Added setCasAttributeParser call back (apereo#205)

Wolvverine · Jul 10, 2016 · 9376b31 · 9376b31
1 parent 1022a2a
commit 9376b31
Show file tree

Hide file tree

Showing 2 changed files with 94 additions and 40 deletions.
diff --git a/source/CAS.php b/source/CAS.php
@@ -138,9 +138,9 @@
  */
 define("SAML_ATTRIBUTES", 'SAMLATTRIBS');
 
-/**
- * SAML Attributes
- */
+/**
+ * SAML Attributes
+ */
 define("DEFAULT_ERROR", 'Internal script failure');
 
 /** @} */
@@ -302,13 +302,13 @@ class phpCAS
      */
     private static $_PHPCAS_DEBUG;
 
-    /**
+    /**
      * This variable is used to enable verbose mode
      * This pevents debug info to be show to the user. Since it's a security
      * feature the default is false
-     *
-     * @hideinitializer
-     */
+     *
+     * @hideinitializer
+     */
     private static $_PHPCAS_VERBOSE = false;
 
 
@@ -470,33 +470,33 @@ public static function setDebug($filename = '')
         }
     }
 
-    /**
+    /**
      * Enable verbose errors messages in the website output
      * This is a security relevant since internal status info may leak an may
-     * help an attacker. Default is therefore false
-     *
-     * @param bool $verbose enable verbose output
-     *
-     * @return void
-     */
+     * help an attacker. Default is therefore false
+     *
+     * @param bool $verbose enable verbose output
+     *
+     * @return void
+     */
     public static function setVerbose($verbose)
     {
-        if ($verbose === true) {
-            self::$_PHPCAS_VERBOSE = true;
+        if ($verbose === true) {
+            self::$_PHPCAS_VERBOSE = true;
         } else {
             self::$_PHPCAS_VERBOSE = false;
         }
     }
 
 
     /**
-     * Show is verbose mode is on
-     *
-     * @return boot verbose
-     */
-    public static function getVerbose()
-    {
-        return self::$_PHPCAS_VERBOSE;
+     * Show is verbose mode is on
+     *
+     * @return boot verbose
+     */
+    public static function getVerbose()
+    {
+        return self::$_PHPCAS_VERBOSE;
     }
 
     /**
@@ -995,6 +995,25 @@ public static function setCacheTimesForAuthRecheck($n)
         }
     }
 
+
+    /**
+     * Set a callback function to be run when receiving CAS attributes
+     *
+     * The callback function will be passed an $success_elements
+     * payload of the response (\DOMElement) as its first parameter.
+     *
+     * @param string $function       Callback function
+     * @param array  $additionalArgs optional array of arguments
+     *
+     * @return void
+     */
+    public static function setCasAttributeParserCallback($function, array $additionalArgs = array())
+    {
+        phpCAS::_validateClientExists();
+
+        self::$_PHPCAS_CLIENT->setCasAttributeParserCallback($function, $additionalArgs);
+    }
+
     /**
      * Set a callback function to be run when a user authenticates.
      *

diff --git a/source/CAS/Client.php b/source/CAS/Client.php
@@ -641,7 +641,33 @@ public function setNoClearTicketsFromUrl ()
     }
 
     /**
-     * @var callback $_postAuthenticateCallbackFunction;
+     * @var callback $_attributeParserCallbackFunction;
+     */
+    private $_casAttributeParserCallbackFunction = null;
+
+    /**
+     * @var array $_attributeParserCallbackArgs;
+     */
+    private $_casAttributeParserCallbackArgs = array();
+
+    /**
+     * Set a callback function to be run when parsing CAS attributes
+     *
+     * The callback function will be passed a XMLNode as its first parameter,
+     * followed by any $additionalArgs you pass.
+     *
+     * @param string $function       callback function to call
+     * @param array  $additionalArgs optional array of arguments
+     *
+     * @return void
+     */
+    public function setCasAttributeParserCallback($function, array $additionalArgs = array())
+    {
+        $this->_casAttributeParserCallbackFunction = $function;
+        $this->_casAttributeParserCallbackArgs = $additionalArgs;
+    }
+
+    /** @var callback $_postAuthenticateCallbackFunction;
      */
     private $_postAuthenticateCallbackFunction = null;
 
@@ -905,11 +931,11 @@ public function __construct(
             session_start();
             phpCAS :: trace("Starting a new session " . session_id());
         }
-        // Only for debug purposes
-        if ($this->isSessionAuthenticated()){
-            phpCAS :: trace("Session is authenticated as: " . $_SESSION['phpCAS']['user']);
-        } else {
-            phpCAS :: trace("Session is not authenticated");
+        // Only for debug purposes
+        if ($this->isSessionAuthenticated()){
+            phpCAS :: trace("Session is authenticated as: " . $_SESSION['phpCAS']['user']);
+        } else {
+            phpCAS :: trace("Session is not authenticated");
         }
         // are we in proxy mode ?
         $this->_proxy = $proxy;
@@ -1234,7 +1260,7 @@ public function renewAuthentication()
             $res = true;
         } else {
             $this->redirectToCas(false, true);
-            // never reached
+            // never reached
             $res = false;
         }
         phpCAS::traceEnd();
@@ -1964,9 +1990,9 @@ public function validateCAS10(&$validate_url,&$text_response,&$tree_response,$re
         $validate_url = $this->getServerServiceValidateURL()
             .'&ticket='.urlencode($this->getTicket());
 
-        if ( $renew ) {
-            // pass the renew
-            $validate_url .= '&renew=true';
+        if ( $renew ) {
+            // pass the renew
+            $validate_url .= '&renew=true';
         }
 
         // open and read the URL
@@ -2043,9 +2069,9 @@ public function validateSA(&$validate_url,&$text_response,&$tree_response,$renew
         // build the URL to validate the ticket
         $validate_url = $this->getServerSamlValidateURL();
 
-        if ( $renew ) {
-            // pass the renew
-            $validate_url .= '&renew=true';
+        if ( $renew ) {
+            // pass the renew
+            $validate_url .= '&renew=true';
         }
 
         // open and read the URL
@@ -3156,9 +3182,9 @@ public function validateCAS20(&$validate_url,&$text_response,&$tree_response, $r
             $validate_url .= '&pgtUrl='.urlencode($this->_getCallbackURL());
         }
 
-        if ( $renew ) {
-            // pass the renew
-            $validate_url .= '&renew=true';
+        if ( $renew ) {
+            // pass the renew
+            $validate_url .= '&renew=true';
         }
 
         // open and read the URL
@@ -3304,7 +3330,16 @@ private function _readExtraAttributesCas20($success_elements)
         // 		</cas:authenticationSuccess>
         // 	</cas:serviceResponse>
         //
-        if ( $success_elements->item(0)->getElementsByTagName("attributes")->length != 0) {
+        if ($this->_casAttributeParserCallbackFunction !== null
+            && is_callable($this->_casAttributeParserCallbackFunction)
+        ) {
+            array_unshift($this->_casAttributeParserCallbackArgs, $success_elements->item(0));
+            phpCas :: trace("Calling attritubeParser callback");
+            $extra_attributes =  call_user_func_array(
+                $this->_casAttributeParserCallbackFunction,
+                $this->_casAttributeParserCallbackArgs
+            );
+        } elseif ( $success_elements->item(0)->getElementsByTagName("attributes")->length != 0) {
             $attr_nodes = $success_elements->item(0)
                 ->getElementsByTagName("attributes");
             phpCas :: trace("Found nested jasig style attributes");