function _cas_single_sign_out_check in CAS 7
Same name and namespace in other branches
- 5.4 cas.module \_cas_single_sign_out_check()
- 5.3 cas.module \_cas_single_sign_out_check()
- 6.3 cas.module \_cas_single_sign_out_check()
- 6.2 cas.module \_cas_single_sign_out_check()
1 call to _cas_single_sign_out_check()
- cas_init in ./cas.module
- Implements hook_init().
File
- ./cas.module, line 1111
- Enables users to authenticate via a Central Authentication Service (CAS)
Cas will currently work if the auto registration is turned on and will
create user accounts automatically.
Code
function _cas_single_sign_out_check() {
if (isset($_POST["logoutRequest"])) {
$cas_logout_request_xml_string = utf8_encode(urldecode($_POST["logoutRequest"]));
$cas_logout_request_xml = new SimpleXMLElement($cas_logout_request_xml_string);
if (is_object($cas_logout_request_xml)) {
$namespaces = $cas_logout_request_xml
->getNameSpaces();
$xsearch = 'SessionIndex';
if (isset($namespaces['samlp'])) {
$cas_session_indexes = $cas_logout_request_xml
->children($namespaces['samlp'])->SessionIndex;
}
else {
$cas_session_indexes = $cas_logout_request_xml
->xpath($xsearch);
}
if ($cas_session_indexes) {
$cas_session_index = (string) $cas_session_indexes[0];
$hashed_ticket = hash('sha256', $cas_session_index);
$record = db_query_range("SELECT cld.uid, u.name FROM {users} u JOIN {cas_login_data} cld ON u.uid = cld.uid WHERE cld.cas_session_id = :ticket", 0, 1, array(
':ticket' => $hashed_ticket,
))
->fetchObject();
if ($record) {
watchdog('user', 'Session closed for %name by CAS logout request.', array(
'%name' => $record->name,
));
db_delete('cas_login_data')
->condition('uid', $record->uid)
->execute();
db_delete('sessions')
->condition('uid', $record->uid)
->execute();
}
}
}
exit;
}
}
