/usr/share/php/CAS/ProxyChain/AllowedList.php is in php-cas 1.3.3-4.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 | <?php
/**
* Licensed to Jasig under one or more contributor license
* agreements. See the NOTICE file distributed with this work for
* additional information regarding copyright ownership.
*
* Jasig licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except in
* compliance with the License. You may obtain a copy of the License at:
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
* PHP Version 5
*
* @file CAS/ProxyChain/AllowedList.php
* @category Authentication
* @package PhpCAS
* @author Adam Franco <afranco@middlebury.edu>
* @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0
* @link https://wiki.jasig.org/display/CASC/phpCAS
*/
/**
* ProxyChain is a container for storing chains of valid proxies that can
* be used to validate proxied requests to a service
*
* @class CAS_ProxyChain_AllowedList
* @category Authentication
* @package PhpCAS
* @author Adam Franco <afranco@middlebury.edu>
* @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0
* @link https://wiki.jasig.org/display/CASC/phpCAS
*/
class CAS_ProxyChain_AllowedList
{
private $_chains = array();
/**
* Check whether proxies are allowed by configuration
*
* @return bool
*/
public function isProxyingAllowed()
{
return (count($this->_chains) > 0);
}
/**
* Add a chain of proxies to the list of possible chains
*
* @param CAS_ProxyChain_Interface $chain A chain of proxies
*
* @return void
*/
public function allowProxyChain(CAS_ProxyChain_Interface $chain)
{
$this->_chains[] = $chain;
}
/**
* Check if the proxies found in the response match the allowed proxies
*
* @param array $proxies list of proxies to check
*
* @return bool whether the proxies match the allowed proxies
*/
public function isProxyListAllowed(array $proxies)
{
phpCAS::traceBegin();
if (empty($proxies)) {
phpCAS::trace("No proxies were found in the response");
phpCAS::traceEnd(true);
return true;
} elseif (!$this->isProxyingAllowed()) {
phpCAS::trace("Proxies are not allowed");
phpCAS::traceEnd(false);
return false;
} else {
$res = $this->contains($proxies);
phpCAS::traceEnd($res);
return $res;
}
}
/**
* Validate the proxies from the proxy ticket validation against the
* chains that were definded.
*
* @param array $list List of proxies from the proxy ticket validation.
*
* @return if any chain fully matches the supplied list
*/
public function contains(array $list)
{
phpCAS::traceBegin();
$count = 0;
foreach ($this->_chains as $chain) {
phpCAS::trace("Checking chain ". $count++);
if ($chain->matches($list)) {
phpCAS::traceEnd(true);
return true;
}
}
phpCAS::trace("No proxy chain matches.");
phpCAS::traceEnd(false);
return false;
}
}
?>
|