#!/usr/bin/perl
#
# testing pam for authentication
#

use strict;
use Authen::PAM;

my $service = "passwd";
my $username = "foo";
my $passwd = "bar";

my $pamh = new Authen::PAM($service,$username, \&conv_func);

ref($pamh) || die "Problems!\n";

my $res = $pamh->pam_authenticate();
print $pamh->pam_strerror($res),"\n" unless $res == PAM_SUCCESS();

print "ending...\n";

sub conv_func {
my @res;
    while ( @_ ) {
        my $code = shift;
        my $msg = shift;
        my $ans = "";

        $ans = $username if ($code == PAM_PROMPT_ECHO_ON() );
        if ($code == PAM_PROMPT_ECHO_OFF() ) {
            $ans = $passwd;
        }
        push @res, (PAM_SUCCESS(),$ans);
    }
    push @res, PAM_SUCCESS();
    return @res;

}

##</code><code>##

if ((!$login_id)||($login_id ne $query{id})) {
    #no cookie of the right name or the cookie does not match the id sent in the query
    # make them authenticate

    my $username = $query{username};
    my $passwd = $query{password};
    # Use PAM to authenticate

    my $service = "passwd";
    my $pamh = new Authen::PAM($service,$username,\&conv_func); # use the conversation function
                                                              # so it doesn't have to be interactive

   ref($pamh) || graceful_exit("Problems with PAM authentication",$pamh->pam_strerror($pamh),"v");

    my $res = $pamh->pam_authenticate();
    my $id;
    if (!$res == PAM_SUCCESS()) { # they aren't authentic
    graceful_exit("Nope. Not even close", $pamh->pam_strerror($res),"v");
    } else { # yay! they are authentic - let's look for them in our mapping table
    }
}


sub conv_func {
    my $username; my $passwd;

    my @res;
    while ( @_ ) {
        my $code = shift;
        my $msg = shift;
        my $ans = "";

        $ans = $username if ($code == PAM_PROMPT_ECHO_ON() );
        if ($code == PAM_PROMPT_ECHO_OFF() ) {
            $ans = $passwd;
        }
        push @res, (PAM_SUCCESS(),$ans);
    }
    push @res, PAM_SUCCESS();
    return @res;

}