From 71d9e899f9dd48e729d300280890c3f2e3f3e9d8 Mon Sep 17 00:00:00 2001
From: Michael RICOIS <mricois@scores-decisions.com>
Date: Thu, 23 Mar 2017 21:08:18 +0100
Subject: [PATCH] =?UTF-8?q?Plus=20de=20v=C3=A9rification=20=C3=A0=20la=20c?=
 =?UTF-8?q?onnexion?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 library/Scores/Auth/Adapter/Ws.php | 27 +++++++++++++++++----------
 1 file changed, 17 insertions(+), 10 deletions(-)

diff --git a/library/Scores/Auth/Adapter/Ws.php b/library/Scores/Auth/Adapter/Ws.php
index b1b079b57..20c70384e 100644
--- a/library/Scores/Auth/Adapter/Ws.php
+++ b/library/Scores/Auth/Adapter/Ws.php
@@ -81,7 +81,7 @@ class Scores_Auth_Adapter_Ws implements Zend_Auth_Adapter_Interface
 	public function authenticate()
 	{
         $ip = $_SERVER['REMOTE_ADDR'];
-		if ( isset($_SERVER['HTTP_X_FORWARDED_FOR']) && in_array($ip, $this->listProxyIp)) {
+		if (isset($_SERVER['HTTP_X_FORWARDED_FOR']) && in_array($ip, $this->listProxyIp)) {
 		    $ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
 		}
 
@@ -97,21 +97,25 @@ class Scores_Auth_Adapter_Ws implements Zend_Auth_Adapter_Interface
 
 		$this->logger->info(__CLASS__ . ' : '.__METHOD__);
 		$this->logger->info(print_r($InfosLogin,1));
-		// --- Renvoi
-		if ( is_string($InfosLogin) || $InfosLogin->error->errnum != 0 ) {
+
+		$identity = new stdClass();
+
+		// --- Erreur technique
+        if ($InfosLogin === false) {
+            return new Zend_Auth_Result(Zend_Auth_Result::FAILURE_UNCATEGORIZED, $identity, array("Identification impossible"));
+        }
+        // --- Renvoi
+        elseif (is_string($InfosLogin) || $InfosLogin->error->errnum != 0) {
 		    $message = $InfosLogin;
 		    return new Zend_Auth_Result(Zend_Auth_Result::FAILURE_CREDENTIAL_INVALID, $identity, array($message));
 		}
 		// --- Assignation identity
-		elseif ( $InfosLogin !== false && !empty($InfosLogin->result->login)) {
-		    $identity = new stdClass();
+		elseif ($InfosLogin->result->login == $this->_username) {
 		    if ($this->_checkIp || $this->_checkHach) {
-		        $this->logger->info("IN");
 		        $identity->password = $this->_password;
 		    } else {
 		        $identity->password = md5($InfosLogin->result->login.'|'.$this->_password);
 		    }
-		    $this->logger->info($identity->password);
 		    $identity->username 				= $InfosLogin->result->login;
 		    $identity->email 					= $InfosLogin->result->email;
 		    $identity->profil 					= $InfosLogin->result->profil;
@@ -138,10 +142,12 @@ class Scores_Auth_Adapter_Ws implements Zend_Auth_Adapter_Interface
 		    $identity->version                  = $InfosLogin->result->version;
 		    $identity->modeEdition 				= false;
 
-		    $timeout = (!empty($InfosLogin->result->timeout)) ? $InfosLogin->result->timeout : $this->_timeout;
+		    $timeout = (!empty($InfosLogin->result->timeout)) ?
+                $InfosLogin->result->timeout : $this->_timeout;
 		    $identity->timeout = $timeout;
 		    $identity->time = time() + $timeout;
-		    $lang = in_array($InfosLogin->result->lang, array('fr','en')) ? $InfosLogin->result->lang : 'fr';
+		    $lang = in_array($InfosLogin->result->lang, array('fr','en')) ?
+                $InfosLogin->result->lang : 'fr';
 		    $identity->lang = $lang;
 		    $identity->langtmp = $lang;
 
@@ -170,8 +176,9 @@ class Scores_Auth_Adapter_Ws implements Zend_Auth_Adapter_Interface
 	        $this->_password = $identity->password;
 		    return new Zend_Auth_Result(Zend_Auth_Result::SUCCESS, $identity);
 		}
+		// --- Fallback
 		else {
-		    return new Zend_Auth_Result(Zend_Auth_Result::FAILURE_UNCATEGORIZED, $identity, array("Identification impossible"));
+            return new Zend_Auth_Result(Zend_Auth_Result::FAILURE_UNCATEGORIZED, $identity, array("Identification impossible"));
 		}
 	}