apereo · campbell-m · Sep 1, 2024 · Nov 1, 2024 · Sep 1, 2025 · Jan 14, 2026
diff --git a/docs/index.html b/docs/index.html
@@ -1,19 +1,19 @@
-<?xml version="1.0" encoding="utf-8"?>
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
-"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
-  <head>
-    <title>phpCAS</title>
-  </head>
-  <body>
-	<p><img src="images/phpcas.png" width="191" height="68"/></p>
-	<p>phpCAS documentation is hosted at <a href="https://apereo.atlassian.net/wiki/spaces/CASC/pages/103252517/phpCAS">https://apereo.atlassian.net/wiki/spaces/CASC/pages/103252517/phpCAS</a>.</p>
-	<ul>
-	  <li><a href="https://github.com/apereo/phpCAS/tree/master/docs/examples">examples</a></li>
-	  <li><a href="api">source documentation</a></li>
-  </ul>
-	<p><img src="images/esup-portail.png" width="182" height="68"/> <img src="images/jasig.png" width="169" height="87"/></p>
-	<p>&nbsp;</p>
-  </body>
-</html>
-  
+<?xml version="1.0" encoding="utf-8"?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
+"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+  <head>
+    <title>phpCAS</title>
+  </head>
+  <body>
+	<p><img src="images/phpcas.png" width="191" height="68"/></p>
+	<p>phpCAS documentation is hosted at <a href="https://apereo.atlassian.net/wiki/spaces/CASC/pages/103252517/phpCAS">https://apereo.atlassian.net/wiki/spaces/CASC/pages/103252517/phpCAS</a>.</p>
+	<ul>
+	  <li><a href="https://github.com/apereo/phpCAS/tree/master/docs/examples">examples</a></li>
+	  <li><a href="api">source documentation</a></li>
+  </ul>
+	<p><img src="images/esup-portail.png" width="182" height="68"/> <img src="images/jasig.png" width="169" height="87"/></p>
+	<p>&nbsp;</p>
+  </body>
+</html>
+
diff --git a/source/CAS.php b/source/CAS.php
@@ -347,7 +347,7 @@ class phpCAS
      */
     public static function client($server_version, $server_hostname,
         $server_port, $server_uri, $service_base_url,
-        $changeSessionID = true, \SessionHandlerInterface $sessionHandler = null
+        $changeSessionID = true, ?\SessionHandlerInterface $sessionHandler = null
     ) {
         phpCAS :: traceBegin();
         if (is_object(self::$_PHPCAS_CLIENT)) {
@@ -402,7 +402,7 @@ public static function client($server_version, $server_hostname,
      */
     public static function proxy($server_version, $server_hostname,
         $server_port, $server_uri, $service_base_url,
-        $changeSessionID = true, \SessionHandlerInterface $sessionHandler = null
+        $changeSessionID = true, ?\SessionHandlerInterface $sessionHandler = null
     ) {
         phpCAS :: traceBegin();
         if (is_object(self::$_PHPCAS_CLIENT)) {

diff --git a/source/CAS/Client.php b/source/CAS/Client.php
@@ -788,7 +788,7 @@ public function markAuthenticationCall ($auth)
             'file' => $dbg[1]['file'],
             'line' => $dbg[1]['line'],
             'method' => $dbg[1]['class'] . '::' . $dbg[1]['function'],
-            'result' => (boolean)$auth
+            'result' => (bool)$auth
         );
     }
     private $_authentication_caller;
@@ -938,7 +938,7 @@ public function __construct(
         $server_uri,
         $service_base_url,
         $changeSessionID = true,
-        \SessionHandlerInterface $sessionHandler = null
+        ?\SessionHandlerInterface $sessionHandler = null
     ) {
         // Argument validation
         if (gettype($server_version) != 'string')
@@ -3166,7 +3166,7 @@ public function getProxiedService ($type)
                 $proxiedService->setCasClient($this);
             }
             return $proxiedService;
-        case PHPCAS_PROXIED_SERVICE_IMAP;
+          case PHPCAS_PROXIED_SERVICE_IMAP:
             $proxiedService = new CAS_ProxiedService_Imap($this->_getUser());
             if ($proxiedService instanceof CAS_ProxiedService_Testable) {
                 $proxiedService->setCasClient($this);

diff --git a/source/CAS/Request/CurlMultiRequest.php b/source/CAS/Request/CurlMultiRequest.php
@@ -139,7 +139,12 @@ public function send ()
             $buf = curl_multi_getcontent($handles[$i]);
             $request->_storeResponseBody($buf);
             curl_multi_remove_handle($multiHandle, $handles[$i]);
-            curl_close($handles[$i]);
+            // curl_close() doesn't do anything from PHP 8.0 onwards (because the curl
+            // handle is an object and not a resource) and is deprecated from PHP 8.5.
+            if (version_compare(PHP_VERSION, '8.0.0') < 0)
+            {
+              curl_close($handles[$i]);
+            }
         }
 
         curl_multi_close($multiHandle);

diff --git a/source/CAS/Request/CurlRequest.php b/source/CAS/Request/CurlRequest.php
@@ -86,7 +86,12 @@ protected function sendRequest ()
 
         }
         // close the CURL session
-        curl_close($ch);
+        // curl_close() doesn't do anything from PHP 8.0 onwards (because the curl
+        // handle is an object and not a resource) and is deprecated from PHP 8.5.
+        if (version_compare(PHP_VERSION, '8.0.0') < 0)
+        {
+          curl_close($ch);
+        }
 
         phpCAS::traceEnd($res);
         return $res;

diff --git a/source/CAS/Request/GuzzleRequest.php b/source/CAS/Request/GuzzleRequest.php
@@ -0,0 +1,139 @@
+<?php
+declare(strict_types=1);
+
+use GuzzleHttp\Client;
+
+/**
+ *  A CAS request class that uses Guzzle to make the request, rather than the default curl.  Guzzle will
+ *  use curl if possible but falls back to the native PHP functions if curl is not available.
+ */
+class GuzzleRequest extends CAS_Request_AbstractRequest implements CAS_Request_RequestInterface
+{
+  private $client;
+  private $options = [
+    'headers' => []
+  ];
+  private $response_status_code;
+  private $sent = false;  // $_sent is private in CAS_Request_AbstractRequest
+
+
+  public function __construct()
+  {
+    $this->client = new Client();
+  }
+
+
+  /**
+   * @see CAS_Request_RequestInterface::addCookie()
+   */
+  public function addCookie($name, $value) : void
+  {
+    // TODO: Implement addCookie() method.
+    throw new \Exception('Not yet implemented');
+  }
+
+
+  /**
+   * @see CAS_Request_RequestInterface::addCookies()
+   */
+  public function addCookies(array $cookies) : void
+  {
+    // TODO: Implement addCookies() method.
+    throw new \Exception('Not yet implemented');
+  }
+
+
+  /**
+   * @see CAS_Request_RequestInterface::addHeader()
+   */
+  public function addHeader($header) : void
+  {
+    if ($this->sent)
+    {
+      throw new CAS_OutOfSequenceException('Request has already been sent cannot '.__METHOD__);
+    }
+
+    if (preg_match('/^([^:]+):\s*(.+)$/', $header, $matches))
+    {
+      $this->options['headers'][$matches[1]] = $matches[2];
+    }
+  }
+
+
+  /**
+   * @see CAS_Request_RequestInterface::addHeaders()
+   */
+  public function addHeaders(array $headers) : void
+  {
+    if ($this->sent)
+    {
+      throw new CAS_OutOfSequenceException('Request has already been sent cannot '.__METHOD__);
+    }
+
+    foreach ($headers as $header)
+    {
+      $this->addHeader($header);
+    }
+  }
+
+
+  /**
+   * @see CAS_Request_RequestInterface::setPostBody()
+   */
+  public function setPostBody($body) : void
+  {
+    parent::setPostBody($body);
+    parse_str($body, $this->options['form_params']);
+  }
+
+
+  /**
+   * @see CAS_Request_RequestInterface::setSslCaCert()
+   */
+  public function setSslCaCert($caCertPath, $validate_cn = true) : void
+  {
+    parent::setSslCaCert($caCertPath, $validate_cn);
+    $this->options['verify'] = ($validate_cn) ? $caCertPath : false;
+  }
+
+
+  /**
+   * @see CAS_Request_RequestInterface::getResponseStatusCode()
+   */
+  public function getResponseStatusCode() : int
+  {
+    if (!$this->sent)
+    {
+      throw new CAS_OutOfSequenceException('Request has not been sent yet. Cannot '.__METHOD__);
+    }
+
+    return $this->response_status_code;
+  }
+
+
+  /**
+   * @see CAS_Request_AbstractRequest::sendRequest()
+   */
+  protected function sendRequest() : bool
+  {
+    try
+    {
+      $method = ($this->isPost) ? 'POST' : 'GET';
+      $this->sent = true;
+      $response = $this->client->request($method, $this->url, $this->options);
+      $this->response_status_code = $response->getStatusCode();
+      $this->storeResponseBody($response->getBody()->getContents());
+      foreach ($response->getHeaders() as $name => $values)
+      {
+        $this->storeResponseHeader(strtolower($name) . ': ' . implode(', ', $values));
+      }
+      return true;
+    }
+    catch (\Exception $e)
+    {
+      $this->storeErrorMessage( $e->getMessage());
+      return false;
+    }
+  }
+
+}