From 4c9ea629534e93428795bd048dda5ca36cdd83e3 Mon Sep 17 00:00:00 2001
From: Patrick Uiterwijk <patrick@puiterwijk.org>
Date: Thu, 23 May 2019 18:24:29 +0200
Subject: [PATCH] Modify totpcgi verify for openshift

Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
---
 roles/totpcgi/files/index.cgi | 30 +++++++++++++++++-------------
 1 file changed, 17 insertions(+), 13 deletions(-)

diff --git a/roles/totpcgi/files/index.cgi b/roles/totpcgi/files/index.cgi
index fce10d6228..1bef479eea 100644
--- a/roles/totpcgi/files/index.cgi
+++ b/roles/totpcgi/files/index.cgi
@@ -21,7 +21,6 @@ import os
 import re
 import sys
 import cgi
-import syslog
 import logging
 import urllib2
 
@@ -31,6 +30,8 @@ cgitb.enable()
 import totpcgi
 import totpcgi.backends
 
+logging.basicConfig(level=logging.info)
+
 if len(sys.argv) > 1:
     # blindly assume it's the config file
     config_file = sys.argv[1]
@@ -52,7 +53,7 @@ fas_url = config.get('main', 'fas_url')
 try:
     fas = FasProxyClient(fas_url)
 except Exception, e:
-    syslog.syslog(syslog.LOG_CRIT, 'Problem connecting to fas %s' % e)
+    logging.exception("Problem connecting to FAS")
     sys.exit(1)
 
 backends = totpcgi.backends.Backends()
@@ -60,12 +61,9 @@ backends = totpcgi.backends.Backends()
 try:
     backends.load_from_config(config)
 except totpcgi.backends.BackendNotSupported, ex:
-    syslog.syslog(syslog.LOG_CRIT,
-            'Backend engine not supported: %s' % ex)
+    logging.exception("Backend engine not supported")
     sys.exit(1)
 
-syslog.openlog('totp.cgi', syslog.LOG_PID, syslog.LOG_AUTH)
-
 ### Begin custom Fedora Functions
 
 def google_auth_fas_pincode_verify(user, pincode):
@@ -95,7 +93,7 @@ class YubikeyAuthenticator(object):
         password, otp = parse_token(token)
 
         # Verify token against yubikey server
-        server_prefix = 'http://localhost/yk-val/verify?id='
+        server_prefix = 'http://yubikey:8080/yk-val/verify?id='
         server_url = server_prefix + client_id + "&otp=" + otp
 
         fh = urllib2.urlopen(server_url)
@@ -169,14 +167,20 @@ def cgimain():
     try:
         status = ga.verify_user_token(user, token)
     except Exception, ex:
-        syslog.syslog(syslog.LOG_NOTICE,
-            'Failure: user=%s, mode=%s, host=%s, message=%s' % (user, mode,
-                remote_host, str(ex)))
+        logging.warning(
+            "TOKEN FAILURE! user=%s, mode=%s, host=%s, message=%s",
+            user,
+            mode,
+            remote_host,
+            str(ex))
         bad_request(str(ex))
 
-    syslog.syslog(syslog.LOG_NOTICE,
-        'Success: user=%s, mode=%s, host=%s, message=%s' % (user, mode,
-            remote_host, status))
+    logging.info(
+        "Token success! user=%s, mode=%s, host=%s, message=%s",
+        user,
+        mode,
+        remote_host,
+        status)
 
     sys.stdout.write('Status: 200 OK\n')
     sys.stdout.write('Content-type: text/plain\n')