4 * Licensed to Jasig under one or more contributor license
5 * agreements. See the NOTICE file distributed with this work for
6 * additional information regarding copyright ownership.
8 * Jasig licenses this file to you under the Apache License,
9 * Version 2.0 (the "License"); you may not use this file except in
10 * compliance with the License. You may obtain a copy of the License at:
12 * http://www.apache.org/licenses/LICENSE-2.0
14 * Unless required by applicable law or agreed to in writing, software
15 * distributed under the License is distributed on an "AS IS" BASIS,
16 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 * See the License for the specific language governing permissions and
18 * limitations under the License.
22 * @file CAS/ProxyChain/AllowedList.php
23 * @category Authentication
25 * @author Adam Franco <afranco@middlebury.edu>
26 * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0
27 * @link https://wiki.jasig.org/display/CASC/phpCAS
32 * ProxyChain is a container for storing chains of valid proxies that can
33 * be used to validate proxied requests to a service
35 * @class CAS_ProxyChain_AllowedList
36 * @category Authentication
38 * @author Adam Franco <afranco@middlebury.edu>
39 * @license http://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0
40 * @link https://wiki.jasig.org/display/CASC/phpCAS
43 class CAS_ProxyChain_AllowedList
46 private $_chains = array();
49 * Check whether proxies are allowed by configuration
53 public function isProxyingAllowed()
55 return (count($this->_chains) > 0);
59 * Add a chain of proxies to the list of possible chains
61 * @param CAS_ProxyChain_Interface $chain A chain of proxies
65 public function allowProxyChain(CAS_ProxyChain_Interface $chain)
67 $this->_chains[] = $chain;
71 * Check if the proxies found in the response match the allowed proxies
73 * @param array $proxies list of proxies to check
75 * @return bool whether the proxies match the allowed proxies
77 public function isProxyListAllowed(array $proxies)
80 if (empty($proxies)) {
81 phpCAS::trace("No proxies were found in the response");
82 phpCAS::traceEnd(true);
84 } elseif (!$this->isProxyingAllowed()) {
85 phpCAS::trace("Proxies are not allowed");
86 phpCAS::traceEnd(false);
89 $res = $this->contains($proxies);
90 phpCAS::traceEnd($res);
96 * Validate the proxies from the proxy ticket validation against the
97 * chains that were definded.
99 * @param array $list List of proxies from the proxy ticket validation.
101 * @return if any chain fully matches the supplied list
103 public function contains(array $list)
105 phpCAS::traceBegin();
107 foreach ($this->_chains as $chain) {
108 phpCAS::trace("Checking chain ". $count++);
109 if ($chain->matches($list)) {
110 phpCAS::traceEnd(true);
114 phpCAS::trace("No proxy chain matches.");
115 phpCAS::traceEnd(false);