N°5725 - Twig update 'filter', 'map' and 'reduce' filters

* client_id is now 255 chars (AttributeString)
 * client_secret is now 64 chars (AttributePassword) and cannot be anymore in the uniqueness rules
 * The modification of redirect_url, client_id or client_secret change the status to inactive and generate a session message to ask for token regeneration

.gitattributes

@@ -0,0 +1,48 @@
+# Set the default behavior, in case people don't have core.autocrlf set.
+* text=auto
+
+# Explicitly declare text files you want to always be normalized and converted
+# to native line endings on checkout.
+*.bash text eol=lf
+*.bat text eol=lf
+*.cmd text eol=lf
+*.css text eol=lf
+*.scss text eol=lf
+*.dist text eol=lf
+.editorconfig text eol=lf
+.env* text eol=lf
+.gitignore text eol=lf
+.htaccess text eol=lf
+*.htm text eol=lf
+*.html text eol=lf
+*.ini text eol=lf
+*.js text eol=lf
+*.json text eol=lf
+*.lock text eol=lf
+*.md text eol=lf
+*.php text eol=lf
+*.php_cs text eol=lf
+*.php8 text eol=lf
+*.plex text eol=lf
+*.sh text eol=lf
+*.svg text eol=lf
+*.ts text eol=lf
+*.twig text eol=lf
+*.txt text eol=lf
+*.xml text eol=lf
+*.xsd text eol=lf
+*.yaml text eol=lf
+*.yml text eol=lf
+
+# Denote all files that are truly binary and should not be modified.
+*.png binary
+*.jpeg binary
+*.jpg binary
+*.gif binary
+*.ico binary
+*.pdf binary
+*.swf binary
+*.zip binary
+*.ttf binary
+*.woff binary
+*.woff2 binary

.gitignore

@@ -6,12 +6,6 @@
 # maintenance mode (N°2240)
 /.maintenance
 
-# listing prevention in conf directory
-/conf/**
-!/conf/.htaccess
-!/conf/index.php
-!/conf/web.config
-
 # composer reserver directory, from sources, populate/update using "composer install"
 vendor/*
 test/vendor/*
@@ -19,6 +13,7 @@ test/vendor/*
 # all conf but listing prevention
 /conf/**
 !/conf/.htaccess
+!/conf/index.php
 !/conf/web.config
 
 # all datas but listing prevention
@@ -37,9 +32,13 @@ test/vendor/*
 !/log/index.php
 !/log/web.config
 
+# PHPUnit cache file
+/test/.phpunit.result.cache
+
 
 # Jetbrains
 /.idea/**
+!/.idea/IntelliLang.xml
 
 # doc. generation
 /.doc/vendor

.idea/IntelliLang.xml

@@ -0,0 +1,15 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="LanguageInjectionConfiguration">
+    <injection language="InjectablePHP" injector-id="xml">
+      <display-name>iTop - Class method code</display-name>
+      <place><![CDATA[xmlTag().withLocalName(string().equalTo("code"))]]></place>
+      <xpath-condition>name(..) = 'method' and count(/itop_design) = 1</xpath-condition>
+    </injection>
+    <injection language="InjectablePHP" injector-id="xml">
+      <display-name>iTop - Snippet code</display-name>
+      <place><![CDATA[xmlTag().withLocalName(string().equalTo("snippet"))]]></place>
+      <xpath-condition>name(..) = 'snippets' and count(/itop_design) = 1</xpath-condition>
+    </injection>
+  </component>
+</project>

.make/composer/rmDeniedTestDir.php

@@ -50,14 +50,24 @@ foreach ($aDeniedButStillPresent as $sDir)
 		continue;
 	}
 
-	try
-	{
+	try {
 		SetupUtils::rrmdir($sDir);
 		echo "OK Remove denied test dir: '$sDir'\n";
 	}
-	catch (\Exception $e)
-	{
+	catch (\Exception $e) {
 		echo "\nFAILED to remove denied test dir: '$sDir'\n";
 	}
+}
 
+
+$aAllowedAndDeniedDirs = array_merge(
+	$oiTopComposer->ListAllowedTestDir(),
+	$oiTopComposer->ListDeniedTestDir()
+);
+$aExistingDirs = $oiTopComposer->ListAllTestDir();
+$aMissing = array_diff($aExistingDirs, $aAllowedAndDeniedDirs);
+if (false === empty($aMissing)) {
+	echo "Some new tests dirs exists !\n"
+		.'  They must be declared either in the allowed or denied list in '.iTopComposer::class." (see N°2651).\n"
+		.'  List of dirs:'."\n".var_export($aMissing, true);
 }

CONTRIBUTING.md

@@ -111,9 +111,9 @@ Our tests are located in the `test/` directory, containing a PHPUnit config file
 * Use the present tense ("Add feature" not "Added feature")
 * Use the imperative mood ("Move cursor to..." not "Moves cursor to...")
 * Limit the first line to 72 characters or less
-* Please start the commit message with an applicable emoji code (following the [Gitmoji guide](https://gitmoji.carloscuesta.me/)).  
- Beware to use the code (for example `:bug:`) and not the character (🐛) as Unicode support in git clients is very poor for now...  
- Emoji examples :
+* Please start the commit message with an applicable emoji code (following the [Gitmoji guide](https://gitmoji.dev/)).  
+  Beware to use the code (for example `:bug:`) and not the character (🐛) as Unicode support in git clients is very poor for now...  
+  Emoji examples :
     * 🌐 `:globe_with_meridians:` for translations
     * 🎨 `:art:` when improving the format/structure of the code
     * ⚡️ `:zap:` when improving performance
@@ -132,7 +132,7 @@ Our tests are located in the `test/` directory, containing a PHPUnit config file
 
 When your code is working, please:
 
-* stash as much as possible your commits,
+* squash as much as possible your commits,
 * rebase your branch on our repo last commit,
 * create a pull request.
 

application/applicationextension.inc.php

@@ -1083,11 +1083,11 @@ abstract class AbstractPageUIExtension implements iPageUIExtension
 /**
  * Implement this interface to add content to any enhanced portal page
  *
- * IMPORTANT! Experimental API, may be removed at anytime, we don't recommend to use it just now!
- *
  * @api
  * @package     Extensibility
- * @since 2.4.0
+ *
+ * @since 2.4.0 interface creation
+ * @since 2.7.0 change method signatures due to Silex to Symfony migration
  */
 interface iPortalUIExtension
 {
@@ -1160,7 +1160,11 @@ interface iPortalUIExtension
 }
 
 /**
- * IMPORTANT! Experimental API, may be removed at anytime, we don't recommend to use it just now!
+ * Extend this class instead of iPortalUIExtension if you don't need to overload all methods
+ *
+ * @api
+ * @package     Extensibility
+ * @since       2.4.0
  */
 abstract class AbstractPortalUIExtension implements iPortalUIExtension
 {

application/cmdbabstract.class.inc.php

@@ -4735,11 +4735,15 @@ EOF
 			$sCSSClass = $bResult ? HILIGHT_CLASS_NONE : HILIGHT_CLASS_CRITICAL;
 			$sChecked = $bResult ? 'checked' : '';
 			$sDisabled = $bResult ? '' : 'disabled';
+
+			$aErrorsToDisplay = array_map(function($sError) {
+				return utils::HtmlEntities($sError);
+			}, $aErrors);
 			$aRows[] = array(
 				'form::select' => "<input type=\"checkbox\" class=\"selectList\" $sChecked $sDisabled\"></input>",
 				'object' => $oObj->GetHyperlink(),
 				'status' => $sStatus,
-				'errors' => '<p>'.($bResult ? '' : implode('</p><p>', $aErrors)).'</p>',
+				'errors' => '<p>'.($bResult ? '' : implode('</p><p>', $aErrorsToDisplay)).'</p>',
 				'@class' => $sCSSClass,
 			);
 			if ($bResult && (!$bPreview))

application/dashboard.class.inc.php

@@ -1478,6 +1478,29 @@ JS
 		return $this->sDefinitionFile;
 	}
 
+	/**
+	 * @param string $sDashboardFileRelative can also be an absolute path (compatibility with old URL)
+	 *
+	 * @return string full path to the Dashboard file
+	 * @throws \SecurityException if path isn't under approot
+	 * @uses utils::RealPath()
+	 * @since 2.7.8 3.0.3 3.1.0 N°4449 remove FPD
+	 */
+	public static function GetDashboardFileFromRelativePath($sDashboardFileRelative)
+	{
+		if (utils::RealPath($sDashboardFileRelative, APPROOT)) {
+			// compatibility with old URL containing absolute path !
+			return $sDashboardFileRelative;
+		}
+
+		$sDashboardFile = APPROOT.$sDashboardFileRelative;
+		if (false === utils::RealPath($sDashboardFile, APPROOT)) {
+			throw new SecurityException('Invalid dashboard file !');
+		}
+
+		return $sDashboardFile;
+	}
+
 	/**
 	 * @param string $sDefinitionFile
 	 */

application/dashlet.class.inc.php

@@ -255,7 +255,7 @@ abstract class Dashlet
 		catch(OqlException $e)
 		{
 			$oPage->add('<div class="dashlet-content">');
-			$oPage->p($e->GetUserFriendlyDescription());
+			$oPage->p(utils::HtmlEntities($e->GetUserFriendlyDescription()));
 			$oPage->add('</div>');
 		}
 		catch(Exception $e)

application/forms.class.inc.php

@@ -1223,7 +1223,7 @@ class DesignerComboField extends DesignerFormField
 		$sChecked = $this->defaultValue ? 'checked' : '';
 		$sMandatory = $this->bMandatory ? 'true' :  'false';
 		$sReadOnly = $this->IsReadOnly() ? 'disabled="disabled"' :  '';
-		if ($this->IsSorted())
+		if ($this->IsSorted() )
 		{
 			asort($this->aAllowedValues);
 		}
@@ -1271,18 +1271,14 @@ class DesignerComboField extends DesignerFormField
 					$sHtml .= "<option value=\"\">".$this->sNullLabel."</option>";
 				}
 			}
-			foreach($this->aAllowedValues as $sKey => $sDisplayValue)
-			{
-				if ($this->bMultipleSelection)
-				{
+			foreach ($this->aAllowedValues as $sKey => $sDisplayValue) {
+				if ($this->bMultipleSelection) {
 					$sSelected = in_array($sKey, $this->defaultValue) ? 'selected' : '';
-				}
-				else
-				{
+				} else {
 					$sSelected = ($sKey == $this->defaultValue) ? 'selected' : '';
 				}
 				// Quick and dirty: display the menu parents as a tree
-				$sHtmlValue = str_replace(' ', '&nbsp;', htmlentities($sDisplayValue, ENT_QUOTES, 'UTF-8'));
+				$sHtmlValue = str_replace(' ', '&nbsp;', $sDisplayValue);
 				$sHtml .= "<option value=\"".htmlentities($sKey, ENT_QUOTES, 'UTF-8')."\" $sSelected>$sHtmlValue</option>";
 			}
 			$sHtml .= "</select>";

application/loginbasic.class.inc.php

@@ -59,6 +59,8 @@ class LoginBasic extends AbstractLoginFSMExtension
 				$iErrorCode = LoginWebPage::EXIT_CODE_WRONGCREDENTIALS;
 				return LoginWebPage::LOGIN_FSM_ERROR;
 			}
+			// Save the checked user
+			$_SESSION['auth_user'] = $sAuthUser;
 		}
 		return LoginWebPage::LOGIN_FSM_CONTINUE;
 	}
@@ -67,7 +69,7 @@ class LoginBasic extends AbstractLoginFSMExtension
 	{
 		if ($_SESSION['login_mode'] == 'basic')
 		{
-			list($sAuthUser) = $this->GetAuthUserAndPassword();
+			$sAuthUser = $_SESSION['auth_user'];
 			LoginWebPage::OnLoginSuccess($sAuthUser, 'internal', $_SESSION['login_mode']);
 		}
 		return LoginWebPage::LOGIN_FSM_CONTINUE;

application/loginexternal.class.inc.php

@@ -43,6 +43,8 @@ class LoginExternal extends AbstractLoginFSMExtension
 				$iErrorCode = LoginWebPage::EXIT_CODE_WRONGCREDENTIALS;
 				return LoginWebPage::LOGIN_FSM_ERROR;
 			}
+			// Save the checked user
+			$_SESSION['auth_user'] = $sAuthUser;
 		}
 		return LoginWebPage::LOGIN_FSM_CONTINUE;
 	}
@@ -51,7 +53,7 @@ class LoginExternal extends AbstractLoginFSMExtension
 	{
 		if ($_SESSION['login_mode'] == 'external')
 		{
-			$sAuthUser = $this->GetAuthUser();
+			$sAuthUser = $_SESSION['auth_user'];
 			LoginWebPage::OnLoginSuccess($sAuthUser, 'external', $_SESSION['login_mode']);
 		}
 		return LoginWebPage::LOGIN_FSM_CONTINUE;

application/loginform.class.inc.php

@@ -71,6 +71,8 @@ class LoginForm extends AbstractLoginFSMExtension implements iLoginUIExtension
 				$iErrorCode = LoginWebPage::EXIT_CODE_WRONGCREDENTIALS;
 				return LoginWebPage::LOGIN_FSM_ERROR;
 			}
+			// Save the checked user
+			$_SESSION['auth_user'] = $sAuthUser;
 		}
 		return LoginWebPage::LOGIN_FSM_CONTINUE;
 	}
@@ -82,15 +84,7 @@ class LoginForm extends AbstractLoginFSMExtension implements iLoginUIExtension
 	{
 		if ($_SESSION['login_mode'] == 'form')
 		{
-			if (isset($_SESSION['auth_user']))
-			{
-				// If FSM reenter this state (example 2FA) then the auth_user is not resubmitted
-				$sAuthUser = $_SESSION['auth_user'];
-			}
-			else
-			{
-				$sAuthUser = utils::ReadPostedParam('auth_user', '', 'raw_data');
-			}
+			$sAuthUser = $_SESSION['auth_user'];
 			// Store 'auth_user' in session for further use
 			LoginWebPage::OnLoginSuccess($sAuthUser, 'internal', $_SESSION['login_mode']);
 		}

application/loginurl.class.inc.php

@@ -58,6 +58,8 @@ class LoginURL extends AbstractLoginFSMExtension
 				$iErrorCode = LoginWebPage::EXIT_CODE_WRONGCREDENTIALS;
 				return LoginWebPage::LOGIN_FSM_ERROR;
 			}
+			// Save the checked user
+			$_SESSION['auth_user'] = $sAuthUser;
 		}
 		return LoginWebPage::LOGIN_FSM_CONTINUE;
 	}
@@ -66,7 +68,7 @@ class LoginURL extends AbstractLoginFSMExtension
 	{
 		if ($_SESSION['login_mode'] == 'url')
 		{
-			$sAuthUser = utils::ReadParam('auth_user', '', false, 'raw_data');
+			$sAuthUser = $_SESSION['auth_user'];
 			LoginWebPage::OnLoginSuccess($sAuthUser, 'internal', $_SESSION['login_mode']);
 		}
 		return LoginWebPage::LOGIN_FSM_CONTINUE;

application/loginwebpage.class.inc.php

@@ -208,7 +208,7 @@ class LoginWebPage extends NiceWebPage
 				}
 
 				// This token allows the user to change the password without knowing the previous one
-				$sToken = substr(md5(APPROOT.uniqid()), 0, 16);
+				$sToken = bin2hex(random_bytes(32));
 				$oUser->Set('reset_pwd_token', $sToken);
 				CMDBObject::SetTrackInfo('Reset password');
 				$oUser->AllowWrite(true);

application/twigextension.class.inc.php

@@ -5,7 +5,6 @@ namespace Combodo\iTop;
 use AttributeDateTime;
 use Dict;
 use Exception;
-use MetaModel;
 use Twig_Environment;
 use Twig_SimpleFilter;
 use Twig_SimpleFunction;
@@ -115,14 +114,6 @@ class TwigExtension
 			return utils::IsDevelopmentEnvironment();
 		}));
 
-		// Function to get configuration parameter
-		// Usage in twig: {{ get_config_parameter('foo') }}
-		$oTwigEnv->addFunction(new Twig_SimpleFunction('get_config_parameter', function($sParamName)
-		{
-			$oConfig = MetaModel::GetConfig();
-			return $oConfig->Get($sParamName);
-		}));
-
 		// Function to get the URL of a static page in a module
 		// Usage in twig: {{ get_static_page_module_url('itop-my-module', 'path-to-my-page') }}
 		$oTwigEnv->addFunction(new Twig_SimpleFunction('get_static_page_module_url', function($sModuleName, $sPage)

application/utils.inc.php

@@ -283,6 +283,7 @@ class utils
 	 *
 	 * @since 2.5.2 2.6.0 new 'transaction_id' filter
 	 * @since 2.7.0 new 'element_identifier' filter
+	 * @since 2.7.7, 3.0.2, 3.1.0 N°4899 - new 'url' filter
 	 */
 	protected static function Sanitize_Internal($value, $sSanitizationFilter)
 	{
@@ -358,6 +359,11 @@ class utils
 				$retValue = preg_replace('/[^a-zA-Z0-9_]/', '', $value);
 				break;
 
+			// For URL
+			case 'url':
+				$retValue = filter_var($value, FILTER_SANITIZE_URL);
+				break;
+
 			default:
 			case 'raw_data':
 				$retValue = $value;
@@ -1323,19 +1329,19 @@ class utils
 				$oDashboard = $param;
 				$sDashboardId = $oDashboard->GetId();
 				$sDashboardFile = $oDashboard->GetDefinitionFile();
+				$sDashboardFileRelative = utils::LocalPath($sDashboardFile);
 				$sDlgTitle = addslashes(Dict::S('UI:ImportDashboardTitle'));
 				$sDlgText = addslashes(Dict::S('UI:ImportDashboardText'));
 				$sCloseBtn = addslashes(Dict::S('UI:Button:Cancel'));
-				$sDashboardFileJS = addslashes($sDashboardFile);
-				$sDashboardFileURL = urlencode($sDashboardFile);
+				$sDashboardFileJS = addslashes($sDashboardFileRelative);
+				$sDashboardFileURL = urlencode($sDashboardFileRelative);
 				$sUploadDashboardTransactId = utils::GetNewTransactionId();
 				$aResult = array(
 					new SeparatorPopupMenuItem(),
 					new URLPopupMenuItem('UI:ExportDashboard', Dict::S('UI:ExportDashBoard'), utils::GetAbsoluteUrlAppRoot().'pages/ajax.render.php?operation=export_dashboard&id='.$sDashboardId.'&file='.$sDashboardFileURL),
 					new JSPopupMenuItem('UI:ImportDashboard', Dict::S('UI:ImportDashBoard'), "UploadDashboard({dashboard_id: '$sDashboardId', file: '$sDashboardFileJS', title: '$sDlgTitle', text: '$sDlgText', close_btn: '$sCloseBtn', transaction: '$sUploadDashboardTransactId' })"),
 				);
-				if ($oDashboard->GetReloadURL())
-				{
+				if ($oDashboard->GetReloadURL()) {
 					$aResult[] = new SeparatorPopupMenuItem();
 					$aResult[] = new URLPopupMenuItem('UI:Menu:PrintableVersion', Dict::S('UI:Menu:PrintableVersion'), $oDashboard->GetReloadURL().'&printable=1', '_blank');
 				}

approot.inc.php

@@ -14,7 +14,7 @@ define('APPCONF', APPROOT.'conf/');
  * @used-by utils::GetItopVersionWikiSyntax()
  * @used-by iTopModulesPhpVersionIntegrationTest
  */
-define('ITOP_CORE_VERSION', '2.7.7');
+define('ITOP_CORE_VERSION', '2.7.8');
 
 
 require_once APPROOT.'bootstrap.inc.php';

composer.json

@@ -1,8 +1,10 @@
 {
+  "name": "combodo/itop",
+  "description": "IT Operations Portal",
   "type": "project",
-  "license": "AGPLv3",
+  "license": "AGPL-3.0-only",
   "require": {
-    "php": ">=5.6.0",
+    "php": ">=7.0.8",
     "ext-ctype": "*",
     "ext-dom": "*",
     "ext-gd": "*",
@@ -10,18 +12,23 @@
     "ext-json": "*",
     "ext-mysqli": "*",
     "ext-soap": "*",
-    "combodo/tcpdf": "6.3.5",
-    "nikic/php-parser": "^3.1",
-    "pear/archive_tar": "1.4.14",
-    "pelago/emogrifier": "2.1.0",
+    "combodo/tcpdf": "~6.4.4",
+    "guzzlehttp/guzzle": "^6.5.8",
+    "laminas/laminas-mail": "^2.11",
+    "laminas/laminas-servicemanager": "^3.5",
+    "league/oauth2-google": "^3.0",
+    "nikic/php-parser": "~4.13.2",
+    "pear/archive_tar": "~1.4.14",
+    "pelago/emogrifier": "~3.1.0",
     "scssphp/scssphp": "1.0.6",
-    "swiftmailer/swiftmailer": "5.4.12",
+    "swiftmailer/swiftmailer": "~6.3.0",
     "symfony/console": "~3.4.47",
     "symfony/dotenv": "~3.4.47",
     "symfony/framework-bundle": "~3.4.47",
-    "symfony/polyfill-php70": "1.*",
     "symfony/twig-bundle": "~3.4.47",
-    "symfony/yaml": "~3.4.47"
+    "symfony/yaml": "~3.4.47",
+    "thenetworg/oauth2-azure": "^2.0",
+    "twig/twig": "~1.42.5"
   },
   "require-dev": {
     "symfony/stopwatch": "~3.4.47",
@@ -37,7 +44,7 @@
   },
   "config": {
     "platform": {
-      "php": "5.6.0"
+      "php": "7.0.8"
     },
     "vendor-dir": "lib",
     "preferred-install": {
@@ -52,7 +59,8 @@
       "application",
       "sources/application",
       "sources/Composer",
-      "sources/Controller"
+      "sources/Controller",
+      "sources/Core"
     ],
     "exclude-from-classmap": [
       "core/dbobjectsearch.class.php",

core/action.class.inc.php

@@ -179,7 +179,7 @@ class ActionEmail extends ActionNotification
 	protected function FindRecipients($sRecipAttCode, $aArgs)
 	{
 		$sOQL = $this->Get($sRecipAttCode);
-		if (strlen($sOQL) == '') return '';
+		if (strlen($sOQL) === 0) return '';
 
 		try
 		{
@@ -328,8 +328,12 @@ class ActionEmail extends ActionNotification
 			$sBody = MetaModel::ApplyParams($this->Get('body'), $aContextArgs);
 
 			$oObj = $aContextArgs['this->object()'];
-			$sMessageId = sprintf('iTop_%s_%d_%f@%s.openitop.org', get_class($oObj), $oObj->GetKey(), microtime(true /* get as float*/),
-				MetaModel::GetEnvironmentId());
+			$sMessageId = sprintf('iTop_%s_%d_%F@%s.openitop.org',
+				get_class($oObj),
+				$oObj->GetKey(),
+				microtime(true /* get as float*/),
+				MetaModel::GetEnvironmentId()
+			);
 			$sReference = '<'.$sMessageId.'>';
 		}
 		catch (Exception $e) {

core/asynctask.class.inc.php

@@ -230,7 +230,7 @@ abstract class AsyncTask extends DBObject
 			$this->Set('remaining_retries', $this->GetMaxRetries($iErrorCode));
 		}
 
-		$this->Set('last_error', $sErrorMessage);
+		$this->SetTrim('last_error', $sErrorMessage);
 		$this->Set('last_error_code', $iErrorCode); // Note: can be ZERO !!!
 		$this->Set('last_attempt', time());
 

core/cmdbchangeop.class.inc.php

@@ -63,22 +63,30 @@ class CMDBChangeOp extends DBObject
 
 	/**
 	 * Describe (as a text string) the modifications corresponding to this change
-	 */	 
+	 */
 	public function GetDescription()
 	{
 		return '';
 	}
 
 	/**
-	 * Safety net: in case the change is not given, let's guarantee that it will
-	 * be set to the current ongoing change (or create a new one)	
-	 */	
+	 * Safety net:
+	 * * if change isn't persisted yet, use the current change and persist it if needed
+	 * * in case the change is not given, let's guarantee that it will be set to the current ongoing change (or create a new one)
+	 *
+	 * @since 2.7.7 3.0.2 3.1.0 N°3717 do persist the current change if needed
+	 */
 	protected function OnInsert()
 	{
-		if ($this->Get('change') <= 0)
-		{
-			$this->Set('change', CMDBObject::GetCurrentChange());
+		$iChange = $this->Get('change');
+		if (($iChange <= 0) || (is_null($iChange))) {
+			$oChange = CMDBObject::GetCurrentChange();
+			if ($oChange->IsNew()) {
+				$oChange->DBWrite();
+			}
+			$this->Set('change', $oChange);
 		}
+
 		parent::OnInsert();
 	}
 }

core/cmdbobject.class.inc.php

@@ -114,6 +114,26 @@ abstract class CMDBObject extends DBObject
 		self::$m_oCurrChange = $oChange;
 	}
 
+	/**
+	 * @param string $sUserInfo
+	 * @param string $sOrigin
+	 * @param \DateTime $oDate
+	 *
+	 * @throws \CoreException
+	 *
+	 * @since 2.7.7 3.0.2 3.1.0 N°3717 new method to reset current change
+	 */
+	public static function SetCurrentChangeFromParams($sUserInfo, $sOrigin = null, $oDate = null)
+	{
+		static::SetTrackInfo($sUserInfo);
+		static::SetTrackOrigin($sOrigin);
+		static::CreateChange();
+
+		if (!is_null($oDate)) {
+			static::$m_oCurrChange->Set("date", $oDate);
+		}
+	}
+
 	//
 	// Todo: simplify the APIs and do not pass the current change as an argument anymore
 	//       SetTrackInfo to be invoked in very few cases (UI.php, CSV import, Data synchro)
@@ -145,6 +165,8 @@ abstract class CMDBObject extends DBObject
 	 *    $oMyChange->Set("userinfo", 'this is done by ... for ...');
 	 *    $iChangeId = $oMyChange->DBInsert();
 	 *
+	 * **warning** : this will do nothing if current change already exists !
+	 *
 	 * @see SetCurrentChange to specify a CMDBObject instance instead
 	 *
 	 * @param string $sInfo
@@ -157,6 +179,8 @@ abstract class CMDBObject extends DBObject
 	/**
 	 * Provides information about the origin of the change
 	 *
+	 * **warning** : this will do nothing if current change already exists !
+	 *
 	 * @see SetTrackInfo
 	 * @see SetCurrentChange to specify a CMDBObject instance instead
 	 *
@@ -167,18 +191,15 @@ abstract class CMDBObject extends DBObject
 	{
 		self::$m_sOrigin = $sOrigin;
 	}
-	
+
 	/**
 	 * Get the additional information (defaulting to user name)
-	 */	 	
-	protected static function GetTrackInfo()
+	 */
+	public static function GetTrackInfo()
 	{
-		if (is_null(self::$m_sInfo))
-		{
+		if (is_null(self::$m_sInfo)) {
 			return CMDBChange::GetCurrentUserName();
-		}
-		else
-		{
+		} else {
 			return self::$m_sInfo;
 		}
 	}
@@ -201,7 +222,8 @@ abstract class CMDBObject extends DBObject
 	/**
 	 * Set to {@link $m_oCurrChange} a standard change record (done here 99% of the time, and nearly once per page)
 	 *
-	 * The CMDBChange is persisted so that it has a key > 0, and any new CMDBChangeOp can link to it
+	 * @since 2.7.7 3.0.2 3.1.0 N°3717 {@see CMDBChange} **will be persisted later** in {@see \CMDBChangeOp::OnInsert} (was done previously directly here)
+	 *     This will avoid creating in DB CMDBChange lines without any corresponding CMDBChangeOp
 	 */
 	protected static function CreateChange()
 	{
@@ -209,7 +231,6 @@ abstract class CMDBObject extends DBObject
 		self::$m_oCurrChange->Set("date", time());
 		self::$m_oCurrChange->Set("userinfo", self::GetTrackInfo());
 		self::$m_oCurrChange->Set("origin", self::GetTrackOrigin());
-		self::$m_oCurrChange->DBInsert();
 	}
 
 	/**

core/cmdbsource.class.inc.php

@@ -113,10 +113,18 @@ class MySQLNoTransactionException extends MySQLException
 
 }
 
+/**
+ * @since 2.7.8 3.0.3 3.1.0 N°5538
+ */
+class MySQLTransactionNotClosedException extends MySQLException
+{
+
+}
+
 
 /**
  * CMDBSource
- * database access wrapper 
+ * database access wrapper
  *
  * @package     iTopORM
  */

core/config.class.inc.php

@@ -476,11 +476,11 @@ class Config
 			'show_in_conf_sample' => true,
 		),
 		'cron_max_execution_time' => array(
-			'type' => 'integer',
-			'description' => 'Duration (seconds) of the page cron.php, must be shorter than php setting max_execution_time and shorter than the web server response timeout',
-			'default' => 600,
-			'value' => 600,
-			'source_of_value' => '',
+			'type'                => 'integer',
+			'description'         => 'Duration (seconds) of the cron.php script : if exceeded the script will exit even if there are remaining tasks to process. Must be shorter than php max_execution_time setting (note than when using CLI, this is set to 0 by default which means unlimited). If cron.php is ran via web, it must be shorter than the web server response timeout.',
+			'default'             => 600,
+			'value'               => 600,
+			'source_of_value'     => '',
 			'show_in_conf_sample' => true,
 		),
 		'cron_sleep' => array(
@@ -509,7 +509,7 @@ class Config
 		),
 		'email_transport' => array(
 			'type' => 'string',
-			'description' => 'Mean to send emails: PHPMail (uses the function mail()) or SMTP (implements the client protocol)',
+			'description' => 'Mean to send emails: PHPMail (uses the function mail()), SMTP (implements the client protocol) or SMTP_OAuth (connect to the server using OAuth 2.0)',
 			'default' => "PHPMail",
 			'value' => "PHPMail",
 			'source_of_value' => '',
@@ -555,6 +555,22 @@ class Config
 			'source_of_value' => '',
 			'show_in_conf_sample' => false,
 		),
+		'email_transport_smtp.allow_self_signed' => array(
+			'type'                => 'bool',
+			'description'         => 'Allow self signed peer certificates',
+			'default'             => false,
+			'value'               => false,
+			'source_of_value'     => '',
+			'show_in_conf_sample' => false,
+		),
+		'email_transport_smtp.verify_peer' => array(
+			'type'                => 'bool',
+			'description'         => 'Verify peer certificate',
+			'default'             => true,
+			'value'               => true,
+			'source_of_value'     => '',
+			'show_in_conf_sample' => false,
+		),
 		'email_css' => array(
 			'type' => 'string',
 			'description' => 'CSS that will override the standard stylesheet used for the notifications',

core/coreexception.class.inc.php

@@ -165,19 +165,15 @@ class CoreCannotSaveObjectException extends CoreException
 	public function getHtmlMessage()
 	{
 		$sTitle = Dict::S('UI:Error:SaveFailed');
-		$sContent = "<span><strong>{$sTitle}</strong></span>";
+		$sContent = "<span><strong>".utils::HtmlEntities($sTitle)."</strong></span>";
 
-		if (count($this->aIssues) == 1)
-		{
+		if (count($this->aIssues) == 1) {
 			$sIssue = reset($this->aIssues);
-			$sContent .= " <span>{$sIssue}</span>";
-		}
-		else
-		{
+			$sContent .= " <span>".utils::HtmlEntities($sIssue)."</span>";
+		} else {
 			$sContent .= '<ul>';
-			foreach ($this->aIssues as $sError)
-			{
-				$sContent .= "<li>$sError</li>";
+			foreach ($this->aIssues as $sError) {
+				$sContent .= "<li>".utils::HtmlEntities($sError)."</li>";
 			}
 			$sContent .= '</ul>';
 		}

core/dbobject.class.php

@@ -1977,9 +1977,9 @@ abstract class DBObject implements iDisplay
 	/**
 	 * check attributes together
 	 *
-     * @overwritable-hook You can extend this method in order to provide your own logic.
-     * 
-	 * @return bool 
+	 * @overwritable-hook You can extend this method in order to provide your own logic.
+	 *
+	 * @return true|string true if successful, the error description otherwise
 	 */
 	public function CheckConsistency()
 	{
@@ -3690,7 +3690,7 @@ abstract class DBObject implements iDisplay
 	}
 
     /**
-     * @internal
+     * @overwritable-hook You can extend this method in order to provide your own logic.
      *
      * @return array
      *

core/dbsearch.class.php

@@ -1623,7 +1623,7 @@ abstract class DBSearch
 		$oSet = new DBObjectSet($this);
 		if (MetaModel::IsStandaloneClass($sClass))
 		{
-			$oSet->OptimizeColumnLoad(array($this->GetClassAlias() => array('')));
+			$oSet->OptimizeColumnLoad(array($this->GetClassAlias() => array()));
 			$aIds = array($sClass => $oSet->GetColumnAsArray('id'));
 		}
 		else

core/displayablegraph.class.inc.php

@@ -1203,8 +1203,10 @@ class DisplayableGraph extends SimpleGraph
 	 * @param float $xMax Right coordinate of the bounding box to display the graph
 	 * @param float $yMin Top coordinate of the bounding box to display the graph
 	 * @param float $yMax Bottom coordinate of the bounding box to display the graph
+	 *
+	 * @since 2.7.7 3.0.2 3.1.0 N°4985 $sComments param is no longer optional
 	 */
-	function RenderAsPDF(PDFPage $oPage, $sComments = '', $sContextKey, $xMin = -1, $xMax = -1, $yMin = -1, $yMax = -1)
+	function RenderAsPDF(PDFPage $oPage, $sComments, $sContextKey, $xMin = -1, $xMax = -1, $yMin = -1, $yMax = -1)
 	{
 		$aContextDefs = static::GetContextDefinitions($sContextKey, false); // No need to develop the parameters
 		$oPdf = $oPage->get_tcpdf();

core/email.class.inc.php

@@ -24,38 +24,69 @@
  * @license     http://opensource.org/licenses/AGPL-3.0
  */
 
-Swift_Preferences::getInstance()->setCharset('UTF-8');
+use Combodo\iTop\Core\Email\EmailFactory;
+use Combodo\iTop\Core\Email\iEMail;
 
 
 define ('EMAIL_SEND_OK', 0);
 define ('EMAIL_SEND_PENDING', 1);
 define ('EMAIL_SEND_ERROR', 2);
 
-class EMail
+class EMail implements iEMail
 {
+	/**
+	 * @see self::LoadConfig()
+	 * @var Config
+	 * @since 2.7.7 3.0.2 3.1.0 N°3169 N°5102 Move attribute to children classes
+	 * @since 2.7.8 3.0.3 3.1.0 N°4947 pull up the attribute back to the Email class as config init is done here
+	 */
+	protected static $m_oConfig = null;
+	protected $oMailer;
+
 	// Serialization formats
 	const ORIGINAL_FORMAT = 1; // Original format, consisting in serializing the whole object, inculding the Swift Mailer's object.
-							   // Did not work with attachements since their binary representation cannot be stored as a valid UTF-8 string
+	// Did not work with attachements since their binary representation cannot be stored as a valid UTF-8 string
 	const FORMAT_V2 = 2; // New format, only the raw data are serialized (base64 encoded if needed)
-	
-	protected static $m_oConfig = null;
-	protected $m_aData; // For storing data to serialize
-
-	public function LoadConfig($sConfigFile = ITOP_DEFAULT_CONFIG_FILE)
-	{
-		if (is_null(self::$m_oConfig))
-		{
-			self::$m_oConfig = new Config($sConfigFile);
-		}
-	}
-
-	protected $m_oMessage;
 
 	public function __construct()
 	{
-		$this->m_aData = array();
-		$this->m_oMessage = Swift_Message::newInstance();
-		$this->SetRecipientFrom(MetaModel::GetConfig()->Get('email_default_sender_address'), MetaModel::GetConfig()->Get('email_default_sender_label'));
+		$this->oMailer = EmailFactory::GetMailer();
+	}
+
+	/**
+	 * Sets {@see m_oConfig} if current attribute is null
+	 *
+	 * @returns \Config the current {@see m_oConfig} value
+	 * @throws \ConfigException
+	 * @throws \CoreException
+	 *
+	 * @uses utils::GetConfig()
+	 *
+	 * @since 2.7.7 3.0.2 3.1.0 N°3169 N°5102 Move method to children classes
+	 * @since 2.7.8 3.0.3 3.1.0 N°4947 Pull up to the parent class, and remove `$sConfigFile` param
+	 */
+	public function LoadConfig()
+	{
+		if (is_null(static::$m_oConfig)) {
+			static::$m_oConfig = utils::GetConfig();
+		}
+
+		return static::$m_oConfig;
+	}
+
+	/**
+	 * @return void
+	 * @throws \ConfigException
+	 * @throws \CoreException
+	 * @since 2.7.8 3.0.3 3.1.0 N°4947 Method creation, to factorize same code in children classes
+	 */
+	protected function InitRecipientFrom()
+	{
+		$oConfig = $this->LoadConfig();
+		$this->SetRecipientFrom(
+			$oConfig->Get('email_default_sender_address'),
+			$oConfig->Get('email_default_sender_label')
+		);
 	}
 
 	/**
@@ -66,485 +97,96 @@ class EMail
 	 */
 	public function SerializeV2()
 	{
-		return serialize($this->m_aData);
+		return $this->oMailer->SerializeV2();
 	}
-	
+
 	/**
 	 * Custom de-serialization method
+	 *
 	 * @param string $sSerializedMessage The serialized representation of the message
+	 *
+	 * @return \Email
+	 * @throws \ArchivedObjectException
+	 * @throws \CoreException
+	 * @throws \Symfony\Component\CssSelector\Exception\SyntaxErrorException
 	 */
 	static public function UnSerializeV2($sSerializedMessage)
 	{
-		$aData = unserialize($sSerializedMessage);
-		$oMessage = new Email();
-		
-		if (array_key_exists('body', $aData))
-		{
-			$oMessage->SetBody($aData['body']['body'], $aData['body']['mimeType']);
-		}
-		if (array_key_exists('message_id', $aData))
-		{
-			$oMessage->SetMessageId($aData['message_id']);
-		}
-		if (array_key_exists('bcc', $aData))
-		{
-			$oMessage->SetRecipientBCC($aData['bcc']);
-		}
-		if (array_key_exists('cc', $aData))
-		{
-			$oMessage->SetRecipientCC($aData['cc']);
-		}
-		if (array_key_exists('from', $aData))
-		{
-			$oMessage->SetRecipientFrom($aData['from']['address'], $aData['from']['label']);
-		}
-		if (array_key_exists('reply_to', $aData))
-		{
-			$oMessage->SetRecipientReplyTo($aData['reply_to']);
-		}
-		if (array_key_exists('to', $aData))
-		{
-			$oMessage->SetRecipientTO($aData['to']);
-		}
-		if (array_key_exists('subject', $aData))
-		{
-			$oMessage->SetSubject($aData['subject']);
-		}
-		
-		
-		if (array_key_exists('headers', $aData))
-		{
-			foreach($aData['headers'] as $sKey => $sValue)
-			{
-				$oMessage->AddToHeader($sKey, $sValue);
-			}
-		}
-		if (array_key_exists('parts', $aData))
-		{
-			foreach($aData['parts'] as $aPart)
-			{
-				$oMessage->AddPart($aPart['text'], $aPart['mimeType']);
-			}
-		}
-		if (array_key_exists('attachments', $aData))
-		{
-			foreach($aData['attachments'] as $aAttachment)
-			{
-				$oMessage->AddAttachment(base64_decode($aAttachment['data']), $aAttachment['filename'], $aAttachment['mimeType']);
-			}
-		}
-		return $oMessage;
-	}
-	
-  	protected function SendAsynchronous(&$aIssues, $oLog = null)
-	{
-		try
-		{
-			AsyncSendEmail::AddToQueue($this, $oLog);
-		}
-		catch(Exception $e)
-		{
-			$aIssues = array($e->GetMessage());
-			return EMAIL_SEND_ERROR;
-		}
-		$aIssues = array();
-		return EMAIL_SEND_PENDING;
-	}
-
-	protected function SendSynchronous(&$aIssues, $oLog = null)
-	{
-		// If the body of the message is in HTML, embed all images based on attachments
-		$this->EmbedInlineImages();
-		
-		$this->LoadConfig();
-
-		$sTransport = self::$m_oConfig->Get('email_transport');
-		switch ($sTransport)
-		{
-		case 'SMTP':
-			$sHost = self::$m_oConfig->Get('email_transport_smtp.host');
-			$sPort = self::$m_oConfig->Get('email_transport_smtp.port');
-			$sEncryption = self::$m_oConfig->Get('email_transport_smtp.encryption');
-			$sUserName = self::$m_oConfig->Get('email_transport_smtp.username');
-			$sPassword = self::$m_oConfig->Get('email_transport_smtp.password');
-
-			$oTransport = Swift_SmtpTransport::newInstance($sHost, $sPort, $sEncryption);
-			if (strlen($sUserName) > 0)
-			{
-				$oTransport->setUsername($sUserName);
-				$oTransport->setPassword($sPassword);
-			}
-			break;
-
-		case 'Null':
-			$oTransport = Swift_NullTransport::newInstance();
-			break;
-		
-		case 'LogFile':
-			$oTransport = Swift_LogFileTransport::newInstance();
-			$oTransport->setLogFile(APPROOT.'log/mail.log');
-			break;
-			
-		case 'PHPMail':
-		default:
-			$oTransport = Swift_MailTransport::newInstance();
-		}
-
-		$oMailer = Swift_Mailer::newInstance($oTransport);
-
-		$aFailedRecipients = array();
-		$this->m_oMessage->setMaxLineLength(0);
-		$oKPI = new ExecutionKPI();
-		try
-		{
-			$iSent = $oMailer->send($this->m_oMessage, $aFailedRecipients);
-			if ($iSent === 0)
-			{
-				// Beware: it seems that $aFailedRecipients sometimes contains the recipients that actually received the message !!!
-				IssueLog::Warning('Email sending failed: Some recipients were invalid, aFailedRecipients contains: '.implode(', ', $aFailedRecipients));
-				$aIssues = array('Some recipients were invalid.');
-				$oKPI->ComputeStats('Email Sent', 'Error received');
-				return EMAIL_SEND_ERROR;
-			}
-			else
-			{
-				$aIssues = array();
-				$oKPI->ComputeStats('Email Sent', 'Succeded');
-				return EMAIL_SEND_OK;
-			}
-		}
-		catch (Exception $e)
-		{
-			$oKPI->ComputeStats('Email Sent', 'Error received');
-			throw $e;
-		}
-	}
-	
-	/**
-	 * Reprocess the body of the message (if it is an HTML message)
-	 * to replace the URL of images based on attachments by a link
-	 * to an embedded image (i.e. cid:....)
-	 */
-	protected function EmbedInlineImages()
-	{
-		if ($this->m_aData['body']['mimeType'] == 'text/html')
-		{
-			$oDOMDoc = new DOMDocument();
-			$oDOMDoc->preserveWhitespace = true;
-			@$oDOMDoc->loadHTML('<?xml encoding="UTF-8"?>'.$this->m_aData['body']['body']); // For loading HTML chunks where the character set is not specified
-
-			$oXPath = new DOMXPath($oDOMDoc);
-			$sXPath = '//img[@'.InlineImage::DOM_ATTR_ID.']';
-			$oImagesList = $oXPath->query($sXPath);
-
-			if ($oImagesList->length != 0)
-			{
-				foreach($oImagesList as $oImg)
-				{
-					$iAttId = $oImg->getAttribute(InlineImage::DOM_ATTR_ID);
-					$oAttachment = MetaModel::GetObject('InlineImage', $iAttId, false, true /* Allow All Data */);
-					if ($oAttachment)
-					{
-						$sImageSecret = $oImg->getAttribute('data-img-secret');
-						$sAttachmentSecret = $oAttachment->Get('secret');
-						if ($sImageSecret !== $sAttachmentSecret)
-						{
-							// @see N°1921
-							// If copying from another iTop we could get an IMG pointing to an InlineImage with wrong secret
-							continue;
-						}
-
-						$oDoc = $oAttachment->Get('contents');
-						$oSwiftImage = new Swift_Image($oDoc->GetData(), $oDoc->GetFileName(), $oDoc->GetMimeType());
-						$sCid = $this->m_oMessage->embed($oSwiftImage);
-						$oImg->setAttribute('src', $sCid);
-					}
-				}
-			}
-			$sHtmlBody = $oDOMDoc->saveHTML();
-			$this->m_oMessage->setBody($sHtmlBody, 'text/html', 'UTF-8');
-		}
+		return EmailFactory::GetMailer()::UnSerializeV2($sSerializedMessage);
 	}
 
 	public function Send(&$aIssues, $bForceSynchronous = false, $oLog = null)
 	{
-		//select a default sender if none is provided.
-		if(empty($this->m_aData['from']['address']) && !empty($this->m_aData['to'])){
-			$this->SetRecipientFrom($this->m_aData['to']);
-		}
-
-		if ($bForceSynchronous)
-		{
-			return $this->SendSynchronous($aIssues, $oLog);
-		}
-		else
-		{
-			$bConfigASYNC = MetaModel::GetConfig()->Get('email_asynchronous');
-			if ($bConfigASYNC)
-			{
-				return $this->SendAsynchronous($aIssues, $oLog);
-			}
-			else
-			{
-				return $this->SendSynchronous($aIssues, $oLog);
-			}
-		}
+		return $this->oMailer->Send($aIssues, $bForceSynchronous, $oLog);
 	}
 
 	public function AddToHeader($sKey, $sValue)
 	{
-		if (!array_key_exists('headers', $this->m_aData))
-		{
-			$this->m_aData['headers'] = array();
-		}
-		$this->m_aData['headers'][$sKey] = $sValue;
-		
-		if (strlen($sValue) > 0)
-		{
-			$oHeaders = $this->m_oMessage->getHeaders();
-			switch(strtolower($sKey))
-			{
-				case 'return-path':
-					$this->m_oMessage->setReturnPath($sValue);
-					break;
-
-				default:
-					$oHeaders->addTextHeader($sKey, $sValue);
-			}
-		}
+		$this->oMailer->AddToHeader($sKey, $sValue);
 	}
 
 	public function SetMessageId($sId)
 	{
-		$this->m_aData['message_id'] = $sId;
-		
-		// Note: Swift will add the angle brackets for you
-		// so let's remove the angle brackets if present, for historical reasons
-		$sId = str_replace(array('<', '>'), '', $sId);
-		
-		$oMsgId = $this->m_oMessage->getHeaders()->get('Message-ID');
-		$oMsgId->SetId($sId);
+		$this->oMailer->SetMessageId($sId);
 	}
 	
 	public function SetReferences($sReferences)
 	{
-		$this->AddToHeader('References', $sReferences);
+		$this->oMailer->SetReferences($sReferences);
 	}
 
 	public function SetBody($sBody, $sMimeType = 'text/html', $sCustomStyles = null)
 	{
-		if (($sMimeType === 'text/html') && ($sCustomStyles !== null))
-		{
-			$emogrifier = new \Pelago\Emogrifier($sBody, $sCustomStyles);
-			$sBody = $emogrifier->emogrify(); // Adds html/body tags if not already present
-		}
-		$this->m_aData['body'] = array('body' => $sBody, 'mimeType' => $sMimeType);
-		$this->m_oMessage->setBody($sBody, $sMimeType);
+		$this->oMailer->SetBody($sBody, $sMimeType, $sCustomStyles);
 	}
 
 	public function AddPart($sText, $sMimeType = 'text/html')
 	{
-		if (!array_key_exists('parts', $this->m_aData))
-		{
-			$this->m_aData['parts'] = array();
-		}
-		$this->m_aData['parts'][] = array('text' => $sText, 'mimeType' => $sMimeType);
-		$this->m_oMessage->addPart($sText, $sMimeType);
+		$this->oMailer->AddPart($sText, $sMimeType);
 	}
 
 	public function AddAttachment($data, $sFileName, $sMimeType)
 	{
-		if (!array_key_exists('attachments', $this->m_aData))
-		{
-			$this->m_aData['attachments'] = array();
-		}
-		$this->m_aData['attachments'][] = array('data' => base64_encode($data), 'filename' => $sFileName, 'mimeType' => $sMimeType);
-		$this->m_oMessage->attach(Swift_Attachment::newInstance($data, $sFileName, $sMimeType));
+		$this->oMailer->AddAttachment($data, $sFileName, $sMimeType);
 	}
 
 	public function SetSubject($sSubject)
 	{
-		$this->m_aData['subject'] = $sSubject;
-		$this->m_oMessage->setSubject($sSubject);
+		$this->oMailer->SetSubject($sSubject);
 	}
 
 	public function GetSubject()
 	{
-		return $this->m_oMessage->getSubject();
+		return $this->oMailer->GetSubject();
 	}
 
-	/**
-	 * Helper to transform and sanitize addresses
-	 * - get rid of empty addresses	 
-	 */	 	
-	protected function AddressStringToArray($sAddressCSVList)
-	{
-		$aAddresses = array();
-		foreach(explode(',', $sAddressCSVList) as $sAddress)
-		{
-			$sAddress = trim($sAddress);
-			if (strlen($sAddress) > 0)
-			{
-				$aAddresses[] = $sAddress;
-			}
-		}
-		return $aAddresses;
-	}
-	
 	public function SetRecipientTO($sAddress)
 	{
-		$this->m_aData['to'] = $sAddress;
-		if (!empty($sAddress))
-		{
-			$aAddresses = $this->AddressStringToArray($sAddress);
-			$this->m_oMessage->setTo($aAddresses);
-		}
+		$this->oMailer->SetRecipientTO($sAddress);
 	}
 
 	public function GetRecipientTO($bAsString = false)
 	{
-		$aRes = $this->m_oMessage->getTo();
-		if ($aRes === null)
-		{
-			// There is no "To" header field
-			$aRes = array();
-		}
-		if ($bAsString)
-		{
-			$aStrings = array();
-			foreach ($aRes as $sEmail => $sName)
-			{
-				if (is_null($sName))
-				{
-					$aStrings[] = $sEmail;
-				}
-				else
-				{
-					$sName = str_replace(array('<', '>'), '', $sName);
-					$aStrings[] = "$sName <$sEmail>";
-				}
-			}
-			return implode(', ', $aStrings);
-		}
-		else
-		{
-			return $aRes;
-		}
+		return $this->oMailer->GetRecipientTO($bAsString);
 	}
 
 	public function SetRecipientCC($sAddress)
 	{
-		$this->m_aData['cc'] = $sAddress;
-		if (!empty($sAddress))
-		{
-			$aAddresses = $this->AddressStringToArray($sAddress);
-			$this->m_oMessage->setCc($aAddresses);
-		}
+		$this->oMailer->SetRecipientCC($sAddress);
 	}
 
 	public function SetRecipientBCC($sAddress)
 	{
-		$this->m_aData['bcc'] = $sAddress;
-		if (!empty($sAddress))
-		{
-			$aAddresses = $this->AddressStringToArray($sAddress);
-			$this->m_oMessage->setBcc($aAddresses);
-		}
+		$this->oMailer->SetRecipientBCC($sAddress);
 	}
 
 	public function SetRecipientFrom($sAddress, $sLabel = '')
 	{
-		$this->m_aData['from'] = array('address' => $sAddress, 'label' => $sLabel);
-		if ($sLabel != '')
-		{
-			$this->m_oMessage->setFrom(array($sAddress => $sLabel));		
-		}
-		else if (!empty($sAddress))
-		{
-			$this->m_oMessage->setFrom($sAddress);
-		}
+		$this->oMailer->SetRecipientFrom($sAddress, $sLabel);
 	}
 
 	public function SetRecipientReplyTo($sAddress)
 	{
-		$this->m_aData['reply_to'] = $sAddress;
-		if (!empty($sAddress))
-		{
-			$this->m_oMessage->setReplyTo($sAddress);
-		}
-	}
-
-}
-
-/////////////////////////////////////////////////////////////////////////////////////
-
-/**
- * Extension to SwiftMailer: "debug" transport that pretends messages have been sent,
- * but just log them to a file.
- *
- * @package Swift
- * @author  Denis Flaven
- */
-class Swift_Transport_LogFileTransport extends Swift_Transport_NullTransport
-{
-	protected $sLogFile;
-	
-	/**
-	 * Sends the given message.
-	 *
-	 * @param Swift_Mime_Message $message
-	 * @param string[]           $failedRecipients An array of failures by-reference
-	 *
-	 * @return int     The number of sent emails
-	 */
-	public function send(Swift_Mime_Message $message, &$failedRecipients = null)
-	{
-		$hFile = @fopen($this->sLogFile, 'a');
-		if ($hFile)
-		{
-			$sTxt = "================== ".date('Y-m-d H:i:s')." ==================\n";
-			$sTxt .= $message->toString()."\n";
-		
-			@fwrite($hFile, $sTxt);
-			@fclose($hFile);
-		}
-		
-		return parent::send($message, $failedRecipients);
-	}
-	
-	public function setLogFile($sFilename)
-	{
-		$this->sLogFile = $sFilename;
-	}
-}
-
-/**
- * Pretends messages have been sent, but just log them to a file.
- *
- * @package Swift
- * @author  Denis Flaven
- */
-class Swift_LogFileTransport extends Swift_Transport_LogFileTransport
-{
-	/**
-	 * Create a new LogFileTransport.
-	 */
-	public function __construct()
-	{
-		call_user_func_array(
-		array($this, 'Swift_Transport_LogFileTransport::__construct'),
-		Swift_DependencyContainer::getInstance()
-		->createDependenciesFor('transport.null')
-		);
-	}
-
-	/**
-	 * Create a new LogFileTransport instance.
-	 *
-	 * @return Swift_LogFileTransport
-	 */
-	public static function newInstance()
-	{
-		return new self();
+		$this->oMailer->SetRecipientReplyTo($sAddress);
 	}
 }

core/htmlsanitizer.class.inc.php

@@ -116,6 +116,18 @@ abstract class DOMSanitizer extends HTMLSanitizer
 {
 	/** @var DOMDocument */
 	protected $oDoc;
+	/**
+	 * @var string Class to use for InlineImage static method calls
+	 * @used-by \Combodo\iTop\Test\UnitTest\Core\Sanitizer\HTMLDOMSanitizerTest::testDoSanitizeCallInlineImageProcessImageTag
+	 */
+	protected $sInlineImageClassName;
+
+	public function __construct($sInlineImageClassName = InlineImage::class)
+	{
+		parent::__construct();
+
+		$this->sInlineImageClassName = $sInlineImageClassName;
+	}
 
 	abstract public function GetTagsWhiteList();
 
@@ -211,7 +223,7 @@ abstract class DOMSanitizer extends HTMLSanitizer
 					// Recurse
 					$this->CleanNode($oNode);
 					if (($oNode instanceof DOMElement) && (strtolower($oNode->tagName) == 'img')) {
-						InlineImage::ProcessImageTag($oNode);
+						$this->sInlineImageClassName::ProcessImageTag($oNode);
 					}
 				}
 			}
@@ -347,6 +359,30 @@ class HTMLDOMSanitizer extends DOMSanitizer
 		'white-space',
 	);
 
+	public function __construct($sInlineImageClassName = InlineImage::class)
+	{
+		parent::__construct($sInlineImageClassName);
+
+		// Building href validation pattern from url and email validation patterns as the patterns are not used the same way in HTML content than in standard attributes value.
+		// eg. "foo@bar.com" vs "mailto:foo@bar.com?subject=Title&body=Hello%20world"
+		if (!array_key_exists('href', self::$aAttrsWhiteList)) {
+			// Regular urls
+			$sUrlPattern = utils::GetConfig()->Get('url_validation_pattern');
+
+			// Mailto urls
+			$sMailtoPattern = '(mailto:('.utils::GetConfig()->Get('email_validation_pattern').')(?:\?(?:subject|body)=([a-zA-Z0-9+\$_.-]*)(?:&(?:subject|body)=([a-zA-Z0-9+\$_.-]*))?)?)';
+
+			// Notification placeholders
+			// eg. $this->caller_id$, $this->hyperlink()$, $this->hyperlink(portal)$, $APP_URL$, $MODULES_URL$, ...
+			// Note: Authorize both $xxx$ and %24xxx%24 as the latter one is encoded when used in HTML attributes (eg. a[href])
+			$sPlaceholderPattern = '(\$|%24)[\w-]*(->[\w]*(\([\w-]*?\))?)?(\$|%24)';
+
+			$sPattern = $sUrlPattern.'|'.$sMailtoPattern.'|'.$sPlaceholderPattern;
+			$sPattern = '/'.str_replace('/', '\/', $sPattern).'/i';
+			self::$aAttrsWhiteList['href'] = $sPattern;
+		}
+	}
+
 	public function GetTagsWhiteList()
 	{
 		return static::$aTagsWhiteList;
@@ -372,30 +408,6 @@ class HTMLDOMSanitizer extends DOMSanitizer
 		return static::$aStylesWhiteList;
 	}
 
-	public function __construct()
-	{
-		parent::__construct();
-
-		// Building href validation pattern from url and email validation patterns as the patterns are not used the same way in HTML content than in standard attributes value.
-		// eg. "foo@bar.com" vs "mailto:foo@bar.com?subject=Title&body=Hello%20world"
-		if (!array_key_exists('href', self::$aAttrsWhiteList)) {
-			// Regular urls
-			$sUrlPattern = utils::GetConfig()->Get('url_validation_pattern');
-
-			// Mailto urls
-			$sMailtoPattern = '(mailto:('.utils::GetConfig()->Get('email_validation_pattern').')(?:\?(?:subject|body)=([a-zA-Z0-9+\$_.-]*)(?:&(?:subject|body)=([a-zA-Z0-9+\$_.-]*))?)?)';
-
-			// Notification placeholders
-			// eg. $this->caller_id$, $this->hyperlink()$, $this->hyperlink(portal)$, $APP_URL$, $MODULES_URL$, ...
-			// Note: Authorize both $xxx$ and %24xxx%24 as the latter one is encoded when used in HTML attributes (eg. a[href])
-			$sPlaceholderPattern = '(\$|%24)[\w-]*(->[\w]*(\([\w-]*?\))?)?(\$|%24)';
-
-			$sPattern = $sUrlPattern.'|'.$sMailtoPattern.'|'.$sPlaceholderPattern;
-			$sPattern = '/'.str_replace('/', '\/', $sPattern).'/i';
-			self::$aAttrsWhiteList['href'] = $sPattern;
-		}
-	}
-
 	public function LoadDoc($sHTML)
 	{
 		@$this->oDoc->loadHTML('<?xml encoding="UTF-8"?>'.$sHTML); // For loading HTML chunks where the character set is not specified

core/iTopConfigParser.php

@@ -6,6 +6,8 @@
  */
 
 use PhpParser\Node\Expr\Assign;
+use PhpParser\Node\Expr\Variable;
+use PhpParser\Parser;
 use PhpParser\ParserFactory;
 use PhpParser\PrettyPrinter\Standard;
 
@@ -80,38 +82,49 @@ class iTopConfigParser
 	 * @param \PhpParser\Parser $oParser
 	 * @param $sConfig
 	 *
-	 * @return \Combodo\iTop\Config\Validator\ConfigNodesVisitor
+	 * @return void
 	 */
-	private function BrowseFile(\PhpParser\Parser $oParser, $sConfig)
+	private function BrowseFile(Parser $oParser, $sConfig)
 	{
 		$prettyPrinter = new Standard();
 
-		try
-		{
+		try {
 			$aNodes = $oParser->parse($sConfig);
 		}
-		catch (\Error $e)
-		{
+		catch (\Error $e) {
 			$sMessage = Dict::Format('config-parse-error', $e->getMessage(), $e->getLine());
 			$this->oException = new \Exception($sMessage, 0, $e);
 		}
 
-		foreach ($aNodes as $oAssignation)
-		{
-			if (! $oAssignation instanceof Assign)
-			{
+		foreach ($aNodes as $sKey => $oNode) {
+			// With PhpParser 3 we had an Assign node at root
+			// In PhpParser 4 the root node is now an Expression
+
+			if (false === ($oNode instanceof \PhpParser\Node\Stmt\Expression)) {
+				continue;
+			}
+			/** @var \PhpParser\Node\Stmt\Expression $oNode */
+
+			if (false === ($oNode->expr instanceof Assign)) {
+				continue;
+			}
+			/** @var Assign $oAssignation */
+			$oAssignation = $oNode->expr;
+
+			if (false === ($oAssignation->var instanceof Variable)) {
+				continue;
+			}
+			if (false === ($oAssignation->expr instanceof PhpParser\Node\Expr\Array_)) {
 				continue;
 			}
 
 			$sCurrentRootVar = $oAssignation->var->name;
-			if (!array_key_exists($sCurrentRootVar, $this->aVarsMap))
-			{
+			if (!array_key_exists($sCurrentRootVar, $this->aVarsMap)) {
 				continue;
 			}
 			$aCurrentRootVarMap =& $this->aVarsMap[$sCurrentRootVar];
 
-			foreach ($oAssignation->expr->items as $oItem)
-			{
+			foreach ($oAssignation->expr->items as $oItem) {
 				$sValue = $prettyPrinter->prettyPrintExpr($oItem->value);
 				$aCurrentRootVarMap[$oItem->key->value] = $sValue;
 			}

core/log.class.inc.php

@@ -551,6 +551,13 @@ class LogChannels
 
 	const INLINE_IMAGE = 'InlineImage';
 
+	/**
+	 * @var string
+	 * @since 3.0.1 N°4849
+	 * @since 2.7.7 N°4635
+	 */
+	const NOTIFICATIONS = 'notifications';
+
 	const PORTAL = 'portal';
 }
 
@@ -691,7 +698,7 @@ abstract class LogAPI
 
 		if (isset($sLogLevelMin[static::CHANNEL_DEFAULT]))
 		{
-			return $sLogLevelMin[$sChannel];
+			return $sLogLevelMin[static::CHANNEL_DEFAULT];
 		}
 
 		return static::LEVEL_DEFAULT;

core/metamodel.class.php

@@ -7344,14 +7344,11 @@ abstract class MetaModel
 
 		$aSearches = array();
 		$aReplacements = array();
-		foreach ($aParams as $sSearch => $replace)
-		{
+		foreach ($aParams as $sSearch => $replace) {
 			// Some environment parameters are objects, we just need scalars
-			if (is_object($replace))
-			{
+			if (is_object($replace)) {
 				$iPos = strpos($sSearch, '->object()');
-				if ($iPos !== false)
-				{
+				if ($iPos !== false) {
 					// Expand the parameters for the object
 					$sName = substr($sSearch, 0, $iPos);
 					// Note: Capturing
@@ -7359,63 +7356,67 @@ abstract class MetaModel
 					// 2 - The arrow
 					// 3 - The attribute code
 					$aRegExps = array(
-                        '/(\\$)'.$sName.'-(>|>)([^\\$]+)\\$/', // Support both syntaxes: $this->xxx$ or $this->xxx$ for HTML compatibility
-                        '/(%24)'.$sName.'-(>|>)([^%24]+)%24/', // Support for urlencoded in HTML attributes (%20this->xxx%20)
-                    );
-					foreach($aRegExps as $sRegExp)
-                    {
-                        if(preg_match_all($sRegExp, $sInput, $aMatches))
-                        {
-                            foreach($aMatches[3] as $idx => $sPlaceholderAttCode)
-                            {
-                                try
-                                {
-                                    $sReplacement = $replace->GetForTemplate($sPlaceholderAttCode);
-                                    if($sReplacement !== null)
-                                    {
-                                        $aReplacements[] = $sReplacement;
-                                        $aSearches[] = $aMatches[1][$idx] . $sName . '-' . $aMatches[2][$idx] . $sPlaceholderAttCode . $aMatches[1][$idx];
-                                    }
-                                }
-                                catch(Exception $e)
-                                {
-                                    // No replacement will occur
-                                }
-                            }
-                        }
-                    }
-				}
-				else
-				{
+						'/(\\$)'.$sName.'-(>|>)([^\\$]+)\\$/', // Support both syntaxes: $this->xxx$ or $this->xxx$ for HTML compatibility
+						'/(%24)'.$sName.'-(>|>)([^%24]+)%24/', // Support for urlencoded in HTML attributes (%20this->xxx%20)
+					);
+					foreach ($aRegExps as $sRegExp) {
+						if (preg_match_all($sRegExp, $sInput, $aMatches)) {
+							foreach ($aMatches[3] as $idx => $sPlaceholderAttCode) {
+								try {
+									$sReplacement = $replace->GetForTemplate($sPlaceholderAttCode);
+									if ($sReplacement !== null) {
+										$aReplacements[] = $sReplacement;
+										$aSearches[] = $aMatches[1][$idx].$sName.'-'.$aMatches[2][$idx].$sPlaceholderAttCode.$aMatches[1][$idx];
+									}
+								}
+								catch (Exception $e) {
+									$aContext = [
+										'placeholder'   => $sPlaceholderAttCode,
+										'replace class' => get_class($replace),
+									];
+									if ($replace instanceof DBObject) {
+										$aContext['replace id'] = $replace->GetKey();
+									}
+									IssueLog::Debug(
+										'Invalid placeholder in notification, no replacement will occur!',
+										LogChannels::NOTIFICATIONS,
+										$aContext
+									);
+								}
+							}
+						}
+					}
+				} else {
 					continue; // Ignore this non-scalar value
 				}
-			}
-			else
-			{
+			} else {
 				$aRegExps = array(
 					'/(\$)'.$sSearch.'\$/',   // Support for regular placeholders (eg. $APP_URL$)
 					'/(%24)'.$sSearch.'%24/', // Support for urlencoded in HTML attributes (eg. %24APP_URL%24)
 				);
-				foreach($aRegExps as $sRegExp)
-				{
-					if(preg_match_all($sRegExp, $sInput, $aMatches))
-					{
-						foreach($aMatches[1] as $idx => $sDelimiter)
-						{
-							try
-							{
-								$aReplacements[] = (string) $replace;
-								$aSearches[] = $aMatches[1][$idx] . $sSearch . $aMatches[1][$idx];
+				foreach ($aRegExps as $sRegExp) {
+					if (preg_match_all($sRegExp, $sInput, $aMatches)) {
+						foreach ($aMatches[1] as $idx => $sDelimiter) {
+							try {
+								$aReplacements[] = (string)$replace;
+								$aSearches[] = $aMatches[1][$idx].$sSearch.$aMatches[1][$idx];
 							}
-							catch(Exception $e)
-							{
-								// No replacement will occur
+							catch (Exception $e) {
+								IssueLog::Debug(
+									'Invalid placeholder in notification, no replacement will occur !',
+									LogChannels::NOTIFICATIONS,
+									[
+										'placeholder' => $sPlaceholderAttCode,
+										'replace'     => $replace,
+									]
+								);
 							}
 						}
 					}
 				}
 			}
 		}
+
 		return str_replace($aSearches, $aReplacements, $sInput);
 	}
 

core/pdfbulkexport.class.inc.php

@@ -25,6 +25,19 @@
 
 class PDFBulkExport extends HTMLBulkExport
 {
+	/**
+	 * @var string For sample purposes
+	 * @internal
+	 * @since 2.7.8
+	 */
+	const ENUM_OUTPUT_TYPE_SAMPLE = 'sample';
+	/**
+	 * @var string For the real export
+	 * @internal
+	 * @since 2.7.8
+	 */
+	const ENUM_OUTPUT_TYPE_REAL = 'real';
+
 	public function DisplayUsage(Page $oP)
 	{
 		$oP->p(" * pdf format options:");
@@ -190,6 +203,25 @@ EOF
 		return $sPDF;
 	}
 
+	/**
+	 * @inheritDoc
+	 * @since 2.7.8
+	 */
+	protected function GetSampleData($oObj, $sAttCode)
+	{
+		if ($sAttCode !== 'id')
+		{
+			$oAttDef = MetaModel::GetAttributeDef(get_class($oObj), $sAttCode);
+
+			// As sample data will be displayed in the web browser, AttributeImage needs to be rendered with a regular HTML format, meaning its "src" looking like "data:image/png;base64,iVBORw0KGgoAAAANSUh..."
+			// Whereas for the PDF generation it needs to be rendered with a TCPPDF-compatible format, meaning its "src" looking like "@iVBORw0KGgoAAAANSUh..."
+			if ($oAttDef instanceof AttributeImage) {
+				return $this->GetAttributeImageValue($oAttDef, $oObj->Get($sAttCode), static::ENUM_OUTPUT_TYPE_SAMPLE);
+			}
+		}
+		return parent::GetSampleData($oObj, $sAttCode);
+	}
+
 	protected function GetValue($oObj, $sAttCode)
 	{
 		switch($sAttCode)
@@ -205,31 +237,7 @@ EOF
 					$oAttDef = MetaModel::GetAttributeDef(get_class($oObj), $sAttCode);
 					if ($oAttDef instanceof AttributeImage)
 					{
-						// To limit the image size in the PDF output, we have to enforce the size as height/width because max-width/max-height have no effect
-						//
-						$iDefaultMaxWidthPx = 48;
-						$iDefaultMaxHeightPx = 48;
-						if ($value->IsEmpty())
-						{
-							$iNewWidth = $iDefaultMaxWidthPx;
-							$iNewHeight = $iDefaultMaxHeightPx;
-
-							$sUrl = $oAttDef->Get('default_image');
-						}
-						else
-						{
-							list($iWidth, $iHeight) = utils::GetImageSize($value->GetData());
-							$iMaxWidthPx = min($iDefaultMaxWidthPx, $oAttDef->Get('display_max_width'));
-							$iMaxHeightPx = min($iDefaultMaxHeightPx, $oAttDef->Get('display_max_height'));
-
-							$fScale = min($iMaxWidthPx / $iWidth, $iMaxHeightPx / $iHeight);
-							$iNewWidth = $iWidth * $fScale;
-							$iNewHeight = $iHeight * $fScale;
-
-							$sUrl = 'data:'.$value->GetMimeType().';base64,'.base64_encode($value->GetData());
-						}
-						$sRet = ($sUrl !== null) ? '<img src="'.$sUrl.'" style="width: '.$iNewWidth.'px; height: '.$iNewHeight.'px">' : '';
-						$sRet = '<div class="view-image">'.$sRet.'</div>';
+						$sRet = $this->GetAttributeImageValue($oAttDef, $value, static::ENUM_OUTPUT_TYPE_REAL);
 					}
 					else
 					{
@@ -258,4 +266,53 @@ EOF
 	{
 		return 'pdf';
 	}
+
+	/**
+	 * @param \AttributeImage $oAttDef Instance of image attribute
+	 * @param \ormDocument $oValue Value of image attribute
+	 * @param string $sOutputType {@see \PDFBulkExport::ENUM_OUTPUT_TYPE_SAMPLE}, {@see \PDFBulkExport::ENUM_OUTPUT_TYPE_REAL}
+	 *
+	 * @return string Rendered value of $oAttDef / $oValue according to the desired $sOutputType
+	 * @since 2.7.8
+	 */
+	protected function GetAttributeImageValue(AttributeImage $oAttDef, ormDocument $oValue, string $sOutputType)
+	{
+		// To limit the image size in the PDF output, we have to enforce the size as height/width because max-width/max-height have no effect
+		//
+		$iDefaultMaxWidthPx = 48;
+		$iDefaultMaxHeightPx = 48;
+		if ($oValue->IsEmpty()) {
+			$iNewWidth = $iDefaultMaxWidthPx;
+			$iNewHeight = $iDefaultMaxHeightPx;
+
+			$sUrl = $oAttDef->Get('default_image');
+		} else {
+			list($iWidth, $iHeight) = utils::GetImageSize($oValue->GetData());
+			$iMaxWidthPx = min($iDefaultMaxWidthPx, $oAttDef->Get('display_max_width'));
+			$iMaxHeightPx = min($iDefaultMaxHeightPx, $oAttDef->Get('display_max_height'));
+
+			$fScale = min($iMaxWidthPx / $iWidth, $iMaxHeightPx / $iHeight);
+			$iNewWidth = $iWidth * $fScale;
+			$iNewHeight = $iHeight * $fScale;
+
+			$sValueAsBase64 = base64_encode($oValue->GetData());
+			switch ($sOutputType) {
+				case static::ENUM_OUTPUT_TYPE_SAMPLE:
+					$sUrl = 'data:'.$oValue->GetMimeType().';base64,'.$sValueAsBase64;
+					break;
+
+				case static::ENUM_OUTPUT_TYPE_REAL:
+				default:
+					// TCPDF requires base64-encoded images to be rendered without the usual "data:<MIMETYPE>;base64" header but with an "@"
+					// @link https://tcpdf.org/examples/example_009/
+					$sUrl = '@'.$sValueAsBase64;
+					break;
+			}
+		}
+
+		$sRet = ($sUrl !== null) ? '<img src="'.$sUrl.'" style="width: '.$iNewWidth.'px; height: '.$iNewHeight.'px; vertical-align: middle; text-align:center;">' : '';
+		$sRet = '<div class="view-image">'.$sRet.'</div>';
+
+		return $sRet;
+	}
 }

css/css-variables.scss

@@ -17,7 +17,7 @@
  */
 
 // Beware the version number MUST be enclosed with quotes otherwise v2.3.0 becomes v2 0.3 .0
-$version: "v2.7.7";
+$version: "v2.7.8";
 $approot-relative: "../../../../../" !default; // relative to env-***/branding/themes/***/main.css
 
 // Base colors

css/light-grey.scss

@@ -2424,26 +2424,33 @@ fieldset .details>.field_container {
 
 								.selectize-dropdown,
 								.selectize-input,
-								.selectize-input input{
-									font-size: 12px;
-								}
-								.selectize-input{
-									padding: 2px 2px 0px 2px; /* padding-bottom = padding-top - item margin-bottom */
-									border: 1px solid #ABABAB;
-									border-radius: 0;
+                .selectize-input input {
+                  font-size: 12px;
+                }
 
-									.attribute-set-item.partial-code{
-										color: transparentize($gray-darker, 0.4);
-										background-color: lighten($gray-lighter, 5%);
-									}
-								}
-							}
-						}
-					}
-				}
-			}
-		}
-	}
+                .selectize-input {
+                  padding: 2px 2px 0px 2px; /* padding-bottom = padding-top - item margin-bottom */
+                  border: 1px solid #ABABAB;
+                  border-radius: 0;
+
+                  .attribute-set-item.partial-code {
+                    color: transparentize($gray-darker, 0.4);
+                    background-color: lighten($gray-lighter, 5%);
+                  }
+                }
+              }
+            }
+          }
+        }
+      }
+    }
+  }
+
+  &[data-attribute-type="AttributeDuration"] {
+    .field_value_container {
+      white-space: nowrap;
+    }
+  }
 }
 .one-col-details .details .field_container.field_small {
 	div.field_label {

css/ui-lightness/jqueryui.scss

@@ -4,6 +4,8 @@
 * To view and modify this theme, visit http://jqueryui.com/themeroller/?scope=&folderName=custom-theme&bgImgOpacityError=18&bgImgOpacityHighlight=75&bgImgOpacityActive=65&bgImgOpacityHover=100&bgImgOpacityDefault=100&bgImgOpacityContent=100&bgImgOpacityHeader=35&cornerRadiusShadow=5px&offsetLeftShadow=-5px&offsetTopShadow=-5px&thicknessShadow=5px&opacityShadow=20&bgImgOpacityShadow=10&bgTextureShadow=flat&bgColorShadow=%23000000&opacityOverlay=50&bgImgOpacityOverlay=20&bgTextureOverlay=diagonals_thick&bgColorOverlay=%23666666&iconColorError=%23ffd27a&fcError=%23ffffff&borderColorError=%23cd0a0a&bgTextureError=diagonals_thick&bgColorError=%23b81900&iconColorHighlight=%231c94c4&fcHighlight=%23363636&borderColorHighlight=%23fed22f&bgTextureHighlight=flat&bgColorHighlight=%23ffe45c&iconColorActive=%23E87C1E&fcActive=%23E87C1E&borderColorActive=%23E87C1E&bgTextureActive=flat&bgColorActive=%23ffffff&iconColorHover=%23E87C1E&fcHover=%23E87C1E&borderColorHover=%23E87C1E&bgTextureHover=flat&bgColorHover=%23fde17c&iconColorDefault=%23F26522&fcDefault=%23555555&borderColorDefault=%23cccccc&bgTextureDefault=flat&bgColorDefault=%23f1f1f1&iconColorContent=%23222222&fcContent=%23333333&borderColorContent=%23dddddd&bgTextureContent=flat&bgColorContent=%23eeeeee&iconColorHeader=%23ffffff&fcHeader=%23ffffff&borderColorHeader=%23F26522&bgTextureHeader=flat&bgColorHeader=%23E87C1E&cornerRadius=0&fwDefault=bold&fsDefault=1.1em&ffDefault=Trebuchet%20MS%2CTahoma%2CVerdana%2CArial%2Csans-serif
 * Copyright jQuery Foundation and other contributors; Licensed MIT 
 * The original css file has been scssized (through www.css2scss.com)
+*
+* Other modification done : replaced the `Alpha(` by `alpha(` to avoid warnings generated by SCSSPHP
  */
 .ui-draggable-handle {
     -ms-touch-action: none;
@@ -46,26 +48,27 @@
     }
 }
 .ui-helper-zfix {
-    width: 100%;
-    height: 100%;
-    top: 0;
-    left: 0;
-    position: absolute;
-    opacity: 0;
-    filter: Alpha(Opacity=0);
+  width: 100%;
+  height: 100%;
+  top: 0;
+  left: 0;
+  position: absolute;
+  opacity: 0;
+  filter: alpha(Opacity=0);
 }
 .ui-front {
     z-index: 100;
 }
 .ui-state-disabled {
-    cursor: default !important;
-    pointer-events: none;
-    opacity: .35;
-    filter: Alpha(Opacity=35);
-    background-image: none;
-    .ui-icon {
-        filter: Alpha(Opacity=35);
-    }
+  cursor: default !important;
+  pointer-events: none;
+  opacity: .35;
+  filter: alpha(Opacity=35);
+  background-image: none;
+
+  .ui-icon {
+    filter: alpha(Opacity=35);
+  }
 }
 .ui-icon {
     display: inline-block;
@@ -86,14 +89,14 @@
     display: block;
 }
 .ui-widget-overlay {
-    position: fixed;
-    top: 0;
-    left: 0;
-    width: 100%;
-    height: 100%;
-    background: #666666 url($approot-relative + "css/ui-lightness/images/ui-bg_diagonals-thick_20_666666_40x40.png?v=" + $version) 50% 50% repeat;
-    opacity: .5;
-    filter: Alpha(Opacity=50);
+  position: fixed;
+  top: 0;
+  left: 0;
+  width: 100%;
+  height: 100%;
+  background: #666666 url($approot-relative + "css/ui-lightness/images/ui-bg_diagonals-thick_20_666666_40x40.png?v=" + $version) 50% 50% repeat;
+  opacity: .5;
+  filter: alpha(Opacity=50);
 }
 .ui-resizable {
     position: relative;
@@ -1069,14 +1072,14 @@ body {
         font-weight: bold;
     }
     .ui-priority-secondary {
-        opacity: .7;
-        filter: Alpha(Opacity=70);
-        font-weight: normal;
+      opacity: .7;
+      filter: alpha(Opacity=70);
+      font-weight: normal;
     }
     .ui-state-disabled {
-        opacity: .35;
-        filter: Alpha(Opacity=35);
-        background-image: none;
+      opacity: .35;
+      filter: alpha(Opacity=35);
+      background-image: none;
     }
     .ui-icon {
         background-image: url($approot-relative + "css/ui-lightness/images/ui-icons_222222_256x240.png?v=" + $version);
@@ -1137,14 +1140,14 @@ body {
         font-weight: bold;
     }
     .ui-priority-secondary {
-        opacity: .7;
-        filter: Alpha(Opacity=70);
-        font-weight: normal;
+      opacity: .7;
+      filter: alpha(Opacity=70);
+      font-weight: normal;
     }
     .ui-state-disabled {
-        opacity: .35;
-        filter: Alpha(Opacity=35);
-        background-image: none;
+      opacity: .35;
+      filter: alpha(Opacity=35);
+      background-image: none;
     }
     .ui-icon {
         background-image: url($approot-relative + "css/ui-lightness/images/ui-icons_ffffff_256x240.png?v=" + $version);
@@ -1341,9 +1344,9 @@ a {
     font-weight: bold;
 }
 .ui-priority-secondary {
-    opacity: .7;
-    filter: Alpha(Opacity=70);
-    font-weight: normal;
+  opacity: .7;
+  filter: alpha(Opacity=70);
+  font-weight: normal;
 }
 .ui-icon-blank {
     background-position: 16px 16px;

datamodels/2.x/authent-cas/composer.json

@@ -1,5 +1,13 @@
 {
-	"require" : {
-		"apereo/phpcas" : "~1.3"
-	}
+  "config" : {
+    "classmap-authoritative" : true
+  },
+  "autoload" : {
+    "psr-4" : {
+      "Combodo\\iTop\\Cas\\" : "src"
+    }
+  },
+  "require" : {
+    "apereo/phpcas" : "~1.6.0"
+  }
 }

datamodels/2.x/authent-cas/composer.lock

@@ -4,28 +4,32 @@
         "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
         "This file is @generated automatically"
     ],
-    "content-hash": "4db4df78154f0de344ba35a27fe766b7",
+    "content-hash": "46afbbe7e92c2ccfe403f366ef1877e5",
     "packages": [
         {
             "name": "apereo/phpcas",
-            "version": "1.3.7",
+            "version": "1.6.0",
             "source": {
                 "type": "git",
                 "url": "https://github.com/apereo/phpCAS.git",
-                "reference": "b5b29102c3a42f570c4a3e852f3cf67cae6d6082"
+                "reference": "f817c72a961484afef95ac64a9257c8e31f063b9"
             },
             "dist": {
                 "type": "zip",
-                "url": "https://api.github.com/repos/apereo/phpCAS/zipball/b5b29102c3a42f570c4a3e852f3cf67cae6d6082",
-                "reference": "b5b29102c3a42f570c4a3e852f3cf67cae6d6082",
+                "url": "https://api.github.com/repos/apereo/phpCAS/zipball/f817c72a961484afef95ac64a9257c8e31f063b9",
+                "reference": "f817c72a961484afef95ac64a9257c8e31f063b9",
                 "shasum": ""
             },
             "require": {
                 "ext-curl": "*",
-                "php": ">=5.4.0"
+                "ext-dom": "*",
+                "php": ">=7.1.0",
+                "psr/log": "^1.0 || ^2.0 || ^3.0"
             },
             "require-dev": {
-                "phpunit/phpunit": "~3.7.10"
+                "monolog/monolog": "^1.0.0 || ^2.0.0",
+                "phpstan/phpstan": "^1.5",
+                "phpunit/phpunit": ">=7.5"
             },
             "type": "library",
             "extra": {
@@ -45,11 +49,16 @@
             "authors": [
                 {
                     "name": "Joachim Fritschi",
-                    "homepage": "https://wiki.jasig.org/display/~fritschi"
+                    "email": "jfritschi@freenet.de",
+                    "homepage": "https://github.com/jfritschi"
                 },
                 {
                     "name": "Adam Franco",
-                    "homepage": "https://wiki.jasig.org/display/~adamfranco"
+                    "homepage": "https://github.com/adamfranco"
+                },
+                {
+                    "name": "Henry Pan",
+                    "homepage": "https://github.com/phy25"
                 }
             ],
             "description": "Provides a simple API for authenticating users against a CAS server",
@@ -59,7 +68,61 @@
                 "cas",
                 "jasig"
             ],
-            "time": "2019-04-22T19:48:16+00:00"
+            "support": {
+                "issues": "https://github.com/apereo/phpCAS/issues",
+                "source": "https://github.com/apereo/phpCAS/tree/1.6.0"
+            },
+            "time": "2022-10-31T20:39:27+00:00"
+        },
+        {
+            "name": "psr/log",
+            "version": "1.1.4",
+            "source": {
+                "type": "git",
+                "url": "https://github.com/php-fig/log.git",
+                "reference": "d49695b909c3b7628b6289db5479a1c204601f11"
+            },
+            "dist": {
+                "type": "zip",
+                "url": "https://api.github.com/repos/php-fig/log/zipball/d49695b909c3b7628b6289db5479a1c204601f11",
+                "reference": "d49695b909c3b7628b6289db5479a1c204601f11",
+                "shasum": ""
+            },
+            "require": {
+                "php": ">=5.3.0"
+            },
+            "type": "library",
+            "extra": {
+                "branch-alias": {
+                    "dev-master": "1.1.x-dev"
+                }
+            },
+            "autoload": {
+                "psr-4": {
+                    "Psr\\Log\\": "Psr/Log/"
+                }
+            },
+            "notification-url": "https://packagist.org/downloads/",
+            "license": [
+                "MIT"
+            ],
+            "authors": [
+                {
+                    "name": "PHP-FIG",
+                    "homepage": "https://www.php-fig.org/"
+                }
+            ],
+            "description": "Common interface for logging libraries",
+            "homepage": "https://github.com/php-fig/log",
+            "keywords": [
+                "log",
+                "psr",
+                "psr-3"
+            ],
+            "support": {
+                "source": "https://github.com/php-fig/log/tree/1.1.4"
+            },
+            "time": "2021-05-03T11:20:27+00:00"
         }
     ],
     "packages-dev": [],
@@ -69,5 +132,6 @@
     "prefer-stable": false,
     "prefer-lowest": false,
     "platform": [],
-    "platform-dev": []
+    "platform-dev": [],
+    "plugin-api-version": "2.1.0"
 }

datamodels/2.x/authent-cas/main.php

@@ -1,4 +0,0 @@
-<?php
-require_once __DIR__.'/vendor/autoload.php';
-require_once __DIR__.'/src/Config.php';
-require_once __DIR__.'/src/CASLoginExtension.php';

datamodels/2.x/authent-cas/module.authent-cas.php

@@ -5,7 +5,7 @@
 
 SetupWebPage::AddModule(
 	__FILE__, // Path to the current file, all other file names are relative to the directory containing this file
-	'authent-cas/2.7.7',
+	'authent-cas/2.7.8',
 	array(
 		// Identification
 		//
@@ -24,7 +24,8 @@ SetupWebPage::AddModule(
 		//
 		'datamodel' => array(
 			'model.authent-cas.php',
-			'main.php'
+			'vendor/autoload.php',
+			'src/CASLoginExtension.php',
 		),
 		'webservice' => array(
 			
@@ -50,6 +51,7 @@ SetupWebPage::AddModule(
 			'cas_port' => '',
 			'cas_context' => '',
 			'cas_version' => '',
+			'service_base_url' => '',
 		),
 	)
 );

datamodels/2.x/authent-cas/src/CASLog.php

@@ -0,0 +1,17 @@
+<?php
+/**
+ * @copyright   Copyright (C) 2010-2022 Combodo SARL
+ * @license     http://opensource.org/licenses/AGPL-3.0
+ */
+
+namespace Combodo\iTop\Cas;
+
+use LogAPI;
+
+class CASLog extends LogAPI
+{
+	const CHANNEL_DEFAULT = 'CASLog';
+
+	protected static $m_oFileLog = null;
+}
+

datamodels/2.x/authent-cas/src/CASLogger.php

@@ -0,0 +1,81 @@
+<?php
+/**
+ * @copyright   Copyright (C) 2010-2022 Combodo SARL
+ * @license     http://opensource.org/licenses/AGPL-3.0
+ */
+
+namespace Combodo\iTop\Cas;
+
+use IssueLog;
+use LogAPI;
+use Psr\Log\LoggerInterface;
+use Psr\Log\LogLevel;
+
+class CASLogger implements LoggerInterface
+{
+	public function __construct($sDebugFile)
+	{
+		CASLog::Enable($sDebugFile);
+	}
+
+	const LEVEL_COMPAT = [
+		LogLevel::EMERGENCY => LogAPI::LEVEL_ERROR,
+		LogLevel::ALERT => LogAPI::LEVEL_ERROR,
+		LogLevel::CRITICAL => LogAPI::LEVEL_ERROR,
+		LogLevel::ERROR => LogAPI::LEVEL_ERROR,
+		LogLevel::WARNING => LogAPI::LEVEL_WARNING,
+		LogLevel::NOTICE => LogAPI::LEVEL_INFO,
+		LogLevel::INFO => LogAPI::LEVEL_INFO,
+		LogLevel::DEBUG => LogAPI::LEVEL_DEBUG,
+	];
+
+	public function emergency($message, array $context = array())
+	{
+		CASLog::Error('EMERGENCY: '.$message, CASLog::CHANNEL_DEFAULT, $context);
+		IssueLog::Error('EMERGENCY: '.$message, CASLog::CHANNEL_DEFAULT, $context);
+	}
+
+	public function alert($message, array $context = array())
+	{
+		CASLog::Error('ALERT: '.$message, CASLog::CHANNEL_DEFAULT, $context);
+		IssueLog::Error('ALERT: '.$message, CASLog::CHANNEL_DEFAULT, $context);
+	}
+
+	public function critical($message, array $context = array())
+	{
+		CASLog::Error('CRITICAL: '.$message, CASLog::CHANNEL_DEFAULT, $context);
+		IssueLog::Error('CRITICAL: '.$message, CASLog::CHANNEL_DEFAULT, $context);
+	}
+
+	public function error($message, array $context = array())
+	{
+		CASLog::Error('ERROR: '.$message, CASLog::CHANNEL_DEFAULT, $context);
+		IssueLog::Error('ERROR: '.$message, CASLog::CHANNEL_DEFAULT, $context);
+	}
+
+	public function warning($message, array $context = array())
+	{
+		CASLog::Warning('WARNING: '.$message, CASLog::CHANNEL_DEFAULT, $context);
+	}
+
+	public function notice($message, array $context = array())
+	{
+		CASLog::Info('NOTICE: '.$message, CASLog::CHANNEL_DEFAULT, $context);
+	}
+
+	public function info($message, array $context = array())
+	{
+		CASLog::Info('INFO: '.$message, CASLog::CHANNEL_DEFAULT, $context);
+	}
+
+	public function debug($message, array $context = array())
+	{
+		CASLog::Debug('DEBUG: '.$message, CASLog::CHANNEL_DEFAULT, $context);
+	}
+
+	public function log($level, $message, array $context = array())
+	{
+		$sLevel = self::LEVEL_COMPAT[$level] ?? LogAPI::LEVEL_ERROR;
+		CASLog::Log($sLevel, strtoupper($level).": $message", CASLog::CHANNEL_DEFAULT, $context);
+	}
+}

datamodels/2.x/authent-cas/src/CASLoginExtension.php

@@ -154,7 +154,7 @@ class CASLoginExtension extends AbstractLoginFSMExtension implements iLogoutExte
 		$bCASDebug = Config::Get('cas_debug');
 		if ($bCASDebug)
 		{
-			phpCAS::setDebug(APPROOT.'log/cas.log');
+			phpCAS::setLogger(new CASLogger(APPROOT.'log/cas.log'));
 		}
 		
 		// Initialize phpCAS
@@ -162,7 +162,8 @@ class CASLoginExtension extends AbstractLoginFSMExtension implements iLogoutExte
 		$sCASHost = Config::Get('cas_host');
 		$iCASPort = Config::Get('cas_port');
 		$sCASContext = Config::Get('cas_context');
-		phpCAS::client($sCASVersion, $sCASHost, $iCASPort, $sCASContext, false /* session already started */);
+		$sServiceBaseURL = Config::Get('service_base_url', self::GetServiceBaseURL());
+		phpCAS::client($sCASVersion, $sCASHost, $iCASPort, $sCASContext, $sServiceBaseURL, false /* session already started */);
 		$sCASCACertPath = Config::Get('cas_server_ca_cert_path');
 		if (empty($sCASCACertPath))
 		{
@@ -178,6 +179,38 @@ class CASLoginExtension extends AbstractLoginFSMExtension implements iLogoutExte
 		}
 	}
 
+	private static function GetServiceBaseURL()
+	{
+		$protocol = $_SERVER['REQUEST_SCHEME'];
+		$protocol .= '://';
+		if (!empty($_SERVER['HTTP_X_FORWARDED_HOST'])) {
+			// explode the host list separated by comma and use the first host
+			$hosts = explode(',', $_SERVER['HTTP_X_FORWARDED_HOST']);
+			// see rfc7239#5.3 and rfc7230#2.7.1: port is in HTTP_X_FORWARDED_HOST if non default
+			return $protocol . $hosts[0];
+		} else if (!empty($_SERVER['HTTP_X_FORWARDED_SERVER'])) {
+			$server_url = $_SERVER['HTTP_X_FORWARDED_SERVER'];
+		} else {
+			if (empty($_SERVER['SERVER_NAME'])) {
+				$server_url = $_SERVER['HTTP_HOST'];
+			} else {
+				$server_url = $_SERVER['SERVER_NAME'];
+			}
+		}
+		if (!strpos($server_url, ':')) {
+			if (empty($_SERVER['HTTP_X_FORWARDED_PORT'])) {
+				$server_port = $_SERVER['SERVER_PORT'];
+			} else {
+				$ports = explode(',', $_SERVER['HTTP_X_FORWARDED_PORT']);
+				$server_port = $ports[0];
+			}
+
+			$server_url .= ':';
+			$server_url .= $server_port;
+		}
+		return $protocol . $server_url;
+	}
+
 	private function DoUserProvisioning($sLogin)
 	{
 		$bCASUserSynchro = Config::Get('cas_user_synchro');

datamodels/2.x/authent-cas/vendor/apereo/phpcas/CAS.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- *  PHP Version 5
+ * PHP Version 7
  *
  * @file     CAS.php
  * @category Authentication
@@ -27,4 +27,6 @@
  * @link     https://wiki.jasig.org/display/CASC/phpCAS
  */
 
-require_once dirname(__FILE__).'/source/CAS.php';
+require_once __DIR__.'/source/CAS.php';
+
+trigger_error('Including CAS.php is deprecated. Install phpCAS using composer instead.', E_USER_DEPRECATED);

datamodels/2.x/authent-cas/vendor/apereo/phpcas/README.md

@@ -6,22 +6,21 @@ users via a Central Authentication Service (CAS) server.
 
 Please see the wiki website for more information:
 
-https://wiki.jasig.org/display/CASC/phpCAS
+https://apereo.github.io/phpCAS/
 
 Api documentation can be found here:
 
-https://apereo.github.io/phpCAS/
+https://apereo.github.io/phpCAS/api/
 
 
-[![Build Status](https://travis-ci.org/apereo/phpCAS.png)](https://travis-ci.org/apereo/phpCAS)
-
+[![Test](https://github.com/apereo/phpCAS/actions/workflows/test.yml/badge.svg)](https://github.com/apereo/phpCAS/actions/workflows/test.yml)
 
 LICENSE
 -------
 
-Copyright 2007-2015, JA-SIG, Inc.
-This project includes software developed by Jasig.
-http://www.jasig.org/
+Copyright 2007-2020, Apereo Foundation.
+This project includes software developed by Apereo Foundation.
+http://www.apereo.org/
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this software except in compliance with the License.

datamodels/2.x/authent-cas/vendor/apereo/phpcas/composer.json

@@ -1,29 +1,55 @@
 {
-    "name": "apereo/phpcas",
-    "description": "Provides a simple API for authenticating users against a CAS server",
-    "keywords": ["cas", "jasig", "apereo"],
-    "homepage": "https://wiki.jasig.org/display/CASC/phpCAS",
-    "type": "library",
-    "license": "Apache-2.0",
-    "authors": [
-        {"name": "Joachim Fritschi", "homepage": "https://wiki.jasig.org/display/~fritschi"},
-        {"name": "Adam Franco", "homepage": "https://wiki.jasig.org/display/~adamfranco"}
-    ],
-    "require": {
-        "php": ">=5.4.0",
-        "ext-curl": "*"
+	"name" : "apereo/phpcas",
+	"description" : "Provides a simple API for authenticating users against a CAS server",
+	"keywords" : [
+		"cas",
+		"jasig",
+		"apereo"
+	],
+	"homepage" : "https://wiki.jasig.org/display/CASC/phpCAS",
+	"type" : "library",
+	"license" : "Apache-2.0",
+	"authors" : [{
+			"name" : "Joachim Fritschi",
+			"homepage" : "https://github.com/jfritschi",
+			"email" : "jfritschi@freenet.de"
+		}, {
+			"name" : "Adam Franco",
+			"homepage" : "https://github.com/adamfranco"
+		}, {
+			"name" : "Henry Pan",
+			"homepage" : "https://github.com/phy25"
+		}
+	],
+	"require" : {
+		"php" : ">=7.1.0",
+		"ext-curl" : "*",
+		"ext-dom"  : "*",
+		"psr/log" : "^1.0 || ^2.0 || ^3.0"
     },
-    "require-dev": {
-        "phpunit/phpunit": "~3.7.10"
-    },
-    "autoload": {
-        "classmap": [
-            "source/"
-        ]
-    },
-    "extra": {
-        "branch-alias": {
-            "dev-master": "1.3.x-dev"
-        }
-    }
+	"require-dev" : {
+		"monolog/monolog" : "^1.0.0 || ^2.0.0",
+		"phpunit/phpunit" : ">=7.5", 
+		"phpstan/phpstan" : "^1.5"
+	},
+	"autoload" : {
+		"classmap" : [
+			"source/"
+		]
+	},
+	"autoload-dev" : {
+		"files": ["source/CAS.php"],
+		"psr-4" : {
+			"PhpCas\\" : "test/CAS/"
+		}
+	},
+	"scripts" : {
+		"test" : "phpunit", 
+		"phpstan" : "phpstan"
+	},
+	"extra" : {
+		"branch-alias" : {
+			"dev-master" : "1.3.x-dev"
+		}
+	}
 }

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS.php

@@ -20,7 +20,7 @@
  *
  *
  * Interface class of the phpCAS library
- * PHP Version 5
+ * PHP Version 7
  *
  * @file     CAS/CAS.php
  * @category Authentication
@@ -35,6 +35,7 @@
  * @ingroup public
  */
 
+use Psr\Log\LoggerInterface;
 
 //
 // hack by Vangelis Haniotakis to handle the absence of $_SERVER['REQUEST_URI']
@@ -44,11 +45,6 @@ if (!isset($_SERVER['REQUEST_URI']) && isset($_SERVER['SCRIPT_NAME']) && isset($
     $_SERVER['REQUEST_URI'] = $_SERVER['SCRIPT_NAME'] . '?' . $_SERVER['QUERY_STRING'];
 }
 
-// Add a E_USER_DEPRECATED for php versions <= 5.2
-if (!defined('E_USER_DEPRECATED')) {
-    define('E_USER_DEPRECATED', E_USER_NOTICE);
-}
-
 
 // ########################################################################
 //  CONSTANTS
@@ -61,7 +57,7 @@ if (!defined('E_USER_DEPRECATED')) {
 /**
  * phpCAS version. accessible for the user by phpCAS::getVersion().
  */
-define('PHPCAS_VERSION', '1.3.7');
+define('PHPCAS_VERSION', '1.6.0');
 
 /**
  * @addtogroup public
@@ -140,11 +136,6 @@ define("SAML_SOAP_ENV_CLOSE", '</SOAP-ENV:Envelope>');
  */
 define("SAML_ATTRIBUTES", 'SAMLATTRIBS');
 
-/**
- * SAML Attributes
- */
-define("DEFAULT_ERROR", 'Internal script failure');
-
 /** @} */
 /**
  * @addtogroup publicPGTStorage
@@ -224,6 +215,8 @@ define("PHPCAS_LANG_JAPANESE", 'CAS_Languages_Japanese');
 define("PHPCAS_LANG_SPANISH", 'CAS_Languages_Spanish');
 define("PHPCAS_LANG_CATALAN", 'CAS_Languages_Catalan');
 define("PHPCAS_LANG_CHINESE_SIMPLIFIED", 'CAS_Languages_ChineseSimplified');
+define("PHPCAS_LANG_GALEGO", 'CAS_Languages_Galego');
+define("PHPCAS_LANG_PORTUGUESE", 'CAS_Languages_Portuguese');
 
 /** @} */
 
@@ -261,7 +254,7 @@ define('DEFAULT_DEBUG_DIR', gettmpdir()."/");
 /** @} */
 
 // include the class autoloader
-require_once dirname(__FILE__) . '/CAS/Autoload.php';
+require_once __DIR__ . '/CAS/Autoload.php';
 
 /**
  * The phpCAS class is a simple container for the phpCAS library. It provides CAS
@@ -330,12 +323,22 @@ class phpCAS
     /**
      * phpCAS client initializer.
      *
-     * @param string $server_version  the version of the CAS server
-     * @param string $server_hostname the hostname of the CAS server
-     * @param int    $server_port     the port the CAS server is running on
-     * @param string $server_uri      the URI the CAS server is responding on
-     * @param bool   $changeSessionID Allow phpCAS to change the session_id (Single
-     * Sign Out/handleLogoutRequests is based on that change)
+     * @param string                   $server_version  the version of the CAS server
+     * @param string                   $server_hostname the hostname of the CAS server
+     * @param int                      $server_port     the port the CAS server is running on
+     * @param string                   $server_uri      the URI the CAS server is responding on
+     * @param string|string[]|CAS_ServiceBaseUrl_Interface
+     *                                 $service_base_url the base URL (protocol, host and the
+     *                                                  optional port) of the CAS client; pass
+     *                                                  in an array to use auto discovery with
+     *                                                  an allowlist; pass in
+     *                                                  CAS_ServiceBaseUrl_Interface for custom
+     *                                                  behavior. Added in 1.6.0. Similar to
+     *                                                  serverName config in other CAS clients.
+     * @param bool                     $changeSessionID Allow phpCAS to change the session_id
+     *                                                  (Single Sign Out/handleLogoutRequests
+     *                                                  is based on that change)
+     * @param \SessionHandlerInterface $sessionHandler  the session handler
      *
      * @return void a newly created CAS_Client object
      * @note Only one of the phpCAS::client() and phpCAS::proxy functions should be
@@ -343,7 +346,8 @@ class phpCAS
      * and phpCAS::setDebug()).
      */
     public static function client($server_version, $server_hostname,
-        $server_port, $server_uri, $changeSessionID = true
+        $server_port, $server_uri, $service_base_url,
+        $changeSessionID = true, \SessionHandlerInterface $sessionHandler = null
     ) {
         phpCAS :: traceBegin();
         if (is_object(self::$_PHPCAS_CLIENT)) {
@@ -362,8 +366,8 @@ class phpCAS
         // initialize the object $_PHPCAS_CLIENT
         try {
             self::$_PHPCAS_CLIENT = new CAS_Client(
-                $server_version, false, $server_hostname, $server_port, $server_uri,
-                $changeSessionID
+                $server_version, false, $server_hostname, $server_port, $server_uri, $service_base_url,
+                $changeSessionID, $sessionHandler
             );
         } catch (Exception $e) {
             phpCAS :: error(get_class($e) . ': ' . $e->getMessage());
@@ -374,12 +378,22 @@ class phpCAS
     /**
      * phpCAS proxy initializer.
      *
-     * @param string $server_version  the version of the CAS server
-     * @param string $server_hostname the hostname of the CAS server
-     * @param int    $server_port     the port the CAS server is running on
-     * @param string $server_uri      the URI the CAS server is responding on
-     * @param bool   $changeSessionID Allow phpCAS to change the session_id (Single
-     * Sign Out/handleLogoutRequests is based on that change)
+     * @param string                   $server_version  the version of the CAS server
+     * @param string                   $server_hostname the hostname of the CAS server
+     * @param string                   $server_port     the port the CAS server is running on
+     * @param string                   $server_uri      the URI the CAS server is responding on
+     * @param string|string[]|CAS_ServiceBaseUrl_Interface
+     *                                 $service_base_url the base URL (protocol, host and the
+     *                                                  optional port) of the CAS client; pass
+     *                                                  in an array to use auto discovery with
+     *                                                  an allowlist; pass in
+     *                                                  CAS_ServiceBaseUrl_Interface for custom
+     *                                                  behavior. Added in 1.6.0. Similar to
+     *                                                  serverName config in other CAS clients.
+     * @param bool                     $changeSessionID Allow phpCAS to change the session_id
+     *                                                  (Single Sign Out/handleLogoutRequests
+     *                                                  is based on that change)
+     * @param \SessionHandlerInterface $sessionHandler  the session handler
      *
      * @return void a newly created CAS_Client object
      * @note Only one of the phpCAS::client() and phpCAS::proxy functions should be
@@ -387,7 +401,8 @@ class phpCAS
      * and phpCAS::setDebug()).
      */
     public static function proxy($server_version, $server_hostname,
-        $server_port, $server_uri, $changeSessionID = true
+        $server_port, $server_uri, $service_base_url,
+        $changeSessionID = true, \SessionHandlerInterface $sessionHandler = null
     ) {
         phpCAS :: traceBegin();
         if (is_object(self::$_PHPCAS_CLIENT)) {
@@ -406,8 +421,8 @@ class phpCAS
         // initialize the object $_PHPCAS_CLIENT
         try {
             self::$_PHPCAS_CLIENT = new CAS_Client(
-                $server_version, true, $server_hostname, $server_port, $server_uri,
-                $changeSessionID
+                $server_version, true, $server_hostname, $server_port, $server_uri, $service_base_url,
+                $changeSessionID, $sessionHandler
             );
         } catch (Exception $e) {
             phpCAS :: error(get_class($e) . ': ' . $e->getMessage());
@@ -435,6 +450,24 @@ class phpCAS
      * @{
      */
 
+    /**
+     * Set/unset PSR-3 logger
+     *
+     * @param LoggerInterface $logger the PSR-3 logger used for logging, or
+     * null to stop logging.
+     *
+     * @return void
+     */
+    public static function setLogger($logger = null)
+    {
+        if (empty(self::$_PHPCAS_DEBUG['unique_id'])) {
+            self::$_PHPCAS_DEBUG['unique_id'] = substr(strtoupper(md5(uniqid(''))), 0, 4);
+        }
+        self::$_PHPCAS_DEBUG['logger'] = $logger;
+        self::$_PHPCAS_DEBUG['indent'] = 0;
+        phpCAS :: trace('START ('.date("Y-m-d H:i:s").') phpCAS-' . PHPCAS_VERSION . ' ******************');
+    }
+
     /**
      * Set/unset debug mode
      *
@@ -442,9 +475,13 @@ class phpCAS
      * to stop debugging.
      *
      * @return void
+     *
+     * @deprecated
      */
     public static function setDebug($filename = '')
     {
+        trigger_error('phpCAS::setDebug() is deprecated in favor of phpCAS::setLogger().', E_USER_DEPRECATED);
+
         if ($filename != false && gettype($filename) != 'string') {
             phpCAS :: error('type mismatched for parameter $dbg (should be false or the name of the log file)');
         }
@@ -518,14 +555,7 @@ class phpCAS
         $indent_str = ".";
 
 
-        if (!empty(self::$_PHPCAS_DEBUG['filename'])) {
-            // Check if file exists and modifiy file permissions to be only
-            // readable by the webserver
-            if (!file_exists(self::$_PHPCAS_DEBUG['filename'])) {
-                touch(self::$_PHPCAS_DEBUG['filename']);
-                // Chmod will fail on windows
-                @chmod(self::$_PHPCAS_DEBUG['filename'], 0600);
-            }
+        if (isset(self::$_PHPCAS_DEBUG['logger']) || !empty(self::$_PHPCAS_DEBUG['filename'])) {
             for ($i = 0; $i < self::$_PHPCAS_DEBUG['indent']; $i++) {
 
                 $indent_str .= '|    ';
@@ -533,7 +563,20 @@ class phpCAS
             // allow for multiline output with proper identing. Usefull for
             // dumping cas answers etc.
             $str2 = str_replace("\n", "\n" . self::$_PHPCAS_DEBUG['unique_id'] . ' ' . $indent_str, $str);
-            error_log(self::$_PHPCAS_DEBUG['unique_id'] . ' ' . $indent_str . $str2 . "\n", 3, self::$_PHPCAS_DEBUG['filename']);
+            $str3 = self::$_PHPCAS_DEBUG['unique_id'] . ' ' . $indent_str . $str2;
+            if (isset(self::$_PHPCAS_DEBUG['logger'])) {
+                self::$_PHPCAS_DEBUG['logger']->info($str3);
+            }
+            if (!empty(self::$_PHPCAS_DEBUG['filename'])) {
+                // Check if file exists and modifiy file permissions to be only
+                // readable by the webserver
+                if (!file_exists(self::$_PHPCAS_DEBUG['filename'])) {
+                    touch(self::$_PHPCAS_DEBUG['filename']);
+                    // Chmod will fail on windows
+                    @chmod(self::$_PHPCAS_DEBUG['filename'], 0600);
+                }
+                error_log($str3 . "\n", 3, self::$_PHPCAS_DEBUG['filename']);
+            }
         }
 
     }
@@ -567,8 +610,6 @@ class phpCAS
         }
         if (self::$_PHPCAS_VERBOSE) {
             echo "<br />\n<b>phpCAS error</b>: <font color=\"FF0000\"><b>" . __CLASS__ . "::" . $function . '(): ' . htmlentities($msg) . "</b></font> in <b>" . $file . "</b> on line <b>" . $line . "</b><br />\n";
-        } else {
-            echo "<br />\n<b>Error</b>: <font color=\"FF0000\"><b>". DEFAULT_ERROR ."</b><br />\n";
         }
         phpCAS :: trace($msg . ' in ' . $file . 'on line ' . $line );
         phpCAS :: traceEnd();
@@ -1869,6 +1910,14 @@ class phpCAS
         }
     }
 
+    /**
+     * @return CAS_Client
+     */
+    public static function getCasClient()
+    {
+        return self::$_PHPCAS_CLIENT;
+    }
+
     /**
      * For testing purposes, use this method to set the client to a test double
      *

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/AuthenticationException.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 5
+ * PHP Version 7
  *
  * @file     CAS/AuthenticationException.php
  * @category Authentication
@@ -72,11 +72,15 @@ implements CAS_Exception
         phpCAS::traceBegin();
         $lang = $client->getLangObj();
         $client->printHTMLHeader($lang->getAuthenticationFailed());
-        printf(
-            $lang->getYouWereNotAuthenticated(),
-            htmlentities($client->getURL()),
-            isset($_SERVER['SERVER_ADMIN']) ? $_SERVER['SERVER_ADMIN']:''
-        );
+
+        if (phpCAS::getVerbose()) {
+            printf(
+                $lang->getYouWereNotAuthenticated(),
+                htmlentities($client->getURL()),
+                $_SERVER['SERVER_ADMIN'] ?? ''
+            );
+        }
+
         phpCAS::trace($messages[] = 'CAS URL: '.$cas_url);
         phpCAS::trace($messages[] = 'Authentication failure: '.$failure);
         if ( $no_response ) {

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/Autoload.php

@@ -3,7 +3,7 @@
 /**
  * Autoloader Class
  *
- *  PHP Version 5
+ *  PHP Version 7
  *
  * @file      CAS/Autoload.php
  * @category  Authentication
@@ -26,18 +26,24 @@ function CAS_autoload($class)
     // Static to hold the Include Path to CAS
     static $include_path;
     // Check only for CAS classes
-    if (substr($class, 0, 4) !== 'CAS_') {
+    if (substr($class, 0, 4) !== 'CAS_' && substr($class, 0, 7) !== 'PhpCas\\') {
         return false;
     }
+
     // Setup the include path if it's not already set from a previous call
     if (empty($include_path)) {
-        $include_path = array(dirname(dirname(__FILE__)), dirname(dirname(__FILE__)) . '/../test/' );
+        $include_path = array(dirname(__DIR__));
     }
 
     // Declare local variable to store the expected full path to the file
-
     foreach ($include_path as $path) {
-        $file_path = $path . '/' . str_replace('_', '/', $class) . '.php';
+        $class_path = str_replace('_', DIRECTORY_SEPARATOR, $class);
+        // PhpCas namespace mapping
+        if (substr($class_path, 0, 7) === 'PhpCas\\') {
+            $class_path = 'CAS' . DIRECTORY_SEPARATOR . substr($class_path, 7);
+        }
+
+        $file_path = $path . DIRECTORY_SEPARATOR . $class_path . '.php';
         $fp = @fopen($file_path, 'r', true);
         if ($fp) {
             fclose($fp);
@@ -54,6 +60,7 @@ function CAS_autoload($class)
             return true;
         }
     }
+
     $e = new Exception(
         'Class ' . $class . ' could not be loaded from ' .
         $file_path . ', file does not exist (Path="'
@@ -61,22 +68,22 @@ function CAS_autoload($class)
     );
     $trace = $e->getTrace();
     if (isset($trace[2]) && isset($trace[2]['function'])
-        && in_array($trace[2]['function'], array('class_exists', 'interface_exists'))
+        && in_array($trace[2]['function'], array('class_exists', 'interface_exists', 'trait_exists'))
     ) {
         return false;
     }
     if (isset($trace[1]) && isset($trace[1]['function'])
-        && in_array($trace[1]['function'], array('class_exists', 'interface_exists'))
+        && in_array($trace[1]['function'], array('class_exists', 'interface_exists', 'trait_exists'))
     ) {
         return false;
     }
     die ((string) $e);
 }
 
-// set up __autoload
-if (!(spl_autoload_functions())
-    || !in_array('CAS_autoload', spl_autoload_functions())
-) {
+// Set up autoload if not already configured by composer.
+if (!class_exists('CAS_Client'))
+{
+    trigger_error('phpCAS autoloader is deprecated. Install phpCAS using composer instead.', E_USER_DEPRECATED);
     spl_autoload_register('CAS_autoload');
     if (function_exists('__autoload')
         && !in_array('__autoload', spl_autoload_functions())
@@ -86,5 +93,3 @@ if (!(spl_autoload_functions())
         spl_autoload_register('__autoload');
     }
 }
-
-?>

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/CookieJar.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 5
+ * PHP Version 7
  *
  * @file     CAS/CookieJar.php
  * @category Authentication
@@ -231,6 +231,7 @@ class CAS_CookieJar
             case 'commenturl':
             case 'discard':
             case 'httponly':
+            case 'samesite':
                 $cookie[$attributeNameLC] = $attributeValue;
                 break;
             default:

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/Exception.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 5
+ * PHP Version 7
  *
  * @file     CAS/Exception.php
  * @category Authentication
@@ -56,4 +56,4 @@ interface CAS_Exception
 {
 
 }
-?>
+?>

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/GracefullTerminationException.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 5
+ * PHP Version 7
  *
  * @file     CAS/GracefullTerminationException.php
  * @category Authentication
@@ -83,4 +83,4 @@ implements CAS_Exception
     }
 
 }
-?>
+?>

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/InvalidArgumentException.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 5
+ * PHP Version 7
  *
  * @file     CAS/InvalidArgumentException.php
  * @category Authentication
@@ -43,4 +43,4 @@ implements CAS_Exception
 {
 
 }
-?>
+?>

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/Languages/Catalan.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 5
+ * PHP Version 7
  *
  * @file     CAS/Language/Catalan.php
  * @category Authentication

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/Languages/ChineseSimplified.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 5
+ * PHP Version 7
  *
  * @file     CAS/Language/ChineseSimplified.php
  * @category Authentication
@@ -111,4 +111,4 @@ class CAS_Languages_ChineseSimplified implements CAS_Languages_LanguageInterface
     {
         return '服务器 <b>%s</b> 不可用（<b>%s</b>）。';
     }
-}
+}

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/Languages/English.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 5
+ * PHP Version 7
  *
  * @file     CAS/Language/English.php
  * @category Authentication
@@ -111,4 +111,4 @@ class CAS_Languages_English implements CAS_Languages_LanguageInterface
     {
         return 'The service `<b>%s</b>\' is not available (<b>%s</b>).';
     }
-}
+}

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/Languages/French.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 5
+ * PHP Version 7
  *
  * @file     CAS/Language/French.php
  * @category Authentication
@@ -113,4 +113,4 @@ class CAS_Languages_French implements CAS_Languages_LanguageInterface
     }
 }
 
-?>
+?>

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/Languages/Galego.php

@@ -0,0 +1,117 @@
+<?php
+
+/**
+ * Licensed to Jasig under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for
+ * additional information regarding copyright ownership.
+ *
+ * Jasig licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except in
+ * compliance with the License. You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * PHP Version 7
+ *
+ * @file     CAS/Language/Galego.php
+ * @category Authentication
+ * @package  PhpCAS
+ * @author   Enrique Huelva Rivero enrique.huelvarivero@plexus.es
+ * @license  http://www.apache.org/licenses/LICENSE-2.0  Apache License 2.0
+ * @link     https://wiki.jasig.org/display/CASC/phpCAS
+ */
+
+/**
+ * Galego language class
+ *
+ * @class    CAS_Languages_Galego
+ * @category Authentication
+ * @package  PhpCAS
+ * @author   Enrique Huelva Rivero enrique.huelvarivero@plexus.es
+ * @license  http://www.apache.org/licenses/LICENSE-2.0  Apache License 2.0
+ * @link     https://wiki.jasig.org/display/CASC/phpCAS
+ *
+
+ * @sa @link internalLang Internationalization @endlink
+ * @ingroup internalLang
+ */
+class CAS_Languages_Galego implements CAS_Languages_LanguageInterface
+{
+    /**
+     * Get the using server string
+     *
+     * @return string using server
+     */
+    public function getUsingServer()
+    {
+        return 'usando servidor';
+    }
+
+    /**
+     * Get authentication wanted string
+     *
+     * @return string authentication wanted
+     */
+    public function getAuthenticationWanted()
+    {
+        return 'Autenticación CAS necesaria!';
+    }
+
+    /**
+     * Get logout string
+     *
+     * @return string logout
+     */
+    public function getLogout()
+    {
+        return 'Saída CAS necesaria!';
+    }
+
+    /**
+     * Get the should have been redirected string
+     *
+     * @return string should habe been redirected
+     */
+    public function getShouldHaveBeenRedirected()
+    {
+        return 'Xa debería ser redireccionado ao servidor CAS. Faga click <a href="%s">aquí</a> para continuar';
+    }
+
+    /**
+     * Get authentication failed string
+     *
+     * @return string authentication failed
+     */
+    public function getAuthenticationFailed()
+    {
+        return 'Autenticación CAS errada!';
+    }
+
+    /**
+     * Get the your were not authenticated string
+     *
+     * @return string not authenticated
+     */
+    public function getYouWereNotAuthenticated()
+    {
+        return '
+        <p>Non estás autenticado</p><p>Podes volver tentalo facendo click <a href="%s">aquí</a>.</p><p>Se o problema persiste debería contactar con el <a href="mailto:%s">administrador deste sitio</a>.</p>';
+    }
+
+    /**
+     * Get the service unavailable string
+     *
+     * @return string service unavailable
+     */
+    public function getServiceUnavailable()
+    {
+        return 'O servizo `<b>%s</b>\' non está dispoñible (<b>%s</b>).';
+    }
+}
+?>

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/Languages/German.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 5
+ * PHP Version 7
  *
  * @file     CAS/Language/German.php
  * @category Authentication

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/Languages/Greek.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 5
+ * PHP Version 7
  *
  * @file     CAS/Language/Greek.php
  * @category Authentication

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/Languages/Japanese.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 5
+ * PHP Version 7
  *
  * @file     CAS/Language/Japanese.php
  * @category Authentication

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/Languages/LanguageInterface.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 5
+ * PHP Version 7
  *
  * @file     CAS/Language/LanguageInterface.php
  * @category Authentication
@@ -93,4 +93,4 @@ interface CAS_Languages_LanguageInterface
     public function getServiceUnavailable();
 
 }
-?>
+?>

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/Languages/Portuguese.php

@@ -0,0 +1,114 @@
+<?php
+
+/**
+ * Licensed to Jasig under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for
+ * additional information regarding copyright ownership.
+ *
+ * Jasig licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except in
+ * compliance with the License. You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * PHP Version 7
+ *
+ * @file     CAS/Language/Portuguese.php
+ * @category Authentication
+ * @package  PhpCAS
+ * @author   Sherwin Harris <sherwin.harris@gmail.com>
+ * @license  http://www.apache.org/licenses/LICENSE-2.0  Apache License 2.0
+ * @link     https://apereo.atlassian.net/wiki/spaces/CASC/pages/103252517/phpCAS
+ */
+
+/**
+ * Portuguese language class
+ *
+ * @class    CAS_Languages_Portuguese
+ * @category Authentication
+ * @package  PhpCAS
+ * @author   Sherwin Harris <sherwin.harris@gmail.com>
+ * @license  http://www.apache.org/licenses/LICENSE-2.0  Apache License 2.0
+ * @link     https://apereo.atlassian.net/wiki/spaces/CASC/pages/103252517/phpCAS
+ *
+ * @sa @link internalLang Internationalization @endlink
+ * @ingroup internalLang
+ */
+class CAS_Languages_Portuguese implements CAS_Languages_LanguageInterface
+{
+    /**
+     * Get the using server string
+     *
+     * @return string using server
+     */
+    public function getUsingServer()
+    {
+        return 'Usando o servidor';
+    }
+
+    /**
+     * Get authentication wanted string
+     *
+     * @return string authentication wanted
+     */
+    public function getAuthenticationWanted()
+    {
+        return 'A autenticação do servidor CAS desejado!';
+    }
+
+    /**
+     * Get logout string
+     *
+     * @return string logout
+     */
+    public function getLogout()
+    {
+        return 'Saida do servidor CAS desejado!';
+    }
+
+    /**
+     * Get the should have been redirected string
+     *
+     * @return string should have been redirected
+     */
+    public function getShouldHaveBeenRedirected()
+    {
+        return 'Você já deve ter sido redirecionado para o servidor CAS. Clique <a href="%s">aqui</a> para continuar';
+    }
+
+    /**
+    * Get authentication failed string
+    *
+    * @return string authentication failed
+    */
+    public function getAuthenticationFailed()
+    {
+        return 'A autenticação do servidor CAS falheu!';
+    }
+
+    /**
+    * Get the your were not authenticated string
+    *
+    * @return string not authenticated
+    */
+    public function getYouWereNotAuthenticated()
+    {
+        return '<p>Você não foi autenticado.</p><p>Você pode enviar sua solicitação novamente clicando <a href="%s">aqui</a>. </p><p>Se o problema persistir, você pode entrar em contato com <a href="mailto:%s">o administrador deste site</a>.</p>';
+    }
+
+    /**
+    * Get the service unavailable string
+    *
+    * @return string service unavailable
+    */
+    public function getServiceUnavailable()
+    {
+        return 'O serviço `<b>%s</b>\' não está disponível (<b>%s</b>).';
+    }
+}

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/Languages/Spanish.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 5
+ * PHP Version 7
  *
  * @file     CAS/Language/Spanish.php
  * @category Authentication

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/OutOfSequenceBeforeAuthenticationCallException.php

@@ -18,7 +18,7 @@
  * limitations under the License.
  *
  *
- * PHP Version 5
+ * PHP Version 7
  *
  * @file     CAS/OutOfSequenceBeforeAuthenticationCallException.php
  * @category Authentication

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/OutOfSequenceBeforeClientException.php

@@ -18,7 +18,7 @@
  * limitations under the License.
  *
  *
- * PHP Version 5
+ * PHP Version 7
  *
  * @file     CAS/OutOfSequenceBeforeClientException.php
  * @category Authentication

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/OutOfSequenceBeforeProxyException.php

@@ -18,7 +18,7 @@
  * limitations under the License.
  *
  *
- * PHP Version 5
+ * PHP Version 7
  *
  * @file     CAS/OutOfSequenceBeforeProxyException.php
  * @category Authentication

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/OutOfSequenceException.php

@@ -18,7 +18,7 @@
  * limitations under the License.
  *
  *
- * PHP Version 5
+ * PHP Version 7
  *
  * @file     CAS/OutOfSequenceException.php
  * @category Authentication

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/PGTStorage/AbstractStorage.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 5
+ * PHP Version 7
  *
  * @file     CAS/PGTStorage/AbstractStorage.php
  * @category Authentication

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/PGTStorage/Db.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 5
+ * PHP Version 7
  *
  * @file     CAS/PGTStorage/Db.php
  * @category Authentication

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/PGTStorage/File.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 5
+ * PHP Version 7
  *
  * @file     CAS/PGTStorage/AbstractStorage.php
  * @category Authentication

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/ProxiedService.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 5
+ * PHP Version 7
  *
  * @file     CAS/ProxiedService.php
  * @category Authentication

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/ProxiedService/Abstract.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 5
+ * PHP Version 7
  *
  * @file     CAS/ProxiedService/Abstract.php
  * @category Authentication

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/ProxiedService/Exception.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 5
+ * PHP Version 7
  *
  * @file     CAS/ProxiedService/Exception.php
  * @category Authentication

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/ProxiedService/Http.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 5
+ * PHP Version 7
  *
  * @file     CAS/ProxiedService/Http.php
  * @category Authentication

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/ProxiedService/Http/Abstract.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 5
+ * PHP Version 7
  *
  * @file     CAS/ProxiedService/Http/Abstract.php
  * @category Authentication

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/ProxiedService/Http/Get.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 5
+ * PHP Version 7
  *
  * @file     CAS/ProxiedService/Http/Get.php
  * @category Authentication

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/ProxiedService/Http/Post.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 5
+ * PHP Version 7
  *
  * @file     CAS/ProxiedService/Http/Post.php
  * @category Authentication

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/ProxiedService/Imap.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 5
+ * PHP Version 7
  *
  * @file     CAS/ProxiedService/Imap.php
  * @category Authentication

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/ProxiedService/Testable.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 5
+ * PHP Version 7
  *
  * @file     CAS/ProxiedService/Testabel.php
  * @category Authentication

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/ProxyChain.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 5
+ * PHP Version 7
  *
  * @file     CAS/ProxyChain.php
  * @category Authentication

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/ProxyChain/AllowedList.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 5
+ * PHP Version 7
  *
  * @file     CAS/ProxyChain/AllowedList.php
  * @category Authentication

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/ProxyChain/Any.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 5
+ * PHP Version 7
  *
  * @file     CAS/ProxyChain/Any.php
  * @category Authentication

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/ProxyChain/Interface.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 5
+ * PHP Version 7
  *
  * @file     CAS/ProxyChain/Interface.php
  * @category Authentication
@@ -50,4 +50,4 @@ interface CAS_ProxyChain_Interface
      */
     public function matches(array $list);
 
-}
+}

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/ProxyChain/Trusted.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 5
+ * PHP Version 7
  *
  * @file     CAS/ProxyChain/Trusted.php
  * @category Authentication

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/ProxyTicketException.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 5
+ * PHP Version 7
  *
  * @class    CAS/ProxyTicketException.php
  * @category Authentication

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/Request/AbstractRequest.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 5
+ * PHP Version 7
  *
  * @file     CAS/Request/AbstractRequest.php
  * @category Authentication

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/Request/CurlMultiRequest.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 5
+ * PHP Version 7
  *
  * @file     CAS/Request/AbstractRequest.php
  * @category Authentication

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/Request/CurlRequest.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 5
+ * PHP Version 7
  *
  * @file     CAS/Request/CurlRequest.php
  * @category Authentication
@@ -106,14 +106,7 @@ implements CAS_Request_RequestInterface
         *********************************************************/
         $ch = curl_init($this->url);
 
-        if (version_compare(PHP_VERSION, '5.1.3', '>=')) {
-            //only avaible in php5
-            curl_setopt_array($ch, $this->_curlOptions);
-        } else {
-            foreach ($this->_curlOptions as $key => $value) {
-                curl_setopt($ch, $key, $value);
-            }
-        }
+        curl_setopt_array($ch, $this->_curlOptions);
 
         /*********************************************************
          * Set SSL configuration
@@ -167,6 +160,11 @@ implements CAS_Request_RequestInterface
             curl_setopt($ch, CURLOPT_POSTFIELDS, $this->postBody);
         }
 
+        /*********************************************************
+         * Set User Agent
+         *********************************************************/
+        curl_setopt($ch, CURLOPT_USERAGENT, 'phpCAS/' . phpCAS::getVersion());
+
         return $ch;
     }
 
@@ -179,7 +177,7 @@ implements CAS_Request_RequestInterface
      *
      * @return void
      */
-    private function _storeResponseBody ($body)
+    public function _storeResponseBody ($body)
     {
         $this->storeResponseBody($body);
     }
@@ -192,7 +190,7 @@ implements CAS_Request_RequestInterface
      *
      * @return int
      */
-    private function _curlReadHeaders ($ch, $header)
+    public function _curlReadHeaders ($ch, $header)
     {
         $this->storeResponseHeader($header);
         return strlen($header);

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/Request/Exception.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 5
+ * PHP Version 7
  *
  * @file     CAS/Request/Exception.php
  * @category Authentication

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/Request/MultiRequestInterface.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 5
+ * PHP Version 7
  *
  * @file     CAS/Request/MultiRequestInterface.php
  * @category Authentication

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/Request/RequestInterface.php

@@ -17,7 +17,7 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
- * PHP Version 5
+ * PHP Version 7
  *
  * @file     CAS/Request/RequestInterface.php
  * @category Authentication

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/ServiceBaseUrl/AllowedListDiscovery.php

@@ -0,0 +1,152 @@
+<?php
+
+/**
+ * Licensed to Jasig under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for
+ * additional information regarding copyright ownership.
+ *
+ * Jasig licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except in
+ * compliance with the License. You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * PHP Version 7
+ *
+ * @file     CAS/ServiceBaseUrl/AllowedListDiscovery.php
+ * @category Authentication
+ * @package  PhpCAS
+ * @author   Henry Pan <git@phy25.com>
+ * @license  http://www.apache.org/licenses/LICENSE-2.0  Apache License 2.0
+ * @link     https://wiki.jasig.org/display/CASC/phpCAS
+ */
+
+
+/**
+ * Class that gets the service base URL of the PHP server by HTTP header
+ * discovery and allowlist check. This is used to generate service URL
+ * and PGT callback URL.
+ *
+ * @class    CAS_ServiceBaseUrl_AllowedListDiscovery
+ * @category Authentication
+ * @package  PhpCAS
+ * @author   Henry Pan <git@phy25.com>
+ * @license  http://www.apache.org/licenses/LICENSE-2.0  Apache License 2.0
+ * @link     https://wiki.jasig.org/display/CASC/phpCAS
+ */
+
+class CAS_ServiceBaseUrl_AllowedListDiscovery
+extends CAS_ServiceBaseUrl_Base
+{
+    private $_list = array();
+
+    public function __construct($list) {
+        if (is_array($list)) {
+            if (count($list) === 0) {
+                throw new CAS_InvalidArgumentException('$list should not be empty');
+            }
+            foreach ($list as $value) {
+                $this->allow($value);
+            }
+        } else {
+            throw new CAS_TypeMismatchException($list, '$list', 'array');
+        }
+    }
+
+    /**
+     * Add a base URL to the allowed list.
+     *
+     * @param $url protocol, host name and port to add to the allowed list
+     *
+     * @return void
+     */
+    public function allow($url)
+    {
+        $this->_list[] = $this->removeStandardPort($url);
+    }
+
+    /**
+     * Check if the server name is allowed by configuration.
+     *
+     * @param $name server name to check
+     *
+     * @return bool whether the allowed list contains the server name
+     */
+    protected function isAllowed($name)
+    {
+        return in_array($name, $this->_list);
+    }
+
+    /**
+     * Discover the server name through HTTP headers.
+     *
+     * We read:
+     * - HTTP header X-Forwarded-Host
+     * - HTTP header X-Forwarded-Server and X-Forwarded-Port
+     * - HTTP header Host and SERVER_PORT
+     * - PHP SERVER_NAME (which can change based on the HTTP server used)
+     *
+     * The standard port will be omitted (80 for HTTP, 443 for HTTPS).
+     *
+     * @return string the discovered, unsanitized server protocol, hostname and port
+     */
+    protected function discover()
+    {
+        $isHttps = $this->isHttps();
+        $protocol = $isHttps ? 'https' : 'http';
+        $protocol .= '://';
+        if (!empty($_SERVER['HTTP_X_FORWARDED_HOST'])) {
+            // explode the host list separated by comma and use the first host
+            $hosts = explode(',', $_SERVER['HTTP_X_FORWARDED_HOST']);
+            // see rfc7239#5.3 and rfc7230#2.7.1: port is in HTTP_X_FORWARDED_HOST if non default
+            return $protocol . $hosts[0];
+        } else if (!empty($_SERVER['HTTP_X_FORWARDED_SERVER'])) {
+            $server_url = $_SERVER['HTTP_X_FORWARDED_SERVER'];
+        } else {
+            if (empty($_SERVER['SERVER_NAME'])) {
+                $server_url = $_SERVER['HTTP_HOST'];
+            } else {
+                $server_url = $_SERVER['SERVER_NAME'];
+            }
+        }
+        if (!strpos($server_url, ':')) {
+            if (empty($_SERVER['HTTP_X_FORWARDED_PORT'])) {
+                $server_port = $_SERVER['SERVER_PORT'];
+            } else {
+                $ports = explode(',', $_SERVER['HTTP_X_FORWARDED_PORT']);
+                $server_port = $ports[0];
+            }
+
+            $server_url .= ':';
+            $server_url .= $server_port;
+        }
+        return $protocol . $server_url;
+    }
+
+    /**
+     * Get PHP server base URL.
+     *
+     * @return string the server protocol, hostname and port
+     */
+    public function get()
+    {
+        phpCAS::traceBegin();
+        $result = $this->removeStandardPort($this->discover());
+        phpCAS::trace("Discovered server base URL: " . $result);
+        if ($this->isAllowed($result)) {
+            phpCAS::trace("Server base URL is allowed");
+            phpCAS::traceEnd(true);
+        } else {
+            $result = $this->_list[0];
+            phpCAS::trace("Server base URL is not allowed, using default: " . $result);
+            phpCAS::traceEnd(false);
+        }
+        return $result;
+    }
+}

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/ServiceBaseUrl/Base.php

@@ -0,0 +1,98 @@
+<?php
+
+/**
+ * Licensed to Jasig under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for
+ * additional information regarding copyright ownership.
+ *
+ * Jasig licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except in
+ * compliance with the License. You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * PHP Version 7
+ *
+ * @file     CAS/ServiceBaseUrl/Base.php
+ * @category Authentication
+ * @package  PhpCAS
+ * @author   Henry Pan <git@phy25.com>
+ * @license  http://www.apache.org/licenses/LICENSE-2.0  Apache License 2.0
+ * @link     https://wiki.jasig.org/display/CASC/phpCAS
+ */
+
+/**
+ * Base class of CAS/ServiceBaseUrl that implements isHTTPS method.
+ *
+ * @class    CAS_ServiceBaseUrl_Base
+ * @category Authentication
+ * @package  PhpCAS
+ * @author   Henry Pan <git@phy25.com>
+ * @license  http://www.apache.org/licenses/LICENSE-2.0  Apache License 2.0
+ * @link     https://wiki.jasig.org/display/CASC/phpCAS
+ */
+abstract class CAS_ServiceBaseUrl_Base
+implements CAS_ServiceBaseUrl_Interface
+{
+
+    /**
+     * Get PHP server name.
+     *
+     * @return string the server hostname and port of the server
+     */
+    abstract public function get();
+
+    /**
+     * Check whether HTTPS is used.
+     *
+     * This is used to construct the protocol in the URL.
+     *
+     * @return bool true if HTTPS is used
+     */
+    public function isHttps() {
+        if (!empty($_SERVER['HTTP_X_FORWARDED_PROTO'])) {
+            return ($_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https');
+        } elseif (!empty($_SERVER['HTTP_X_FORWARDED_PROTOCOL'])) {
+            return ($_SERVER['HTTP_X_FORWARDED_PROTOCOL'] === 'https');
+        } elseif ( isset($_SERVER['HTTPS'])
+            && !empty($_SERVER['HTTPS'])
+            && strcasecmp($_SERVER['HTTPS'], 'off') !== 0
+        ) {
+            return true;
+        }
+        return false;
+    }
+
+    /**
+     * Remove standard HTTP and HTTPS port for discovery and allowlist input.
+     *
+     * @param $url URL as https://domain:port without trailing slash
+     * @return standardized URL, or the original URL
+     * @throws CAS_InvalidArgumentException if the URL does not include the protocol
+     */
+    protected function removeStandardPort($url) {
+        if (strpos($url, "://") === false) {
+            throw new CAS_InvalidArgumentException(
+                "Configured base URL should include the protocol string: " . $url);
+        }
+
+        $url = rtrim($url, '/');
+
+        if (strpos($url, "https://") === 0 && substr_compare($url, ':443', -4) === 0) {
+            return substr($url, 0, -4);
+        }
+
+        if (strpos($url, "http://") === 0 && substr_compare($url, ':80', -3) === 0) {
+            return substr($url, 0, -3);
+        }
+
+        return $url;
+    }
+
+}

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/ServiceBaseUrl/Interface.php

@@ -0,0 +1,61 @@
+<?php
+
+/**
+ * Licensed to Jasig under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for
+ * additional information regarding copyright ownership.
+ *
+ * Jasig licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except in
+ * compliance with the License. You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * PHP Version 7
+ *
+ * @file     CAS/ServerHostname/Interface.php
+ * @category Authentication
+ * @package  PhpCAS
+ * @author   Henry Pan <git@phy25.com>
+ * @license  http://www.apache.org/licenses/LICENSE-2.0  Apache License 2.0
+ * @link     https://wiki.jasig.org/display/CASC/phpCAS
+ */
+
+/**
+ * An interface for classes that gets the server name of the PHP server.
+ * This is used to generate service URL and PGT callback URL.
+ *
+ * @class    CAS_ServiceBaseUrl_Interface
+ * @category Authentication
+ * @package  PhpCAS
+ * @author   Henry Pan <git@phy25.com>
+ * @license  http://www.apache.org/licenses/LICENSE-2.0  Apache License 2.0
+ * @link     https://wiki.jasig.org/display/CASC/phpCAS
+ */
+interface CAS_ServiceBaseUrl_Interface
+{
+
+    /**
+     * Get PHP HTTP protocol and server name.
+     *
+     * @return string protocol, server hostname, and optionally port,
+     *                without trailing slash (https://localhost:8443)
+     */
+    public function get();
+
+    /**
+     * Check whether HTTPS is used.
+     *
+     * This is used to construct the protocol in the URL.
+     *
+     * @return bool true if HTTPS is used
+     */
+    public function isHttps();
+
+}

datamodels/2.x/authent-cas/vendor/apereo/phpcas/source/CAS/ServiceBaseUrl/Static.php

@@ -0,0 +1,69 @@
+<?php
+
+/**
+ * Licensed to Jasig under one or more contributor license
+ * agreements. See the NOTICE file distributed with this work for
+ * additional information regarding copyright ownership.
+ *
+ * Jasig licenses this file to you under the Apache License,
+ * Version 2.0 (the "License"); you may not use this file except in
+ * compliance with the License. You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * PHP Version 7
+ *
+ * @file     CAS/ServiceBaseUrl/Static.php
+ * @category Authentication
+ * @package  PhpCAS
+ * @author   Henry Pan <git@phy25.com>
+ * @license  http://www.apache.org/licenses/LICENSE-2.0  Apache License 2.0
+ * @link     https://wiki.jasig.org/display/CASC/phpCAS
+ */
+
+
+/**
+ * Class that gets the server name of the PHP server by statically set
+ * hostname and port. This is used to generate service URL and PGT
+ * callback URL.
+ *
+ * @class    CAS_ServiceBaseUrl_Static
+ * @category Authentication
+ * @package  PhpCAS
+ * @author   Henry Pan <git@phy25.com>
+ * @license  http://www.apache.org/licenses/LICENSE-2.0  Apache License 2.0
+ * @link     https://wiki.jasig.org/display/CASC/phpCAS
+ */
+
+class CAS_ServiceBaseUrl_Static
+extends CAS_ServiceBaseUrl_Base
+{
+    private $_name = null;
+
+    public function __construct($name) {
+        if (is_string($name)) {
+            $this->_name = $this->removeStandardPort($name);
+        } else {
+            throw new CAS_TypeMismatchException($name, '$name', 'string');
+        }
+    }
+
+    /**
+     * Get the server name through static config.
+     *
+     * @return string the server hostname and port of the server configured
+     */
+    public function get()
+    {
+        phpCAS::traceBegin();
+        phpCAS::trace("Returning static server name: " . $this->_name);
+        phpCAS::traceEnd(true);
+        return $this->_name;
+    }
+}