View source
<?php
define('CAS_NO_LINK', 0);
define('CAS_ADD_LINK', 1);
define('CAS_MAKE_DEFAULT', 2);
define('CAS_LOGIN_INVITE_DEFAULT', 'Log in using CAS');
define('CAS_LOGIN_DRUPAL_INVITE_DEFAULT', 'Cancel CAS login');
define('CAS_LOGIN_REDIR_MESSAGE', 'You will be redirected to the secure CAS login page.');
define('CAS_EXCLUDE', 'services/*');
function cas_init() {
global $user;
if (module_exists('cas_test') && arg(0) == 'cas_test') {
return;
}
_cas_single_sign_out_check();
if ($user->uid && $_GET['q'] == 'cas') {
drupal_goto('');
}
if (!$user->uid) {
$force_authentication = _cas_force_login();
$check_authentication = _cas_allow_check_for_login();
if ($force_authentication || $check_authentication) {
cas_login_check($force_authentication);
}
}
}
function cas_login_check($force_authentication = TRUE) {
global $user;
if ($user->uid) {
return;
}
if (!cas_phpcas_load()) {
return;
}
if (function_exists('drupal_session_start')) {
drupal_session_start();
}
_cas_single_sign_out_save_ticket();
cas_phpcas_init();
if ($force_authentication) {
phpCAS::forceAuthentication();
}
else {
$logged_in = phpCAS::checkAuthentication();
setcookie('cas_login_checked', 'true');
if (!$logged_in) {
return;
}
}
$cas_user = array(
'name' => phpCAS::getUser(),
'login' => TRUE,
'register' => variable_get('cas_user_register', TRUE),
'attributes' => cas_phpcas_attributes(),
);
drupal_alter('cas_user', $cas_user);
if (empty($cas_user['login']) || empty($cas_user['name'])) {
if ($force_authentication) {
drupal_set_message(t('The user account %name is not available on this site.', array(
'%name' => $cas_user['name'],
)), 'error');
}
return;
}
$cas_name = $cas_user['name'];
$blocked = FALSE;
if (_cas_external_user_is_blocked($cas_name)) {
$blocked = 'The username %cas_name has been blocked.';
}
elseif (drupal_is_denied('user', $cas_name)) {
$blocked = 'The name %cas_name is a reserved username.';
}
if ($blocked) {
if ($force_authentication) {
watchdog('cas', $blocked, array(
'%cas_name' => $cas_name,
), WATCHDOG_WARNING);
drupal_set_message(t($blocked, array(
'%cas_name' => $cas_name,
)), 'error');
}
return;
}
$account = cas_user_load_by_name($cas_name);
if (!$account && $cas_user['register']) {
$account = cas_user_register($cas_name);
if (!$account) {
if ($force_authentication) {
drupal_set_message(t('A new account could not be created for %cas_name. The username is already in use on this site.', array(
'%cas_name' => $cas_name,
)), 'error');
}
return;
}
}
if ($account && $account->uid > 0) {
$_SESSION['cas_name'] = $cas_name;
$cas_first_login = !$account->login;
if (!empty($_SESSION['cas_ticket'])) {
_cas_single_sign_out_save_token($account);
}
$edit['cas_user'] = $cas_user;
$edit['roles'] = $account->roles + cas_roles();
if (module_exists('persistent_login') && $_SESSION['cas_remember']) {
$edit['persistent_login'] = 1;
}
cas_user_module_invoke('presave', $edit, $account);
unset($edit['cas_user']);
$user = user_save($account, $edit);
user_authenticate_finalize($edit);
drupal_set_message(t(variable_get('cas_login_message', 'Logged in via CAS as %cas_username.'), array(
'%cas_username' => $user->name,
)));
if (!empty($edit['persistent_login'])) {
drupal_set_message(t('You will remain logged in on this computer even after you close your browser.'));
}
cas_login_page($cas_first_login);
}
else {
$user = drupal_anonymous_user();
if ($force_authentication) {
drupal_set_message(t('No account found for %cas_name.', array(
'%cas_name' => $cas_name,
)), 'error');
}
}
}
function cas_phpcas_load($path = NULL) {
if (!isset($path)) {
if (module_exists('libraries')) {
$path = libraries_get_path('CAS');
}
else {
$path = variable_get('cas_library_dir', 'CAS');
}
}
if ($path != '') {
$path = rtrim($path, '/') . '/';
}
$filename = $path . 'CAS.php';
include_once $filename;
if (!defined('PHPCAS_VERSION') || !class_exists('phpCAS')) {
return FALSE;
}
return PHPCAS_VERSION;
}
function cas_phpcas_init($force = FALSE) {
if (!defined('PHPCAS_VERSION') || !class_exists('phpCAS')) {
cas_phpcas_load();
}
static $initialized = FALSE;
if ($initialized && !$force) {
return;
}
$initialized = TRUE;
$server_version = (string) variable_get('cas_version', '2.0');
$server_cas_server = (string) variable_get('cas_server', 'sso-cas.univ-rennes1.fr');
$server_port = (int) variable_get('cas_port', '443');
$server_uri = (string) variable_get('cas_uri', '');
$cas_cert = (string) variable_get('cas_cert', '');
$debug_file = (string) variable_get('cas_debugfile', '');
if ($debug_file != '') {
phpCAS::setDebug($debug_file);
}
$start_session = (bool) FALSE;
if (variable_get('cas_proxy', 0)) {
phpCAS::proxy($server_version, $server_cas_server, $server_port, $server_uri, $start_session);
$cas_pgt_storage_path = variable_get('cas_pgtpath', '');
if ($cas_pgt_storage_path != '') {
if (version_compare(PHPCAS_VERSION, '1.3', '>=')) {
phpCAS::setPGTStorageFile($cas_pgt_storage_path);
}
else {
$cas_pgt_format = variable_get('cas_pgtformat', 'plain');
phpCAS::setPGTStorageFile($cas_pgt_format, $cas_pgt_storage_path);
}
}
}
else {
phpCAS::client($server_version, $server_cas_server, $server_port, $server_uri, $start_session);
}
if ($cas_cert = variable_get('cas_cert', '')) {
phpCAS::setCasServerCACert($cas_cert);
}
else {
phpCAS::setNoCasServerValidation();
}
$service = isset($_GET['q']) ? $_GET['q'] : 'cas';
phpCAS::setFixedServiceURL(url($service, array(
'query' => cas_login_destination(),
'absolute' => TRUE,
)));
module_invoke_all('cas_phpcas_alter');
}
function cas_perm() {
return array(
'administer cas',
);
}
function cas_help($section) {
switch ($section) {
case 'admin/modules#description':
return t("Allows users to authenticate via a Central Authentication Service.");
}
}
function cas_menu() {
global $user;
$items = array();
$items['admin/user/cas'] = array(
'title' => 'CAS settings',
'description' => 'Configure central authentication services',
'page callback' => 'drupal_get_form',
'page arguments' => array(
'cas_admin_settings',
),
'access arguments' => array(
'administer cas',
),
'type' => MENU_NORMAL_ITEM,
'file' => 'cas.admin.inc',
);
$items['admin/user/cas/settings'] = array(
'title' => 'CAS',
'type' => MENU_DEFAULT_LOCAL_TASK,
'weight' => -10,
);
$items['admin/user/user/cas/create'] = array(
'title' => 'Add CAS user',
'page callback' => 'drupal_get_form',
'page arguments' => array(
'cas_add_user_form',
),
'access arguments' => array(
'administer users',
),
'type' => MENU_LOCAL_TASK,
'file' => 'cas.user.inc',
'tab_parent' => 'admin/user/user',
'weight' => 1,
);
$items['user/%user/cas'] = array(
'title' => 'CAS',
'page callback' => 'cas_user_identities',
'page arguments' => array(
1,
),
'access arguments' => array(
'administer users',
),
'type' => MENU_LOCAL_TASK,
'file' => 'cas.pages.inc',
'weight' => 1,
);
$items['user/%user/cas/delete'] = array(
'title' => 'Delete CAS username',
'page callback' => 'drupal_get_form',
'page arguments' => array(
'cas_user_delete_form',
1,
),
'access arguments' => array(
'administer users',
),
'file' => 'cas.pages.inc',
);
$items['cas'] = array(
'path' => 'cas',
'title' => 'CAS Login',
'page callback' => 'cas_login_page',
'access callback' => 'user_is_anonymous',
'type' => MENU_SUGGESTED_ITEM,
);
$items['caslogout'] = array(
'title' => 'CAS Logout',
'page callback' => 'cas_logout',
'access callback' => 'cas_user_is_logged_in',
'type' => MENU_SUGGESTED_ITEM,
);
return $items;
}
function cas_user_is_logged_in() {
return user_is_logged_in() || !empty($_SESSION['phpCAS']['user']);
}
function cas_menu_link_alter(&$item, $menu) {
if ($item['link_path'] == 'cas' || $item['link_path'] == 'caslogout') {
$item['options']['alter'] = TRUE;
}
}
function cas_translated_menu_link_alter(&$item, $map) {
if ($item['href'] == 'cas') {
$item['localized_options']['query'] = drupal_get_destination();
}
elseif ($item['href'] == 'caslogout' && !variable_get('cas_logout_destination', '')) {
$item['localized_options']['query'] = drupal_get_destination();
}
}
function cas_login_destination() {
$destination = drupal_get_destination();
$destination = $destination == 'destination=user%2Flogin' ? 'destination=user' : $destination;
return $destination == 'destination=cas' ? 'destination=' : $destination;
}
function cas_user_operations($form = array(), $form_state = array()) {
$operations['cas_create'] = array(
'label' => t('Create CAS username'),
'callback' => 'cas_user_operations_create_username',
);
$operations['cas_remove'] = array(
'label' => t('Remove CAS usernames'),
'callback' => 'cas_user_operations_remove_usernames',
);
return $operations;
}
function cas_user_operations_create_username($uids) {
foreach ($uids as $uid) {
$account = user_load(array(
'uid' => (int) $uid,
));
$count = db_result(db_query("SELECT COUNT(*) FROM {cas_user} c WHERE c.uid <> %d AND c.cas_name = '%s'", $account->uid, $account->name));
if ($count) {
drupal_set_message(t('CAS username %username already in use.', array(
'%username' => $account->name,
)), 'error');
continue;
}
@db_query("INSERT INTO {cas_user} (uid, cas_name) VALUES (%d, '%s')", $account->uid, $account->name);
}
}
function cas_user_operations_remove_usernames($uids) {
foreach ($uids as $uid) {
db_query("DELETE FROM {cas_user} WHERE uid = %d", $uid);
}
}
function cas_user($op, &$edit, &$account) {
if ($op == 'delete') {
db_query("DELETE FROM {cas_user} WHERE uid = %d", $account->uid);
}
elseif ($op == 'insert') {
if (!empty($edit['cas_name'])) {
db_query("INSERT INTO {cas_user} (uid, cas_name) VALUES (%d, '%s')", $account->uid, $edit['cas_name']);
}
$edit['cas_name'] = NULL;
}
elseif ($op == 'load') {
$account->cas_names = array();
$result = db_query('SELECT aid, cas_name FROM {cas_user} WHERE uid = %d', $account->uid);
while ($record = db_fetch_object($result)) {
$account->cas_names[$record->aid] = $record->cas_name;
}
$account->cas_name = reset($account->cas_names);
}
elseif ($op == 'update') {
if (!array_key_exists('cas_name', $edit)) {
return;
}
$cas_name = $edit['cas_name'];
reset($account->cas_names);
if ($aid = key($account->cas_names)) {
if (empty($cas_name)) {
db_query("DELETE FROM {cas_user} WHERE uid = %d AND aid = %d", $account->uid, $aid);
}
else {
if ($cas_name != $account->cas_names[$aid]) {
db_query("UPDATE {cas_user} SET cas_name = '%s' WHERE aid = %d", $cas_name, $aid);
}
}
}
else {
if (!empty($cas_name)) {
db_query("INSERT INTO {cas_user} (uid, cas_name) VALUES (%d, '%s')", $account->uid, $edit['cas_name']);
}
}
$edit['cas_name'] = NULL;
}
}
function cas_user_load_by_name($cas_name, $alter = FALSE) {
if ($alter) {
$cas_user = array(
'name' => $cas_name,
'login' => TRUE,
'register' => FALSE,
);
drupal_alter('cas_user', $cas_user);
$cas_name = $cas_user['name'];
}
$result = db_query("SELECT uid FROM {cas_user} WHERE LOWER(cas_name) = LOWER('%s')", $cas_name);
if ($uid = db_fetch_array($result)) {
return user_load($uid);
}
return FALSE;
}
function cas_login_page($cas_first_login = FALSE) {
global $user;
$destination = '';
$query = array();
if ($cas_first_login && variable_get('cas_first_login_destination', '')) {
$destination = variable_get('cas_first_login_destination', '');
if (isset($_REQUEST['destination'])) {
$query['destination'] = $_REQUEST['destination'];
}
unset($_REQUEST['destination']);
}
drupal_goto($destination, $query);
}
function cas_logout($invoke_hook = TRUE) {
global $user;
cas_phpcas_init();
if (isset($_GET['destination'])) {
$colonpos = strpos($_GET['destination'], ':');
$absolute = $colonpos !== FALSE && !preg_match('![/?#]!', substr($_GET['destination'], 0, $colonpos));
$destination = !$absolute ? $_GET['destination'] : variable_get('cas_logout_destination', '');
}
else {
$destination = variable_get('cas_logout_destination', '');
}
if ($destination) {
$destination_url = url($destination, array(
'absolute' => TRUE,
));
$options = array(
'service' => $destination_url,
'url' => $destination_url,
);
}
else {
$options = array();
}
if ($invoke_hook) {
watchdog('user', 'Session closed for %name.', array(
'%name' => $user->name,
));
$null = NULL;
user_module_invoke('logout', $null, $user);
}
$user = drupal_anonymous_user();
phpCAS::logout($options);
}
function cas_block($op = 'list', $delta = 0, $edit = array()) {
global $user;
if ($op == 'list') {
$blocks[0]['info'] = t('CAS login');
return $blocks;
}
elseif ($op == 'view') {
$block = array();
switch ($delta) {
case 0:
if (!$user->uid && !(arg(0) == 'user' && !is_numeric(arg(1)))) {
$block['subject'] = t('User login');
$block['content'] = drupal_get_form('cas_login_block');
}
return $block;
}
}
}
function cas_login_block($form_state) {
$form['cas.return_to'] = array(
'#type' => 'hidden',
'#value' => cas_login_destination(),
);
$form['submit'] = array(
'#type' => 'submit',
'#value' => t(variable_get('cas_login_invite', CAS_LOGIN_INVITE_DEFAULT)),
);
$form['cas_login_redirection_message'] = array(
'#value' => '<div class="form-item cas-login-redirection-message">' . t(variable_get('cas_login_redir_message', CAS_LOGIN_REDIR_MESSAGE)) . '</div>',
'#weight' => -1,
);
if (module_exists('persistent_login') && variable_get('cas_allow_rememberme', 0)) {
$form['remember'] = array(
'#type' => 'checkbox',
'#title' => t('Remember me'),
'#default_value' => 0,
);
}
return $form;
}
function cas_login_block_submit($form, &$form_state) {
if (!empty($form_state['values']['remember'])) {
$_SESSION['cas_remember'] = 1;
}
$form_state['redirect'] = url('cas', array(
'query' => $form_state['values']['cas.return_to'],
'absolute' => TRUE,
));
}
function _cas_allow_check_for_login() {
if (!variable_get('cas_check_first', 0)) {
return FALSE;
}
if (!empty($_COOKIE['cas_login_checked'])) {
return FALSE;
}
if (isset($_SERVER['HTTP_USER_AGENT'])) {
$crawlers = array(
'Google',
'msnbot',
'Rambler',
'Yahoo',
'AbachoBOT',
'accoona',
'AcoiRobot',
'ASPSeek',
'CrocCrawler',
'Dumbot',
'FAST-WebCrawler',
'GeonaBot',
'Gigabot',
'Lycos',
'MSRBOT',
'Scooter',
'AltaVista',
'IDBot',
'eStyle',
'Scrubby',
'gsa-crawler',
);
foreach ($crawlers as $c) {
if (stripos($_SERVER['HTTP_USER_AGENT'], $c) !== FALSE) {
return FALSE;
}
}
}
if (stristr($_SERVER['SCRIPT_FILENAME'], 'xmlrpc.php')) {
return FALSE;
}
if (stristr($_SERVER['SCRIPT_FILENAME'], 'cron.php')) {
return FALSE;
}
if (stristr($_SERVER['SCRIPT_FILENAME'], 'drush')) {
return FALSE;
}
if (!empty($_SERVER['argv'][0]) && stristr($_SERVER['argv'][0], 'drush')) {
return FALSE;
}
if ($pages = variable_get('cas_exclude', CAS_EXCLUDE)) {
$path = drupal_get_path_alias($_GET['q']);
if (drupal_match_path($path, $pages)) {
return FALSE;
}
}
return TRUE;
}
function _cas_force_login() {
if (arg(0) == 'cas') {
return TRUE;
}
if (stristr($_SERVER['SCRIPT_FILENAME'], 'xmlrpc.php')) {
return FALSE;
}
if (stristr($_SERVER['SCRIPT_FILENAME'], 'cron.php')) {
return FALSE;
}
if (function_exists('drush_verify_cli') && drush_verify_cli()) {
return FALSE;
}
if ($pages = variable_get('cas_exclude', CAS_EXCLUDE)) {
$path = drupal_get_path_alias($_GET['q']);
if (drupal_match_path($path, $pages)) {
return FALSE;
}
}
$force_login = variable_get('cas_access', 0);
if ($pages = variable_get('cas_pages', '')) {
$path = drupal_get_path_alias($_GET['q']);
if (drupal_match_path($path, $pages)) {
$force_login = !$force_login;
}
}
return $force_login;
}
function cas_form_alter(&$form, &$form_state, $form_id) {
switch ($form_id) {
case 'user_login':
case 'user_login_block':
if (variable_get('cas_login_form', CAS_NO_LINK) != CAS_NO_LINK) {
drupal_add_css(drupal_get_path('module', 'cas') . '/cas.css', 'module');
drupal_add_js(drupal_get_path('module', 'cas') . '/cas.js');
if (!empty($form_state['post']['cas_identifier'])) {
$form['name']['#required'] = FALSE;
$form['pass']['#required'] = FALSE;
unset($form['#submit']);
$form['#validate'] = array(
'cas_login_validate',
);
}
$items = array();
$items[] = array(
'data' => l(t(variable_get('cas_login_invite', CAS_LOGIN_INVITE_DEFAULT)), '', array(
'fragment' => ' ',
'external' => TRUE,
)),
'class' => 'cas-link',
);
$items[] = array(
'data' => l(t(variable_get('cas_login_drupal_invite', CAS_LOGIN_DRUPAL_INVITE_DEFAULT)), '', array(
'fragment' => ' ',
'external' => TRUE,
)),
'class' => 'uncas-link',
);
$form['cas_links'] = array(
'#value' => theme('item_list', $items),
'#weight' => 1,
);
$form['links']['#weight'] = 2;
$form['cas_login_redirection_message'] = array(
'#value' => '<div class="form-item cas-login-redirection-message">' . t(variable_get('cas_login_redir_message', CAS_LOGIN_REDIR_MESSAGE)) . '</div>',
'#weight' => -1,
);
$form['cas_identifier'] = array(
'#type' => 'checkbox',
'#title' => t(variable_get('cas_login_invite', CAS_LOGIN_INVITE_DEFAULT)),
'#default_value' => variable_get('cas_login_form', CAS_NO_LINK) == CAS_MAKE_DEFAULT,
'#weight' => -1,
'#description' => t(variable_get('cas_login_redir_message', CAS_LOGIN_REDIR_MESSAGE)),
);
$form['cas.return_to'] = array(
'#type' => 'hidden',
'#value' => cas_login_destination(),
);
}
break;
case 'user_profile_form':
if ($form['_category']['#value'] == 'account') {
$account = user_load($form['#uid']);
if (user_access('administer users')) {
$cas_names = $account->cas_names;
$aids = array_keys($cas_names);
$element = array(
'#type' => 'textfield',
'#title' => t('CAS username'),
'#default_value' => array_shift($cas_names),
'#cas_user_aid' => array_shift($aids),
'#description' => t('<a href="@url">Create, edit or delete</a> additional CAS usernames associated with this account.', array(
'@url' => url('user/' . $account->uid . '/cas'),
)),
'#element_validate' => array(
'_cas_name_element_validate',
),
);
if (!empty($cas_names)) {
$element['#description'] .= ' <br />' . t('Other CAS usernames: %cas_names.', array(
'%cas_names' => implode(', ', $cas_names),
));
}
$position = array_search('name', array_keys($form['account'])) + 1;
_cas_array_insert($form['account'], $position, array(
'cas_name' => $element,
));
}
elseif (cas_is_external_user($account)) {
if (variable_get('cas_hide_email', 0)) {
$form['account']['mail']['#type'] = 'hidden';
$form['account']['mail']['#value'] = $form['account']['mail']['#default_value'];
if (!$form['account']['mail']['#default_value']) {
$form['account']['mail']['#value'] = $form['_account']['#value']->name . '@' . variable_get('cas_domain', '');
}
}
if (variable_get('cas_hide_password', 0)) {
$form['account']['pass']['#access'] = FALSE;
}
}
}
break;
case 'user_pass':
if (!user_access('administer users') && variable_get('cas_changePasswordURL', '') != '') {
drupal_goto(variable_get('cas_changePasswordURL', ''));
}
break;
case 'user_register':
if (user_access('administer users')) {
$element = array(
'#type' => 'textfield',
'#title' => t('CAS username'),
'#default_value' => '',
'#description' => t('If necessary, additional CAS usernames can be added after the account is created.'),
'#element_validate' => array(
'_cas_name_element_validate',
),
);
$position = array_search('name', array_keys($form)) + 1;
_cas_array_insert($form, $position, array(
'cas_name' => $element,
));
}
elseif (variable_get('cas_registerURL', '') != '') {
drupal_goto(variable_get('cas_registerURL', ''));
}
break;
case 'user_admin_account':
foreach (array_keys($form['name']) as $uid) {
$result = db_query('SELECT cas_name FROM {cas_user} WHERE uid = %d', $uid);
$cas_names = array();
while ($record = db_fetch_object($result)) {
$cas_names[] = $record->cas_name;
}
if ($cas_names) {
$form['name'][$uid]['#value'] .= ' ' . check_plain('(' . implode(', ', $cas_names) . ')');
}
}
break;
}
}
function _cas_name_element_validate($element, &$form_state) {
if (empty($element['#value'])) {
return;
}
if (isset($element['#cas_user_aid'])) {
$uid = db_result(db_query("SELECT uid FROM {cas_user} WHERE cas_name = '%s' AND aid <> %d", $element['#value'], $element['#cas_user_aid']));
}
else {
$uid = db_result(db_query("SELECT uid FROM {cas_user} WHERE cas_name = '%s'", $element['#value']));
}
if ($uid !== FALSE) {
form_set_error('cas_name', t('The CAS username is <a href="@edit-user-url">already in use</a> on this site.', array(
'@edit-user-url' => url('user/' . $uid . '/edit'),
)));
}
}
function cas_login_validate($form, &$form_state) {
if (!empty($form_state['values']['persistent_login'])) {
$_SESSION['cas_remember'] = 1;
}
unset($_REQUEST['destination']);
drupal_goto('cas', $form_state['values']['cas.return_to']);
}
function cas_token_list($type = 'all') {
module_load_include('tokens.inc', 'cas');
return _cas_token_list($type);
}
function cas_token_values($type, $object = NULL) {
module_load_include('tokens.inc', 'cas');
return _cas_token_values($type, $object);
}
function _cas_single_sign_out_check() {
if (isset($_POST["logoutRequest"])) {
$cas_logout_request_xml_string = utf8_encode(urldecode($_POST["logoutRequest"]));
$cas_logout_request_xml = new SimpleXMLElement($cas_logout_request_xml_string);
if (is_object($cas_logout_request_xml)) {
$namespaces = $cas_logout_request_xml
->getNameSpaces();
$xsearch = 'SessionIndex';
if (isset($namespaces['samlp'])) {
$cas_logout_request_xml
->registerXPathNamespace('samlp', $namespaces['samlp']);
$xsearch = 'samlp:SessionIndex';
}
$cas_session_indexes = $cas_logout_request_xml
->xpath($xsearch);
if ($cas_session_indexes) {
$cas_session_index = (string) $cas_session_indexes[0];
$record = db_fetch_object(db_query_range("SELECT cld.uid, u.name FROM {users} u JOIN {cas_login_data} cld ON u.uid = cld.uid WHERE cld.cas_session_id = '%s'", $cas_session_index, 0, 1));
if ($record) {
watchdog('user', 'Session closed for %name by CAS logout request.', array(
'%name' => $record->name,
));
db_query("DELETE FROM {cas_login_data} WHERE uid = %d", $record->uid);
db_query("DELETE FROM {sessions} WHERE uid = %d", $record->uid);
}
}
}
exit;
}
}
function cas_current_user() {
return isset($_SESSION['cas_name']) ? $_SESSION['cas_name'] : FALSE;
}
function cas_is_external_user($account = NULL) {
if (!isset($account)) {
$account = $GLOBALS['user'];
}
return in_array(cas_current_user(), $account->cas_names);
}
function _cas_single_sign_out_save_token($user) {
if ($user->uid && $user->uid > 0 && !empty($_SESSION['cas_ticket'])) {
db_query("INSERT INTO {cas_login_data} (cas_session_id, uid) VALUES ('%s', %d)", $_SESSION['cas_ticket'], $user->uid);
unset($_SESSION['cas_ticket']);
}
}
function _cas_single_sign_out_save_ticket() {
if (isset($_GET['ticket'])) {
$_SESSION['cas_ticket'] = $_GET['ticket'];
}
}
function _cas_external_user_is_blocked($cas_name) {
$deny = db_fetch_object(db_query("SELECT u.name FROM {users} u JOIN {cas_user} c ON u.uid=c.uid WHERE u.status = 0 AND c.cas_name = '%s'", $cas_name));
return $deny;
}
function cas_user_module_invoke($type, &$edit, $account) {
foreach (module_implements('cas_user_' . $type) as $module) {
$function = $module . '_cas_user_' . $type;
$function($edit, $account);
}
}
function cas_roles() {
static $cas_roles;
if (!isset($cas_roles)) {
$cas_roles = array_intersect_key(user_roles(), array_filter(variable_get('cas_auto_assigned_role', array(
DRUPAL_AUTHENTICATED_RID => TRUE,
))));
}
return $cas_roles;
}
function cas_user_register($cas_name, $options = array()) {
$edit = isset($options['edit']) ? $options['edit'] : array();
$edit += array(
'name' => $cas_name,
'pass' => user_password(),
'init' => $cas_name,
'mail' => variable_get('cas_domain', '') ? $cas_name . '@' . variable_get('cas_domain', '') : '',
'status' => 1,
'roles' => array(),
);
$edit['roles'] += cas_roles();
$edit['cas_name'] = $cas_name;
if (db_result(db_query("SELECT COUNT(*) FROM {users} WHERE LOWER(name) = LOWER('%s')", $edit['name'])) > 0) {
return FALSE;
}
$account = user_save(drupal_anonymous_user(), $edit);
watchdog("user", 'new user: %n (CAS)', array(
'%n' => $account->name,
), WATCHDOG_NOTICE, l(t("edit user"), "admin/user/edit/{$account->uid}"));
if (!empty($options['invoke_cas_user_presave'])) {
$edit = array(
'cas_user' => array(
'name' => $cas_name,
),
);
cas_user_module_invoke('presave', $edit, $account);
unset($edit['cas_user']);
$account = user_save($account, $edit);
}
return $account;
}
function cas_phpcas_attributes($cas_name = NULL) {
if (isset($cas_name) && $cas_name != cas_current_user()) {
return array();
}
cas_phpcas_init();
if (phpCAS::isAuthenticated()) {
if (method_exists('phpCAS', 'getAttributes')) {
return phpCAS::getAttributes();
}
}
return array();
}
function _cas_array_insert(&$array, $position, $insert_array) {
$first_array = array_splice($array, 0, $position);
$array = array_merge($first_array, $insert_array, $array);
}
function cas_views_api() {
return array(
'api' => 2,
'path' => drupal_get_path('module', 'cas') . '/includes/views',
);
}