From da789c107d2fe1238ba7e64902c96d02b7bd4cfa Mon Sep 17 00:00:00 2001 From: "Paul W. Frields" Date: Sun, 11 Jul 2010 12:42:46 -0400 Subject: Make it possible to avoid validation --- authfas.module | 43 ++++++++++++++++++++++++------------------- 1 file changed, 24 insertions(+), 19 deletions(-) diff --git a/authfas.module b/authfas.module index 560998e..810cb98 100644 --- a/authfas.module +++ b/authfas.module @@ -63,7 +63,7 @@ function authfas_admin() { $form['authfas_verify_fasurl'] = array( '#type' => 'fieldset', '#title' => t('FAS URL validation information'), - '#description' => t('Enter a valid account and passphrase to validate the FAS URL above. This information is not required, but can be used to test via JSON whether the URL above is working correctly.'), + '#description' => t('Enter a valid account and passphrase to validate the FAS URL above. This information is not required, but can be used to test via JSON whether the URL above is working correctly. To skip validation, clear these fields.'), '#collapsible' => TRUE, '#collapsed' => TRUE, ); @@ -71,12 +71,14 @@ function authfas_admin() { '#type' => 'textfield', '#title' => 'FAS username', '#size' => 40, - '#maxlength' => 255); + '#maxlength' => 255, + '#default_value' => ''); $form['authfas_verify_fasurl']['fas_password'] = array( '#type' => 'password', '#title' => 'FAS password', '#size' => 40, - '#maxlength' => 255); + '#maxlength' => 255, + '#default_value' => ''); // We have a required setting for the Authenticated User role. $form['authfas_authuser_fasgroup'] = array( '#type' => 'textfield', @@ -126,23 +128,26 @@ function authfas_admin_validate($form, &$form_state) { $fasurl = $form_state['values']['authfas_fasurl']; $username = $form_state['values']['fas_username']; $password = $form_state['values']['fas_password']; - // Expect a JSON interface to be present - curl_setopt($ch, CURLOPT_URL, 'https://'.$fasurl.'/json/'); - curl_setopt($ch, CURLOPT_POST, 1); - curl_setopt($ch, CURLOPT_USERAGENT, "Drupal AuthFAS 0.1"); - curl_setopt($ch, CURLOPT_POSTFIELDS, "username=".urlencode($username)."&user_name=".urlencode($username)."&password=".urlencode($password)."&login=Login"); - curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); - // The following two lines need to be enabled when using a test FAS - // with an invalid cert. Otherwise they should be commented (or - // set to True) for security. - // #curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); - // #curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE); - $response = json_decode(curl_exec($ch), true); - curl_close ($ch); - if (!isset($response["help"])) { - form_set_error("authfas_fasurl", 'No JSON interface present at https://'.$fasurl.'/json/ or could not verify username "'.$username.'".'); - return FALSE; + if (($username != '') and ($password != '')) { + // Expect a JSON interface to be present + curl_setopt($ch, CURLOPT_URL, 'https://'.$fasurl.'/json/'); + curl_setopt($ch, CURLOPT_POST, 1); + curl_setopt($ch, CURLOPT_USERAGENT, "Drupal AuthFAS 0.1"); + curl_setopt($ch, CURLOPT_POSTFIELDS, "username=".urlencode($username)."&user_name=".urlencode($username)."&password=".urlencode($password)."&login=Login"); + curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); + // The following two lines need to be enabled when using a test FAS + // with an invalid cert. Otherwise they should be commented (or + // set to True) for security. + // #curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); + // #curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE); + $response = json_decode(curl_exec($ch), true); + curl_close ($ch); + + if (!isset($response["help"])) { + form_set_error("authfas_fasurl", 'No JSON interface present at https://'.$fasurl.'/json/ or could not verify username "'.$username.'".'); + return FALSE; + } } return TRUE; } -- cgit