loncom/auth/lonauth.pm - diff

Return to lonauth.pm CVS log

Up to [LON-CAPA] / loncom / auth

Diff for /loncom/auth/lonauth.pm between versions 1.171 and 1.174

version 1.171, 2021/11/24 20:15:15	version 1.174, 2022/06/18 02:10:18
Line 248 sub success {	Line 248 sub success {
if ($env{'request.lti.target'} eq '') {	if ($env{'request.lti.target'} eq '') {
my $ltitarget = (($destination =~ /\?/) ? '&' : '?').	my $ltitarget = (($destination =~ /\?/) ? '&' : '?').
'ltitarget=iframe';	'ltitarget=iframe';
	&js_escape(\$destination);
$js = <<"ENDJS";	$js = <<"ENDJS";

<script type="text/javascript">	<script type="text/javascript">
Line 307 sub failed {	Line 308 sub failed {
if ($clientunicode && !$clientmathml) {	if ($clientunicode && !$clientmathml) {
$args = {'browser.unicode' => 1};	$args = {'browser.unicode' => 1};
}	}
	if ($form->{firsturl} =~ m{^/tiny/$match_domain/\w+$}) {
	if ($form->{linkprot}) {
	$args->{only_body} = 1;
	}
	}

my @actions;	my @actions;
my $start_page = &Apache::loncommon::start_page('Unsuccessful Login',undef,$args);	my $start_page = &Apache::loncommon::start_page('Unsuccessful Login',undef,$args);
Line 356 sub failed {	Line 362 sub failed {
}	}
}	}
if (exists($form->{linkprot})) {	if (exists($form->{linkprot})) {
my $ltoken = &Apache::lonnet::tmpput({linkprot => $form->{'linkprot'}},	my %info = (
	'linkprot' => $form->{'linkprot'},
	);
	if ($form->{linkprotuser} ne '') {
	$info{'linkprotuser'} = $form->{linkprotuser};
	}
	my $ltoken = &Apache::lonnet::tmpput(\%info,
$r->dir_config('lonHostID'),'retry');	$r->dir_config('lonHostID'),'retry');
if ($ltoken) {	if ($ltoken) {
$retry .= (($retry =~ /\?/) ? '&' : '?').'ltoken='.$ltoken;	$retry .= (($retry =~ /\?/) ? '&' : '?').'ltoken='.$ltoken;
Line 474 sub handler {	Line 486 sub handler {
.$end_page);	.$end_page);
} else {	} else {
if (($info{'linkprot'}) \|\| ($info{'linkkey'} ne '')) {	if (($info{'linkprot'}) \|\| ($info{'linkkey'} ne '')) {
	if (($info{'linkprot'}) && ($info{'linkprotuser'} ne '')) {
	unless ($info{'linkprotuser'} eq $env{'user.name'}.':'.$env{'user.domain'}) {
	$r->print(
	$start_page
	.'<p class="LC_warning">'.&mt('You are already logged in, but as a different user from the one expected for the link you followed from another system').'</p>'
	.'<p>'.&mt('Please [_1]log out[_2] first, and then try following the link again from the other system',
	'<a href="/adm/logout">','</a>')

	.'</p>'
	.$end_page);
	return OK;
	}
	}
my $token = &Apache::lonnet::tmpput(\%info,$r->dir_config('lonHostID'),'link');	my $token = &Apache::lonnet::tmpput(\%info,$r->dir_config('lonHostID'),'link');
unless (($token eq 'con_lost') \|\| ($token eq 'refused') \|\|	unless (($token eq 'con_lost') \|\| ($token eq 'refused') \|\|
($token eq 'unknown_cmd') \|\| ($token eq 'no_such_host')) {	($token eq 'unknown_cmd') \|\| ($token eq 'no_such_host')) {
Line 583 sub handler {	Line 608 sub handler {
# --------------------------------------------------------------------- Failed?	# --------------------------------------------------------------------- Failed?

if ($authhost eq 'no_host') {	if ($authhost eq 'no_host') {
&failed($r,'Username and/or password could not be authenticated.',	my $pwdverify;
\%form,$authhost);	if (&Apache::lonnet::homeserver($form{'uname'},$form{'udom'}) eq 'no_host') {
return OK;	my %possunames = &alternate_unames_check($form{'uname'},$form{'udom'});
	if (keys(%possunames) > 0) {
	foreach my $rulematch (keys(%possunames)) {
	my $possuname = $possunames{$rulematch};
	if (($possuname ne '') && ($possuname =~ /^$match_username$/)) {
	$authhost=Apache::lonnet::authenticate($possuname,$upass,
	$form{'udom'},undef,
	$clientcancheckhost);
	if (($authhost eq 'no_host') \|\| ($authhost eq 'no_account_on_host')) {
	next;
	} elsif (($authhost ne '') && (&Apache::lonnet::hostname($authhost) ne '')) {
	$pwdverify = 1;
	&Apache::lonnet::logthis("Authenticated user: $possuname was submitted as: $form{'uname'}");
	$form{'uname'} = $possuname;
	last;
	}
	}
	}
	}
	}
	unless ($pwdverify) {
	&failed($r,'Username and/or password could not be authenticated.',
	\%form,$authhost);
	return OK;
	}
} elsif ($authhost eq 'no_account_on_host') {	} elsif ($authhost eq 'no_account_on_host') {
if ($defaultauth) {	if ($defaultauth) {
my $domdesc = &Apache::lonnet::domain($form{'udom'},'description');	my $domdesc = &Apache::lonnet::domain($form{'udom'},'description');
Line 705 sub handler {	Line 754 sub handler {
}	}
}	}

	if ($form{'firsturl'} =~ m{^/tiny/$match_domain/\w+$}) {
	if (($form{'linkprot'}) && ($form{'linkprotuser'} ne '')) {
	unless($form{'linkprotuser'} eq $form{'uname'}.':'.$form{'udom'}) {
	delete($form{'udom'});
	delete($form{'uname'});
	&failed($r,'Username and/or domain are different to that expected for the link you followed from another system',
	\%form,$authhost);
	return OK;
	}
	}
	}

my ($is_balancer,$otherserver);	my ($is_balancer,$otherserver);

unless ($hosthere) {	unless ($hosthere) {
Line 950 sub set_retry_token {	Line 1011 sub set_retry_token {
my ($form,$lonhost,$querystr) = @_;	my ($form,$lonhost,$querystr) = @_;
if (ref($form) eq 'HASH') {	if (ref($form) eq 'HASH') {
my ($firsturl,$token,$extras,@names);	my ($firsturl,$token,$extras,@names);
@names = ('role','symb','linkprot','linkkey','iptoken');	@names = ('role','symb','linkprotuser','linkprot','linkkey','iptoken');
foreach my $name (@names) {	foreach my $name (@names) {
if ($form->{$name} ne '') {	if ($form->{$name} ne '') {
$extras .= '&'.$name.'='.&escape($form->{$name});	$extras .= '&'.$name.'='.&escape($form->{$name});
Line 1086 sub loginhelpdisplay {	Line 1147 sub loginhelpdisplay {
return;	return;
}	}

	sub alternate_unames_check {
	my ($uname,$udom) = @_;
	my %possunames;
	my %domdefs = &Apache::lonnet::get_domain_defaults($udom);
	if (ref($domdefs{'unamemap_rule'}) eq 'ARRAY') {
	if (@{$domdefs{'unamemap_rule'}} > 0) {
	%possunames =
	&Apache::lonnet::inst_rulecheck($udom,$uname,undef,
	'unamemap',$domdefs{'unamemap_rule'});
	}
	}
	return %possunames;
	}

1;	1;
__END__	__END__

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.171
changed lines
	Added in v.1.174