number of redirects (3) in proxied service request.';
phpCAS::trace($message);
throw new CAS_ProxiedService_Exception($message);
}
// Create a new request.
$request = clone $this->requestHandler;
$request->setUrl($url);
// Add any cookies to the request.
$request->addCookies($this->_cookieJar->getCookies($url));
// Add any other parts of the request needed by concrete classes
$this->populateRequest($request);
// Perform the request.
phpCAS::trace('Performing proxied service request to \'' . $url . '\'');
if (!$request->send()) {
$message = 'Could not perform proxied service request to URL`'
. $url . '\'. ' . $request->getErrorMessage();
phpCAS::trace($message);
throw new CAS_ProxiedService_Exception($message);
}
// Store any cookies from the response;
$this->_cookieJar->storeCookies($url, $request->getResponseHeaders());
// Follow any redirects
if ($redirectUrl = $this->getRedirectUrl($request->getResponseHeaders())
) {
phpCAS::trace('Found redirect:' . $redirectUrl);
$this->makeRequest($redirectUrl);
} else {
$this->_responseHeaders = $request->getResponseHeaders();
$this->_responseBody = $request->getResponseBody();
$this->_responseStatusCode = $request->getResponseStatusCode();
}
}
/**
* Add any other parts of the request needed by concrete classes
*
* @param CAS_Request_RequestInterface $request request interface object
*
* @return void
*/
abstract protected function populateRequest(
CAS_Request_RequestInterface $request
);
/**
* Answer a redirect URL if a redirect header is found, otherwise null.
*
* @param array $responseHeaders response header to extract a redirect from
*
* @return string|null
*/
protected function getRedirectUrl(array $responseHeaders)
{
// Check for the redirect after authentication
foreach ($responseHeaders as $header) {
if ( preg_match('/^(Location:|URI:)\s*([^\s]+.*)$/', $header, $matches)
) {
return trim(array_pop($matches));
}
}
return null;
}
/*********************************************************
* 3. Access the response
*********************************************************/
/**
* Answer true if our request has been sent yet.
*
* @return bool
*/
protected function hasBeenSent()
{
return ($this->_numRequests > 0);
}
/**
* Answer the headers of the response.
*
* @return array An array of header strings.
* @throws CAS_OutOfSequenceException If called before the Request has been sent.
*/
public function getResponseHeaders()
{
if (!$this->hasBeenSent()) {
throw new CAS_OutOfSequenceException(
'Cannot access response, request not sent yet.'
);
}
return $this->_responseHeaders;
}
/**
* Answer HTTP status code of the response
*
* @return int
* @throws CAS_OutOfSequenceException If called before the Request has been sent.
*/
public function getResponseStatusCode()
{
if (!$this->hasBeenSent()) {
throw new CAS_OutOfSequenceException(
'Cannot access response, request not sent yet.'
);
}
return $this->_responseStatusCode;
}
/**
* Answer the body of response.
*
* @return string
* @throws CAS_OutOfSequenceException If called before the Request has been sent.
*/
public function getResponseBody()
{
if (!$this->hasBeenSent()) {
throw new CAS_OutOfSequenceException(
'Cannot access response, request not sent yet.'
);
}
return $this->_responseBody;
}
/**
* Answer the cookies from the response. This may include cookies set during
* redirect responses.
*
* @return array An array containing cookies. E.g. array('name' => 'val');
*/
public function getCookies()
{
return $this->_cookieJar->getCookies($this->getServiceUrl());
}
}
?>