loncom/auth/lonacc.pm - diff

Return to lonacc.pm CVS log

Up to [LON-CAPA] / loncom / auth

Diff for /loncom/auth/lonacc.pm between versions 1.159.2.21.2.3 and 1.209

version 1.159.2.21.2.3, 2022/08/30 11:58:44	version 1.209, 2023/08/28 18:58:45
Line 160 sub get_posted_cgi {	Line 160 sub get_posted_cgi {
if (length($value) == 1) {	if (length($value) == 1) {
$value=~s/[\r\n]$//;	$value=~s/[\r\n]$//;
}	}
}	}
if ($fname =~ /\.(xls\|doc\|ppt)(x\|m)$/i) {	if ($fname =~ /\.(xls\|doc\|ppt)(x\|m)$/i) {
$value=~s/[\r\n]$//;	$value=~s/[\r\n]$//;
}	}
Line 204 sub get_posted_cgi {	Line 204 sub get_posted_cgi {
$fname='';	$fname='';
$fmime='';	$fmime='';
}	}
	if ($i<$#lines && $lines[$i+1]=~/^Content\-Type\:\s*([\w\-\/]+)/i) {
	# TODO: something with $1 !
	$i++;
	}
	if ($i<$#lines && $lines[$i+1]=~/^Content\-transfer\-encoding\:\s*([\w\-\/]+)/i) {
	# TODO: something with $1 !
	$i++;
	}
$i++;	$i++;
}	}
} else {	} else {
Line 306 sub sso_login {	Line 314 sub sso_login {
my $query = $r->args;	my $query = $r->args;
my %form;	my %form;
if ($query) {	if ($query) {

my @items = ('role','symb','iptoken','origurl','ttoken',	my @items = ('role','symb','iptoken','origurl','ttoken',
'ltoken','linkkey','logtoken','sso','lcssowin');	'ltoken','linkkey','logtoken','sso','lcssowin');
&Apache::loncommon::get_unprocessed_cgi($query,\@items);	&Apache::loncommon::get_unprocessed_cgi($query,\@items);
Line 326 sub sso_login {	Line 333 sub sso_login {
}	}
}	}

my ($linkprot,$linkprotuser,$linkprotexit,$linkkey,$deeplinkurl);	my ($linkprot,$linkprotuser,$linkprotexit,$linkkey,$deeplinkurl,
	$linkprotpbid,$linkprotpburl);

#	#
# If Shibboleth auth is in use, and a dual SSO and non-SSO login page	# If Shibboleth auth is in use, and a dual SSO and non-SSO login page
Line 366 sub sso_login {	Line 374 sub sso_login {
$linkprot = $info{'linkprot'};	$linkprot = $info{'linkprot'};
$linkprotuser = $info{'linkprotuser'};	$linkprotuser = $info{'linkprotuser'};
$linkprotexit = $info{'linkprotexit'};	$linkprotexit = $info{'linkprotexit'};
	$linkprotpbid = $info{'linkprotpbid'};
	$linkprotpburl = $info{'linkprotpburl'};
} elsif ($info{'linkkey'} ne '') {	} elsif ($info{'linkkey'} ne '') {
$linkkey = $info{'linkkey'};	$linkkey = $info{'linkkey'};
}	}
Line 387 sub sso_login {	Line 397 sub sso_login {
if ($firsturl =~ m{^/tiny/$match_domain/\w+$}) {	if ($firsturl =~ m{^/tiny/$match_domain/\w+$}) {
$form{'origurl'} = $firsturl;	$form{'origurl'} = $firsturl;
$deeplinkurl = $firsturl;	$deeplinkurl = $firsturl;
	} elsif ($firsturl eq '/adm/email') {
	$form{'origurl'} = $firsturl;
}	}
if ($form{'linkprot'}) {	if ($form{'linkprot'}) {
$linkprot = $form{'linkprot'};	$linkprot = $form{'linkprot'};
$linkprotuser = $form{'linkprotuser'};	$linkprotuser = $form{'linkprotuser'};
$linkprotexit = $form{'linkprotexit'};	$linkprotexit = $form{'linkprotexit'};
	$linkprotpbid = $form{'linkprotpbid'};
	$linkprotpburl = $form{'linkprotpburl'};
} elsif ($form{'linkkey'} ne '') {	} elsif ($form{'linkkey'} ne '') {
$linkkey = $form{'linkkey'};	$linkkey = $form{'linkkey'};
}	}
Line 421 sub sso_login {	Line 435 sub sso_login {
$linkprot = $form{'linkprot'};	$linkprot = $form{'linkprot'};
$linkprotuser = $form{'linkprotuser'};	$linkprotuser = $form{'linkprotuser'};
$linkprotexit = $form{'linkprotexit'};	$linkprotexit = $form{'linkprotexit'};
	$linkprotpbid = $form{'linkprotpbid'};
	$linkprotpburl = $form{'linkprotpburl'};
} elsif ($form{'linkkey'} ne '') {	} elsif ($form{'linkkey'} ne '') {
$linkkey = $form{'linkkey'};	$linkkey = $form{'linkkey'};
}	}
Line 435 sub sso_login {	Line 451 sub sso_login {
if ($link_info{'linkprotexit'} ne '') {	if ($link_info{'linkprotexit'} ne '') {
$linkprotexit = $link_info{'linkprotexit'};	$linkprotexit = $link_info{'linkprotexit'};
}	}
	if ($link_info{'linkprotpbid'} ne '') {
	$linkprotpbid = $link_info{'linkprotpbid'};
	}
	if ($link_info{'linkprotpburl'} ne '') {
	$linkprotpburl = $link_info{'linkprotpburl'};
	}
}	}
my $delete = &Apache::lonnet::tmpdel($form{'ltoken'});	my $delete = &Apache::lonnet::tmpdel($form{'ltoken'});
delete($form{'ltoken'});	delete($form{'ltoken'});
Line 457 sub sso_login {	Line 479 sub sso_login {
linkprot => $linkprot,	linkprot => $linkprot,
linkprotuser => $linkprotuser,	linkprotuser => $linkprotuser,
linkprotexit => $linkprotexit,	linkprotexit => $linkprotexit,
	linkprotpbid => $linkprotpbid,
	linkprotpburl => $linkprotpburl,
);	);
if ($env{'form.lcssowin'}) {	if ($env{'form.lcssowin'}) {
$data{'lcssowin'} = $env{'form.lcssowin'};	$data{'lcssowin'} = $env{'form.lcssowin'};
Line 529 sub sso_login {	Line 553 sub sso_login {
if ($linkprotexit ne '') {	if ($linkprotexit ne '') {
$env{'request.linkprotexit'} = $linkprotexit;	$env{'request.linkprotexit'} = $linkprotexit;
}	}
	if ($linkprotpbid ne '') {
	$env{'request.linkprotpbid'} = $linkprotpbid;
	}
	if ($linkprotpburl ne '') {
	$env{'request.linkprotpburl'} = $linkprotpburl;
	}
} elsif ($linkkey ne '') {	} elsif ($linkkey ne '') {
$env{'request.linkkey'} = $linkkey;	$env{'request.linkkey'} = $linkkey;
}	}
}	}
	if (($r->uri eq '/adm/sso') && ($form{'origurl'} eq '/adm/email')) {
	if ($form{'display'} && ($env{'form.mailrecip'} eq $user.':'.$domain)) {
	$env{'request.display'} = $form{'display'};
	$env{'request.mailrecip'} = $env{'form.mailrecip'};
	}
	}
$env{'request.sso.login'} = 1;	$env{'request.sso.login'} = 1;
if (defined($r->dir_config("lonSSOReloginServer"))) {	if (defined($r->dir_config("lonSSOReloginServer"))) {
$env{'request.sso.reloginserver'} =	$env{'request.sso.reloginserver'} =
Line 550 sub sso_login {	Line 586 sub sso_login {
} else {	} else {
# need to login them in, so generate the need data that	# need to login them in, so generate the need data that
# migrate expects to do login	# migrate expects to do login
my $ip = &Apache::lonnet::get_requestor_ip($r);	my $ip = &Apache::lonnet::get_requestor_ip($r);
my %info=('ip' => $ip,	my %info=('ip' => $ip,
'domain' => $domain,	'domain' => $domain,
'username' => $user,	'username' => $user,
Line 583 sub sso_login {	Line 619 sub sso_login {
if ($linkprotexit ne '') {	if ($linkprotexit ne '') {
$info{'linkprotexit'} = $linkprotexit;	$info{'linkprotexit'} = $linkprotexit;
}	}
	if ($linkprotpbid ne '') {
	$info{'linkprotpbid'} = $linkprotpbid;
	}
	if ($linkprotpburl ne '') {
	$info{'linkprotpburl'} = $linkprotpburl;
	}
} elsif ($linkkey ne '') {	} elsif ($linkkey ne '') {
$info{'linkkey'} = $linkkey;	$info{'linkkey'} = $linkkey;
}	}
}	}
	if (($r->uri eq '/adm/sso') && ($form{'origurl'} eq '/adm/email')) {
	if ($form{'display'} && ($form{'mailrecip'} eq $user.':'.$domain)) {
	$info{'display'} = &escape($form{'display'});
	$info{'mailrecip'} = &escape($form{'mailrecip'});
	}
	}
if ($r->dir_config("ssodirecturl") == 1) {	if ($r->dir_config("ssodirecturl") == 1) {
$info{'origurl'} = $r->uri;	$info{'origurl'} = $r->uri;
}	}
Line 721 sub handler {	Line 769 sub handler {
}	}
} elsif ($env{'request.course.id'} &&	} elsif ($env{'request.course.id'} &&
(($requrl =~ m{^/adm/$match_domain/$match_username/aboutme$}) \|\|	(($requrl =~ m{^/adm/$match_domain/$match_username/aboutme$}) \|\|
($requrl =~ m{^/public/$cdom/$cnum/syllabus$}))) {	($requrl eq "/public/$cdom/$cnum/syllabus") \|\|
	($requrl =~ m{^/adm/$cdom/$cnum/\d+/ext\.tool$}))) {
my $query = $r->args;	my $query = $r->args;
if ($query) {	if ($query) {
foreach my $pair (split(/&/,$query)) {	foreach my $pair (split(/&/,$query)) {
Line 743 sub handler {	Line 792 sub handler {
my $lonhost = &Apache::lonnet::host_from_dns($hostname);	my $lonhost = &Apache::lonnet::host_from_dns($hostname);
if ($lonhost) {	if ($lonhost) {
my $actual = &Apache::lonnet::absolute_url($hostname,1,1);	my $actual = &Apache::lonnet::absolute_url($hostname,1,1);
	my $exphostname = &Apache::lonnet::hostname($lonhost);
my $expected = $Apache::lonnet::protocol{$lonhost}.'://'.$hostname;	my $expected = $Apache::lonnet::protocol{$lonhost}.'://'.$hostname;
unless ($actual eq $expected) {	unless ($actual eq $expected) {
$env{'request.use_absolute'} = $expected;	$env{'request.use_absolute'} = $expected;
Line 801 sub handler {	Line 851 sub handler {
linkprot => $info{'linkprot'},	linkprot => $info{'linkprot'},
linkprotuser => $info{'linkprotuser'},	linkprotuser => $info{'linkprotuser'},
linkprotexit => $info{'linkprotexit'},	linkprotexit => $info{'linkprotexit'},
	linkprotpbid => $info{'linkprotpbid'},
	linkprotpburl => $info{'linkprotpburl'},
);	);
} elsif ($info{'ltoken'} ne '') {	} elsif ($info{'ltoken'} ne '') {
my %ltoken_info = &Apache::lonnet::tmpget($info{'ltoken'});	my %ltoken_info = &Apache::lonnet::tmpget($info{'ltoken'});
Line 811 sub handler {	Line 863 sub handler {
linkprot => $ltoken_info{'linkprot'},	linkprot => $ltoken_info{'linkprot'},
linkprotuser => $ltoken_info{'linkprotuser'},	linkprotuser => $ltoken_info{'linkprotuser'},
linkprotexit => $ltoken_info{'linkprotexit'},	linkprotexit => $ltoken_info{'linkprotexit'},
	linkprotpbid => $ltoken_info{'linkprotpbid'},
	linkprotpburl => $ltoken_info{'linkprotpburl'},
);	);
}	}
}	}
Line 837 sub handler {	Line 891 sub handler {
return FORBIDDEN;	return FORBIDDEN;
}	}
return OK;	return OK;
	} elsif (($env{'request.course.id'}) &&
	(&Apache::lonnet::allowed('mdc',$env{'request.course.id'})) &&
	($requrl=~m{^(/daxeopen\|)(/uploaded/$cdom/$cnum/(?:docs\|supplemental)/(?:default\|\d+)/\d+/)([^/]+\|)$})) {
	my ($daxe,$path,$file) = ($1,$2,$3);
	my $referrer;
	unless ($daxe) {
	$referrer = $r->headers_in->{'Referer'};
	}
	if (($daxe) \|\| ($referrer =~ m{\Qfile=/daxeopen$path\E})) {
	return OK;
	}
}	}
# ---------------------------------------------------------------- Check access	# ---------------------------------------------------------------- Check access
my $now = time;	my $now = time;
Line 910 sub handler {	Line 975 sub handler {
}	}
} else {	} else {
my $nodeeplinkcheck;	my $nodeeplinkcheck;
if (($check_access) && ($requrl =~ /\.(sequence\|page)$/)) {	if ($check_access) {
unless ($env{'form.navmap'}) {	if ($requrl =~ m{^/daxeopen/priv/}) {
if ($r->args ne '') {	$nodeeplinkcheck = 1;
&Apache::loncommon::get_unprocessed_cgi($r->args,['navmap']);	} elsif ($requrl =~ /\.(sequence\|page)$/) {
unless ($env{'form.navmap'}) {	unless ($env{'form.navmap'}) {
$nodeeplinkcheck = 1;	if ($r->args ne '') {
	&Apache::loncommon::get_unprocessed_cgi($r->args,['navmap']);
	unless ($env{'form.navmap'}) {
	$nodeeplinkcheck = 1;
	}
}	}
}	}
}	}
Line 934 sub handler {	Line 1003 sub handler {
&Apache::blockedaccess::setup_handler($r);	&Apache::blockedaccess::setup_handler($r);
return OK;	return OK;
}	}
} elsif ($check_access) {	} elsif ($check_access) {
if ($handle eq '') {	if ($handle eq '') {
unless ($access eq 'F') {	unless ($access eq 'F') {
if ($requrl =~ m{^/res/$match_domain/$match_username/}) {	if ($requrl =~ m{^/res/$match_domain/$match_username/}) {
Line 1134 sub handler {	Line 1203 sub handler {
my $mapsymb = &Apache::lonnet::symbread($map);	my $mapsymb = &Apache::lonnet::symbread($map);
($map,$mid,$murl)=&Apache::lonnet::decode_symb($mapsymb);	($map,$mid,$murl)=&Apache::lonnet::decode_symb($mapsymb);
}	}
&Apache::lonnet::symblist($map,$murl =>[$murl,$mid],	&Apache::lonnet::symblist($map,$murl =>[$murl,$mid],
'last_known' =>[$murl,$mid]);	'last_known' =>[$murl,$mid]);
}	}
}	}
}	}
Line 1188 sub handler {	Line 1257 sub handler {
# ------------------------------------ See if this is a viewable portfolio file	# ------------------------------------ See if this is a viewable portfolio file
if (&Apache::lonnet::is_portfolio_url($requrl)) {	if (&Apache::lonnet::is_portfolio_url($requrl)) {
my $clientip = &Apache::lonnet::get_requestor_ip($r);	my $clientip = &Apache::lonnet::get_requestor_ip($r);
my $access=&Apache::lonnet::allowed('bre',$requrl,undef,undef,$clientip);	my $access=&Apache::lonnet::allowed('bre',$requrl,undef,undef,$clientip);
if ($access eq 'A') {	if ($access eq 'A') {
&Apache::restrictedaccess::setup_handler($r);	&Apache::restrictedaccess::setup_handler($r);
return OK;	return OK;

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.159.2.21.2.3
changed lines
	Added in v.1.209