Bug 19160: Isolate CAS code into its own module

Signed-off-by: Katrin Fischer <katrin.fischer@bsz-bw.de>

Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

C4/Auth.pm

@@ -905,22 +905,6 @@ sub checkauth {
             }
         }
     }
-    elsif ($logout && $cas) {
-        # We got a cas single logout request from a cas server;
-        my $ticket = $query->param('cas_ticket');
-        # We've been called as part of the single logout destroy the session associated with the cas ticket
-        my $params = _get_session_params();
-        my $success =  CGI::Session->find( $params->{dsn}, sub {delete_cas_session(@_, $ticket)}, $params->{dsn_args} );
-
-        sub delete_cas_session {
-            my $session = shift;
-            my $ticket = shift;
-            if ($session->param('cas_ticket') && $session->param('cas_ticket') eq $ticket ) {
-                $session->delete;
-                $session->flush;
-            }
-        }
-    }
     unless ( $userid || $sessionID ) {
         #we initiate a session prior to checking for a username to allow for anonymous sessions...
         my $session = get_session("") or die "Auth ERROR: Cannot get_session()";

C4/Auth_with_cas.pm

@@ -228,21 +228,37 @@ sub _url_with_get_params {
     return $uri_base_part . $uri_params_part;
 }
 
-sub logout_required {
+# CAS single logout
+sub logout_if_required {
     my ( $query ) = @_;
     # Check we havent been hit by a logout call
     my $xml = $query->param('logoutRequest');
-    if ($xml) {
-        my $dom = XML::LibXML->load_xml(string => $xml);
-        my $ticket;
-        foreach my $node ($dom->findnodes('/samlp:LogoutRequest')){
-            $ticket = $node->findvalue('./samlp:SessionIndex');
+    return 0 unless $xml;
+
+    my $dom = XML::LibXML->load_xml(string => $xml);
+    my $ticket;
+    foreach my $node ($dom->findnodes('/samlp:LogoutRequest')){
+        # We got a cas single logout request from a cas server;
+        $ticket = $node->findvalue('./samlp:SessionIndex');
+    }
+
+    return 0 unless $ticket;
+
+    # We've been called as part of the single logout destroy the session associated with the cas ticket
+    my $params = C4::Auth::_get_session_params();
+    my $success = CGI::Session->find( $params->{dsn}, sub {delete_cas_session(@_, $ticket)}, $params->{dsn_args} );
+
+    sub delete_cas_session {
+        my $session = shift;
+        my $ticket = shift;
+        if ($session->param('cas_ticket') && $session->param('cas_ticket') eq $ticket ) {
+            $session->delete;
+            $session->flush;
         }
-        $query->param(-name =>'logout.x', -value => 1);
-        $query->param(-name =>'cas_ticket', -value => $ticket);
-        return 1;
     }
-    return 0;
+
+    print $query->header;
+    exit;
 }
 
 1;

opac/opac-user.pl

@@ -62,8 +62,9 @@ BEGIN {
     }
 }
 
-my $cas_logout_required = C4::Context->preference('casAuthentication')
-  and C4::Auth_with_ldap::logout_required($query);
+# CAS single logout handling
+# Will print header and exit
+C4::Context->preference('casAuthentication') and C4::Auth_with_ldap::logout_if_required($query);
 
 my ( $template, $borrowernumber, $cookie ) = get_template_and_user(
     {
@@ -75,12 +76,6 @@ my ( $template, $borrowernumber, $cookie ) = get_template_and_user(
     }
 );
 
-if ($cas_logout_required){
-    print $query->header;
-    exit;
-}
-
-
 my %renewed = map { $_ => 1 } split( ':', $query->param('renewed') );
 
 my $show_priority;