Fix validation condition for CAS10

ioigoume · ioigoume · commit 5ea16ac9315e · 2024-12-19T21:52:28.000+02:00
diff --git a/src/Cas/AttributeExtractor.php b/src/Cas/AttributeExtractor.php
@@ -55,7 +55,7 @@ public function __construct(
      * @param   array|null  $state
      *
      * @return array
-     * @throws Exception
+     * @throws \Exception
      */
     public function extractUserAndAttributes(?array $state): array
     {
@@ -76,12 +76,11 @@ public function extractUserAndAttributes(?array $state): array
             throw new \Exception("No cas user defined for attribute $casUsernameAttribute");
         }
 
+        $casAttributes = [];
         if ($this->casconfig->getOptionalValue('attributes', true)) {
             $attributesToTransfer = $this->casconfig->getOptionalValue('attributes_to_transfer', []);
 
             if (sizeof($attributesToTransfer) > 0) {
-                $casAttributes = [];
-
                 foreach ($attributesToTransfer as $key) {
                     if (\array_key_exists($key, $attributes)) {
                         $casAttributes[$key] = $attributes[$key];
@@ -90,8 +89,6 @@ public function extractUserAndAttributes(?array $state): array
             } else {
                 $casAttributes = $attributes;
             }
-        } else {
-            $casAttributes = [];
         }
 
         return [
diff --git a/src/Controller/Cas10Controller.php b/src/Controller/Cas10Controller.php
@@ -147,8 +147,8 @@ public function validate(
         // Get the username field
         $usernameField = $this->casConfig->getOptionalValue('attrname', 'eduPersonPrincipalName');
 
-        // Fail if the username field is not present in the attribute list
-        if (!\array_key_exists($usernameField, $serviceTicket['attributes'])) {
+        // Fail if the username is not present in the ticket
+        if (empty($serviceTicket['userName'])) {
             Logger::error(
                 'casserver:validate: internal server error. Missing user name attribute: '
                 . var_export($usernameField, true),
@@ -161,7 +161,7 @@ public function validate(
 
         // Successful validation
         return new Response(
-            $this->cas10Protocol->getValidateSuccessResponse($serviceTicket['attributes'][$usernameField][0]),
+            $this->cas10Protocol->getValidateSuccessResponse($serviceTicket['userName']),
             Response::HTTP_OK,
         );
     }
diff --git a/tests/src/Controller/Cas10ControllerTest.php b/tests/src/Controller/Cas10ControllerTest.php
@@ -233,7 +233,7 @@ public function testReturnBadRequestOnTicketMissingUsernameField(): void
             'service' => 'https://myservice.com/abcd',
         ];
         $this->ticket['validBefore'] = 9999999999;
-        $this->ticket['attributes'] = [];
+        $this->ticket['userName'] = '';
 
         $request = Request::create(
             uri: 'http://localhost',
@@ -330,6 +330,6 @@ public function testSuccessfullValidation(): void
         $response = $cas10Controller->validate($request, ...$params);
 
         $this->assertEquals(200, $response->getStatusCode());
-        $this->assertEquals("yes\neduPersonPrincipalName@google.com\n", $response->getContent());
+        $this->assertEquals("yes\nusername@google.com\n", $response->getContent());
     }
 }

Original file line number	Diff line number	Diff line change
`@@ -55,7 +55,7 @@ public function __construct(`
`55`	`55`	`* @param array\|null $state`
`56`	`56`	`*`
`57`	`57`	`* @return array`
`58`		`- * @throws Exception`
	`58`	`+ * @throws \Exception`
`59`	`59`	`*/`
`60`	`60`	`public function extractUserAndAttributes(?array $state): array`
`61`	`61`	`{`
`@@ -76,12 +76,11 @@ public function extractUserAndAttributes(?array $state): array`
`76`	`76`	`throw new \Exception("No cas user defined for attribute $casUsernameAttribute");`
`77`	`77`	`}`
`78`	`78`
	`79`	`+ $casAttributes = [];`
`79`	`80`	`if ($this->casconfig->getOptionalValue('attributes', true)) {`
`80`	`81`	`$attributesToTransfer = $this->casconfig->getOptionalValue('attributes_to_transfer', []);`
`81`	`82`
`82`	`83`	`if (sizeof($attributesToTransfer) > 0) {`
`83`		`- $casAttributes = [];`
`84`		`-`
`85`	`84`	`foreach ($attributesToTransfer as $key) {`
`86`	`85`	`if (\array_key_exists($key, $attributes)) {`
`87`	`86`	`$casAttributes[$key] = $attributes[$key];`
`@@ -90,8 +89,6 @@ public function extractUserAndAttributes(?array $state): array`
`90`	`89`	`} else {`
`91`	`90`	`$casAttributes = $attributes;`
`92`	`91`	`}`
`93`		`- } else {`
`94`		`- $casAttributes = [];`
`95`	`92`	`}`
`96`	`93`
`97`	`94`	`return [`
Original file line number	Diff line number	Diff line change
`@@ -233,7 +233,7 @@ public function testReturnBadRequestOnTicketMissingUsernameField(): void`
`233`	`233`	`'service' => 'https://myservice.com/abcd',`
`234`	`234`	`];`
`235`	`235`	`$this->ticket['validBefore'] = 9999999999;`
`236`		`- $this->ticket['attributes'] = [];`
	`236`	`+ $this->ticket['userName'] = '';`
`237`	`237`
`238`	`238`	`$request = Request::create(`
`239`	`239`	`uri: 'http://localhost',`
`@@ -330,6 +330,6 @@ public function testSuccessfullValidation(): void`
`330`	`330`	`$response = $cas10Controller->validate($request, ...$params);`
`331`	`331`
`332`	`332`	`$this->assertEquals(200, $response->getStatusCode());`
`333`		`- $this->assertEquals("yes\neduPersonPrincipalName@google.com\n", $response->getContent());`
	`333`	`+ $this->assertEquals("yes\nusername@google.com\n", $response->getContent());`
`334`	`334`	`}`
`335`	`335`	`}`