CAS Authentication Library for CodeIgniter

Question

I am trying to implement CAS authentication in a CodeIgniter application though I cannot find if there are any libraries currently set up for it. I am managing by just including the class and adding in a few dirty fixes though if anyone knows of a proper library I think it would be a cleaner solution.

I have been looking through a range of posts on here as well as all over Google but seem to be coming up short on what I need. The only place of any relevance is a post on VCU Libraries but that did not include the library download link.

Thanks everyone!

Answer 1

UPDATE: You can find the latest version of the library at Github: https://github.com/eliasdorneles/code-igniter-cas-library

You can also install via sparks: http://getsparks.org/packages/cas-auth-library/versions/HEAD/show

I've started a CAS library to simplify setting up CAS authentication for CodeIgniter, that relies on the existing phpCAS. To start using it, you just have installation phpCAS in some accessible directory, put the library file in application/libraries/Cas.php and create a config file config/cas.php like this:

<?php  if ( ! defined('BASEPATH')) exit('No direct script access allowed');
$config['cas_server_url'] = 'https://yourserver.com/cas';
$config['phpcas_path'] = '/path/to/phpCAS-1.3.1';
$config['cas_disable_server_validation'] = TRUE;
// $config['cas_debug'] = TRUE; // <--  use this to enable phpCAS debug mode

Then, in your controllers you would be able to do this:

function index() {
    $this->load->library('cas');
    $this->cas->force_auth();
    $user = $this->cas->user();
    echo "Hello, $user->userlogin!";
}

Here is the library file (has to be named Cas.php):

<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');

function cas_show_config_error(){
    show_error("CAS authentication is not properly configured.<br /><br />
    Please, check your configuration for the following file:
    <code>config/cas.php</code>
    The minimum configuration requires:
    <ul>
       <li><em>cas_server_url</em>: the <strong>URL</strong> of your CAS server</li>
       <li><em>phpcas_path</em>: path to a installation of
           <a href=\"https://wiki.jasig.org/display/CASC/phpCAS\">phpCAS library</a></li>
        <li>and one of <em>cas_disable_server_validation</em> and <em>cas_ca_cert_file</em>.</li>
    </ul>
    ");
}

class Cas {

    public function __construct(){
        if (!function_exists('curl_init')){
            show_error('<strong>ERROR:</strong> You need to install the PHP module <strong>curl</strong>
                to be able to use CAS authentication.');
        }
        $CI =& get_instance();
        $this->CI = $CI;
        $CI->config->load('cas');

        $this->phpcas_path = $CI->config->item('phpcas_path');
        $this->cas_server_url = $CI->config->item('cas_server_url');

        if (empty($this->phpcas_path) 
            or filter_var($this->cas_server_url, FILTER_VALIDATE_URL) === FALSE) {
            cas_show_config_error();
        }
        $cas_lib_file = $this->phpcas_path . '/CAS.php';
        if (!file_exists($cas_lib_file)){
            show_error("Could not find file: <code>" . $cas_lib_file. "</code>");
        }
        require_once $cas_lib_file;

        if ($CI->config->item('cas_debug')) {
            phpCAS::setDebug();
        }

        // init CAS client
        $defaults = array('path' => '', 'port' => 443);
        $cas_url = array_merge($defaults, parse_url($this->cas_server_url));

        phpCAS::client(CAS_VERSION_2_0, $cas_url['host'],
            $cas_url['port'], $cas_url['path']);

        // configures SSL behavior
        if ($CI->config->item('cas_disable_server_validation')){
            phpCAS::setNoCasServerValidation();
        } else {
            $ca_cert_file = $CI->config->item('cas_server_ca_cert');
            if (empty($ca_cert_file)) {
                cas_show_config_error();
            }
            phpCAS::setCasServerCACert($ca_cert_file);
        }
    }

    /**
      * Trigger CAS authentication if user is not yet authenticated.
      */
    public function force_auth()
    {
        phpCAS::forceAuthentication();
    }

    /**
     *  Return an object with userlogin and attributes.
     *  Shows aerror if called before authentication.
     */
    public function user()
    {
        if (phpCAS::isAuthenticated()) {
            $userlogin = phpCAS::getUser();
            $attributes = phpCAS::getAttributes();
            echo "has attributes? ";
            var_dump(phpCAS::hasAttributes());
            return (object) array('userlogin' => $userlogin,
                'attributes' => $attributes);
        } else {
            show_error("User was not authenticated yet.");
        }
    }

    /**
     *  Logout and redirect to the main site URL,
     *  or to the URL passed as argument
     */
    public function logout($url = '')
    {
        if (empty($url)) {
            $this->CI->load->helper('url');
            $url = base_url();
        }
        phpCAS::logoutWithRedirectService($url);
    }
}

Answer 2

I recommend using Ion Auth Library, it's built upon Redux Auth, which became outdated. Ion Auth is light weight, easy to customize, and does the things you need. Ion Auth is one of the best authentication libraries for CodeIgniter.

Answer 3

What exactly is not working with the VCU library?

Anything you can do in PHP, you can do in CodeIgniter. So you can just use the PHP CAS client: http://www.jasig.org/phpcas-121-final-release

And here is a example of how to authenticate.

https://source.jasig.org/cas-clients/phpcas/trunk/docs/examples/example_simple.php