From 4e3fdd7ab78bdfec38f1858e1af2076010bfb757 Mon Sep 17 00:00:00 2001
From: Dan Wells <dbw2@calvin.edu>
Date: Wed, 10 Oct 2012 09:22:33 -0400
Subject: [PATCH] Capture and log AuthProxy logins with no account

The current AuthProxy.pm code assumes that if the external auth
passes, the Evergreen account will be there.  This protects
against cases where a user is in the external auth system but
has no matching account in Evergreen.

Signed-off-by: Dan Wells <dbw2@calvin.edu>
Signed-off-by: Bill Erickson <berick@esilibrary.com>
---
 Open-ILS/src/perlmods/lib/OpenILS/Application/AuthProxy.pm | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/Open-ILS/src/perlmods/lib/OpenILS/Application/AuthProxy.pm b/Open-ILS/src/perlmods/lib/OpenILS/Application/AuthProxy.pm
index be1d05b7f4..a555be7797 100644
--- a/Open-ILS/src/perlmods/lib/OpenILS/Application/AuthProxy.pm
+++ b/Open-ILS/src/perlmods/lib/OpenILS/Application/AuthProxy.pm
@@ -257,6 +257,10 @@ sub _do_login {
             "open-ils.cstore.direct.actor.user.search.atomic",
             { usrname => $args->{'username'} }
         );
+        if (!$user->[0]) {
+            $logger->debug("Authenticated username '" . $args->{'username'} . "' has no Evergreen account, aborting");
+            return OpenILS::Event->new( 'LOGIN_FAILED' );
+        }
         $args->{'password'} = md5_hex( $seed . $user->[0]->passwd );
     } else {
         $args->{'password'} = md5_hex( $seed . md5_hex($real_password) );
-- 
2.43.2