feature #754: Better names for varibles.

2025-03-21 14:50:08 +03:00 · 2011-08-25 23:48:54 +02:00 · 2011-08-25 23:48:54 +02:00 · 986dcbbf28
commit 986dcbbf28
parent 23a9743910
1 changed files with 7 additions and 8 deletions
--- a/src/authm_mad/remotes/server/server_auth.rb
+++ b/src/authm_mad/remotes/server/server_auth.rb
@ -79,14 +79,13 @@ class ServerAuth < X509Auth
    end

    # Generates a login token in the form:
-    # user_name:x509:user_name:time_expires:cert_chain
-    #   - user_name:time_expires is encrypted with the user certificate
-    #   - user_name:time_expires:cert_chain is base64 encoded
-    def login_token(user, user_dn, expire)
+    # user_name:server:user_name:user_pass:time_expires
+    #   - user_name:user_pass:time_expires is encrypted with the server certificate
+    def login_token(user, user_pass, expire)

        expires = Time.now.to_i+expire
        
-        token_txt = "#{user}:#{user_dn}:#{expires}"
+        token_txt = "#{user}:#{user_pass}:#{expires}"

        token     = encrypt(token_txt)
 	    token64   = Base64::encode64(token).strip.delete("\n")
@ -103,15 +102,15 @@ class ServerAuth < X509Auth
    def authenticate(user, pass, signed_text)
        begin            
 	        # Decryption demonstrates that the user posessed the private key.
-            _user, user_dn, expires = decrypt(signed_text).split(':')
+            _user, user_pass, expires = decrypt(signed_text).split(':')

            return "User name missmatch" if user != _user

            return "login token expired" if Time.now.to_i >= expires.to_i

            # Check an explicitly-specified DN such as for a host-signed login 
-            if !pass.split('|').include?(cert.subject.to_s.delete("\s"))
-	            return "Certificate subject missmatch"
+            if !pass.split('|').include?(user_pass)
+	            return "User password missmatch"
            end

 	        validate