From b54f320a13a6d450cbb8f1e9b231593522c15efe Mon Sep 17 00:00:00 2001
From: Roussel Xavier <xavier.roussel@uvsq.fr>
Date: Mon, 4 May 2015 12:14:41 +0200
Subject: [PATCH] Add cas_pretend_user variable

---
 README.md              | 31 +++++++++++++------------------
 src/Xavrsl/Cas/Sso.php | 30 +++++++++++++++++++++++++++++-
 2 files changed, 42 insertions(+), 19 deletions(-)

diff --git a/README.md b/README.md
index 3eae0ca..f87938e 100644
--- a/README.md
+++ b/README.md
@@ -5,7 +5,7 @@ CAS server SSO authentication in Laravel 4.x & 5.x
 
 ## Installation
 
-Require this package in your composer.json and run composer update. 
+Require this package in your composer.json and run composer update.
 
 For Laravel 4 use v1.1.* :
 
@@ -38,33 +38,28 @@ For Laravel 5 :
 Configuration
 ==
 
-Configuration should be pretty straightforward for anyone who's ever used the phpCAS client. However, I've added the possibility to easily turn your application into a CAS Proxy, a CAS Service or both. You only need to set the cas_proxy setting to true (if you need to proxy services) and set the cas_service to whatever proxy you want to allow (this is all explained in the config file).
+Configuration should be pretty straightforward for anyone who's ever used the phpCAS client. Using the .env file will allow you to have different environments without even touching the cas.php config file. I've added the possibility to easily turn your application into a CAS Proxy, a CAS Service or both. You only need to set the cas_proxy setting to true (if you need to proxy services) and set the cas_service to whatever proxy you want to allow (this is all explained in the config file).
+
+A new config variable (cas_pretend_user) available in the 1.2 release allows you to pretend to be a selected CAS user. The idea came with the usage of laravel homestead. My application was running on a private network, on a fake domain. The CAS server was not able to redirect to that application. So activating the CAS plugin on that application was not possible, but I needed a user id to query my LDAP and allow/disallow the user in my application. You only need to give it a user id and the application will act just as if you ware logged in with that CAS user.
 
 Usage
 ==
 
-Authenticate against the CAS server
+Authenticate against the CAS server. This should be called before trying to retrieve the CAS user id.
 
+```php
 	Cas::authenticate();
+```
 
-Exemple of Cas authentication in a route filter :
+Then get the current user id this way :
 
 ```php
-Route::group(array('https', 'before' => 'cas'), function()
-{
-  Route::controller('toolbar', 'ToolbarController');
-
-  Route::controller('bibsearch', 'BibsearchController');
-});
+	Cas::getCurrentUser();
+```
 
-Route::controller('bibimages', 'BibimagesController');
+OR
 
-Route::filter('cas', function()
-{
-  Cas::authenticate();
-});
+```php
+  Cas::user();
 ```
 
-Then get the current user id this way :
-
-	Cas::getCurrentUser();
diff --git a/src/Xavrsl/Cas/Sso.php b/src/Xavrsl/Cas/Sso.php
index 870cd61..9627e9d 100644
--- a/src/Xavrsl/Cas/Sso.php
+++ b/src/Xavrsl/Cas/Sso.php
@@ -106,12 +106,30 @@ private function configureSslValidation()
      */
     private function configureProxyChain()
     {
-        if (is_array($this->config['cas_proxied_services']) && !empty($this->config['cas_proxied_services']))
+        if (is_array($this->config['cas_proxied_services'])
+            && !empty($this->config['cas_proxied_services']))
         {
             phpCAS::allowProxyChain(new \CAS_ProxyChain($this->config['cas_proxied_services']));
         }
     }
 
+    /**
+     * isPretending
+     *
+     * When on dev environment, you can sometimes be on a private network that can't access to the CAS
+     * server. Sometimes, you may also want to check the application as if you where one user or
+     * another. This is why you may specify a CAS_PRETEND_USER config variable.
+     */
+    private function isPretending()
+    {
+        if (isset($this->config['cas_pretend_user'])
+            && !empty($this->config['cas_pretend_user']))
+        {
+            return true;
+        }
+        return false;
+    }
+
     /**
      * Authenticates the user based on the current request.
      *
@@ -121,6 +139,8 @@ private function configureProxyChain()
      */
     public function authenticate()
     {
+        if($this->isPretending()) return true;
+
         try
         {
             phpCAS::forceAuthentication();
@@ -138,6 +158,8 @@ public function authenticate()
      */
     public function isAuthenticated()
     {
+        if($this->isPretending()) return true;
+
         return phpCAS::isAuthenticated();
     }
 
@@ -151,6 +173,8 @@ public function isAuthenticated()
      */
     public function getCurrentUser()
     {
+        if($this->isPretending()) return $this->config['cas_pretend_user'];
+
         return phpCAS::getUser();
     }
 
@@ -161,6 +185,8 @@ public function getCurrentUser()
      */
     public function user()
     {
+        if($this->isPretending()) return $this->config['cas_pretend_user'];
+
         return phpCAS::getUser();
     }
 
@@ -183,6 +209,8 @@ public function getAttributes()
      */
     public function logout($params = array())
     {
+        if($this->isPretending()) return true;
+
         if(!phpCAS::isAuthenticated())
         {
             $this->initializeCas();