--- loncom/auth/lonlogin.pm 2023/12/29 23:49:12 1.158.2.13.2.11 +++ loncom/auth/lonlogin.pm 2014/10/04 02:59:32 1.159 @@ -1,7 +1,7 @@ # The LearningOnline Network # Login Screen # -# $Id: lonlogin.pm,v 1.158.2.13.2.11 2023/12/29 23:49:12 raeburn Exp $ +# $Id: lonlogin.pm,v 1.159 2014/10/04 02:59:32 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -37,10 +37,7 @@ use Apache::lonauth(); use Apache::lonlocal; use Apache::migrateuser(); use lib '/home/httpd/lib/perl/'; -use LONCAPA qw(:DEFAULT :match); -use URI::Escape; -use HTML::Entities(); -use CGI::Cookie(); +use LONCAPA; sub handler { my $r = shift; @@ -49,100 +46,19 @@ sub handler { (join('&',$ENV{'QUERY_STRING'},$env{'request.querystring'}, $ENV{'REDIRECT_QUERY_STRING'}), ['interface','username','domain','firsturl','localpath','localres', - 'token','role','symb','iptoken','btoken','ltoken','ttoken','linkkey', - 'saml','sso','retry','display']); + 'token','role','symb','iptoken']); + if (!defined($env{'form.firsturl'})) { + &Apache::lonacc::get_posted_cgi($r,['firsturl']); + } # -- check if they are a migrating user if (defined($env{'form.token'})) { return &Apache::migrateuser::handler($r); } - my $lonhost = $r->dir_config('lonHostID'); - if ($env{'form.ttoken'}) { - my %info = &Apache::lonnet::tmpget($env{'form.ttoken'}); - &Apache::lonnet::tmpdel($env{'form.ttoken'}); - if ($info{'origurl'}) { - $env{'form.firsturl'} = $info{'origurl'}; - } - if ($info{'ltoken'}) { - $env{'form.ltoken'} = $info{'ltoken'}; - } elsif ($info{'linkprot'}) { - $env{'form.linkprot'} = $info{'linkprot'}; - foreach my $item ('linkprotuser','linkprotexit','linkprotpbid','linkprotpburl') { - if ($info{$item} ne '') { - $env{'form.'.$item} = $info{$item}; - } - } - } elsif ($info{'linkkey'} ne '') { - $env{'form.linkkey'} = $info{'linkkey'}; - } - } elsif (($env{'form.sso'}) || ($env{'form.retry'})) { - my $infotoken; - if ($env{'form.sso'}) { - $infotoken = $env{'form.sso'}; - } else { - $infotoken = $env{'form.retry'}; - } - my $data = &Apache::lonnet::reply('tmpget:'.$infotoken,$lonhost); - unless (($data=~/^error/) || ($data eq 'con_lost') || - ($data eq 'no_such_host')) { - my %info = &decode_token($data); - foreach my $item (keys(%info)) { - $env{'form.'.$item} = $info{$item}; - } - &Apache::lonnet::tmpdel($infotoken); - } - } else { - if (!defined($env{'form.firsturl'})) { - &Apache::lonacc::get_posted_cgi($r,['firsturl']); - } - if (!defined($env{'form.firsturl'})) { - if ($ENV{'REDIRECT_URL'} =~ m{^/+tiny/+$LONCAPA::match_domain/+\w+$}) { - $env{'form.firsturl'} = $ENV{'REDIRECT_URL'}; - } - } - if (($env{'form.firsturl'} =~ m{^/+tiny/+$LONCAPA::match_domain/+\w+$}) && - (!$env{'form.ltoken'}) && (!$env{'form.linkprot'}) && (!$env{'form.linkkey'})) { - &Apache::lonacc::get_posted_cgi($r,['linkkey']); - } - if ($env{'form.firsturl'} eq '/adm/logout') { - delete($env{'form.firsturl'}); - } - } - -# For "public user" - remove any exising "public" cookie, as user really wants to log-in - my ($handle,$lonidsdir,$expirepub,$userdom); - $lonidsdir=$r->dir_config('lonIDsDir'); - unless ($r->header_only) { - $handle = &Apache::lonnet::check_for_valid_session($r,'lonID',undef,\$userdom); - if ($handle ne '') { - if ($handle=~/^publicuser\_/) { - unlink($r->dir_config('lonIDsDir')."/$handle.id"); - undef($handle); - undef($userdom); - $expirepub = 1; - } - } - } - &Apache::loncommon::no_cache($r); &Apache::lonlocal::get_language_handle($r); &Apache::loncommon::content_type($r,'text/html'); - if ($expirepub) { - my $c = new CGI::Cookie(-name => 'lonPubID', - -value => '', - -expires => '-10y',); - $r->header_out('Set-cookie' => $c); - } elsif (($handle eq '') && ($userdom ne '')) { - my %cookies=CGI::Cookie->parse($r->header_in('Cookie')); - foreach my $name (keys(%cookies)) { - next unless ($name =~ /^lon(|S|Link|Pub)ID$/); - my $c = new CGI::Cookie(-name => $name, - -value => '', - -expires => '-10y',); - $r->headers_out->add('Set-cookie' => $c); - } - } $r->send_http_header; return OK if $r->header_only; @@ -154,240 +70,37 @@ sub handler { return OK; } -# Check if browser sent a LON-CAPA load balancer cookie (and this is a balancer) + $env{'form.firsturl'} =~ s/(`)/'/g; - my ($found_server,$balancer_cookie) = &Apache::lonnet::check_for_balancer_cookie($r,1); - if ($found_server) { - my $hostname = &Apache::lonnet::hostname($found_server); - if ($hostname ne '') { - my $protocol = $Apache::lonnet::protocol{$found_server}; - $protocol = 'http' if ($protocol ne 'https'); +# -------------------------------- Prevent users from attempting to login twice + my $handle = &Apache::lonnet::check_for_valid_session($r); + if ($handle ne '') { + my $lonidsdir=$r->dir_config('lonIDsDir'); + if ($handle=~/^publicuser\_/) { +# For "public user" - remove it, we apparently really want to login + unlink($r->dir_config('lonIDsDir')."/$handle.id"); + } else { +# Indeed, a valid token is found + &Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle); + my $start_page = + &Apache::loncommon::start_page('Already logged in'); + my $end_page = + &Apache::loncommon::end_page(); my $dest = '/adm/roles'; if ($env{'form.firsturl'} ne '') { - $dest = &HTML::Entities::encode($env{'form.firsturl'},'\'"<>&'); - } - my %info = ( - balcookie => $lonhost.':'.$balancer_cookie, - ); - if ($env{'form.role'}) { - $info{'role'} = $env{'form.role'}; - } - if ($env{'form.symb'}) { - $info{'symb'} = $env{'form.symb'}; - } - if (($env{'form.firsturl'} eq '/adm/email') && ($env{'form.display'} ne '')) { - if ($env{'form.sso'}) { - if ($env{'form.mailrecip'}) { - $info{'display'} = &escape($env{'form.display'}); - $info{'mailrecip'} = &escape($env{'form.mailrecip'}); - } - } else { - if (($env{'form.username'}) && ($env{'form.domain'})) { - $info{'display'} = &escape($env{'form.display'}); - $info{'mailrecip'} = &escape($env{'form.username'}.':'.$env{'form.domain'}); - } - } - } - my $balancer_token = &Apache::lonnet::tmpput(\%info,$found_server); - unless (($balancer_token eq 'con_lost') || ($balancer_token eq 'refused') || - ($balancer_token eq 'unknown_cmd') || ($balancer_token eq 'no_such_host')) { - $dest .= (($dest=~/\?/)?'&':'?') . 'btoken='.$balancer_token; - } - if ($env{'form.firsturl'} =~ m{^/tiny/$match_domain/\w+$}) { - my %link_info; - if ($env{'form.ltoken'}) { - $link_info{'ltoken'} = $env{'form.ltoken'}; - } elsif ($env{'form.linkprot'}) { - $link_info{'linkprot'} = $env{'form.linkprot'}; - foreach my $item ('linkprotuser','linkprotexit','linkprotpbid','linkprotpburl') { - if ($env{'form.'.$item} ne '') { - $link_info{$item} = $env{'form.'.$item}; - } - } - } elsif ($env{'form.linkkey'} ne '') { - $link_info{'linkkey'} = $env{'form.linkkey'}; - } - if (keys(%link_info)) { - $link_info{'origurl'} = $env{'form.firsturl'}; - my $token = &Apache::lonnet::tmpput(\%link_info,$found_server,'link'); - unless (($token eq 'con_lost') || ($token eq 'refused') || - ($token eq 'unknown_cmd') || ($token eq 'no_such_host')) { - $dest .= (($dest=~/\?/)?'&':'?') . 'ttoken='.$token; - } - } - } - unless ($found_server eq $lonhost) { - my $alias = &Apache::lonnet::use_proxy_alias($r,$found_server); - $hostname = $alias if ($alias ne ''); + $dest = $env{'form.firsturl'}; } - my $url = $protocol.'://'.$hostname.$dest; - my $start_page = - &Apache::loncommon::start_page('Switching Server ...',undef, - {'redirect' => [0,$url],}); - my $end_page = &Apache::loncommon::end_page(); - $r->print($start_page.$end_page); + $r->print( + $start_page + .'

'.&mt('You are already logged in!').'

' + .'

'.&mt('Please either [_1]continue the current session[_2] or [_3]log out[_4].', + '','','','').'

' + .$end_page + ); return OK; } } -# -# Check if a LON-CAPA load balancer sent user here because user's browser sent -# it a balancer cookie for an active session on this server. -# - - my $balcookie; - if ($env{'form.btoken'}) { - my %info = &Apache::lonnet::tmpget($env{'form.btoken'}); - $balcookie = $info{'balcookie'}; - &Apache::lonnet::tmpdel($env{'form.btoken'}); - delete($env{'form.btoken'}); - if (($env{'form.firsturl'} eq '/adm/email') && - (exists($info{'display'})) && (exists($info{'mailrecip'}))) { - $env{'form.display'} = &unescape($info{'display'}); - $env{'form.mailrecip'} = &unescape($info{'mailrecip'}); - } - } - -# -# If browser sent an old cookie for which the session file had been removed -# check if configuration for user's domain has a portal URL set. If so -# switch user's log-in to the portal. -# - - if (($handle eq '') && ($userdom ne '')) { - my %domdefaults = &Apache::lonnet::get_domain_defaults($userdom); - if ($domdefaults{'portal_def'} =~ /^https?\:/) { - my $start_page = &Apache::loncommon::start_page('Switching Server ...',undef, - {'redirect' => [0,$domdefaults{'portal_def'}],}); - my $end_page = &Apache::loncommon::end_page(); - $r->print($start_page.$end_page); - return OK; - } - } - -# -------------------------------- Prevent users from attempting to login twice - if ($handle ne '') { - &Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle); - my $start_page = - &Apache::loncommon::start_page('Already logged in'); - my $end_page = - &Apache::loncommon::end_page(); - my $dest = '/adm/roles'; - if ($env{'form.firsturl'} ne '') { - $dest = &HTML::Entities::encode($env{'form.firsturl'},'\'"<>&'); - } - if (($env{'form.ltoken'}) || ($env{'form.linkprot'})) { - my ($linkprot,$linkprotuser,$linkprotexit,$linkprotpbid,$linkprotpburl); - if ($env{'form.ltoken'}) { - my %info = &Apache::lonnet::tmpget($env{'form.ltoken'}); - $linkprot = $info{'linkprot'}; - if ($info{'linkprotuser'} ne '') { - $linkprotuser = $info{'linkprotuser'}; - } - if ($info{'linkprotexit'} ne '') { - $linkprotexit = $info{'linkprotexit'}; - } - if ($info{'linkprotpbid'} ne '') { - $linkprotpbid = $info{'linkprotpbid'}; - } - if ($info{'linkprotpburl'} ne '') { - $linkprotpburl = $info{'linkprotpburl'}; - } - } else { - $linkprot = $env{'form.linkprot'}; - $linkprotuser = $env{'form.linkprotuser'}; - $linkprotexit = $env{'form.linkprotexit'}; - $linkprotpbid = $env{'form.linkprotpbid'}; - $linkprotpburl = $env{'form.linkprotpburl'}; - } - if ($linkprot) { - my ($linkprotector,$deeplink) = split(/:/,$linkprot,2); - if (($deeplink =~ m{^/tiny/$match_domain/\w+$}) && - ($linkprotuser ne '') && ($linkprotuser ne $env{'user.name'}.':'.$env{'user.domain'})) { - my $ip = &Apache::lonnet::get_requestor_ip(); - my %linkprotinfo = ( - origurl => $deeplink, - linkprot => $linkprot, - linkprotuser => $linkprotuser, - linkprotexit => $linkprotexit, - linkprotpbid => $linkprotpbid, - linkprotpburl => $linkprotpburl, - ); - if ($env{'form.ltoken'}) { - my $delete = &Apache::lonnet::tmpdel($env{'form.ltoken'}); - } - &Apache::migrateuser::logout($r,$ip,$handle,undef,undef,\%linkprotinfo); - return OK; - } - if ($env{'user.linkprotector'}) { - my @protectors = split(/,/,$env{'user.linkprotector'}); - unless (grep(/^\Q$linkprotector\E$/,@protectors)) { - push(@protectors,$linkprotector); - @protectors = sort { $a <=> $b } @protectors; - &Apache::lonnet::appenv({'user.linkprotector' => join(',',@protectors)}); - } - } else { - &Apache::lonnet::appenv({'user.linkprotector' => $linkprotector }); - } - if ($env{'user.linkproturi'}) { - my @proturis = split(/,/,$env{'user.linkproturi'}); - unless (grep(/^\Q$deeplink\E$/,@proturis)) { - push(@proturis,$deeplink); - @proturis = sort @proturis; - &Apache::lonnet::appenv({'user.linkproturi' => join(',',@proturis)}); - } - } else { - &Apache::lonnet::appenv({'user.linkproturi' => $deeplink}); - } - } - } elsif ($env{'form.linkkey'} ne '') { - if ($env{'form.firsturl'} =~ m{^/tiny/$match_domain/\w+$}) { - my $linkkey = $env{'form.linkkey'}; - if ($env{'user.deeplinkkey'}) { - my @linkkeys = split(/,/,$env{'user.deeplinkkey'}); - unless (grep(/^\Q$linkkey\E$/,@linkkeys)) { - push(@linkkeys,$linkkey); - &Apache::lonnet::appenv({'user.deeplinkkey' => join(',',sort(@linkkeys))}); - } - } else { - &Apache::lonnet::appenv({'user.deeplinkkey' => $linkkey}); - } - my $deeplink = $env{'form.firsturl'}; - if ($env{'user.keyedlinkuri'}) { - my @keyeduris = split(/,/,$env{'user.keyedlinkuri'}); - unless (grep(/^\Q$deeplink\E$/,@keyeduris)) { - push(@keyeduris,$deeplink); - &Apache::lonnet::appenv({'user.keyedlinkuri' => join(',',sort(@keyeduris))}); - } - } else { - &Apache::lonnet::appenv({'user.keyedlinkuri' => $deeplink}); - } - } - } - if ($env{'form.ltoken'}) { - my $delete = &Apache::lonnet::tmpdel($env{'form.ltoken'}); - } - if (($env{'form.firsturl'} eq '/adm/email') && ($env{'form.display'})) { - if ($env{'form.mailrecip'}) { - if ($env{'form.mailrecip'} eq "$env{'user.name'}:$env{'user.domain'}") { - $dest .= (($dest=~/\?/)?'&':'?') . 'display='.&escape($env{'form.display'}). - '&mailrecip='.&escape($env{'form.mailrecip'}); - } - } elsif (($env{'form.username'} eq $env{'user.name'}) && ($env{'form.domain'} eq $env{'user.domain'})) { - $dest .= (($dest=~/\?/)?'&':'?') . 'display='.&escape($env{'form.display'}). - '&mailrecip='.&escape("$env{'user.name'}:$env{'form.domain'}"); - } - } - $r->print( - $start_page - .'

'.&mt('You are already logged in!').'

' - .'

'.&mt('Please either [_1]continue the current session[_2] or [_3]log out[_4].', - '','','','').'

' - .$end_page - ); - return OK; - } - # ---------------------------------------------------- No valid token, continue # ---------------------------- Not possible to really login to domain "public" @@ -409,16 +122,16 @@ sub handler { $env{'form.interface'}=~s/\W//g; (undef,undef,undef,undef,undef,undef,my $clientmobile) = - &Apache::loncommon::decode_user_agent($r); + &Apache::loncommon::decode_user_agent(); my $iconpath= &Apache::loncommon::lonhttpdurl($r->dir_config('lonIconsURL')); + my $lonhost = $r->dir_config('lonHostID'); my $domain = &Apache::lonnet::default_login_domain(); - my $defdom = $domain; if ($lonhost ne '') { unless ($sessiondata{'sessionserver'}) { - my $redirect = &check_loginvia($domain,$lonhost,$lonidsdir,$balcookie); + my $redirect = &check_loginvia($domain,$lonhost); if ($redirect) { $r->print($redirect); return OK; @@ -427,7 +140,7 @@ sub handler { } if (($sessiondata{'domain'}) && - (&Apache::lonnet::domain($sessiondata{'domain'},'description'))) { + (&Apache::lonnet::domain($env{'form.domain'},'description'))) { $domain=$sessiondata{'domain'}; } elsif (($env{'form.domain'}) && (&Apache::lonnet::domain($env{'form.domain'},'description'))) { @@ -502,51 +215,24 @@ sub handler { if ($uextkey>2147483647) { $uextkey-=4294967296; } # -------------------------------------------------------- Store away log token - my ($tokenextras,$tokentype,$linkprot_for_login); - my @names = ('role','symb','iptoken','ltoken','linkprotuser','linkprotexit', - 'linkprot','linkkey','display','linkprotpbid','linkprotpburl'); - foreach my $name (@names) { - if ($env{'form.'.$name} ne '') { - if ($name eq 'ltoken') { - my %info = &Apache::lonnet::tmpget($env{'form.'.$name}); - if ($info{'linkprot'}) { - $linkprot_for_login = $info{'linkprot'}; - $tokenextras .= '&linkprot='.&escape($info{'linkprot'}); - foreach my $item ('linkprotuser','linkprotexit','linkprotpbid','linkprotpburl') { - if ($info{$item}) { - $tokenextras .= '&'.$item.'='.&escape($info{$item}); - } - } - $tokentype = 'link'; - last; - } - } elsif ($env{'form.display'} && ($env{'form.firsturl'} eq '/adm/email')) { - if (($env{'form.mailrecip'}) || - ($env{'form.username'} =~ /^$match_username$/) && ($env{'form.domain'} =~ /^$match_domain$/)) { - $tokenextras .= '&'.$name.'='.&escape($env{'form.display'}); - if ($env{'form.mailrecip'}) { - $tokenextras .= '&mailrecip='.&escape($env{'form.mailrecip'}); - } else { - $tokenextras .= '&mailrecip='.&escape($env{'form.username'}.':'.$env{'form.domain'}); - } - } - } else { - $tokenextras .= '&'.$name.'='.&escape($env{'form.'.$name}); - if (($name eq 'linkkey') || ($name eq 'linkprot')) { - if ((($env{'form.retry'}) || ($env{'form.sso'})) && - (!$env{'form.ltoken'}) && ($name eq 'linkprot')) { - $linkprot_for_login = $env{'form.linkprot'}; - } - $tokentype = 'link'; - } - } + my $tokenextras; + if ($env{'form.role'}) { + $tokenextras = '&role='.&escape($env{'form.role'}); + } + if ($env{'form.symb'}) { + if (!$tokenextras) { + $tokenextras = '&'; } + $tokenextras .= '&symb='.&escape($env{'form.symb'}); } - if ($tokentype) { - $tokenextras .= ":$tokentype"; + if ($env{'form.iptoken'}) { + if (!$tokenextras) { + $tokenextras = '&&'; + } + $tokenextras .= '&iptoken='.&escape($env{'form.iptoken'}); } my $logtoken=Apache::lonnet::reply( - 'tmpput:'.$ukey.$lkey.'&'.&escape($firsturl).$tokenextras, + 'tmpput:'.$ukey.$lkey.'&'.$firsturl.$tokenextras, $lonhost); # -- If we cannot talk to ourselves, or hostID does not map to a hostname @@ -556,41 +242,23 @@ sub handler { if ($logtoken eq 'no_such_host') { &Apache::lonnet::logthis('No valid logtoken for log-in page -- unable to determine hostname for hostID: '.$lonhost.'. Check entry in hosts.tab'); } - if ($env{'form.ltoken'}) { - &Apache::lonnet::tmpdel($env{'form.ltoken'}); - delete($env{'form.ltoken'}); - } my $spares=''; - my (@sparehosts,%spareservers); - my $sparesref = &Apache::lonnet::this_host_spares($defdom); - if (ref($sparesref) eq 'HASH') { - foreach my $key (keys(%{$sparesref})) { - if (ref($sparesref->{$key}) eq 'ARRAY') { - my @sorted = sort { &Apache::lonnet::hostname($a) cmp - &Apache::lonnet::hostname($b); - } @{$sparesref->{$key}}; - if (@sorted) { - if ($key eq 'primary') { - unshift(@sparehosts,@sorted); - } elsif ($key eq 'default') { - push(@sparehosts,@sorted); - } - } - } - } - } - foreach my $hostid (@sparehosts) { + my $last; + foreach my $hostid (sort + { + &Apache::lonnet::hostname($a) cmp + &Apache::lonnet::hostname($b); + } + keys(%Apache::lonnet::spareid)) { next if ($hostid eq $lonhost); my $hostname = &Apache::lonnet::hostname($hostid); - next if (($hostname eq '') || ($spareservers{$hostname})); - $spareservers{$hostname} = 1; - my $protocol = $Apache::lonnet::protocol{$hostid}; - $protocol = 'http' if ($protocol ne 'https'); - $spares.='
'. $hostname.''. - ' '.&mt('(preferred)').''.$/; + ' '.&mt('(preferred)').''.$/; + $last=$hostname; } if ($spares) { $spares.= '
'; @@ -602,26 +270,23 @@ sub handler { &Apache::lonnet::hostname($b); } keys(%all_hostnames)) { - next if ($hostid eq $lonhost); + next if ($hostid eq $lonhost || $Apache::lonnet::spareid{$hostid}); my $hostname = &Apache::lonnet::hostname($hostid); - next if (($hostname eq '') || ($spareservers{$hostname})); - $spareservers{$hostname} = 1; - my $protocol = $Apache::lonnet::protocol{$hostid}; - $protocol = 'http' if ($protocol ne 'https'); - $spares.='
'. $hostname.''; + $last=$hostname; } $r->print( - '' - .'' - .'' + '<html>' + .'<head><title>' .&mt('The LearningOnline Network with CAPA') .'' .'' .'

'.&mt('The LearningOnline Network with CAPA').'

' - .'broken icon' + .'' .'

'.&mt('This LON-CAPA server is temporarily not available for login.').'

'); if ($spares) { $r->print('

'.&mt('Please attempt to login to one of the following servers:') @@ -687,7 +352,11 @@ lextkey=this.document.client.elements.le initkeys(); this.document.server.elements.upass0.value - =getCrypted(this.document.client.elements.upass$now.value); + =crypted(this.document.client.elements.upass$now.value.substr(0,15)); +this.document.server.elements.upass1.value + =crypted(this.document.client.elements.upass$now.value.substr(15,15)); +this.document.server.elements.upass2.value + =crypted(this.document.client.elements.upass$now.value.substr(30,15)); this.document.client.elements.uname.value=''; this.document.client.elements.upass$now.value=''; @@ -708,72 +377,6 @@ function enableInput() { ENDSCRIPT - my ($lonhost_in_use,@hosts,%defaultdomconf,$saml_prefix,$saml_landing, - $samlssotext,$samlnonsso,$samlssoimg,$samlssoalt,$samlssourl,$samltooltip, - $samlwindow); - %defaultdomconf = &Apache::loncommon::get_domainconf($defdom); - @hosts = &Apache::lonnet::current_machine_ids(); - $lonhost_in_use = $lonhost; - if (@hosts > 1) { - foreach my $hostid (@hosts) { - if (&Apache::lonnet::host_domain($hostid) eq $defdom) { - $lonhost_in_use = $hostid; - last; - } - } - } - $saml_prefix = $defdom.'.login.saml_'; - if ($defaultdomconf{$saml_prefix.$lonhost_in_use}) { - $saml_landing = 1; - $samlssotext = $defaultdomconf{$saml_prefix.'text_'.$lonhost_in_use}; - $samlnonsso = $defaultdomconf{$saml_prefix.'notsso_'.$lonhost_in_use}; - $samlssoimg = $defaultdomconf{$saml_prefix.'img_'.$lonhost_in_use}; - $samlssoalt = $defaultdomconf{$saml_prefix.'alt_'.$lonhost_in_use}; - $samlssourl = $defaultdomconf{$saml_prefix.'url_'.$lonhost_in_use}; - $samltooltip = $defaultdomconf{$saml_prefix.'title_'.$lonhost_in_use}; - $samlwindow = $defaultdomconf{$saml_prefix.'window_'.$lonhost_in_use}; - } - if ($saml_landing) { - if ($samlssotext eq '') { - $samlssotext = 'SSO Login'; - } - if ($samlnonsso eq '') { - $samlnonsso = 'Non-SSO Login'; - } - $js .= <<"ENDSAMLJS"; - - - -ENDSAMLJS - } - # --------------------------------------------------- Print login screen header my %add_entries = ( @@ -784,29 +387,6 @@ ENDSAMLJS alink => "$alink", onload => 'javascript:enableInput();',); - my ($headextra,$headextra_exempt); - $headextra = $defaultdomconf{$defdom.'.login.headtag_'.$lonhost_in_use}; - $headextra_exempt = $defaultdomconf{$domain.'.login.headtag_exempt_'.$lonhost_in_use}; - if ($headextra) { - my $omitextra; - if ($headextra_exempt ne '') { - my @exempt = split(',',$headextra_exempt); - my $ip = &Apache::lonnet::get_requestor_ip(); - if (grep(/^\Q$ip\E$/,@exempt)) { - $omitextra = 1; - } - } - unless ($omitextra) { - my $confname = $defdom.'-domainconfig'; - if ($headextra =~ m{^\Q/res/$defdom/$confname/login/headtag/$lonhost_in_use/\E}) { - my $extra = &Apache::lonnet::getfile(&Apache::lonnet::filelocation("",$headextra)); - unless ($extra eq '-1') { - $js .= "\n".$extra."\n"; - } - } - } - } - $r->print(&Apache::loncommon::start_page('The LearningOnline Network with CAPA Login',$js, { 'redirect' => [$expire,'/adm/roles'], 'add_entries' => \%add_entries, @@ -829,7 +409,6 @@ ENDSAMLJS 'helpdesk' => 'Contact Helpdesk', 'forgotpw' => 'Forgot password?', 'newuser' => 'New User?', - 'change' => 'Change?', ); # -------------------------------------------------- Change password field name @@ -858,6 +437,8 @@ ENDSAMLJS + + @@ -891,7 +472,7 @@ ENDSERVERFORM $mobileargs = 'autocapitalize="off" autocorrect="off"'; } my $loginform=(< +

:
@@ -905,165 +486,15 @@ ENDSERVERFORM LFORM if ($showbanner) { - my $alttext = &Apache::loncommon::designparm('login.alttext_img',$domain); - if ($alttext eq '') { - $alttext = 'The Learning Online Network with CAPA'; - } $r->print(<
- $alttext + The Learning Online Network with CAPA
HEADER } - - my $stdauthformstyle = 'inline-block'; - my $ssoauthstyle = 'none'; - my $sso_onclick; - my $logintype; - $r->print('
'); - if ($saml_landing) { - $ssoauthstyle = 'inline-block'; - $stdauthformstyle = 'none'; - $logintype = $samlssotext; - my $ssologin = '/adm/sso'; - if ($samlssourl ne '') { - $ssologin = $samlssourl; - } - my $ssologin_for_js = &js_escape($ssologin); - my $querystr_for_js; - if (($logtoken eq 'con_lost') || ($logtoken eq 'no_such_host')) { - my $querystring; - if ($env{'form.firsturl'} ne '') { - $querystring = 'origurl='; - if ($env{'form.firsturl'} =~ /[^\x00-\xFF]/) { - $querystring .= &uri_escape_utf8($env{'form.firsturl'}); - } else { - $querystring .= &uri_escape($env{'form.firsturl'}); - } - $querystring = &HTML::Entities::encode($querystring,"'"); - } - if ($env{'form.ltoken'} ne '') { - $querystring .= (($querystring eq '')?'':'&') . 'ltoken='. - &HTML::Entities::encode(&uri_escape($env{'form.ltoken'})); - } elsif ($env{'form.linkkey'}) { - $querystring .= (($querystring eq '')?'':'&') . 'linkkey='. - &HTML::Entities::encode(&uri_escape($env{'form.linkkey'})); - } - if ($querystring ne '') { - $ssologin .= (($ssologin=~/\?/)?'&':'?') . $querystring; - $querystr_for_js = &js_escape($querystring); - } - } elsif ($logtoken ne '') { - $ssologin .= (($ssologin=~/\?/)?'&':'?') . 'logtoken='.$logtoken; - $querystr_for_js = &js_escape('logtoken='.$logtoken); - } - my $ssohref; - if ($samlwindow) { - $sso_onclick = <<"ENDJS"; -if (document.getElementById('LC_sso_login_link')) { - var ssoelem = document.getElementById('LC_sso_login_link') - ssoelem.addEventListener('click',samlWinFunction,false); - var windows = {}; - function samlWinFunction(evt) { - evt.preventDefault(); - var url = '$ssologin_for_js'; - var name = 'lcssowin'; - var querystr = '$querystr_for_js'; - if (querystr) { - url += '?'+querystr+'&lcssowin=1'; - } else { - url += '?lcssowin=1'; - } - if ((typeof windows[name] !== 'undefined') && (!windows[name].closed)) { - windows[name].close(); - } - windows[name]=window.open(url,name,'width=350,height=600'); - windows[name].focus(); - return false; - } -} -ENDJS - } - if ($samlssoimg ne '') { - $ssohref = ''. - ''.$samlssoalt.''; - } else { - $ssohref = ''.$samlssotext.''; - } - if (($env{'form.saml'} eq 'no') || - (($env{'form.username'} ne '') && ($env{'form.domain'} ne ''))) { - $ssoauthstyle = 'none'; - $stdauthformstyle = 'inline-block'; - $logintype = $samlnonsso; - } - $r->print(< -Log-in type: -$logintype
-$lt{'change'} -

-
-
-$ssohref -$noscript_warning -
-
-$loginhelp -$contactblock -$coursecatalog -
-
-ENDSAML - } else { - if ($env{'form.ltoken'}) { - &Apache::lonnet::tmpdel($env{'form.ltoken'}); - delete($env{'form.ltoken'}); - } - } - my $in_frame_js; - if ($linkprot_for_login) { - my ($linkprotector,$linkproturi) = split(/:/,$linkprot_for_login,2); - if (($linkprotector =~ /^\d+(c|d)$/) && ($linkproturi =~ m{^/+tiny/+$LONCAPA::match_domain/+\w+$})) { - my $set_target; - if (($env{'form.retry'}) || ($env{'form.sso'})) { - if ($linkproturi eq $env{'form.firsturl'}) { - $set_target = " document.server.target = '_self';"; - } - } else { - $set_target = < -// - -ENDJS - } - } elsif ($samlwindow) { - $in_frame_js = < -// - -ENDJS - } - - $r->print(< + $r->print(<
$logintitle $loginform @@ -1079,11 +510,10 @@ ENDJS
-ENDLOGIN - $r->print('
'."\n"); +
+ENDTOP if ($showmainlogo) { - my $alttext = &Apache::loncommon::designparm('login.alttext_logo',$domain); - $r->print(' '."\n"); + $r->print(' '."\n"); } $r->print(<
-$in_frame_js