#!/usr/bin/perl -w
use Net::LDAP;
use strict;
use Data::Dumper;

my $ldap;
my $result;

my $opt_uri = "ldap://localhost";
my $opt_user = $ENV{'username'};
my $opt_passwd = $ENV{'password'};
my $opt_common = $ENV{'common_name'};


unless (defined $opt_user or defined $opt_passwd) {
	print qq{
		OOPS, I haven't recceived any username/password... Exiting
\n	};
	exit 1;
}
	

my $opt_group = "cn=VpnUsers,ou=Groups,dc=mywebsite,dc=com";

my $opt_binddn = "uid=".$opt_user.",ou=People,dc=mywebsite,dc=com";

$ldap = Net::LDAP->new($opt_uri) or die("connect $opt_uri failed!");

$result = $ldap->bind( $opt_binddn, password=>$opt_passwd);


$result->code and $result = $ldap->bind("uid=".$opt_user.",ou=firstOU,dc=mywebsite,dc=com", password=>$opt_passwd);
if($result->code) {
	print "got code froom firstOU check, THIS PERSON IS NOT PART OF firstOU... CHECKING IN secondOU\n";
	$result = $ldap->bind($opt_binddn, password=>$opt_passwd);
	$result->code and $result = $ldap->bind("uid=".$opt_user.",ou=secondOU,dc=mywebsite,dc=com", password=>$opt_passwd);
	if($result->code) {
		print "got code from secondOU check, THIS PERSON IS NOT PART OF secondOU. CHECKING IN thirdOU\n";
		$result = $ldap->bind($opt_binddn, password=>$opt_passwd);
		$result->code and $result = $ldap->bind("uid=".$opt_user.",ou=thirdOU,dc=mywebsite,dc=com", password=>$opt_passwd);
		if($result->code) {
			print "got code from thirdOU check, THIS PERSON IS NOT PART OF thirdOU... CHECKING IN fourthOU\n";
			$result = $ldap->bind($opt_binddn, password=>$opt_passwd);
			$result->code and $result = $ldap->bind("uid=".$opt_user.",ou=fourthOU,dc=mywebsite,dc=com", password=>$opt_passwd);
			$result->code and die($result->error);
			$result = $ldap->search(base=>$opt_group, filter=>"(&(memberUid=$opt_user))");
			if ($result->count == 1) {
				print "SEARCHIN IN fourthOU for vpnusers\n"; 
				exit 0; 
			} else {
				exit 1;
			}
		} else {
			$result = $ldap->search(base=>$opt_group, filter=>"(&(memberUid=$opt_user))");
			if ($result->count == 1) { 
				print "SEARCHIN IN thirdOU for vpnuser access\n"; 
				exit 0; 
			} else {
				exit 1;
			}
		}			
	} else {
		$result = $ldap->search(base=>$opt_group, filter=>"(&(memberUid=$opt_user))");
		if ($result->count == 1) { 
				print "SEARCHIN IN secondOU for vpnuser access\n"; 
			exit 0; 
		} else {
			exit 1;
		}
	}
} else {
	print "THIS PERSON IS IN firstOU...\n";
	$result->code and die($result->error);
	$result = $ldap->search(base=>$opt_group, filter=>"(&(memberUid=$opt_user))");
	$result->code();
	if ($result->count == 1) { 
		exit 0; 
	} else {
		exit 1;
	}
 }