3 # This CGI script might be useful for providing an easy way for EZproxy to authenticate
4 # users against an Evergreen instance.
6 # For example, if you modify your eg.conf by adding this:
7 # Alias "/cgi-bin/ezproxy/" "/openils/var/cgi-bin/ezproxy/"
8 # <Directory "/openils/var/cgi-bin/ezproxy">
9 # AddHandler cgi-script .pl
15 # and make that directory and copy remoteauth.cgi to it:
16 # mkdir /openils/var/cgi-bin/ezproxy/
17 # cp remoteauth.cgi /openils/var/cgi-bin/ezproxy/
19 # Then you could add a line like this to the users.txt of your EZproxy instance:
21 # ::external=https://hostname/cgi-bin/ezproxy/remoteauth.cgi,post=user=^u&passwd=^p
28 use Digest::MD5 qw(md5_hex);
30 use OpenSRF::EX qw(:try);
33 my $bootstrap = '/openils/conf/opensrf_core.xml';
35 my $u = $cgi->param('user');
36 my $usrname = $cgi->param('usrname');
37 my $barcode = $cgi->param('barcode');
38 my $p = $cgi->param('passwd');
40 print $cgi->header(-type=>'text/html', -expires=>'-1d');
42 OpenSRF::System->bootstrap_client( config_file => $bootstrap );
44 if (!($u || $usrname || $barcode) || !$p) {
50 $nametype = 'username';
53 $nametype = 'barcode';
55 $nametype = 'username';
56 my $regex_response = OpenSRF::AppSession
57 ->create('open-ils.actor')
58 ->request('open-ils.actor.ou_setting.ancestor_default', 1, 'opac.barcode_regex')
60 if ($regex_response) {
61 my $regexp = $regex_response->{'value'};
62 $nametype = 'barcode' if ($u =~ qr/$regexp/);
65 my $seed = OpenSRF::AppSession
66 ->create('open-ils.auth')
67 ->request( 'open-ils.auth.authenticate.init', $u )
70 my $response = OpenSRF::AppSession
71 ->create('open-ils.auth')
72 ->request( 'open-ils.auth.authenticate.complete', { $nametype => $u, password => md5_hex($seed . md5_hex($p)), type => 'opac' })
74 if ($response->{payload}->{authtoken}) {
75 my $user = OpenSRF::AppSession
76 ->create('open-ils.auth')
77 ->request( 'open-ils.auth.session.retrieve', $response->{payload}->{authtoken} )
79 if (ref($user) eq 'HASH' && $user->{ilsevent} == 1001) {
88 print '+BACKEND_ERROR';