diff options
| -rw-r--r-- | app/controllers/cas.php | 4 | ||||
| -rw-r--r-- | composer.json | 2 | ||||
| -rw-r--r-- | composer.lock | 17 | ||||
| -rw-r--r-- | lib/classes/auth_plugins/StudipAuthCAS.class.php | 10 | ||||
| -rw-r--r-- | lib/classes/cas/CAS_ServiceBaseUrl_Studip.php | 15 |
5 files changed, 36 insertions, 12 deletions
diff --git a/app/controllers/cas.php b/app/controllers/cas.php index 6800844..a38600f 100644 --- a/app/controllers/cas.php +++ b/app/controllers/cas.php @@ -13,6 +13,7 @@ */ require_once 'lib/classes/cas/CAS_PGTStorage_Cache.php'; +require_once 'lib/classes/cas/CAS_ServiceBaseUrl_Studip.php'; class CasController extends StudipController { @@ -23,8 +24,9 @@ class CasController extends StudipController { $pgt = Request::get('pgtId'); $pgt_iou = Request::get('pgtIou'); + $base_url = new CAS_ServiceBaseUrl_Studip(); $cas_config = $GLOBALS['STUDIP_AUTH_CONFIG_CAS']; - phpCAS::proxy(CAS_VERSION_2_0, $cas_config['host'], $cas_config['port'], $cas_config['uri'], false); + phpCAS::proxy(CAS_VERSION_2_0, $cas_config['host'], $cas_config['port'], $cas_config['uri'], $base_url, false); $pgt_storage = new CAS_PGTStorage_Cache(phpCAS::getCasClient()); $pgt_storage->write($pgt, $pgt_iou); diff --git a/composer.json b/composer.json index f15ff4b..bbd4b8b 100644 --- a/composer.json +++ b/composer.json @@ -29,7 +29,7 @@ "mishal/iless": "^2.2", "ezyang/htmlpurifier": "^4.13", "davefx/phplot": "^6.2", - "jasig/phpcas": "^1.3", + "jasig/phpcas": "^1.6", "phpxmlrpc/phpxmlrpc": "^4.4", "gossi/docblock": "^1.6", "phpxmlrpc/extras": "^0.6.2", diff --git a/composer.lock b/composer.lock index 3e332d2..292c7d5 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "09395db276863ae31a0b9e4de81ab3e2", + "content-hash": "19451ff4cd3caf47bedb18e629cdd706", "packages": [ { "name": "algo26-matthias/idna-convert", @@ -620,16 +620,16 @@ }, { "name": "jasig/phpcas", - "version": "1.5.0", + "version": "1.6.1", "source": { "type": "git", "url": "https://github.com/apereo/phpCAS.git", - "reference": "d6f5797fb568726f34c8e48741776d81e4a2646b" + "reference": "c129708154852656aabb13d8606cd5b12dbbabac" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/apereo/phpCAS/zipball/d6f5797fb568726f34c8e48741776d81e4a2646b", - "reference": "d6f5797fb568726f34c8e48741776d81e4a2646b", + "url": "https://api.github.com/repos/apereo/phpCAS/zipball/c129708154852656aabb13d8606cd5b12dbbabac", + "reference": "c129708154852656aabb13d8606cd5b12dbbabac", "shasum": "" }, "require": { @@ -650,6 +650,9 @@ } }, "autoload": { + "files": [ + "source/CAS.php" + ], "classmap": [ "source/" ] @@ -682,9 +685,9 @@ ], "support": { "issues": "https://github.com/apereo/phpCAS/issues", - "source": "https://github.com/apereo/phpCAS/tree/1.5.0" + "source": "https://github.com/apereo/phpCAS/tree/1.6.1" }, - "time": "2022-05-03T21:12:54+00:00" + "time": "2023-02-19T19:52:35+00:00" }, { "name": "jumbojett/openid-connect-php", diff --git a/lib/classes/auth_plugins/StudipAuthCAS.class.php b/lib/classes/auth_plugins/StudipAuthCAS.class.php index 29deb75..06f3180 100644 --- a/lib/classes/auth_plugins/StudipAuthCAS.class.php +++ b/lib/classes/auth_plugins/StudipAuthCAS.class.php @@ -8,6 +8,7 @@ */ require_once 'lib/classes/cas/CAS_PGTStorage_Cache.php'; +require_once 'lib/classes/cas/CAS_ServiceBaseUrl_Studip.php'; class StudipAuthCAS extends StudipAuthSSO { @@ -31,13 +32,15 @@ class StudipAuthCAS extends StudipAuthSSO $this->login_description = _('für Single Sign On mit CAS'); } if (Request::get('sso') === $this->plugin_name) { + $base_url = new CAS_ServiceBaseUrl_Studip(); + if ($this->proxy) { URLHelper::setBaseUrl($GLOBALS['ABSOLUTE_URI_STUDIP']); - phpCAS::proxy(CAS_VERSION_2_0, $this->host, $this->port, $this->uri, false); + phpCAS::proxy(CAS_VERSION_2_0, $this->host, $this->port, $this->uri, $base_url, false); phpCAS::setPGTStorage(new CAS_PGTStorage_Cache(phpCAS::getCasClient())); phpCAS::setFixedCallbackURL(URLHelper::getURL('dispatch.php/cas/proxy')); } else { - phpCAS::client(CAS_VERSION_2_0, $this->host, $this->port, $this->uri, false); + phpCAS::client(CAS_VERSION_2_0, $this->host, $this->port, $this->uri, $base_url, false); } if (isset($this->cacert)) { @@ -83,7 +86,8 @@ class StudipAuthCAS extends StudipAuthSSO function logout() { // do a global cas logout - phpCAS::client(CAS_VERSION_2_0, $this->host, $this->port, $this->uri, false); + $base_url = new CAS_ServiceBaseUrl_Studip(); + phpCAS::client(CAS_VERSION_2_0, $this->host, $this->port, $this->uri, $base_url, false); phpCAS::logout(); } } diff --git a/lib/classes/cas/CAS_ServiceBaseUrl_Studip.php b/lib/classes/cas/CAS_ServiceBaseUrl_Studip.php new file mode 100644 index 0000000..0634e44 --- /dev/null +++ b/lib/classes/cas/CAS_ServiceBaseUrl_Studip.php @@ -0,0 +1,15 @@ +<?php + +class CAS_ServiceBaseUrl_Studip extends CAS_ServiceBaseUrl_AllowedListDiscovery +{ + public function __construct() + { + $protocol = $this->isHttps() ? 'https' : 'http'; + $allow_list = array_map(function($host) use ($protocol) { + $host = preg_replace('/\/.*/', '', $host); + return $protocol . '://' . $host; + }, $GLOBALS['STUDIP_DOMAINS'] ?? []); + + parent::__construct($allow_list); + } +} |