uspot: handler-uam: improve auth-client()

Simplify the query string parsing logic, allow empty password.

Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>

feeds/ucentral/uspot/files/usr/share/uspot/handler-uam.uc

@@ -13,21 +13,16 @@ function auth_client(ctx) {
 	let payload = portal.radius_init(ctx);
 
 	payload.logoff_url = sprintf('http://%s:%s/logoff', ctx.env.SERVER_ADDR, ctx.config.uam_port);
-	if (ctx.query_string.username && ctx.query_string.password && !ctx.config.uam_secret) {
+	if (ctx.query_string.username) {	// username must be set
 		payload.username = ctx.query_string.username;
-		payload.password = ctx.query_string.password;
-	} else if (ctx.query_string.username && ctx.query_string.response) {
-		let challenge = uam.md5(ctx.config.challenge, ctx.format_mac);
-
-		payload.username = ctx.query_string.username;
-		payload.chap_password = ctx.query_string.response;
-		if (ctx.config.secret)
-			payload.chap_challenge = uam.chap_challenge(challenge, ctx.config.uam_secret);
-		else
-			payload.chap_challenge = challenge;
-	} else if (ctx.query_string.username && ctx.query_string.password) {
-		payload.username = ctx.query_string.username;
-		payload.password = uam.password(uam.md5(ctx.config.challenge, ctx.format_mac), ctx.query_string.password, ctx.config.uam_secret);
+		if (ctx.query_string.response) {	// try challenge first
+			let challenge = uam.md5(ctx.config.challenge, ctx.format_mac);
+			payload.chap_password = ctx.query_string.response;
+			payload.chap_challenge = ctx.config.secret ? uam.chap_challenge(challenge, ctx.config.uam_secret) : challenge;
+		} else if ("password" in ctx.query_string) {	// allow empty password
+			payload.password = !ctx.config_uam_secret ? ctx.query_string.password :
+				uam.password(uam.md5(ctx.config.challenge, ctx.format_mac), ctx.query_string.password, ctx.config.uam_secret);
+		}
 	} else {
 		include('error.uc', ctx);
 		return;