diff --git a/auth/cas/CAS/CAS.php b/auth/cas/CAS/CAS.php index 63b6ce4ce42..3d84809c773 100644 --- a/auth/cas/CAS/CAS.php +++ b/auth/cas/CAS/CAS.php @@ -63,7 +63,7 @@ if (!defined('E_USER_DEPRECATED')) { /** * phpCAS version. accessible for the user by phpCAS::getVersion(). */ -define('PHPCAS_VERSION', '1.3.3'); +define('PHPCAS_VERSION', '1.3.4'); /** * @addtogroup public @@ -138,6 +138,11 @@ define("SAML_SOAP_ENV_CLOSE", ''); */ define("SAML_ATTRIBUTES", 'SAMLATTRIBS'); +/** + * SAML Attributes + */ +define("DEFAULT_ERROR", 'Internal script failure'); + /** @} */ /** * @addtogroup publicPGTStorage @@ -241,7 +246,13 @@ define("PHPCAS_LANG_DEFAULT", PHPCAS_LANG_ENGLISH); /** * The default directory for the debug file under Unix. */ -define('DEFAULT_DEBUG_DIR', '/tmp/'); +function gettmpdir() { +if (!empty($_ENV['TMP'])) { return realpath($_ENV['TMP']); } +if (!empty($_ENV['TMPDIR'])) { return realpath( $_ENV['TMPDIR']); } +if (!empty($_ENV['TEMP'])) { return realpath( $_ENV['TEMP']); } +return "/tmp"; +} +define('DEFAULT_DEBUG_DIR', gettmpdir()."/"); /** @} */ @@ -271,6 +282,7 @@ class phpCAS /** * This variable is used by the interface class phpCAS. * + * @var CAS_Client * @hideinitializer */ private static $_PHPCAS_CLIENT; @@ -290,6 +302,15 @@ class phpCAS */ private static $_PHPCAS_DEBUG; + /** + * This variable is used to enable verbose mode + * This pevents debug info to be show to the user. Since it's a security + * feature the default is false + * + * @hideinitializer + */ + private static $_PHPCAS_VERBOSE = false; + // ######################################################################## // INITIALIZATION @@ -388,6 +409,16 @@ class phpCAS phpCAS :: traceEnd(); } + /** + * Answer whether or not the client or proxy has been initialized + * + * @return bool + */ + public static function isInitialized () + { + return (is_object(self::$_PHPCAS_CLIENT)); + } + /** @} */ // ######################################################################## // DEBUGGING @@ -435,10 +466,38 @@ class phpCAS self::$_PHPCAS_DEBUG['filename'] = $filename; self::$_PHPCAS_DEBUG['indent'] = 0; - phpCAS :: trace('START phpCAS-' . PHPCAS_VERSION . ' ******************'); + phpCAS :: trace('START ('.date("Y-m-d H:i:s").') phpCAS-' . PHPCAS_VERSION . ' ******************'); } } + /** + * Enable verbose errors messages in the website output + * This is a security relevant since internal status info may leak an may + * help an attacker. Default is therefore false + * + * @param bool $verbose enable verbose output + * + * @return void + */ + public static function setVerbose($verbose) + { + if ($verbose === true) { + self::$_PHPCAS_VERBOSE = true; + } else { + self::$_PHPCAS_VERBOSE = false; + } + } + + + /** + * Show is verbose mode is on + * + * @return boot verbose + */ + public static function getVerbose() + { + return self::$_PHPCAS_VERBOSE; + } /** * Logs a string in debug mode. @@ -484,6 +543,7 @@ class phpCAS */ public static function error($msg) { + phpCAS :: traceBegin(); $dbg = debug_backtrace(); $function = '?'; $file = '?'; @@ -499,8 +559,12 @@ class phpCAS } } } - echo "
\nphpCAS error: " . __CLASS__ . "::" . $function . '(): ' . htmlentities($msg) . " in " . $file . " on line " . $line . "
\n"; - phpCAS :: trace($msg); + if (self::$_PHPCAS_VERBOSE) { + echo "
\nphpCAS error: " . __CLASS__ . "::" . $function . '(): ' . htmlentities($msg) . " in " . $file . " on line " . $line . "
\n"; + } else { + echo "
\nError: ". DEFAULT_ERROR ."
\n"; + } + phpCAS :: trace($msg . ' in ' . $file . 'on line ' . $line ); phpCAS :: traceEnd(); throw new CAS_GracefullTerminationException(__CLASS__ . "::" . $function . '(): ' . $msg); @@ -520,7 +584,8 @@ class phpCAS } /** - * This method is used to indicate the start of the execution of a function in debug mode. + * This method is used to indicate the start of the execution of a function + * in debug mode. * * @return void */ @@ -1365,7 +1430,7 @@ class phpCAS * This method is used to logout from CAS. Halts by redirecting to the CAS * server. * - * @param service $service a URL that will be transmitted to the CAS server + * @param string $service a URL that will be transmitted to the CAS server * * @return void */ @@ -1636,7 +1701,8 @@ class phpCAS phpCAS::_validateClientExists(); if (self::$_PHPCAS_CLIENT->getServerVersion() !== CAS_VERSION_2_0 - && self::$_PHPCAS_CLIENT->getServerVersion() !== CAS_VERSION_3_0) { + && self::$_PHPCAS_CLIENT->getServerVersion() !== CAS_VERSION_3_0 + ) { phpCAS :: error('this method can only be used with the cas 2.0/3.0 protocols'); } self::$_PHPCAS_CLIENT->getAllowedProxyChains()->allowProxyChain($proxy_chain); diff --git a/auth/cas/CAS/CAS/Client.php b/auth/cas/CAS/CAS/Client.php index 40e77cdcc23..7282e2883d0 100644 --- a/auth/cas/CAS/CAS/Client.php +++ b/auth/cas/CAS/CAS/Client.php @@ -131,9 +131,11 @@ class CAS_Client $lang = $this->getLangObj(); $this->_htmlFilterOutput( empty($this->_output_footer)? - ('
phpCAS __PHPCAS_VERSION__ ' - .$lang->getUsingServer() - .' __SERVER_BASE_URL__ (CAS __CAS_VERSION__)
') + (phpcas::getVerbose())? + '
phpCAS __PHPCAS_VERSION__ ' + .$lang->getUsingServer() + .' __SERVER_BASE_URL__ (CAS __CAS_VERSION__)
' + :'' :$this->_output_footer ); } @@ -337,9 +339,7 @@ class CAS_Client phpCAS::traceBegin(); // the URL is build only when needed if ( empty($this->_server['login_url']) ) { - $this->_server['login_url'] = $this->_getServerBaseURL(); - $this->_server['login_url'] .= 'login?service='; - $this->_server['login_url'] .= urlencode($this->getURL()); + $this->_server['login_url'] = $this->_buildQueryUrl($this->_getServerBaseURL().'login','service='.urlencode($this->getURL())); } $url = $this->_server['login_url']; if ($renew) { @@ -712,14 +712,14 @@ class CAS_Client /** * Ensure that this is actually a proxy object or fail with an exception * - * @throws CAS_OutOfSequenceProxyException + * @throws CAS_OutOfSequenceBeforeProxyException * * @return void */ public function ensureIsProxy() { if (!$this->isProxy()) { - throw new CAS_OutOfSequenceProxyException(); + throw new CAS_OutOfSequenceBeforeProxyException(); } } @@ -889,7 +889,7 @@ class CAS_Client if (gettype($server_hostname) != 'string') throw new CAS_TypeMismatchException($server_hostname, '$server_hostname', 'string'); if (gettype($server_port) != 'integer') - throw new CAS_raTypeMismatchException($server_port, '$server_port', 'integer'); + throw new CAS_TypeMismatchException($server_port, '$server_port', 'integer'); if (gettype($server_uri) != 'string') throw new CAS_TypeMismatchException($server_uri, '$server_uri', 'string'); if (gettype($changeSessionID) != 'boolean') @@ -965,7 +965,8 @@ class CAS_Client phpCAS::error('bad CAS server URI (`'.$server_uri.'\')'); } // add leading and trailing `/' and remove doubles - $server_uri = preg_replace('/\/\//', '/', '/'.$server_uri.'/'); + if(strstr($server_uri, '?') === false) $server_uri .= '/'; + $server_uri = preg_replace('/\/\//', '/', '/'.$server_uri); $this->_server['uri'] = $server_uri; // set to callback mode if PgtIou and PgtId CGI GET parameters are provided @@ -1214,7 +1215,7 @@ class CAS_Client * If the user is authenticated, renew the connection * If not, redirect to CAS * - * @return void + * @return true when the user is authenticated; otherwise halt. */ public function renewAuthentication() { @@ -1223,13 +1224,16 @@ class CAS_Client if (isset( $_SESSION['phpCAS']['auth_checked'])) { unset($_SESSION['phpCAS']['auth_checked']); } - if ( $this->isAuthenticated() ) { - phpCAS::trace('user already authenticated; renew'); - $this->redirectToCas(false, true); + if ( $this->isAuthenticated(true) ) { + phpCAS::trace('user already authenticated'); + $res = true; } else { - $this->redirectToCas(); + $this->redirectToCas(false, true); + // never reached + $res = false; } phpCAS::traceEnd(); + return $res; } /** @@ -1345,10 +1349,12 @@ class CAS_Client * This method is called to check if the user is authenticated (previously or by * tickets given in the URL). * + * @param bool $renew true to force the authentication with the CAS server + * * @return true when the user is authenticated. Also may redirect to the * same URL without the ticket. */ - public function isAuthenticated() + public function isAuthenticated($renew=false) { phpCAS::traceBegin(); $res = false; @@ -1380,6 +1386,10 @@ class CAS_Client ); $res = true; } + + // Mark the auth-check as complete to allow post-authentication + // callbacks to make use of phpCAS::getUser() and similar methods + $this->markAuthenticationCall($res); } else { if ($this->hasTicket()) { switch ($this->getServerVersion()) { @@ -1389,7 +1399,7 @@ class CAS_Client 'CAS 1.0 ticket `'.$this->getTicket().'\' is present' ); $this->validateCAS10( - $validate_url, $text_response, $tree_response + $validate_url, $text_response, $tree_response, $renew ); // if it fails, it halts phpCAS::trace( 'CAS 1.0 ticket `'.$this->getTicket().'\' was validated' @@ -1405,7 +1415,7 @@ class CAS_Client 'CAS '.$this->getServerVersion().' ticket `'.$this->getTicket().'\' is present' ); $this->validateCAS20( - $validate_url, $text_response, $tree_response + $validate_url, $text_response, $tree_response, $renew ); // note: if it fails, it halts phpCAS::trace( 'CAS '.$this->getServerVersion().' ticket `'.$this->getTicket().'\' was validated' @@ -1434,7 +1444,7 @@ class CAS_Client 'SAML 1.1 ticket `'.$this->getTicket().'\' is present' ); $this->validateSA( - $validate_url, $text_response, $tree_response + $validate_url, $text_response, $tree_response, $renew ); // if it fails, it halts phpCAS::trace( 'SAML 1.1 ticket `'.$this->getTicket().'\' was validated' @@ -1452,6 +1462,11 @@ class CAS_Client // no ticket given, not authenticated phpCAS::trace('no ticket found'); } + + // Mark the auth-check as complete to allow post-authentication + // callbacks to make use of phpCAS::getUser() and similar methods + $this->markAuthenticationCall($res); + if ($res) { // call the post-authenticate callback if registered. if ($this->_postAuthenticateCallbackFunction) { @@ -1478,9 +1493,6 @@ class CAS_Client } } } - // Mark the auth-check as complete to allow post-authentication - // callbacks to make use of phpCAS::getUser() and similar methods - $this->markAuthenticationCall($res); phpCAS::traceEnd($res); return $res; } @@ -1923,11 +1935,12 @@ class CAS_Client * server, as is (XML text). * @param string &$tree_response reference to the response of the CAS * server, as a DOM XML tree. + * @param bool $renew true to force the authentication with the CAS server * * @return bool true when successfull and issue a CAS_AuthenticationException * and false on an error */ - public function validateCAS10(&$validate_url,&$text_response,&$tree_response) + public function validateCAS10(&$validate_url,&$text_response,&$tree_response,$renew=false) { phpCAS::traceBegin(); $result = false; @@ -1935,6 +1948,11 @@ class CAS_Client $validate_url = $this->getServerServiceValidateURL() .'&ticket='.urlencode($this->getTicket()); + if ( $renew ) { + // pass the renew + $validate_url .= '&renew=true'; + } + // open and read the URL if ( !$this->_readURL($validate_url, $headers, $text_response, $err_msg) ) { phpCAS::trace( @@ -1997,17 +2015,23 @@ class CAS_Client * server, as is (XML text). * @param string &$tree_response reference to the response of the CAS * server, as a DOM XML tree. + * @param bool $renew true to force the authentication with the CAS server * * @return bool true when successfull and issue a CAS_AuthenticationException * and false on an error */ - public function validateSA(&$validate_url,&$text_response,&$tree_response) + public function validateSA(&$validate_url,&$text_response,&$tree_response,$renew=false) { phpCAS::traceBegin(); $result = false; // build the URL to validate the ticket $validate_url = $this->getServerSamlValidateURL(); + if ( $renew ) { + // pass the renew + $validate_url .= '&renew=true'; + } + // open and read the URL if ( !$this->_readURL($validate_url, $headers, $text_response, $err_msg) ) { phpCAS::trace( @@ -2178,6 +2202,7 @@ class CAS_Client return $this->_proxy; } + /** @} */ // ######################################################################## // PGT @@ -3091,11 +3116,12 @@ class CAS_Client * @param string &$validate_url the url of the reponse * @param string &$text_response the text of the repsones * @param string &$tree_response the domxml tree of the respones + * @param bool $renew true to force the authentication with the CAS server * * @return bool true when successfull and issue a CAS_AuthenticationException * and false on an error */ - public function validateCAS20(&$validate_url,&$text_response,&$tree_response) + public function validateCAS20(&$validate_url,&$text_response,&$tree_response, $renew=false) { phpCAS::traceBegin(); phpCAS::trace($text_response); @@ -3114,6 +3140,11 @@ class CAS_Client $validate_url .= '&pgtUrl='.urlencode($this->_getCallbackURL()); } + if ( $renew ) { + // pass the renew + $validate_url .= '&renew=true'; + } + // open and read the URL if ( !$this->_readURL($validate_url, $headers, $text_response, $err_msg) ) { phpCAS::trace( @@ -3482,7 +3513,8 @@ class CAS_Client if (!empty($_SERVER['HTTP_X_FORWARDED_HOST'])) { // explode the host list separated by comma and use the first host $hosts = explode(',', $_SERVER['HTTP_X_FORWARDED_HOST']); - $server_url = $hosts[0]; + // see rfc7239#5.3 and rfc7230#2.7.1: port is in HTTP_X_FORWARDED_HOST if non default + return $hosts[0]; } else if (!empty($_SERVER['HTTP_X_FORWARDED_SERVER'])) { $server_url = $_SERVER['HTTP_X_FORWARDED_SERVER']; } else { @@ -3522,7 +3554,7 @@ class CAS_Client } if ( isset($_SERVER['HTTPS']) && !empty($_SERVER['HTTPS']) - && $_SERVER['HTTPS'] != 'off' + && strcasecmp($_SERVER['HTTPS'], 'off') !== 0 ) { return true; } else { @@ -3589,7 +3621,7 @@ class CAS_Client phpCAS :: trace("Restoring old session vars"); $_SESSION = $old_session; } else { - phpCAS :: error( + phpCAS :: trace ( 'Session should only be renamed after successfull authentication' ); } @@ -3635,7 +3667,7 @@ class CAS_Client $this->printHTMLHeader($lang->getAuthenticationFailed()); printf( $lang->getYouWereNotAuthenticated(), htmlentities($this->getURL()), - $_SERVER['SERVER_ADMIN'] + isset($_SERVER['SERVER_ADMIN']) ? $_SERVER['SERVER_ADMIN']:'' ); phpCAS::trace('CAS URL: '.$cas_url); phpCAS::trace('Authentication failure: '.$failure); diff --git a/auth/cas/CAS/CAS/Request/CurlRequest.php b/auth/cas/CAS/CAS/Request/CurlRequest.php index ea3201e86be..dd866dc80f7 100644 --- a/auth/cas/CAS/CAS/Request/CurlRequest.php +++ b/auth/cas/CAS/CAS/Request/CurlRequest.php @@ -129,6 +129,7 @@ implements CAS_Request_RequestInterface phpCAS::trace('CURL: Set CURLOPT_CAINFO ' . $this->caCertPath); } else { curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); + curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); } /********************************************************* diff --git a/auth/cas/CAS/LICENSE b/auth/cas/CAS/LICENSE new file mode 100644 index 00000000000..261eeb9e9f8 --- /dev/null +++ b/auth/cas/CAS/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/auth/cas/CAS/NOTICE b/auth/cas/CAS/NOTICE new file mode 100644 index 00000000000..70d9ffcd4c5 --- /dev/null +++ b/auth/cas/CAS/NOTICE @@ -0,0 +1,81 @@ +Copyright 2007-2011, JA-SIG, Inc. +This project includes software developed by Jasig. +http://www.jasig.org/ + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this software except in compliance with the License. +You may obtain a copy of the License at: + +http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. + +=========================================================================== + +Copyright © 2003-2007, The ESUP-Portail consortium + +Requirements for sources originally licensed under the New BSD License: + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: + +- Redistributions of source code must retain the above copyright notice, +this list of conditions and the following disclaimer. + +- Redistributions in binary form must reproduce the above copyright notice, +this list of conditions and the following disclaimer in the documentation +and/or other materials provided with the distribution. + +- Neither the name of JA-SIG, Inc. nor the names of its contributors may be +used to endorse or promote products derived from this software without +specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE +LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +POSSIBILITY OF SUCH DAMAGE. + +=========================================================================== + +Copyright (c) 2009, Regents of the University of Nebraska +All rights reserved. + +Requirements for CAS_Autloader originally licensed under the New BSD License: + +Redistribution and use in source and binary forms, with or without modification, +are permitted provided that the following conditions are met: + +Redistributions of source code must retain the above copyright notice, this list +of conditions and the following disclaimer. + +Redistributions in binary form must reproduce the above copyright notice, this +list of conditions and the following disclaimer in the documentation and/or +other materials provided with the distribution. + +Neither the name of the University of Nebraska nor the names of its contributors +may be used to endorse or promote products derived from this software without +specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE +LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +POSSIBILITY OF SUCH DAMAGE. diff --git a/auth/cas/CAS/README.md b/auth/cas/CAS/README.md new file mode 100644 index 00000000000..583c1dce872 --- /dev/null +++ b/auth/cas/CAS/README.md @@ -0,0 +1,31 @@ +phpCAS +======= + +phpCAS is an authentication library that allows PHP applications to easily authenticate +users via a Central Authentication Service (CAS) server. + +Please see the phpCAS website for more information: + +https://wiki.jasig.org/display/CASC/phpCAS + +[![Build Status](https://travis-ci.org/Jasig/phpCAS.png)](https://travis-ci.org/Jasig/phpCAS) + + +LICENSE +------- + +Copyright 2007-2015, JA-SIG, Inc. +This project includes software developed by Jasig. +http://www.jasig.org/ + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this software except in compliance with the License. +You may obtain a copy of the License at: + +http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. diff --git a/auth/cas/CAS/moodle_readme.txt b/auth/cas/CAS/moodle_readme.txt index 7d24ed3c1fb..e0d726dda7b 100644 --- a/auth/cas/CAS/moodle_readme.txt +++ b/auth/cas/CAS/moodle_readme.txt @@ -1,5 +1,4 @@ -Description of phpCAS 1.3.3 library import +Description of phpCAS 1.3.4 library import * downloaded from http://downloads.jasig.org/cas-clients/php/current/ -merrill diff --git a/auth/cas/thirdpartylibs.xml b/auth/cas/thirdpartylibs.xml index 33f028478b1..895150db730 100644 --- a/auth/cas/thirdpartylibs.xml +++ b/auth/cas/thirdpartylibs.xml @@ -3,8 +3,8 @@ CAS CAS - BSD - 1.3.3 - + Apache + 1.3.4 + 2.0