#! /bin/sh

#  Secure Cross Host Authentication System 401 Redirector
#  Copyright (C) 2000 Brian Ristuccia <brianr@osiris.978.org>
#
#  This program is free software; you can redistribute it and/or modify
#  it under the terms of the GNU General Public License as published by
#  the Free Software Foundation; either version 2 of the License, or
#  (at your option) any later version.
#
#  This program is distributed in the hope that it will be useful,
#  but WITHOUT ANY WARRANTY; without even the implied warranty of
#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#  GNU General Public License for more details.
# 
#  You should have received a copy of the GNU General Public License
#  along with this program; if not, write to the Free Software  
#  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
# 

echo "401-Argument: $QUERY_STRING" >&2

# Are these next two lines dangerous security-wise?
IFS=","
set -- $QUERY_STRING

if [ "x$1" = "x" ] 
then 
 echo "401-Sending user to login page" >&2
 echo "HTTP/1.1 302 Moved Temporarily"
 echo "Location: https://login.978.org/login.cgi?url=https://${HTTP_HOST}${REQUEST_URI}"
# echo "401-Location: https://login.978.org/login.cgi?url=https://${HTTP_HOST}${REDIRECT_URL}" >&2
 echo "Expires: Thu, 01 Dec 1994 16:00:00 GMT"
 echo "Cache-Control: no-cache"
 echo
 echo "$1"
 echo "$2"
 set >&2
else
  # Code to check with login server for new version of authentication
  # database would go here.
 echo "401-Setting cookie and sending user to destination URL" >&2

  echo "HTTP/1.1 302 Moved Temporarily"
# echo "HTTP/1.1 200 OK"
# echo "Content-Type: text/plain"
  echo "Location: $2"
  echo "401-Location: $2" >&2
  echo "Set-Cookie: tollhouse=$1; PATH=/"
  echo "401-Set-Cookie: tollhouse=$1; PATH=/ Secure" >&2
  echo "Expires: Thu, 01 Dec 1994 16:00:00 GMT"
  echo "Cache-Control: no-cache"

 echo
 echo "$1"
 echo "$2"
 set
fi