|
1
|
<?php
|
|
2
|
|
|
3
|
include_once('apps/maarch_entreprise/tools/phpCAS/CAS.php');
|
|
4
|
require_once('core' . DIRECTORY_SEPARATOR . 'class' . DIRECTORY_SEPARATOR . 'class_request.php');
|
|
5
|
require_once('core' . DIRECTORY_SEPARATOR . 'class' . DIRECTORY_SEPARATOR . 'class_history.php');
|
|
6
|
require_once('core' . DIRECTORY_SEPARATOR . 'class' . DIRECTORY_SEPARATOR . 'class_core_tools.php');
|
|
7
|
$core = new core_tools();
|
|
8
|
|
|
9
|
|
|
10
|
if (file_exists($_SESSION['config']['corepath'] . 'custom' .
|
|
11
|
DIRECTORY_SEPARATOR . $_SESSION['custom_override_id'] .
|
|
12
|
DIRECTORY_SEPARATOR . 'apps' . DIRECTORY_SEPARATOR .
|
|
13
|
$_SESSION['config']['app_id'] . DIRECTORY_SEPARATOR . 'xml' .
|
|
14
|
DIRECTORY_SEPARATOR . 'cas_config.xml')
|
|
15
|
){
|
|
16
|
$xmlPath = $_SESSION['config']['corepath'] . 'custom' . DIRECTORY_SEPARATOR
|
|
17
|
. $_SESSION['custom_override_id'] . DIRECTORY_SEPARATOR . 'apps'
|
|
18
|
. DIRECTORY_SEPARATOR . $_SESSION['config']['app_id']
|
|
19
|
. DIRECTORY_SEPARATOR . 'xml' . DIRECTORY_SEPARATOR . 'cas_config.xml';
|
|
20
|
} elseif (file_exists($_SESSION['config']['corepath'] . 'apps'
|
|
21
|
. DIRECTORY_SEPARATOR . $_SESSION['config']['app_id']
|
|
22
|
. DIRECTORY_SEPARATOR . 'xml' . DIRECTORY_SEPARATOR .
|
|
23
|
'cas_config.xml')
|
|
24
|
){
|
|
25
|
$xmlPath = $_SESSION['config']['corepath'] . DIRECTORY_SEPARATOR . 'apps'
|
|
26
|
. DIRECTORY_SEPARATOR . $_SESSION['config']['app_id']
|
|
27
|
. DIRECTORY_SEPARATOR . 'xml' . DIRECTORY_SEPARATOR . 'cas_config.xml';
|
|
28
|
} else {
|
|
29
|
echo _XML_FILE_NOT_EXISTS;
|
|
30
|
exit;
|
|
31
|
}
|
|
32
|
|
|
33
|
$xmlconfig = simplexml_load_file($xmlPath);
|
|
34
|
$loginRequestArray = array();
|
|
35
|
$loginRequestArray = $core->object2array($xmlconfig);
|
|
36
|
|
|
37
|
|
|
38
|
$cas_serveur = $loginRequestArray['WEB_CAS_URL'];
|
|
39
|
$cas_port = $loginRequestArray['WEB_CAS_PORT'];
|
|
40
|
$cas_context = $loginRequestArray['WEB_CAS_CONTEXT'];
|
|
41
|
$id_separator = $loginRequestArray['ID_SEPARATOR'];
|
|
42
|
$certificate = $loginRequestArray['PATH_CERTIFICATE'];
|
|
43
|
|
|
44
|
$_SESSION['cas_version'] = $loginRequestArray['CAS_VERSION'];
|
|
45
|
$_SESSION['cas_serveur'] = $cas_serveur;
|
|
46
|
$_SESSION['cas_port'] = $cas_port;
|
|
47
|
$_SESSION['cas_context'] = $cas_context;
|
|
48
|
$_SESSION['cas_certificate'] = $certificate;
|
|
49
|
$_SESSION['cas_id_separator'] = $id_separator;
|
|
50
|
|
|
51
|
phpCAS::setDebug();
|
|
52
|
phpCAS::setVerbose(true);
|
|
53
|
|
|
54
|
|
|
55
|
$result = phpCAS::client(constant($loginRequestArray['CAS_VERSION']), $cas_serveur, (int)$cas_port, $cas_context, false);
|
|
56
|
|
|
57
|
|
|
58
|
|
|
59
|
if(!empty($certificate)){
|
|
60
|
phpCAS::setCasServerCACert($certificate);
|
|
61
|
} else {
|
|
62
|
phpCAS::setNoCasServerValidation();
|
|
63
|
}
|
|
64
|
|
|
65
|
|
|
66
|
phpCAS::forceAuthentication();
|
|
67
|
|
|
68
|
|
|
69
|
|
|
70
|
|
|
71
|
if($loginRequestArray['CAS_VERSION'] == 'CAS_VERSION_2_0'){
|
|
72
|
|
|
73
|
$Id = phpCAS::getUser();
|
|
74
|
echo 'Identifiant : ' . phpCAS::getUser();
|
|
75
|
echo '<br/> phpCAS version : ' . phpCAS::getVersion();
|
|
76
|
if(!empty($id_separator)){
|
|
77
|
$tmpId = explode($id_separator, $Id);
|
|
78
|
$userId = $tmpId[0];
|
|
79
|
} else {
|
|
80
|
$userId = $Id;
|
|
81
|
}
|
|
82
|
|
|
83
|
} elseif($loginRequestArray['CAS_VERSION'] == 'SAML_VERSION_1_1'){
|
|
84
|
|
|
85
|
echo _CAS_SAML_NOT_SUPPORTED;
|
|
86
|
exit;
|
|
87
|
}elseif($loginRequestArray['CAS_VERSION'] == 'CAS_VERSION_3_0'){
|
|
88
|
|
|
89
|
$Id = phpCAS::getUser();
|
|
90
|
echo 'Identifiant : ' . phpCAS::getUser();
|
|
91
|
$userId = $Id;
|
|
92
|
}else {
|
|
93
|
echo _PROTOCOL_NOT_SUPPORTED;
|
|
94
|
echo phpCAS::getUser();
|
|
95
|
exit;
|
|
96
|
}
|
|
97
|
|
|
98
|
$db = new Database();
|
|
99
|
$query = "SELECT user_id FROM users WHERE user_id = ?";
|
|
100
|
$stmt = $db->query($query, array($userId));
|
|
101
|
|
|
102
|
if ($stmt->rowCount() == 0) {
|
|
103
|
echo '<br>' . _USER_NOT_EXIST;
|
|
104
|
exit;
|
|
105
|
}
|
|
106
|
|
|
107
|
$loginArray['password'] = 'maarch';
|
|
108
|
|
|
109
|
$protocol = 'http://';
|
|
110
|
if((int)$cas_port == 443){
|
|
111
|
$protocol = 'https://';
|
|
112
|
}
|
|
113
|
|
|
114
|
$_SESSION['web_cas_url'] = $protocol. $cas_serveur . $cas_context .'/logout';
|
|
115
|
|
|
116
|
$trace = new history();
|
|
117
|
if ($restMode) {
|
|
118
|
$security = new security();
|
|
119
|
$_SESSION['error'] = '';
|
|
120
|
$res = $security->login($userId, $loginArray['password'], 'restMode');
|
|
121
|
|
|
122
|
$_SESSION['user'] = $res['user'];
|
|
123
|
if (!empty($res['error'])) {
|
|
124
|
$_SESSION['error'] = $res['error'];
|
|
125
|
}
|
|
126
|
|
|
127
|
|
|
128
|
$trace->add(
|
|
129
|
"users",
|
|
130
|
$loginArray['UserId'],
|
|
131
|
"LOGIN",
|
|
132
|
_CONNECTION_CAS_OK,
|
|
133
|
$_SESSION['config']['databasetype'],
|
|
134
|
"ADMIN",
|
|
135
|
false
|
|
136
|
);
|
|
137
|
} else {
|
|
138
|
header("location: log.php");
|
|
139
|
|
|
140
|
|
|
141
|
$trace->add(
|
|
142
|
"users",
|
|
143
|
$userId,
|
|
144
|
"LOGIN",
|
|
145
|
"userlogin",
|
|
146
|
_CONNECTION_CAS_OK,
|
|
147
|
$_SESSION['config']['databasetype'],
|
|
148
|
"ADMIN",
|
|
149
|
false
|
|
150
|
);
|
|
151
|
|
|
152
|
exit();
|
|
153
|
}
|