Open-ILS/examples/remoteauth.cgi

   1 #!/usr/bin/perl
   2
   3 #    This CGI script might be useful for providing an easy way for EZproxy to authenticate
   4 #    users against an Evergreen instance.
   5 #
   6 #    For example, if you modify your eg_vhost.conf by adding this:
   7 #    <Directory "/openils/var/cgi-bin/ezproxy">
   8 #        AddHandler cgi-script .pl
   9 #        AllowOverride None
  10 #        Options +ExecCGI
  11 #        allow from all
  12 #    </Directory>
  13 #
  14 #    and make that directory and copy remoteauth.cgi to it:
  15 #    mkdir /openils/var/cgi-bin/ezproxy/
  16 #    cp remoteauth.cgi /openils/var/cgi-bin/ezproxy/
  17 #
  18 #    Then you could add a line like this to the users.txt of your EZproxy instance:
  19 #
  20 #    ::external=https://hostname/cgi-bin/ezproxy/remoteauth.cgi,post=user=^u&passwd=^p
  21 #
  22
  23 #use strict;
  24 use warnings;
  25
  26 use CGI;
  27 use Digest::MD5 qw(md5_hex);
  28
  29 use OpenSRF::EX qw(:try);
  30 use OpenSRF::System;
  31
  32
  33 my $bootstrap = '/openils/conf/opensrf_core.xml';
  34 my $cgi = new CGI;
  35 my $u = $cgi->param('user');
  36 my $p = $cgi->param('passwd');
  37
  38 print $cgi->header(-type=>'text/html', -expires=>'-1d');
  39
  40 OpenSRF::System->bootstrap_client( config_file => $bootstrap );
  41
  42 if (!$u || !$p) {
  43         print "+INCOMPLETE";
  44 } else {
  45         my $nametype = 'username';
  46         $nametype = 'barcode' if ($u =~ /^\d+$/o);
  47         my $seed = OpenSRF::AppSession
  48                 ->create("open-ils.auth")
  49                 ->request( 'open-ils.auth.authenticate.init', $u )
  50                 ->gather(1);
  51         if ($seed) {
  52                 my $response = OpenSRF::AppSession
  53                         ->create("open-ils.auth")
  54                         ->request( 'open-ils.auth.authenticate.complete', { $nametype => $u, password => md5_hex($seed . md5_hex($p)), type => 'temp' })
  55                         ->gather(1);
  56                 if ($response->{payload}->{authtoken}) {
  57                         my $user = OpenSRF::AppSession
  58                                 ->create("open-ils.auth")
  59                                 ->request( "open-ils.auth.session.retrieve", $response->{payload}->{authtoken} )
  60                                 ->gather(1);
  61                         if (ref($user) eq 'HASH' && $user->{ilsevent} == 1001) {
  62                                 print "+NO";
  63                         } else {
  64                                 print "+VALID";
  65                         }
  66                 } else {
  67                         print "+NO";
  68                 }
  69         } else {
  70                 print "+BACKEND_ERROR";
  71         }
  72
  73 }
  74
  75 1;