loncom/auth/lonauth.pm - diff

Return to lonauth.pm CVS log

Up to [LON-CAPA] / loncom / auth

Diff for /loncom/auth/lonauth.pm between versions 1.121.2.24.2.2 and 1.121.2.24.2.5

version 1.121.2.24.2.2, 2022/02/24 14:42:30	version 1.121.2.24.2.5, 2022/08/30 12:10:43
Line 46 use CGI::Cookie();	Line 46 use CGI::Cookie();
# ------------------------------------------------------------ Successful login	# ------------------------------------------------------------ Successful login
sub success {	sub success {
my ($r, $username, $domain, $authhost, $lowerurl, $extra_env,	my ($r, $username, $domain, $authhost, $lowerurl, $extra_env,
$form,$cid,$expirepub) = @_;	$form,$cid,$expirepub,$write_to_opener) = @_;

# ------------------------------------------------------------ Get cookie ready	# ------------------------------------------------------------ Get cookie ready
my $cookie =	my $cookie =
Line 148 sub success {	Line 148 sub success {
$destination .= 'source=login';	$destination .= 'source=login';
}	}

	my $brcrum = [{'href' => '',
	'text' => 'Successful Login'},];
	my $args = {'no_inline_link' => 1,
	'bread_crumbs' => $brcrum,};
if (($env{'request.deeplink.login'} eq $lowerurl) &&	if (($env{'request.deeplink.login'} eq $lowerurl) &&
(($env{'request.linkprot'}) \|\| ($env{'request.linkkey'} ne ''))) {	(($env{'request.linkprot'}) \|\| ($env{'request.linkkey'} ne ''))) {
my %info;	my %info;
if ($env{'request.linkprot'}) {	if ($env{'request.linkprot'}) {
$info{'linkprot'} = $env{'request.linkprot'};	$info{'linkprot'} = $env{'request.linkprot'};
	foreach my $item ('linkprotuser','linkprotexit') {
	if ($form->{$item}) {
	$info{$item} = $form->{$item};
	}
	}
	$args = {'only_body' => 1,};
} elsif ($env{'request.linkkey'} ne '') {	} elsif ($env{'request.linkkey'} ne '') {
$info{'linkkey'} = $env{'request.linkkey'};	$info{'linkkey'} = $env{'request.linkkey'};
}	}
Line 168 sub success {	Line 178 sub success {
&Apache::lonnet::appenv({'environment.remote' => 'off'});	&Apache::lonnet::appenv({'environment.remote' => 'off'});
}	}
}	}
	my $startupremote;
	if ($write_to_opener) {
	if ($env{'environment.remote'} eq 'on') {
	&Apache::lonnet::appenv({'environment.remote' => 'off'});
	}
	$args->{'redirect'} = [0,$destination,'',$write_to_opener];
	} else {
	$startupremote=&Apache::lonmenu::startupremote($destination);
	}

my $windowinfo=&Apache::lonmenu::open($env{'browser.os'});	my $windowinfo=&Apache::lonmenu::open($env{'browser.os'});
my $startupremote=&Apache::lonmenu::startupremote($destination);
my $remoteinfo=&Apache::lonmenu::load_remote_msg($lowerurl);	my $remoteinfo=&Apache::lonmenu::load_remote_msg($lowerurl);
my $setflags=&Apache::lonmenu::setflags();	my $setflags=&Apache::lonmenu::setflags();
my $maincall=&Apache::lonmenu::maincall();	my $maincall=&Apache::lonmenu::maincall();
my $brcrum = [{'href' => '',
'text' => 'Successful Login'},];
my $start_page=&Apache::loncommon::start_page('Successful Login',	my $start_page=&Apache::loncommon::start_page('Successful Login',
$startupremote,	$startupremote,$args);
{'no_inline_link' => 1,
'bread_crumbs' => $brcrum,});
my $end_page =&Apache::loncommon::end_page();	my $end_page =&Apache::loncommon::end_page();

my $continuelink;	my $continuelink;
if ($env{'environment.remote'} eq 'off') {	if ($env{'environment.remote'} eq 'off') {
$continuelink='<a href="'.$destination.'">'.&mt('Continue').'</a>';	unless ($write_to_opener) {
	$continuelink='<a href="'.$destination.'">'.&mt('Continue').'</a>';
	}
}	}
# ------------------------------------------------- Output for successful login	# ------------------------------------------------- Output for successful login

Line 203 sub success {	Line 219 sub success {
}	}
$r->send_http_header;	$r->send_http_header;

my %lt=&Apache::lonlocal::texthash(	if ($env{'request.linkprot'}) {
'wel' => 'Welcome',	$r->print(<<END);
'pro' => 'Login problems?',	$start_page
);	<br />$continuelink
my $loginhelp = &loginhelpdisplay($domain);	$end_page
if ($loginhelp) {	END
$loginhelp = '<p><a href="'.$loginhelp.'">'.$lt{'pro'}.'</a></p>';	} else {
}	my %lt=&Apache::lonlocal::texthash(
	'wel' => 'Welcome',
	'pro' => 'Login problems?',
	);
	my $loginhelp = &loginhelpdisplay($domain);
	if ($loginhelp) {
	$loginhelp = '<p><a href="'.$loginhelp.'">'.$lt{'pro'}.'</a></p>';
	}

my $welcome = &mt('Welcome to the Learning[_1]Online[_2] Network with CAPA. Please wait while your session is being set up.','<i>','</i>');	my $welcome = &mt('Welcome to the Learning[_1]Online[_2] Network with CAPA. Please wait while your session is being set up.','<i>','</i>');
$r->print(<<ENDSUCCESS);	$r->print(<<ENDSUCCESS);
$start_page	$start_page
$setflags	$setflags
$windowinfo	$windowinfo
Line 225 $maincall	Line 248 $maincall
$continuelink	$continuelink
$end_page	$end_page
ENDSUCCESS	ENDSUCCESS
	}
return;	return;
}	}

Line 238 sub failed {	Line 262 sub failed {
if ($clientunicode && !$clientmathml) {	if ($clientunicode && !$clientmathml) {
$args = {'browser.unicode' => 1};	$args = {'browser.unicode' => 1};
}	}
	if ($form->{firsturl} =~ m{^/tiny/$match_domain/\w+$}) {
	if ($form->{linkprot}) {
	$args->{only_body} = 1;
	}
	}

my $start_page = &Apache::loncommon::start_page('Unsuccessful Login',undef,$args);	my $start_page = &Apache::loncommon::start_page('Unsuccessful Login',undef,$args);
my $uname = &Apache::loncommon::cleanup_html($form->{'uname'});	my $uname = &Apache::loncommon::cleanup_html($form->{'uname'});
Line 282 sub failed {	Line 311 sub failed {
}	}
}	}
if (exists($form->{linkprot})) {	if (exists($form->{linkprot})) {
my $ltoken = &Apache::lonnet::tmpput({linkprot => $form->{'linkprot'}},	my %info = (
	'linkprot' => $form->{'linkprot'},
	);
	foreach my $item ('linkprotuser','linkprotexit') {
	if ($form->{$item} ne '') {
	$info{$item} = $form->{$item};
	}
	}
	my $ltoken = &Apache::lonnet::tmpput(\%info,
$r->dir_config('lonHostID'),'retry');	$r->dir_config('lonHostID'),'retry');
if ($ltoken) {	if ($ltoken) {
$retry .= (($retry =~ /\?/) ? '&' : '?').'ltoken='.$ltoken;	$retry .= (($retry =~ /\?/) ? '&' : '?').'ltoken='.$ltoken;
Line 390 sub handler {	Line 427 sub handler {
.$end_page);	.$end_page);
} else {	} else {
if (($info{'linkprot'}) \|\| ($info{'linkkey'} ne '')) {	if (($info{'linkprot'}) \|\| ($info{'linkkey'} ne '')) {
	if (($info{'linkprot'}) && ($info{'linkprotuser'} ne '')) {
	unless ($info{'linkprotuser'} eq $env{'user.name'}.':'.$env{'user.domain'}) {
	$r->print(
	$start_page
	.'<p class="LC_warning">'.&mt('You are already logged in, but as a different user from the one expected for the link you followed from another system').'</p>'
	.'<p>'.&mt('Please [_1]log out[_2] first, and then try following the link again from the other system',
	'<a href="/adm/logout">','</a>')

	.'</p>'
	.$end_page);
	return OK;
	}
	}
my $token = &Apache::lonnet::tmpput(\%info,$r->dir_config('lonHostID'),'link');	my $token = &Apache::lonnet::tmpput(\%info,$r->dir_config('lonHostID'),'link');
unless (($token eq 'con_lost') \|\| ($token eq 'refused') \|\|	unless (($token eq 'con_lost') \|\| ($token eq 'refused') \|\|
($token eq 'unknown_cmd') \|\| ($token eq 'no_such_host')) {	($token eq 'unknown_cmd') \|\| ($token eq 'no_such_host')) {
Line 498 sub handler {	Line 548 sub handler {
# --------------------------------------------------------------------- Failed?	# --------------------------------------------------------------------- Failed?

if ($authhost eq 'no_host') {	if ($authhost eq 'no_host') {
&failed($r,'Username and/or password could not be authenticated.',	my $pwdverify;
\%form);	if (&Apache::lonnet::homeserver($form{'uname'},$form{'udom'}) eq 'no_host') {
return OK;	my %possunames = &alternate_unames_check($form{'uname'},$form{'udom'});
	if (keys(%possunames) > 0) {
	foreach my $rulematch (keys(%possunames)) {
	my $possuname = $possunames{$rulematch};
	if (($possuname ne '') && ($possuname =~ /^$match_username$/)) {
	$authhost=Apache::lonnet::authenticate($possuname,$upass,
	$form{'udom'},undef,
	$clientcancheckhost);
	if (($authhost eq 'no_host') \|\| ($authhost eq 'no_account_on_host')) {
	next;
	} elsif (($authhost ne '') && (&Apache::lonnet::hostname($authhost) ne '')) {
	$pwdverify = 1;
	&Apache::lonnet::logthis("Authenticated user: $possuname was submitted as: $form{'uname'}");
	$form{'uname'} = $possuname;
	last;
	}
	}
	}
	}
	}
	unless ($pwdverify) {
	&failed($r,'Username and/or password could not be authenticated.',
	\%form);
	return OK;
	}
} elsif ($authhost eq 'no_account_on_host') {	} elsif ($authhost eq 'no_account_on_host') {
if ($defaultauth) {	if ($defaultauth) {
my $domdesc = &Apache::lonnet::domain($form{'udom'},'description');	my $domdesc = &Apache::lonnet::domain($form{'udom'},'description');
Line 620 sub handler {	Line 694 sub handler {
}	}
}	}

	if ($form{'firsturl'} =~ m{^/tiny/$match_domain/\w+$}) {
	if (($form{'linkprot'}) && ($form{'linkprotuser'} ne '')) {
	unless($form{'linkprotuser'} eq $form{'uname'}.':'.$form{'udom'}) {
	delete($form{'udom'});
	delete($form{'uname'});
	&failed($r,'Username and/or domain are different to that expected for the link you followed from another system',
	\%form,$authhost);
	return OK;
	}
	}
	}

my ($is_balancer,$otherserver);	my ($is_balancer,$otherserver);

unless ($hosthere) {	unless ($hosthere) {
Line 663 sub handler {	Line 749 sub handler {
}	}
if ($form{'linkprot'}) {	if ($form{'linkprot'}) {
$env{'request.linkprot'} = $form{'linkprot'};	$env{'request.linkprot'} = $form{'linkprot'};
	foreach my $item ('linkprotuser','linkprotexit') {
	if ($form{$item}) {
	$env{'request.'.$item} = $form{$item};
	}
	}
} elsif ($form{'linkkey'} ne '') {	} elsif ($form{'linkkey'} ne '') {
$env{'request.linkkey'} = $form{'linkkey'};	$env{'request.linkkey'} = $form{'linkkey'};
}	}
Line 694 sub handler {	Line 785 sub handler {
}	}
if ($form{'linkprot'}) {	if ($form{'linkprot'}) {
$env{'request.linkprot'} = $form{'linkprot'};	$env{'request.linkprot'} = $form{'linkprot'};
	foreach my $item ('linkprotuser','linkprotexit') {
	if ($form{$item}) {
	$env{'request.'.$item} = $form{$item};
	}
	}
} elsif ($form{'linkkey'} ne '') {	} elsif ($form{'linkkey'} ne '') {
$env{'request.linkkey'} = $form{'linkkey'};	$env{'request.linkkey'} = $form{'linkkey'};
}	}
Line 777 sub handler {	Line 873 sub handler {
} else {	} else {
$extra_env = {'request.linkprot' => $form{'linkprot'}};	$extra_env = {'request.linkprot' => $form{'linkprot'}};
}	}
	if ($form{'linkprotexit'}) {
	$extra_env->{'request.linkprotexit'} = $form{'linkprotexit'};
	}
} elsif ($form{'linkkey'} ne '') {	} elsif ($form{'linkkey'} ne '') {
if (ref($extra_env) eq 'HASH') {	if (ref($extra_env) eq 'HASH') {
%{$extra_env} = ( %{$extra_env}, 'request.linkkey' => $form{'linkkey'} );	%{$extra_env} = ( %{$extra_env}, 'request.linkkey' => $form{'linkkey'} );
Line 865 sub set_retry_token {	Line 964 sub set_retry_token {
my ($form,$lonhost,$querystr) = @_;	my ($form,$lonhost,$querystr) = @_;
if (ref($form) eq 'HASH') {	if (ref($form) eq 'HASH') {
my ($firsturl,$token,$extras,@names);	my ($firsturl,$token,$extras,@names);
@names = ('role','symb','linkprot','linkkey','iptoken');	@names = ('role','symb','linkprotuser','linkprotexit','linkprot','linkkey','iptoken');
foreach my $name (@names) {	foreach my $name (@names) {
if ($form->{$name} ne '') {	if ($form->{$name} ne '') {
$extras .= '&'.$name.'='.&escape($form->{$name});	$extras .= '&'.$name.'='.&escape($form->{$name});
Line 1001 sub loginhelpdisplay {	Line 1100 sub loginhelpdisplay {
return;	return;
}	}

	sub alternate_unames_check {
	my ($uname,$udom) = @_;
	my %possunames;
	my %domdefs = &Apache::lonnet::get_domain_defaults($udom);
	if (ref($domdefs{'unamemap_rule'}) eq 'ARRAY') {
	if (@{$domdefs{'unamemap_rule'}} > 0) {
	%possunames =
	&Apache::lonnet::inst_rulecheck($udom,$uname,undef,
	'unamemap',$domdefs{'unamemap_rule'});
	}
	}
	return %possunames;
	}

1;	1;
__END__	__END__

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.121.2.24.2.2
changed lines
	Added in v.1.121.2.24.2.5