From 0db96cce9f83f09b07a46f31f9930e5b7cc19f6f Mon Sep 17 00:00:00 2001
From: Matthias Andreas Benkard <code@mail.matthias.benkard.de>
Date: Mon, 5 May 2014 14:36:43 +0200
Subject: Fix bugs introduced by the previous patch.

---
 www/authenticate.pl | 61 +++++++++++++++++++++++++++++++++++------------------
 1 file changed, 40 insertions(+), 21 deletions(-)

(limited to 'www/authenticate.pl')

diff --git a/www/authenticate.pl b/www/authenticate.pl
index a36ad02..d73869d 100755
--- a/www/authenticate.pl
+++ b/www/authenticate.pl
@@ -15,34 +15,53 @@ use Net::Google::FederatedLogin;
 
 do "common.pl";
 
-while (my $cgi = new CGI::Fast) {
-  load_config();
-
-  my $claimed_email = $cgi->param('email');
-
-  my $g = Net::Google::FederatedLogin->new(
-    claimed_id => $claimed_email,
-    return_to  => reluri($cgi, 'login.pl'),
-    extensions => [{ns          => 'ax',
-                    uri         => 'http://openid.net/srv/ax/1.0',
-                    attributes  => {mode        => 'fetch_request',
-                                    required    => 'email',
-                                    type        => {email => 'http://axschema.org/contact/email'}}}]
-  );
-
-  my $cookie = $cgi->cookie('mulkid_session');
-  my $session = new CGI::Session("driver:File", $cookie, {Directory=>"/tmp"});
-  $session->param('claimed_email', $claimed_email);
+sub redirect_with_cookie($$$$) {
+  my ($cgi, $uri, $session, $cookie) = @_;
   if ($cookie) {
-    print $cgi->redirect(-url => $g->get_auth_url());
+    print $cgi->redirect(-url => $uri);
   } else {
     my $cookie = $cgi->cookie(-name     => 'mulkid_session',
                               -value    => $session->id,
                               -expires  => '+1d',
-                              #-secure   => 1,
+                              -secure   => 1,
                               -httponly => 1,
                               #-domain   => '.'.$::MULKONF->{realm}
                              );
-    print $cgi->redirect(-cookie => $cookie, -url => $g->get_auth_url());
+    print $cgi->redirect(-cookie => $cookie, -url => $uri);
+  }
+}
+
+while (my $cgi = new CGI::Fast) {
+  load_config();
+
+  my $claimed_email = $cgi->param('email');
+  my $cookie = $cgi->cookie('mulkid_session');
+  my $session = new CGI::Session("driver:File", $cookie, {Directory=>"/tmp"});
+
+  my $fakedomain = $::MULKONF->{fake_domain};
+  my $realdomain = $::MULKONF->{real_domain};
+  $claimed_email =~ s/\@$fakedomain/\@$realdomain/ if $fakedomain;
+
+  $session->param('claimed_email', $claimed_email);
+
+  given (my $_ = $::MULKONF->{auth_type}) {
+    when ('imap') {
+      redirect_with_cookie($cgi, reluri($cgi, "authenticate-with-password.html?email=$claimed_email"), $session, $cookie);
+    }
+    when ('google') {
+      my $g = Net::Google::FederatedLogin->new(
+        claimed_id => $claimed_email,
+        return_to  => reluri($cgi, 'login.pl'),
+        extensions => [{ns          => 'ax',
+                        uri         => 'http://openid.net/srv/ax/1.0',
+                        attributes  => {mode        => 'fetch_request',
+                                        required    => 'email',
+                                        type        => {email => 'http://axschema.org/contact/email'}}}]
+      );
+      redirect_with_cookie($cgi, $g->get_auth_url(), $session, $cookie);
+    }
+    default {
+      die "Invalid auth_type! " . $::MULKONF->{auth_type};
+    }
   }
 }
-- 
cgit v1.2.3