Perform gateway prelogin when failed to login to gateway

2025-05-20 07:26:58 -04:00 · 2024-01-23 09:17:30 -05:00
parent 9655b735a1
commit aac401e7ee
6 changed files with 69 additions and 34 deletions
--- a/crates/gpapi/src/portal/config.rs
+++ b/crates/gpapi/src/portal/config.rs
@@ -102,12 +102,6 @@ impl PortalConfig {
 pub enum PortalConfigError {
  #[error("Empty response, retrying can help")]
  EmptyResponse,
-  #[error("Empty auth cookie, retrying can help")]
-  EmptyAuthCookie,
-  #[error("Invalid auth cookie, retrying can help")]
-  InvalidAuthCookie,
-  #[error("Empty gateways, retrying can help")]
-  EmptyGateways,
 }

 pub async fn retrieve_config(
@@ -139,24 +133,22 @@ pub async fn retrieve_config(
  ensure!(!res_xml.is_empty(), PortalConfigError::EmptyResponse);

  let doc = Document::parse(&res_xml)?;
-  let gateways = parse_gateways(&doc).ok_or_else(|| anyhow::anyhow!("Failed to parse gateways"))?;
+  let mut gateways =
+    parse_gateways(&doc).ok_or_else(|| anyhow::anyhow!("Failed to parse gateways"))?;

  let user_auth_cookie = xml::get_child_text(&doc, "portal-userauthcookie").unwrap_or_default();
  let prelogon_user_auth_cookie =
    xml::get_child_text(&doc, "portal-prelogonuserauthcookie").unwrap_or_default();
  let config_digest = xml::get_child_text(&doc, "config-digest");

-  ensure!(
-    !user_auth_cookie.is_empty() && !prelogon_user_auth_cookie.is_empty(),
-    PortalConfigError::EmptyAuthCookie
-  );
-
-  ensure!(
-    user_auth_cookie != "empty" && prelogon_user_auth_cookie != "empty",
-    PortalConfigError::InvalidAuthCookie
-  );
-
-  ensure!(!gateways.is_empty(), PortalConfigError::EmptyGateways);
+  if gateways.is_empty() {
+    gateways.push(Gateway {
+      name: server.to_string(),
+      address: server.to_string(),
+      priority: 0,
+      priority_rules: vec![],
+    });
+  }

  Ok(PortalConfig::new(
    server.to_string(),
--- a/crates/gpapi/src/portal/prelogin.rs
+++ b/crates/gpapi/src/portal/prelogin.rs
@@ -91,11 +91,17 @@ pub async fn prelogin(portal: &str, gp_params: &GpParams) -> anyhow::Result<Prel
  info!("Portal prelogin, user_agent: {}", user_agent);

  let portal = normalize_server(portal)?;
-  let prelogin_url = format!("{}/global-protect/prelogin.esp", portal);
+  let prelogin_url = format!(
+    "{portal}/{}/prelogin.esp",
+    if gp_params.is_gateway() {
+      "ssl-vpn"
+    } else {
+      "global-protect"
+    }
+  );
  let mut params = gp_params.to_params();

  params.insert("tmp", "tmp");
-  params.insert("cas-support", "yes");
  if gp_params.prefer_default_browser() {
    params.insert("default-browser", "1");
  }