Closed erozqba closed 7 years ago
Hi, I was looking in the example_custom_urls.php file to know how to made a patch for this issue https://github.com/XavRsl/Cas/issues/37 in another project that uses phpCAS and I find out that the comments are a little confusing:
example_custom_urls.php
In the line https://github.com/Jasig/phpCAS/blob/master/docs/examples/example_custom_urls.php#L39 it suggest that you should use phpCAS::setServerProxyValidateURL for any CAS 2.0 validation, but phpCAS::setServerProxyValidateURL should be used for the proxy validate URL of any CAS version.
phpCAS::setServerProxyValidateURL
In the line https://github.com/Jasig/phpCAS/blob/master/docs/examples/example_custom_urls.php#L41 it suggest that you should use phpCAS::setServerServiceValidateURL for any CAS 1.0 validation, but phpCAS::setServerServiceValidateURL should be used for the validate URL of any CAS version.
phpCAS::setServerServiceValidateURL
After looking more into the implementation I found a similar problem in https://github.com/Jasig/phpCAS/blob/master/source/CAS.php file in lines https://github.com/Jasig/phpCAS/blob/master/source/CAS.php#L1315 and https://github.com/Jasig/phpCAS/blob/master/source/CAS.php#L1337
For references look at the CAS protocol specifications https://apereo.github.io/cas/5.0.x/protocol/CAS-Protocol-Specification.html and to the implementations in the https://github.com/Jasig/phpCAS/blob/master/source/CAS/Client.php file, of the methods getServerServiceValidateURL in line https://github.com/Jasig/phpCAS/blob/master/source/CAS/Client.php#L431 and getServerProxyValidateURL in line https://github.com/Jasig/phpCAS/blob/master/source/CAS/Client.php#L488
Thanks for the report and fix. We fixed the "broken" code long ago but forgot the inline documentation...
Thanks!
Hi, I was looking in the
example_custom_urls.php
file to know how to made a patch for this issue https://github.com/XavRsl/Cas/issues/37 in another project that uses phpCAS and I find out that the comments are a little confusing:In the line https://github.com/Jasig/phpCAS/blob/master/docs/examples/example_custom_urls.php#L39 it suggest that you should use
phpCAS::setServerProxyValidateURL
for any CAS 2.0 validation, butphpCAS::setServerProxyValidateURL
should be used for the proxy validate URL of any CAS version.In the line https://github.com/Jasig/phpCAS/blob/master/docs/examples/example_custom_urls.php#L41 it suggest that you should use
phpCAS::setServerServiceValidateURL
for any CAS 1.0 validation, butphpCAS::setServerServiceValidateURL
should be used for the validate URL of any CAS version.After looking more into the implementation I found a similar problem in https://github.com/Jasig/phpCAS/blob/master/source/CAS.php file in lines https://github.com/Jasig/phpCAS/blob/master/source/CAS.php#L1315 and https://github.com/Jasig/phpCAS/blob/master/source/CAS.php#L1337
For references look at the CAS protocol specifications https://apereo.github.io/cas/5.0.x/protocol/CAS-Protocol-Specification.html and to the implementations in the https://github.com/Jasig/phpCAS/blob/master/source/CAS/Client.php file, of the methods getServerServiceValidateURL in line https://github.com/Jasig/phpCAS/blob/master/source/CAS/Client.php#L431 and getServerProxyValidateURL in line https://github.com/Jasig/phpCAS/blob/master/source/CAS/Client.php#L488