diff --git a/application/config/cas-authentification-config-example.php b/application/config/cas-authentification-config-example.php new file mode 100644 index 0000000..3d453d4 --- /dev/null +++ b/application/config/cas-authentification-config-example.php @@ -0,0 +1,102 @@ + + * @author Adam Franco + * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 + * @link https://wiki.jasig.org/display/CASC/phpCAS + */ + +$phpcas_path = '../../source/'; + +/////////////////////////////////////// +// Basic Config of the phpCAS client // +/////////////////////////////////////// + +// Full Hostname of your CAS Server +$cas_host = 'cas.domain.fr'; +// Context of the CAS Server +$cas_context = 'cas'; +// Port of your CAS server. Normally for a https server it's 443 +$cas_port = 443; +// Path to the ca chain that issued the cas server certificate +$cas_server_ca_cert_path = ''; + +////////////////////////////////////////// +// Advanced Config for special purposes // +////////////////////////////////////////// +/* +// The "real" hosts of clustered cas server that send SAML logout messages +// Assumes the cas server is load balanced across multiple hosts +$cas_real_hosts = array('cas-real-1.example.com', 'cas-real-2.example.com'); + +// Client config for cookie hardening +$client_domain = '127.0.0.1'; +$client_path = 'phpcas'; +$client_secure = true; +$client_httpOnly = true; +$client_lifetime = 0; + +// Database config for PGT Storage +$db = 'pgsql:host=localhost;dbname=phpcas'; +//$db = 'mysql:host=localhost;dbname=phpcas'; +$db_user = 'phpcasuser'; +$db_password = 'mysupersecretpass'; +$db_table = 'phpcastabel'; +$driver_options = ''; + +/////////////////////////////////////////// +// End Configuration -- Don't edit below // +/////////////////////////////////////////// + +// Generating the URLS for the local cas example services for proxy testing +if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') { + $curbase = 'https://' . $_SERVER['SERVER_NAME']; +} else { + $curbase = 'http://' . $_SERVER['SERVER_NAME']; +} +if ($_SERVER['SERVER_PORT'] != 80 && $_SERVER['SERVER_PORT'] != 443) { + $curbase .= ':' . $_SERVER['SERVER_PORT']; +} + +$curdir = dirname($_SERVER['REQUEST_URI']) . "/"; + +// CAS client nodes for rebroadcasting pgtIou/pgtId and logoutRequest +$rebroadcast_node_1 = 'http://cas-client-1.example.com'; +$rebroadcast_node_2 = 'http://cas-client-2.example.com'; + +// access to a single service +$serviceUrl = $curbase . $curdir . 'example_service.php'; +// access to a second service +$serviceUrl2 = $curbase . $curdir . 'example_service_that_proxies.php'; + +$pgtBase = preg_quote(preg_replace('/^http:/', 'https:', $curbase . $curdir), '/'); +$pgtUrlRegexp = '/^' . $pgtBase . '.*$/'; + +$cas_url = 'https://' . $cas_host; +if ($cas_port != '443') { + $cas_url = $cas_url . ':' . $cas_port; +} +$cas_url = $cas_url . $cas_context; + +// Set the session-name to be unique to the current script so that the client script +// doesn't share its session with a proxied script. +// This is just useful when running the example code, but not normally. +session_name( + 'session_for-' + . preg_replace('/[^a-z0-9-]/i', '_', basename($_SERVER['SCRIPT_NAME'])) +); +// Set an UTF-8 encoding header for internation characters (User attributes) +header('Content-Type: text/html; charset=utf-8'); +?> +*/ \ No newline at end of file diff --git a/application/config/authentification-config-example.php b/application/config/hybrid-authentification-config-example.php similarity index 85% rename from application/config/authentification-config-example.php rename to application/config/hybrid-authentification-config-example.php index d42f7bd..f37f99b 100644 --- a/application/config/authentification-config-example.php +++ b/application/config/hybrid-authentification-config-example.php @@ -14,22 +14,22 @@ $config = [ 'providers' => [ 'GitHub' => [ 'enabled' => true, - 'keys' => ['id' => '4cc55bcafbf8ea77ae14', 'secret' => 'e0b7c5091d7af4f4e5ced843f2e8ce1f38f02578'], + 'keys' => ['id' => '4cc55bcafbf8ea77ae14', 'secret' => ''], ], 'Google' => [ 'enabled' => true, - 'keys' => ['id' => '686670374445-mhktaj9gp08p6oiu8e1aue3ckua6e3s3.apps.googleusercontent.com', 'secret' => '4yOeNxYuYE4H8DFhVzQlOb_U'], + 'keys' => ['id' => '686670374445-mhktaj9gp08p6oiu8e1aue3ckua6e3s3.apps.googleusercontent.com', 'secret' => ''], ], 'Facebook' => [ 'enabled' => true, - 'keys' => ['id' => '432266300978748', 'secret' => '43815184db62771fce19b64cdd80110a'], + 'keys' => ['id' => '432266300978748', 'secret' => ''], ], 'Twitter' => [ 'enabled' => true, - 'keys' => ['key' => 'gnsmsVW0EkdpSVeqwCOG7V1H5', 'secret' => 'cdv71bFMUV4OBpkjFIwPNOlbRBQhrAaWBTmLF8aPzZBeMf3PyQ'], + 'keys' => ['key' => 'gnsmsVW0EkdpSVeqwCOG7V1H5', 'secret' => ''], ] ], //optional : set debug mode diff --git a/composer.json b/composer.json index 79aa2e7..fa57900 100644 --- a/composer.json +++ b/composer.json @@ -24,6 +24,7 @@ "symfony/yaml": "~4.0", "symfony/expression-language": "~3.0", "symfony/config": "3.3.2", - "michelf/php-markdown": "^1.9" + "michelf/php-markdown": "^1.9", + "apereo/phpcas": "^1.3" } } diff --git a/console/bin.php b/console/bin.php index d629947..ee63210 100644 --- a/console/bin.php +++ b/console/bin.php @@ -2,7 +2,7 @@