Fix: now report CAS authentication failures

Also fixed a bug related to recent auth_services changes git-svn-id: https://subversion.renater.fr/sympa/trunk@3477 05aa8bb8-cd2b-0410-b1d7-8918dfa770ce

Fix: now report CAS authentication failures
Also fixed a bug related to recent auth_services changes git-svn-id: https://subversion.renater.fr/sympa/trunk@3477 05aa8bb8-cd2b-0410-b1d7-8918dfa770ce
99ee8d1a · sympa-authors · 6636f069 · 99ee8d1a · 99ee8d1a · 99ee8d1a
Commit 99ee8d1a authored Jan 18, 2006 by sympa-authors
--- a/soap/sympasoap.pm
+++ b/soap/sympasoap.pm
@@ -224,7 +224,7 @@ sub casLogin {
    } 

    ## Now fetch email attribute from LDAP
-    unless ($email = &Auth::get_email_by_net_id($cas_id, {'uid' => $user})) {
+    unless ($email = &Auth::get_email_by_net_id($robot, $cas_id, {'uid' => $user})) {
 	&do_log('err','Could not get email address from LDAP for user %s', $user);
 	die SOAP::Fault->faultcode('Server')
 	    ->faultstring('Authentification failed')

--- a/wwsympa/Auth.pm
+++ b/wwsympa/Auth.pm
@@ -333,6 +333,7 @@ sub ldap_authentication {
 # fetch user email using his cas net_id and the paragrapah number in auth.conf
 sub get_email_by_net_id {
    
+    my $robot = shift;
    my $auth_id = shift;
    my $attributes = shift;

@@ -356,7 +357,7 @@ sub get_email_by_net_id {
    }
    require Net::LDAP::Message;

-    my $ldap = @{$Conf{'auth_services'}}[$auth_id];
+    my $ldap = @{$Conf{'auth_services'}{$robot}}[$auth_id];
    my $filter = $ldap->{'ldap_get_email_by_uid_filter'} ;

    $filter =~ s/\[([\w-]+)\]/$attributes->{$1}/ig;

--- a/wwsympa/wwsympa.fcgi
+++ b/wwsympa/wwsympa.fcgi
@@ -739,7 +739,7 @@ if ($wwsconf->{'use_fast_cgi'}) {
 		 
 		 if(defined $net_id) { # the ticket is valid net-id
 		     do_log('notice',"login CAS OK server netid=$net_id" );
-		     $param->{'user'}{'email'} = lc(&Auth::get_email_by_net_id($cas_id, {'uid' => $net_id}));
+		     $param->{'user'}{'email'} = lc(&Auth::get_email_by_net_id($robot, $cas_id, {'uid' => $net_id}));
 		     $param->{'auth'} = 'cas';
 		     
 		     &cookielib::set_cas_server($wwsconf->{'cookie_domain'},$cas_id);
@@ -1976,7 +1976,7 @@ sub do_sso_login {
 		return 'home';	
 	    }
 	    
-	    $email = &Auth::get_email_by_net_id($sso_id, \%ENV);
+	    $email = &Auth::get_email_by_net_id($robot, $sso_id, \%ENV);
 	}

 	unless ($email) {
@@ -2029,9 +2029,14 @@ sub do_sso_login {
 }

 sub do_sso_login_succeeded {
-    &wwslog('info', 'do_sso_login(%s)', $in{'auth_service_name'});
-    &report::notice_report_web('you_have_been_authenticated',{},$param->{'action'});
-    
+    &wwslog('info', 'do_sso_login_succeeded(%s)', $in{'auth_service_name'});
+
+    if (defined $param->{'user'} && $param->{'user'}{'email'}) {
+	&report::notice_report_web('you_have_been_authenticated',{},$param->{'action'});
+    }else {
+	&report::reject_report_web('user','auth_failed',{},$param->{'action'});
+    }    
+
    ## We should refresh the main window
    if ($param->{'nomenu'}) {
 	$param->{'back_to_mom'} = 1;