From 0ba45169b84c5b39e05954937ae5f859b20946fa Mon Sep 17 00:00:00 2001 From: "Paul W. Frields" Date: Sat, 17 Jul 2010 14:39:03 -0400 Subject: Move FAS login to a separate function --- authfas.module | 45 ++++++++++++++++++++++++++------------------- 1 file changed, 26 insertions(+), 19 deletions(-) diff --git a/authfas.module b/authfas.module index e1abf48..5cf09f8 100644 --- a/authfas.module +++ b/authfas.module @@ -117,38 +117,45 @@ function authfas_menu() { return $items; } +function fas_login($username, $password, $url) { + $username = strtolower($username); + $ch = curl_init(); + + curl_setopt($ch, CURLOPT_URL, $url); + curl_setopt($ch, CURLOPT_POST, 1); + curl_setopt($ch, CURLOPT_POSTFIELDS, "user_name=".urlencode($username)."&password=".urlencode($password)."&login=Login"); + curl_setopt($ch, CURLOPT_USERAGENT, "Drupal AuthFAS 0.1;"); + curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); + curl_setopt($ch, CURLOPT_MAXREDIRS, 5); + curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); + // The following two lines need to be enabled when using a test FAS + // with an invalid cert. Otherwise they should be commented (or + // set to True) for security. + // #curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); + // #curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE); + $response = json_decode(curl_exec($ch), true); + curl_close ($ch); + + return $response; +} + /** * Validate settings entered in AuthFAS settings menu */ function authfas_admin_validate($form, &$form_state) { - $ch = curl_init(); $fasurl = $form_state['values']['authfas_fasurl']; $username = $form_state['values']['fas_username']; $password = $form_state['values']['fas_password']; if (($username != '') and ($password != '')) { - // Expect a JSON interface to be present - curl_setopt($ch, CURLOPT_URL, 'https://'.$fasurl.'/json/'); - curl_setopt($ch, CURLOPT_POST, 1); - curl_setopt($ch, CURLOPT_POSTFIELDS, "user_name=".urlencode($username)."&password=".urlencode($password)."&login=Login"); - curl_setopt($ch, CURLOPT_USERAGENT, "Drupal AuthFAS 0.1;"); - curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); - curl_setopt($ch, CURLOPT_MAXREDIRS, 5); - curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); - // The following two lines need to be enabled when using a test FAS - // with an invalid cert. Otherwise they should be commented (or - // set to True) for security. - // #curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); - // #curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE); - $response = json_decode(curl_exec($ch), true); - curl_close ($ch); - + $response = fas_login($username, $password, 'https://'.$fasurl.'/json/'); + if (!isset($response["help"])) { form_set_error("authfas_fasurl", t('No JSON interface present at https://'.$fasurl.'/json/ or could not verify username "'.$username.'".')); return FALSE; - } else { - drupal_set_message(t('Authentication to FAS was successful.')); } + // else we're peachy + drupal_set_message(t('Authentication to FAS was successful.')); } return TRUE; } -- cgit