1<?php
2
3/**
4 * Licensed to Jasig under one or more contributor license
5 * agreements. See the NOTICE file distributed with this work for
6 * additional information regarding copyright ownership.
7 *
8 * Jasig licenses this file to you under the Apache License,
9 * Version 2.0 (the "License"); you may not use this file except in
10 * compliance with the License. You may obtain a copy of the License at:
11 *
12 * http://www.apache.org/licenses/LICENSE-2.0
13 *
14 * Unless required by applicable law or agreed to in writing, software
15 * distributed under the License is distributed on an "AS IS" BASIS,
16 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 * See the License for the specific language governing permissions and
18 * limitations under the License.
19 *
20 * PHP Version 7
21 *
22 * @file     CAS/ServiceBaseUrl/Base.php
23 * @category Authentication
24 * @package  PhpCAS
25 * @author   Henry Pan <git@phy25.com>
26 * @license  http://www.apache.org/licenses/LICENSE-2.0  Apache License 2.0
27 * @link     https://wiki.jasig.org/display/CASC/phpCAS
28 */
29
30/**
31 * Base class of CAS/ServiceBaseUrl that implements isHTTPS method.
32 *
33 * @class    CAS_ServiceBaseUrl_Base
34 * @category Authentication
35 * @package  PhpCAS
36 * @author   Henry Pan <git@phy25.com>
37 * @license  http://www.apache.org/licenses/LICENSE-2.0  Apache License 2.0
38 * @link     https://wiki.jasig.org/display/CASC/phpCAS
39 */
40abstract class CAS_ServiceBaseUrl_Base
41implements CAS_ServiceBaseUrl_Interface
42{
43
44    /**
45     * Get PHP server name.
46     *
47     * @return string the server hostname and port of the server
48     */
49    abstract public function get();
50
51    /**
52     * Check whether HTTPS is used.
53     *
54     * This is used to construct the protocol in the URL.
55     *
56     * @return bool true if HTTPS is used
57     */
58    public function isHttps() {
59        if (!empty($_SERVER['HTTP_X_FORWARDED_PROTO'])) {
60            return ($_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https');
61        } elseif (!empty($_SERVER['HTTP_X_FORWARDED_PROTOCOL'])) {
62            return ($_SERVER['HTTP_X_FORWARDED_PROTOCOL'] === 'https');
63        } elseif ( isset($_SERVER['HTTPS'])
64            && !empty($_SERVER['HTTPS'])
65            && strcasecmp($_SERVER['HTTPS'], 'off') !== 0
66        ) {
67            return true;
68        }
69        return false;
70    }
71
72    /**
73     * Remove standard HTTP and HTTPS port for discovery and allowlist input.
74     *
75     * @param $url URL as https://domain:port without trailing slash
76     * @return standardized URL, or the original URL
77     * @throws CAS_InvalidArgumentException if the URL does not include the protocol
78     */
79    protected function removeStandardPort($url) {
80        if (strpos($url, "://") === false) {
81            throw new CAS_InvalidArgumentException(
82                "Configured base URL should include the protocol string: " . $url);
83        }
84
85        $url = rtrim($url, '/');
86
87        if (strpos($url, "https://") === 0 && substr_compare($url, ':443', -4) === 0) {
88            return substr($url, 0, -4);
89        }
90
91        if (strpos($url, "http://") === 0 && substr_compare($url, ':80', -3) === 0) {
92            return substr($url, 0, -3);
93        }
94
95        return $url;
96    }
97
98}
99