From 189801d244f5d7d127f9695f3d5809db16eb9570 Mon Sep 17 00:00:00 2001
From: Dominique Fournier <dominique@fournier38.fr>
Date: Wed, 21 Dec 2016 10:48:10 +0000
Subject: [PATCH] authparams : if the email is not provided by Shibboleth,
 reject the auth instead of having a warning

git-svn-id: https://svn.fournier38.fr/svn/ProgSVN/trunk@3315 bf3deb0d-5f1a-0410-827f-c0cc1f45334c
---
 authparams.php | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/authparams.php b/authparams.php
index cffd133..108cb2f 100644
--- a/authparams.php
+++ b/authparams.php
@@ -34,7 +34,7 @@ class authparams
           $this->password = $res["password"];
           break;
         }
-        catch (Exception $e)
+        catch (\Exception $e)
         {
           $this->email = "anonymous";
           $this->password = "anonymous";
@@ -47,7 +47,7 @@ class authparams
   public function post()
   {
     if (!isset ($_POST["email"]) || !isset ($_POST["password"]))
-      throw new Exception ("No POST provided", 401);
+      throw new \Exception ("No POST provided", 401);
     return array ("email"=>trim ($_POST["email"]),
                   "password"=>$_POST["password"]);
   }
@@ -56,10 +56,10 @@ class authparams
   public function session()
   {
     if (!isset ($_SESSION))
-      throw new Exception ("No session previously opened", 401);
+      throw new \Exception ("No session previously opened", 401);
     if (!isset ($_SESSION["domframework"]["auth"]["email"]) ||
         !isset ($_SESSION["domframework"]["auth"]["password"]))
-      throw new Exception ("No previous email in session", 401);
+      throw new \Exception ("No previous email in session", 401);
     return array ("email"=>$_SESSION["domframework"]["auth"]["email"],
                   "password"=>$_SESSION["domframework"]["auth"]["password"]);
   }
@@ -71,7 +71,7 @@ class authparams
                       "Restricted access");
     if (!isset($_SERVER['PHP_AUTH_USER']))
     {
-      throw new Exception ("No user defined in HTTP header", 401);
+      throw new \Exception ("No user defined in HTTP header", 401);
       //header("WWW-Authenticate: Basic realm=\"$realm\"");
       //header("HTTP/1.0 401 Unauthorized");
       //die ($realm);
@@ -89,7 +89,9 @@ class authparams
   public function shibboleth ()
   {
     if (! isset ($_SERVER["Shib-Session-ID"]))
-      throw new Exception ("No Shibboleth information available", 401);
+      throw new \Exception ("No Shibboleth information available", 401);
+    if (! isset ($_SERVER["mail"]))
+      throw new \Exception ("No Shibboleth email provided", 401);
     return array ("email"=>$_SERVER["mail"],
                   "password"=>"NONE IN SHIBBOLETH");
   }