Update version of release notes in 2.5 docs
[working/Evergreen.git] / Open-ILS / examples / remoteauth.cgi
1 #!/usr/bin/perl
2
3 #    This CGI script might be useful for providing an easy way for EZproxy to authenticate
4 #    users against an Evergreen instance.
5 #    
6 #    For example, if you modify your eg.conf by adding this:
7 #    Alias "/cgi-bin/ezproxy/" "/openils/var/cgi-bin/ezproxy/"
8 #    <Directory "/openils/var/cgi-bin/ezproxy">
9 #        AddHandler cgi-script .pl
10 #        AllowOverride None
11 #        Options +ExecCGI
12 #        allow from all
13 #    </Directory>
14 #    
15 #    and make that directory and copy remoteauth.cgi to it:
16 #    mkdir /openils/var/cgi-bin/ezproxy/
17 #    cp remoteauth.cgi /openils/var/cgi-bin/ezproxy/
18 #    
19 #    Then you could add a line like this to the users.txt of your EZproxy instance:
20 #    
21 #    ::external=https://hostname/cgi-bin/ezproxy/remoteauth.cgi,post=user=^u&passwd=^p
22 #
23
24 #use strict;
25 use warnings;
26
27 use CGI;
28 use Digest::MD5 qw(md5_hex);
29
30 use OpenSRF::EX qw(:try);
31 use OpenSRF::System;
32 use OpenSRF::AppSession;
33
34 my $bootstrap = '/openils/conf/opensrf_core.xml';
35 my $cgi = new CGI;
36 my $u = $cgi->param('user');
37 my $usrname = $cgi->param('usrname');
38 my $barcode = $cgi->param('barcode');
39 my $agent = $cgi->param('agent'); # optional, but preferred
40 my $p = $cgi->param('passwd');
41
42 print $cgi->header(-type=>'text/html', -expires=>'-1d');
43
44 OpenSRF::AppSession->ingress('remoteauth');
45 OpenSRF::System->bootstrap_client( config_file => $bootstrap );
46
47 if (!($u || $usrname || $barcode) || !$p) {
48         print '+INCOMPLETE';
49 } else {
50         my $nametype;
51     if ($usrname) {
52         $u = $usrname;
53             $nametype = 'username';
54     } elsif ($barcode) {
55         $u = $barcode;
56         $nametype = 'barcode';
57     } else {
58             $nametype = 'username';
59         my $regex_response = OpenSRF::AppSession
60             ->create('open-ils.actor')
61             ->request('open-ils.actor.ou_setting.ancestor_default', 1, 'opac.barcode_regex')
62             ->gather(1);
63         if ($regex_response) {
64             my $regexp = $regex_response->{'value'};
65             $nametype = 'barcode' if ($u =~ qr/$regexp/);
66         }
67     }
68         my $seed = OpenSRF::AppSession
69                 ->create('open-ils.auth')
70                 ->request( 'open-ils.auth.authenticate.init', $u )
71                 ->gather(1);
72         if ($seed) {
73                 my $response = OpenSRF::AppSession
74                         ->create('open-ils.auth')
75                         ->request( 'open-ils.auth.authenticate.verify', 
76                                 { $nametype => $u, password => md5_hex($seed . md5_hex($p)), type => 'opac', agent => $agent })
77                         ->gather(1);
78                 if ($response) {
79                         if ($response->{ilsevent} == 0) {
80                                 print '+VALID';
81                         } else {
82                                 print '+NO';
83                         }
84                 } else {
85                         print '+BACKEND_ERROR';
86                 }
87         } else {
88                 print '+BACKEND_ERROR';
89         }
90 }
91
92 1;