441 lines
13 KiB
PHP
441 lines
13 KiB
PHP
<?php
|
|
|
|
/**
|
|
* Licensed to Jasig under one or more contributor license
|
|
* agreements. See the NOTICE file distributed with this work for
|
|
* additional information regarding copyright ownership.
|
|
*
|
|
* Jasig licenses this file to you under the Apache License,
|
|
* Version 2.0 (the "License"); you may not use this file except in
|
|
* compliance with the License. You may obtain a copy of the License at:
|
|
*
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
*
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
* See the License for the specific language governing permissions and
|
|
* limitations under the License.
|
|
*
|
|
* PHP Version 5
|
|
*
|
|
* @file CAS/PGTStorage/Db.php
|
|
* @category Authentication
|
|
* @package PhpCAS
|
|
* @author Daniel Frett <daniel.frett@gmail.com>
|
|
* @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0
|
|
* @link https://wiki.jasig.org/display/CASC/phpCAS
|
|
*/
|
|
|
|
define('CAS_PGT_STORAGE_DB_DEFAULT_TABLE', 'cas_pgts');
|
|
|
|
/**
|
|
* Basic class for PGT database storage
|
|
* The CAS_PGTStorage_Db class is a class for PGT database storage.
|
|
*
|
|
* @class CAS_PGTStorage_Db
|
|
* @category Authentication
|
|
* @package PhpCAS
|
|
* @author Daniel Frett <daniel.frett@gmail.com>
|
|
* @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0
|
|
* @link https://wiki.jasig.org/display/CASC/phpCAS
|
|
*
|
|
* @ingroup internalPGTStorageDb
|
|
*/
|
|
|
|
class CAS_PGTStorage_Db extends CAS_PGTStorage_AbstractStorage
|
|
{
|
|
/**
|
|
* @addtogroup internalCAS_PGTStorageDb
|
|
* @{
|
|
*/
|
|
|
|
/**
|
|
* the PDO object to use for database interactions
|
|
*/
|
|
private $_pdo;
|
|
|
|
/**
|
|
* This method returns the PDO object to use for database interactions.
|
|
*
|
|
* @return PDO object
|
|
*/
|
|
private function _getPdo()
|
|
{
|
|
return $this->_pdo;
|
|
}
|
|
|
|
/**
|
|
* database connection options to use when creating a new PDO object
|
|
*/
|
|
private $_dsn;
|
|
private $_username;
|
|
private $_password;
|
|
private $_driver_options;
|
|
|
|
/**
|
|
* @var string the table to use for storing/retrieving pgt's
|
|
*/
|
|
private $_table;
|
|
|
|
/**
|
|
* This method returns the table to use when storing/retrieving PGT's
|
|
*
|
|
* @return string the name of the pgt storage table.
|
|
*/
|
|
private function _getTable()
|
|
{
|
|
return $this->_table;
|
|
}
|
|
|
|
// ########################################################################
|
|
// DEBUGGING
|
|
// ########################################################################
|
|
|
|
/**
|
|
* This method returns an informational string giving the type of storage
|
|
* used by the object (used for debugging purposes).
|
|
*
|
|
* @return string an informational string.
|
|
*/
|
|
public function getStorageType()
|
|
{
|
|
return "db";
|
|
}
|
|
|
|
/**
|
|
* This method returns an informational string giving informations on the
|
|
* parameters of the storage.(used for debugging purposes).
|
|
*
|
|
* @return string an informational string.
|
|
* @public
|
|
*/
|
|
public function getStorageInfo()
|
|
{
|
|
return 'table=`'.$this->_getTable().'\'';
|
|
}
|
|
|
|
// ########################################################################
|
|
// CONSTRUCTOR
|
|
// ########################################################################
|
|
|
|
/**
|
|
* The class constructor.
|
|
*
|
|
* @param CAS_Client $cas_parent the CAS_Client instance that creates
|
|
* the object.
|
|
* @param string $dsn_or_pdo a dsn string to use for creating a PDO
|
|
* object or a PDO object
|
|
* @param string $username the username to use when connecting to
|
|
* the database
|
|
* @param string $password the password to use when connecting to
|
|
* the database
|
|
* @param string $table the table to use for storing and
|
|
* retrieving PGT's
|
|
* @param string $driver_options any driver options to use when
|
|
* connecting to the database
|
|
*/
|
|
public function __construct(
|
|
$cas_parent, $dsn_or_pdo, $username='', $password='', $table='',
|
|
$driver_options=null
|
|
) {
|
|
phpCAS::traceBegin();
|
|
// call the ancestor's constructor
|
|
parent::__construct($cas_parent);
|
|
|
|
// set default values
|
|
if ( empty($table) ) {
|
|
$table = CAS_PGT_STORAGE_DB_DEFAULT_TABLE;
|
|
}
|
|
if ( !is_array($driver_options) ) {
|
|
$driver_options = array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION);
|
|
}
|
|
|
|
// store the specified parameters
|
|
if ($dsn_or_pdo instanceof PDO) {
|
|
$this->_pdo = $dsn_or_pdo;
|
|
} else {
|
|
$this->_dsn = $dsn_or_pdo;
|
|
$this->_username = $username;
|
|
$this->_password = $password;
|
|
$this->_driver_options = $driver_options;
|
|
}
|
|
|
|
// store the table name
|
|
$this->_table = $table;
|
|
|
|
phpCAS::traceEnd();
|
|
}
|
|
|
|
// ########################################################################
|
|
// INITIALIZATION
|
|
// ########################################################################
|
|
|
|
/**
|
|
* This method is used to initialize the storage. Halts on error.
|
|
*
|
|
* @return void
|
|
*/
|
|
public function init()
|
|
{
|
|
phpCAS::traceBegin();
|
|
// if the storage has already been initialized, return immediatly
|
|
if ($this->isInitialized()) {
|
|
return;
|
|
}
|
|
|
|
// initialize the base object
|
|
parent::init();
|
|
|
|
// create the PDO object if it doesn't exist already
|
|
if (!($this->_pdo instanceof PDO)) {
|
|
try {
|
|
$this->_pdo = new PDO(
|
|
$this->_dsn, $this->_username, $this->_password,
|
|
$this->_driver_options
|
|
);
|
|
}
|
|
catch(PDOException $e) {
|
|
phpCAS::error('Database connection error: ' . $e->getMessage());
|
|
}
|
|
}
|
|
|
|
phpCAS::traceEnd();
|
|
}
|
|
|
|
// ########################################################################
|
|
// PDO database interaction
|
|
// ########################################################################
|
|
|
|
/**
|
|
* attribute that stores the previous error mode for the PDO handle while
|
|
* processing a transaction
|
|
*/
|
|
private $_errMode;
|
|
|
|
/**
|
|
* This method will enable the Exception error mode on the PDO object
|
|
*
|
|
* @return void
|
|
*/
|
|
private function _setErrorMode()
|
|
{
|
|
// get PDO object and enable exception error mode
|
|
$pdo = $this->_getPdo();
|
|
$this->_errMode = $pdo->getAttribute(PDO::ATTR_ERRMODE);
|
|
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
|
|
}
|
|
|
|
/**
|
|
* this method will reset the error mode on the PDO object
|
|
*
|
|
* @return void
|
|
*/
|
|
private function _resetErrorMode()
|
|
{
|
|
// get PDO object and reset the error mode to what it was originally
|
|
$pdo = $this->_getPdo();
|
|
$pdo->setAttribute(PDO::ATTR_ERRMODE, $this->_errMode);
|
|
}
|
|
|
|
// ########################################################################
|
|
// database queries
|
|
// ########################################################################
|
|
// these queries are potentially unsafe because the person using this library
|
|
// can set the table to use, but there is no reliable way to escape SQL
|
|
// fieldnames in PDO yet
|
|
|
|
/**
|
|
* This method returns the query used to create a pgt storage table
|
|
*
|
|
* @return string the create table SQL, no bind params in query
|
|
*/
|
|
protected function createTableSql()
|
|
{
|
|
return 'CREATE TABLE ' . $this->_getTable()
|
|
. ' (pgt_iou VARCHAR(255) NOT NULL PRIMARY KEY, pgt VARCHAR(255) NOT NULL)';
|
|
}
|
|
|
|
/**
|
|
* This method returns the query used to store a pgt
|
|
*
|
|
* @return string the store PGT SQL, :pgt and :pgt_iou are the bind params contained
|
|
* in the query
|
|
*/
|
|
protected function storePgtSql()
|
|
{
|
|
return 'INSERT INTO ' . $this->_getTable()
|
|
. ' (pgt_iou, pgt) VALUES (:pgt_iou, :pgt)';
|
|
}
|
|
|
|
/**
|
|
* This method returns the query used to retrieve a pgt. the first column
|
|
* of the first row should contain the pgt
|
|
*
|
|
* @return string the retrieve PGT SQL, :pgt_iou is the only bind param contained
|
|
* in the query
|
|
*/
|
|
protected function retrievePgtSql()
|
|
{
|
|
return 'SELECT pgt FROM ' . $this->_getTable() . ' WHERE pgt_iou = :pgt_iou';
|
|
}
|
|
|
|
/**
|
|
* This method returns the query used to delete a pgt.
|
|
*
|
|
* @return string the delete PGT SQL, :pgt_iou is the only bind param contained in
|
|
* the query
|
|
*/
|
|
protected function deletePgtSql()
|
|
{
|
|
return 'DELETE FROM ' . $this->_getTable() . ' WHERE pgt_iou = :pgt_iou';
|
|
}
|
|
|
|
// ########################################################################
|
|
// PGT I/O
|
|
// ########################################################################
|
|
|
|
/**
|
|
* This method creates the database table used to store pgt's and pgtiou's
|
|
*
|
|
* @return void
|
|
*/
|
|
public function createTable()
|
|
{
|
|
phpCAS::traceBegin();
|
|
|
|
// initialize this PGTStorage object if it hasn't been initialized yet
|
|
if ( !$this->isInitialized() ) {
|
|
$this->init();
|
|
}
|
|
|
|
// initialize the PDO object for this method
|
|
$pdo = $this->_getPdo();
|
|
$this->_setErrorMode();
|
|
|
|
try {
|
|
$pdo->beginTransaction();
|
|
|
|
$query = $pdo->query($this->createTableSQL());
|
|
$query->closeCursor();
|
|
|
|
$pdo->commit();
|
|
}
|
|
catch(PDOException $e) {
|
|
// attempt rolling back the transaction before throwing a phpCAS error
|
|
try {
|
|
$pdo->rollBack();
|
|
}
|
|
catch(PDOException $e) {
|
|
}
|
|
phpCAS::error('error creating PGT storage table: ' . $e->getMessage());
|
|
}
|
|
|
|
// reset the PDO object
|
|
$this->_resetErrorMode();
|
|
|
|
phpCAS::traceEnd();
|
|
}
|
|
|
|
/**
|
|
* This method stores a PGT and its corresponding PGT Iou in the database.
|
|
* Echoes a warning on error.
|
|
*
|
|
* @param string $pgt the PGT
|
|
* @param string $pgt_iou the PGT iou
|
|
*
|
|
* @return void
|
|
*/
|
|
public function write($pgt, $pgt_iou)
|
|
{
|
|
phpCAS::traceBegin();
|
|
|
|
// initialize the PDO object for this method
|
|
$pdo = $this->_getPdo();
|
|
$this->_setErrorMode();
|
|
|
|
try {
|
|
$pdo->beginTransaction();
|
|
|
|
$query = $pdo->prepare($this->storePgtSql());
|
|
$query->bindValue(':pgt', $pgt, PDO::PARAM_STR);
|
|
$query->bindValue(':pgt_iou', $pgt_iou, PDO::PARAM_STR);
|
|
$query->execute();
|
|
$query->closeCursor();
|
|
|
|
$pdo->commit();
|
|
}
|
|
catch(PDOException $e) {
|
|
// attempt rolling back the transaction before throwing a phpCAS error
|
|
try {
|
|
$pdo->rollBack();
|
|
}
|
|
catch(PDOException $e) {
|
|
}
|
|
phpCAS::error('error writing PGT to database: ' . $e->getMessage());
|
|
}
|
|
|
|
// reset the PDO object
|
|
$this->_resetErrorMode();
|
|
|
|
phpCAS::traceEnd();
|
|
}
|
|
|
|
/**
|
|
* This method reads a PGT corresponding to a PGT Iou and deletes the
|
|
* corresponding db entry.
|
|
*
|
|
* @param string $pgt_iou the PGT iou
|
|
*
|
|
* @return string|false the corresponding PGT, or FALSE on error
|
|
*/
|
|
public function read($pgt_iou)
|
|
{
|
|
phpCAS::traceBegin();
|
|
$pgt = false;
|
|
|
|
// initialize the PDO object for this method
|
|
$pdo = $this->_getPdo();
|
|
$this->_setErrorMode();
|
|
|
|
try {
|
|
$pdo->beginTransaction();
|
|
|
|
// fetch the pgt for the specified pgt_iou
|
|
$query = $pdo->prepare($this->retrievePgtSql());
|
|
$query->bindValue(':pgt_iou', $pgt_iou, PDO::PARAM_STR);
|
|
$query->execute();
|
|
$pgt = $query->fetchColumn(0);
|
|
$query->closeCursor();
|
|
|
|
// delete the specified pgt_iou from the database
|
|
$query = $pdo->prepare($this->deletePgtSql());
|
|
$query->bindValue(':pgt_iou', $pgt_iou, PDO::PARAM_STR);
|
|
$query->execute();
|
|
$query->closeCursor();
|
|
|
|
$pdo->commit();
|
|
}
|
|
catch(PDOException $e) {
|
|
// attempt rolling back the transaction before throwing a phpCAS error
|
|
try {
|
|
$pdo->rollBack();
|
|
}
|
|
catch(PDOException $e) {
|
|
}
|
|
phpCAS::trace('error reading PGT from database: ' . $e->getMessage());
|
|
}
|
|
|
|
// reset the PDO object
|
|
$this->_resetErrorMode();
|
|
|
|
phpCAS::traceEnd();
|
|
return $pgt;
|
|
}
|
|
|
|
/** @} */
|
|
|
|
}
|
|
|
|
?>
|