/**
 * PROPRIETARY/CONFIDENTIAL. Use of this product is subject to
 * license terms. Copyright © 2001 Sun Microsystems, Inc.
 * Some preexisting portions Copyright © 2001 Netscape Communications Corp.
 * All rights reserved.
 */
/*
 * auth.c -- CGI authentication form generator -- HTTP gateway
 *
 * Copyright (c) 1996 Netscape Communications Corp.
 * All rights reserved.
 */

#include "dsgw.h"
#include "dbtdsgw.h"

static void post_request();
static void get_request(char *binddn);

int main(
    int argc,
    char **argv
#ifdef DSGW_DEBUG
    ,char	*env[]
#endif
) {
    int	reqmethod;
    char *binddn  = NULL;
    char *qs      = NULL;

    if (( qs = getenv( "QUERY_STRING" )) != NULL && *qs != '\0' ) {
	/* parse the query string: */
	auto char *p, *iter = NULL;
	qs = dsgw_ch_strdup( qs );
	for ( p = ldap_utf8strtok_r( qs,   "&", &iter ); p != NULL;
	      p = ldap_utf8strtok_r( NULL, "&", &iter )) {

	    /*Get the context.*/
	    if ( !strncasecmp( p, "context=", 8 )) {
		context = dsgw_ch_strdup( p + 8 );
		dsgw_form_unescape( context );
		continue;
	    }

	    /*Get the dn*/
	    if ( !strncasecmp( p, "dn=", 3 )) {
		binddn = dsgw_ch_strdup( p + 3 );
		dsgw_form_unescape( binddn );
		continue;
	    }
	}
	free( qs ); qs = NULL;
    }

    reqmethod = dsgw_init( argc, argv,  DSGW_METHOD_POST | DSGW_METHOD_GET );

#ifdef DSGW_DEBUG
    dsgw_logstringarray( "env", env ); 
#endif

    if ( reqmethod == DSGW_METHOD_POST ) {
	post_request();
    } else {
	get_request(binddn);
    }

    exit( 0 );
}

static void
get_request(char *binddn)
{
    dsgw_send_header();

    if ( binddn != NULL ) {
	if ( !strcmp( binddn, MGRDNSTR )) {
	    if ( gc->gc_rootdn == NULL ) {
		dsgw_error( DSGW_ERR_NO_MGRDN,
			    XP_GetClientStr (DBT_noDirMgrIsDefined_),
			    DSGW_ERROPT_EXIT, 0, NULL );
	    }
	    binddn = dsgw_ch_strdup( gc->gc_rootdn );
	} else if ( *binddn == '\0' ) {
	    binddn = NULL;
	} else {
	    binddn = dsgw_ch_strdup( binddn );
	    dsgw_form_unescape( binddn );
	}
    }
    dsgw_emit_auth_form( binddn );
    if ( binddn != NULL ) {
	free( binddn );
    }
}



static void
post_request()
{
    char *binddn = NULL;
    char *dorootbind = NULL;

    dsgw_send_header();
    /*
     * If the "authasrootdn" CGI variable is present and has the value
     * "true" then the user clicked on the "authenticate as directory
     * manager" button.  In that case, try to bind as the root dn given
     * in the dsgw config file.
     */
    dorootbind = dsgw_get_cgi_var( "authasrootdn", DSGW_CGIVAR_OPTIONAL );
    if ( dorootbind != NULL && !strcasecmp( dorootbind, "true" )) {
	binddn = dsgw_ch_strdup( gc->gc_rootdn );
    } else {
	binddn = dsgw_get_escaped_cgi_var( "escapedbinddn", "binddn",
	    DSGW_CGIVAR_OPTIONAL );
    }
	
    dsgw_emit_auth_form( binddn );
}