1 files changed, 40 insertions, 21 deletions
diff --git a/www/authenticate.pl b/www/authenticate.pl
index a36ad02..d73869d 100755
--- a/www/authenticate.pl
+++ b/www/authenticate.pl
@@ -15,34 +15,53 @@ use Net::Google::FederatedLogin;
 
 do "common.pl";
 
-while (my $cgi = new CGI::Fast) {
-  load_config();
-
-  my $claimed_email = $cgi->param('email');
-
-  my $g = Net::Google::FederatedLogin->new(
-    claimed_id => $claimed_email,
-    return_to  => reluri($cgi, 'login.pl'),
-    extensions => [{ns          => 'ax',
-                    uri         => 'http://openid.net/srv/ax/1.0',
-                    attributes  => {mode        => 'fetch_request',
-                                    required    => 'email',
-                                    type        => {email => 'http://axschema.org/contact/email'}}}]
-  );
-
-  my $cookie = $cgi->cookie('mulkid_session');
-  my $session = new CGI::Session("driver:File", $cookie, {Directory=>"/tmp"});
-  $session->param('claimed_email', $claimed_email);
+sub redirect_with_cookie($$$$) {
+  my ($cgi, $uri, $session, $cookie) = @_;
   if ($cookie) {
-    print $cgi->redirect(-url => $g->get_auth_url());
+    print $cgi->redirect(-url => $uri);
   } else {
     my $cookie = $cgi->cookie(-name     => 'mulkid_session',
                               -value    => $session->id,
                               -expires  => '+1d',
-                              #-secure   => 1,
+                              -secure   => 1,
                               -httponly => 1,
                               #-domain   => '.'.$::MULKONF->{realm}
                              );
-    print $cgi->redirect(-cookie => $cookie, -url => $g->get_auth_url());
+    print $cgi->redirect(-cookie => $cookie, -url => $uri);
+  }
+}
+
+while (my $cgi = new CGI::Fast) {
+  load_config();
+
+  my $claimed_email = $cgi->param('email');
+  my $cookie = $cgi->cookie('mulkid_session');
+  my $session = new CGI::Session("driver:File", $cookie, {Directory=>"/tmp"});
+
+  my $fakedomain = $::MULKONF->{fake_domain};
+  my $realdomain = $::MULKONF->{real_domain};
+  $claimed_email =~ s/\@$fakedomain/\@$realdomain/ if $fakedomain;
+
+  $session->param('claimed_email', $claimed_email);
+
+  given (my $_ = $::MULKONF->{auth_type}) {
+    when ('imap') {
+      redirect_with_cookie($cgi, reluri($cgi, "authenticate-with-password.html?email=$claimed_email"), $session, $cookie);
+    }
+    when ('google') {
+      my $g = Net::Google::FederatedLogin->new(
+        claimed_id => $claimed_email,
+        return_to  => reluri($cgi, 'login.pl'),
+        extensions => [{ns          => 'ax',
+                        uri         => 'http://openid.net/srv/ax/1.0',
+                        attributes  => {mode        => 'fetch_request',
+                                        required    => 'email',
+                                        type        => {email => 'http://axschema.org/contact/email'}}}]
+      );
+      redirect_with_cookie($cgi, $g->get_auth_url(), $session, $cookie);
+    }
+    default {
+      die "Invalid auth_type! " . $::MULKONF->{auth_type};
+    }
   }
 }