From 72ea66079cdd12f4bd1cdb917d3fd481dc4a1df8 Mon Sep 17 00:00:00 2001
From: maphy-psd <psd.phi@gmail.com>
Date: Mon, 9 Oct 2017 20:01:15 +0200
Subject: [PATCH 1/6] add fallback_authplain option

---
 conf/metadata.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/conf/metadata.php b/conf/metadata.php
index f04fee1..bbfa5a0 100644
--- a/conf/metadata.php
+++ b/conf/metadata.php
@@ -20,3 +20,4 @@ function initialize($default, $local, $protected) {
 $meta['secondary_authplugin'] = array('authtype_nosplit', '_cautionList' => array('plugin____authsplit____secondary_authplugin' => 'danger'));
 $meta['autocreate_users']     = array('onoff');
 $meta['debug']                = array('onoff');
+$meta['fallback_authplain']   = array('onoff');

From 20cb35badfdc4934697be0ceec607f49bf5d7323 Mon Sep 17 00:00:00 2001
From: maphy-psd <psd.phi@gmail.com>
Date: Mon, 9 Oct 2017 20:01:55 +0200
Subject: [PATCH 2/6] set default fallback_authplain to 0

---
 conf/default.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/conf/default.php b/conf/default.php
index b98f12a..408946a 100644
--- a/conf/default.php
+++ b/conf/default.php
@@ -9,3 +9,4 @@
 $conf['secondary_authplugin'] = 'authplain';
 $conf['autocreate_users']     = 0;
 $conf['debug']                = 0;
+$conf['fallback_authplain']   = 0;

From f8b090cb3b96888791a1ef7c420d80ec525092c1 Mon Sep 17 00:00:00 2001
From: maphy-psd <psd.phi@gmail.com>
Date: Mon, 9 Oct 2017 20:11:47 +0200
Subject: [PATCH 3/6] change to fallback auth

---
 conf/metadata.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/conf/metadata.php b/conf/metadata.php
index bbfa5a0..3c3cb2d 100644
--- a/conf/metadata.php
+++ b/conf/metadata.php
@@ -20,4 +20,5 @@ function initialize($default, $local, $protected) {
 $meta['secondary_authplugin'] = array('authtype_nosplit', '_cautionList' => array('plugin____authsplit____secondary_authplugin' => 'danger'));
 $meta['autocreate_users']     = array('onoff');
 $meta['debug']                = array('onoff');
-$meta['fallback_authplain']   = array('onoff');
+$meta['fallback_authplugin']  = array('authtype_nosplit', '_cautionList' => array('plugin____authsplit____secondary_authplugin' => 'danger'));
+$meta['use_fallback']         = array('onoff');

From ba3dbcb209079596890bef7b8be8b75dfdcdbba9 Mon Sep 17 00:00:00 2001
From: maphy-psd <psd.phi@gmail.com>
Date: Mon, 9 Oct 2017 20:12:36 +0200
Subject: [PATCH 4/6] change default of fallback auth

---
 conf/default.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/conf/default.php b/conf/default.php
index 408946a..9ecdce9 100644
--- a/conf/default.php
+++ b/conf/default.php
@@ -9,4 +9,5 @@
 $conf['secondary_authplugin'] = 'authplain';
 $conf['autocreate_users']     = 0;
 $conf['debug']                = 0;
-$conf['fallback_authplain']   = 0;
+$conf['use_fallback']         = 0;
+$conf['fallback_authplugin']  = 'authplain';

From 98c747aa5dbbdcc21469cbae5e7579bf12527c9e Mon Sep 17 00:00:00 2001
From: maphy-psd <psd.phi@gmail.com>
Date: Mon, 9 Oct 2017 20:19:28 +0200
Subject: [PATCH 5/6] add fallback check if primary failed

---
 auth.php | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/auth.php b/auth.php
index 20a43f3..ffd85a1 100644
--- a/auth.php
+++ b/auth.php
@@ -13,6 +13,7 @@ class auth_plugin_authsplit extends DokuWiki_Auth_Plugin {
     protected $authplugins;
     protected $autocreate_users;
     protected $debug;
+    protected $use_fallback;
 
     /**
      * Show a debug message
@@ -39,7 +40,7 @@ public function __construct() {
         $this->loadConfig();
 
         /* Load all referenced auth plugins */
-        foreach (array('primary', 'secondary') as $type) {
+        foreach (array('primary', 'secondary', 'fallback') as $type) {
             $settingName = $type.'_authplugin';
             $pluginName = $this->getConf($settingName);
             if (!$pluginName) {
@@ -142,7 +143,16 @@ public function checkPass($user, $pass) {
                 'authsplit:checkPass(): primary auth plugin\'s checkPass() '.
                 'failed', -1, __LINE__, __FILE__
             );
-            return false;
+            
+            $this->use_fallback = $this->getConf('use_fallback', null);
+            if ($this->use_fallback === null) {
+                if (!$this->authplugins['fallback']->checkPass($user, $pass)) {
+                   $this->_debug(
+                    'authsplit:checkPass(): fallback auth plugin\'s checkPass() '.
+                    'failed', -1, __LINE__, __FILE__
+                );
+            return false; 
+            }
         }
         $this->_debug(
             'authsplit:checkPass(): primary auth plugin authenticated the '.
@@ -151,6 +161,7 @@ public function checkPass($user, $pass) {
 
         /* Then make sure that the secondary auth plugin also knows about the
            user. */
+                
         return $this->_checkUserOnSecondaryAuthPlugin($user);
     }
 

From b290387c14943841a254dfd9e48db389fc5208db Mon Sep 17 00:00:00 2001
From: maphy-psd <psd.phi@gmail.com>
Date: Wed, 11 Oct 2017 13:21:45 +0200
Subject: [PATCH 6/6] checkpass() of fallback auth method

---
 auth.php | 35 +++++++++++++++++++++++++++--------
 1 file changed, 27 insertions(+), 8 deletions(-)

diff --git a/auth.php b/auth.php
index ffd85a1..9213929 100644
--- a/auth.php
+++ b/auth.php
@@ -75,6 +75,14 @@ public function __construct() {
             $this->success = false;
             return;
         }
+        /* Use fallback auth methode? */
+        $this->use_fallback = $this->getConf('use_fallback', null);
+        if ($this->use_fallback === null) {
+            msg(sprintf($this->getLang('nocfg'), 'use_fallback'), -1);
+            $this->success = false;
+            return;
+        }
+        
 
         /* Of course, to modify login names actually BOTH auth plugins must
            support that. However, at this place we just consider the secondary
@@ -144,20 +152,31 @@ public function checkPass($user, $pass) {
                 'failed', -1, __LINE__, __FILE__
             );
             
-            $this->use_fallback = $this->getConf('use_fallback', null);
-            if ($this->use_fallback === null) {
+            if ($this->use_fallback) {
+                $this->_debug(
+                    'authsplit:checkPass(): use fallback auth plugin\'s  '.
+                    'checkPass()', -1, __LINE__, __FILE__
+                );
+            
                 if (!$this->authplugins['fallback']->checkPass($user, $pass)) {
                    $this->_debug(
                     'authsplit:checkPass(): fallback auth plugin\'s checkPass() '.
                     'failed', -1, __LINE__, __FILE__
-                );
-            return false; 
+                    );
+            			    return false; 
+                } else {
+                    $this->_debug(
+                'authsplit:checkPass(): fallback auth plugin authenticated the '.
+                'user successfully.', 1, __LINE__, __FILE__
+           );
+                }
             }
+        } else {
+            $this->_debug(
+                'authsplit:checkPass(): primary auth plugin authenticated the '.
+                'user successfully.', 1, __LINE__, __FILE__
+           );
         }
-        $this->_debug(
-            'authsplit:checkPass(): primary auth plugin authenticated the '.
-            'user successfully.', 1, __LINE__, __FILE__
-        );
 
         /* Then make sure that the secondary auth plugin also knows about the
            user. */