loncom/auth/lonlogin.pm - diff

Return to lonlogin.pm CVS log

Up to [LON-CAPA] / loncom / auth

Diff for /loncom/auth/lonlogin.pm between versions 1.177 and 1.187

version 1.177, 2018/12/26 20:10:21	version 1.187, 2021/09/28 21:16:07
Line 47 sub handler {	Line 47 sub handler {
(join('&',$ENV{'QUERY_STRING'},$env{'request.querystring'},	(join('&',$ENV{'QUERY_STRING'},$env{'request.querystring'},
$ENV{'REDIRECT_QUERY_STRING'}),	$ENV{'REDIRECT_QUERY_STRING'}),
['interface','username','domain','firsturl','localpath','localres',	['interface','username','domain','firsturl','localpath','localres',
'token','role','symb','iptoken','btoken','ltoken']);	'token','role','symb','iptoken','btoken','ltoken','linkkey','saml']);
if (!defined($env{'form.firsturl'})) {	if (!defined($env{'form.firsturl'})) {
&Apache::lonacc::get_posted_cgi($r,['firsturl']);	&Apache::lonacc::get_posted_cgi($r,['firsturl']);
}	}
Line 56 sub handler {	Line 56 sub handler {
$env{'form.firsturl'} = $ENV{'REDIRECT_URL'};	$env{'form.firsturl'} = $ENV{'REDIRECT_URL'};
}	}
}	}
	if (($env{'form.firsturl'} =~ m{^/+tiny/+$LONCAPA::match_domain/+\w+$}) &&
	(!$env{'form.ltoken'}) && (!$env{'form.linkkey'})) {
	&Apache::lonacc::get_posted_cgi($r,['linkkey']);
	}

# -- check if they are a migrating user	# -- check if they are a migrating user
if (defined($env{'form.token'})) {	if (defined($env{'form.token'})) {
Line 119 sub handler {	Line 123 sub handler {
$protocol = 'http' if ($protocol ne 'https');	$protocol = 'http' if ($protocol ne 'https');
my $dest = '/adm/roles';	my $dest = '/adm/roles';
if ($env{'form.firsturl'} ne '') {	if ($env{'form.firsturl'} ne '') {
$dest = $env{'form.firsturl'};	$dest = &HTML::Entities::encode($env{'form.firsturl'},'\'"<>&');
}	}
my %info = (	my %info = (
balcookie => $lonhost.':'.$balancer_cookie,	balcookie => $lonhost.':'.$balancer_cookie,
Line 131 sub handler {	Line 135 sub handler {
}	}
&Apache::lonnet::tmpdel($env{'form.ltoken'});	&Apache::lonnet::tmpdel($env{'form.ltoken'});
delete($env{'form.ltoken'});	delete($env{'form.ltoken'});
	} elsif ($env{'form.linkkey'}) {
	$info{'linkkey'} = $env{'form.linkkey'};
	delete($env{'form.linkkey'});
}	}
my $balancer_token = &Apache::lonnet::tmpput(\%info,$found_server);	my $balancer_token = &Apache::lonnet::tmpput(\%info,$found_server);
if ($balancer_token) {	if ($balancer_token) {
$dest .= (($dest=~/\?/)?'&;':'?') . 'btoken='.$balancer_token;	$dest .= (($dest=~/\?/)?'&':'?') . 'btoken='.$balancer_token;
	}
	unless ($found_server eq $lonhost) {
	my $alias = &Apache::lonnet::use_proxy_alias($r,$found_server);
	$hostname = $alias if ($alias ne '');
}	}
my $url = $protocol.'://'.$hostname.$dest;	my $url = $protocol.'://'.$hostname.$dest;
my $start_page =	my $start_page =
Line 151 sub handler {	Line 162 sub handler {
# it a balancer cookie for an active session on this server.	# it a balancer cookie for an active session on this server.
#	#

my ($balcookie,$linkprot);	my ($balcookie,$linkprot,$linkkey);
if ($env{'form.btoken'}) {	if ($env{'form.btoken'}) {
my %info = &Apache::lonnet::tmpget($env{'form.btoken'});	my %info = &Apache::lonnet::tmpget($env{'form.btoken'});
$balcookie = $info{'balcookie'};	$balcookie = $info{'balcookie'};
if ($balcookie) {	if ($balcookie) {
if ($info{'linkprot'}) {	if ($info{'linkprot'}) {
$linkprot = $info{'linkprot'};	$linkprot = $info{'linkprot'};
	} elsif ($info{'linkkey'}) {
	$linkkey = $info{'linkkey'};
}	}
}	}
&Apache::lonnet::tmpdel($env{'form.btoken'});	&Apache::lonnet::tmpdel($env{'form.btoken'});
Line 190 sub handler {	Line 203 sub handler {
&Apache::loncommon::end_page();	&Apache::loncommon::end_page();
my $dest = '/adm/roles';	my $dest = '/adm/roles';
if ($env{'form.firsturl'} ne '') {	if ($env{'form.firsturl'} ne '') {
$dest = $env{'form.firsturl'};	$dest = &HTML::Entities::encode($env{'form.firsturl'},'\'"<>&');
}	}
if (($env{'form.ltoken'}) \|\| ($linkprot)) {	if (($env{'form.ltoken'}) \|\| ($linkprot)) {
unless ($linkprot) {	unless ($linkprot) {
Line 213 sub handler {	Line 226 sub handler {
}	}
if ($env{'user.linkproturi'}) {	if ($env{'user.linkproturi'}) {
my @proturis = split(/,/,$env{'user.linkproturi'});	my @proturis = split(/,/,$env{'user.linkproturi'});
unless(grep(/^\Q$deeplink\E$/,@proturis)) {	unless (grep(/^\Q$deeplink\E$/,@proturis)) {
push(@proturis,$deeplink);	push(@proturis,$deeplink);
@proturis = sort @proturis;	@proturis = sort @proturis;
&Apache::lonnet::appenv({'user.linkproturi' => join(',',@proturis)});	&Apache::lonnet::appenv({'user.linkproturi' => join(',',@proturis)});
Line 222 sub handler {	Line 235 sub handler {
&Apache::lonnet::appenv({'user.linkproturi' => $deeplink});	&Apache::lonnet::appenv({'user.linkproturi' => $deeplink});
}	}
}	}
	} elsif (($env{'form.linkkey'}) \|\| ($linkkey)) {
	if ($env{'form.firsturl'} =~ m{^/tiny/$match_domain/\w+$}) {
	if ($linkkey eq '') {
	$linkkey = $env{'form.linkkey'};
	}
	if ($env{'user.deeplinkkey'}) {
	my @linkkeys = split(/,/,$env{'user.deeplinkkey'});
	unless (grep(/^\Q$linkkey\E$/,@linkkeys)) {
	push(@linkkeys,$linkkey);
	&Apache::lonnet::appenv({'user.deeplinkkey' => join(',',sort(@linkkeys))});
	}
	} else {
	&Apache::lonnet::appenv({'user.deeplinkkey' => $linkkey});
	}
	my $deeplink = $env{'form.firsturl'};
	if ($env{'user.keyedlinkuri'}) {
	my @keyeduris = split(/,/,$env{'user.keyedlinkuri'});
	unless (grep(/^\Q$deeplink\E$/,@keyeduris)) {
	push(@keyeduris,$deeplink);
	&Apache::lonnet::appenv({'user.keyedlinkuri' => join(',',sort(@keyeduris))});
	}
	} else {
	&Apache::lonnet::appenv({'user.keyedlinkuri' => $deeplink});
	}
	}
}	}
$r->print(	$r->print(
$start_page	$start_page
Line 373 sub handler {	Line 411 sub handler {
}	}
$tokenextras .= '&linkprot='.&escape($info{'linkprot'});	$tokenextras .= '&linkprot='.&escape($info{'linkprot'});
}	}
	} elsif ($env{'form.linkkey'}) {
	if (!$tokenextras) {
	$tokenextras = '&&&';
	}
	$tokenextras .= '&linkkey='.&escape($env{'form.linkkey'});
}	}
my $logtoken=Apache::lonnet::reply(	my $logtoken=Apache::lonnet::reply(
'tmpput:'.$ukey.$lkey.'&'.$firsturl.$tokenextras,	'tmpput:'.$ukey.$lkey.'&'.$firsturl.$tokenextras,
Line 386 sub handler {	Line 429 sub handler {
&Apache::lonnet::logthis('No valid logtoken for log-in page -- unable to determine hostname for hostID: '.$lonhost.'. Check entry in hosts.tab');	&Apache::lonnet::logthis('No valid logtoken for log-in page -- unable to determine hostname for hostID: '.$lonhost.'. Check entry in hosts.tab');
}	}
my $spares='';	my $spares='';
my $last;	my (@sparehosts,%spareservers);
foreach my $hostid (sort	my $sparesref = &Apache::lonnet::this_host_spares($defdom);
{	if (ref($sparesref) eq 'HASH') {
&Apache::lonnet::hostname($a) cmp	foreach my $key (keys(%{$sparesref})) {
&Apache::lonnet::hostname($b);	if (ref($sparesref->{$key}) eq 'ARRAY') {
}	my @sorted = sort { &Apache::lonnet::hostname($a) cmp
keys(%Apache::lonnet::spareid)) {	&Apache::lonnet::hostname($b);
	} @{$sparesref->{$key}};
	if (@sorted) {
	if ($key eq 'primary') {
	unshift(@sparehosts,@sorted);
	} elsif ($key eq 'default') {
	push(@sparehosts,@sorted);
	}
	}
	}
	}
	}
	foreach my $hostid (@sparehosts) {
next if ($hostid eq $lonhost);	next if ($hostid eq $lonhost);
my $hostname = &Apache::lonnet::hostname($hostid);	my $hostname = &Apache::lonnet::hostname($hostid);
next if (($last eq $hostname) \|\| ($hostname eq ''));	next if (($hostname eq '') \|\| ($spareservers{$hostname}));
$spares.='<br /><font size="+1"><a href="http://'.	$spareservers{$hostname} = 1;
	my $protocol = $Apache::lonnet::protocol{$hostid};
	$protocol = 'http' if ($protocol ne 'https');
	$spares.='<br /><span style="font-size: larger;"><a href="'.$protocol.'://'.
$hostname.	$hostname.
'/adm/login?domain='.$authdomain.'">'.	'/adm/login?domain='.$authdomain.'">'.
$hostname.'</a>'.	$hostname.'</a>'.
' '.&mt('(preferred)').'</font>'.$/;	' '.&mt('(preferred)').'</span>'.$/;
$last=$hostname;
}	}
if ($spares) {	if ($spares) {
$spares.= '<br />';	$spares.= '<br />';
Line 413 sub handler {	Line 470 sub handler {
&Apache::lonnet::hostname($b);	&Apache::lonnet::hostname($b);
}	}
keys(%all_hostnames)) {	keys(%all_hostnames)) {
next if ($hostid eq $lonhost \|\| $Apache::lonnet::spareid{$hostid});	next if ($hostid eq $lonhost);
my $hostname = &Apache::lonnet::hostname($hostid);	my $hostname = &Apache::lonnet::hostname($hostid);
next if (($last eq $hostname) \|\| ($hostname eq ''));	next if (($hostname eq '') \|\| ($spareservers{$hostname}));
$spares.='<br /><a href="http://'.	$spareservers{$hostname} = 1;
	my $protocol = $Apache::lonnet::protocol{$hostid};
	$protocol = 'http' if ($protocol ne 'https');
	$spares.='<br /><a href="'.$protocol.'://'.
$hostname.	$hostname.
'/adm/login?domain='.$authdomain.'">'.	'/adm/login?domain='.$authdomain.'">'.
$hostname.'</a>';	$hostname.'</a>';
$last=$hostname;
}	}
$r->print(	$r->print(
'<html>'	'<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">'
.'<head><title>'	.'<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">'
	.'<head><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><title>'
.&mt('The LearningOnline Network with CAPA')	.&mt('The LearningOnline Network with CAPA')
.'</title></head>'	.'</title></head>'
.'<body bgcolor="#FFFFFF">'	.'<body bgcolor="#FFFFFF">'
.'<h1>'.&mt('The LearningOnline Network with CAPA').'</h1>'	.'<h1>'.&mt('The LearningOnline Network with CAPA').'</h1>'
.'<img src="/adm/lonKaputt/lonlogo_broken.gif" align="right" />'	.'<img src="/adm/lonKaputt/lonlogo_broken.gif" alt="broken icon" align="right" />'
.'<h3>'.&mt('This LON-CAPA server is temporarily not available for login.').'</h3>');	.'<h3>'.&mt('This LON-CAPA server is temporarily not available for login.').'</h3>');
if ($spares) {	if ($spares) {
$r->print('<p>'.&mt('Please attempt to login to one of the following servers:')	$r->print('<p>'.&mt('Please attempt to login to one of the following servers:')
Line 521 function enableInput() {	Line 581 function enableInput() {

ENDSCRIPT	ENDSCRIPT

# --------------------------------------------------- Print login screen header	my ($lonhost_in_use,@hosts,%defaultdomconf,$saml_prefix,$saml_landing,
	$samlssotext,$samlnonsso,$samlssoimg,$samlssoalt,$samlssourl,$samltooltip);
my %add_entries = (	%defaultdomconf = &Apache::loncommon::get_domainconf($defdom);
bgcolor => "$mainbg",
text => "$font",
link => "$link",
vlink => "$vlink",
alink => "$alink",
onload => 'javascript:enableInput();',);

my ($lonhost_in_use,$headextra,$headextra_exempt,@hosts,%defaultdomconf);
@hosts = &Apache::lonnet::current_machine_ids();	@hosts = &Apache::lonnet::current_machine_ids();
$lonhost_in_use = $lonhost;	$lonhost_in_use = $lonhost;
if (@hosts > 1) {	if (@hosts > 1) {
Line 542 ENDSCRIPT	Line 594 ENDSCRIPT
}	}
}	}
}	}
%defaultdomconf = &Apache::loncommon::get_domainconf($defdom);	$saml_prefix = $defdom.'.login.saml_';
	if ($defaultdomconf{$saml_prefix.$lonhost_in_use}) {
	$saml_landing = 1;
	$samlssotext = $defaultdomconf{$saml_prefix.'text_'.$lonhost_in_use};
	$samlnonsso = $defaultdomconf{$saml_prefix.'notsso_'.$lonhost_in_use};
	$samlssoimg = $defaultdomconf{$saml_prefix.'img_'.$lonhost_in_use};
	$samlssoalt = $defaultdomconf{$saml_prefix.'alt_'.$lonhost_in_use};
	$samlssourl = $defaultdomconf{$saml_prefix.'url_'.$lonhost_in_use};
	$samltooltip = $defaultdomconf{$saml_prefix.'title_'.$lonhost_in_use};
	}
	if ($saml_landing) {
	if ($samlssotext eq '') {
	$samlssotext = 'SSO Login';
	}
	if ($samlnonsso eq '') {
	$samlnonsso = 'Non-SSO Login';
	}
	$js .= <<"ENDSAMLJS";

	<script type="text/javascript">
	// <![CDATA[
	function toggleLClogin() {
	if (document.getElementById('LC_standard_login')) {
	if (document.getElementById('LC_standard_login').style.display == 'none') {
	document.getElementById('LC_standard_login').style.display = 'inline-block';
	if (document.getElementById('LC_login_text')) {
	document.getElementById('LC_login_text').innerHTML = '$samlnonsso';
	}
	if (document.getElementById('LC_SSO_login')) {
	document.getElementById('LC_SSO_login').style.display = 'none';
	}
	} else {
	document.getElementById('LC_standard_login').style.display = 'none';
	if (document.getElementById('LC_login_text')) {
	document.getElementById('LC_login_text').innerHTML = '$samlssotext';
	}
	if (document.getElementById('LC_SSO_login')) {
	document.getElementById('LC_SSO_login').style.display = 'inline-block';
	}
	}
	}
	return;
	}

	// ]]>
	</script>

	ENDSAMLJS
	}

	# --------------------------------------------------- Print login screen header

	my %add_entries = (
	bgcolor => "$mainbg",
	text => "$font",
	link => "$link",
	vlink => "$vlink",
	alink => "$alink",
	onload => 'javascript:enableInput();',);

	my ($headextra,$headextra_exempt);
$headextra = $defaultdomconf{$defdom.'.login.headtag_'.$lonhost_in_use};	$headextra = $defaultdomconf{$defdom.'.login.headtag_'.$lonhost_in_use};
$headextra_exempt = $defaultdomconf{$domain.'.login.headtag_exempt_'.$lonhost_in_use};	$headextra_exempt = $defaultdomconf{$domain.'.login.headtag_exempt_'.$lonhost_in_use};
if ($headextra) {	if ($headextra) {
my $omitextra;	my $omitextra;
if ($headextra_exempt ne '') {	if ($headextra_exempt ne '') {
my @exempt = split(',',$headextra_exempt);	my @exempt = split(',',$headextra_exempt);
my $ip = $ENV{'REMOTE_ADDR'};	my $ip = &Apache::lonnet::get_requestor_ip();
if (grep(/^\Q$ip\E$/,@exempt)) {	if (grep(/^\Q$ip\E$/,@exempt)) {
$omitextra = 1;	$omitextra = 1;
}	}
Line 587 ENDSCRIPT	Line 699 ENDSCRIPT
'helpdesk' => 'Contact Helpdesk',	'helpdesk' => 'Contact Helpdesk',
'forgotpw' => 'Forgot password?',	'forgotpw' => 'Forgot password?',
'newuser' => 'New User?',	'newuser' => 'New User?',
	'change' => 'Change?',
);	);
# -------------------------------------------------- Change password field name	# -------------------------------------------------- Change password field name

Line 648 ENDSERVERFORM	Line 761 ENDSERVERFORM
$mobileargs = 'autocapitalize="off" autocorrect="off"';	$mobileargs = 'autocapitalize="off" autocorrect="off"';
}	}
my $loginform=(<<LFORM);	my $loginform=(<<LFORM);
<form name="client" action="" onsubmit="return(send())">	<form name="client" action="" onsubmit="return(send())" id="lclogin">
<input type="hidden" name="lextkey" value="$lextkey" />	<input type="hidden" name="lextkey" value="$lextkey" />
<input type="hidden" name="uextkey" value="$uextkey" />	<input type="hidden" name="uextkey" value="$uextkey" />
<b><label for="uname">$lt{'un'}</label>:</b><br />	<b><label for="uname">$lt{'un'}</label>:</b><br />
Line 669 LFORM	Line 782 LFORM
</div>	</div>
HEADER	HEADER
}	}
$r->print(<<ENDTOP);
<div style="float:left;margin-top:0;">	my $stdauthformstyle = 'inline-block';
	my $ssoauthstyle = 'none';
	my $logintype;
	$r->print('<div style="float:left;margin-top:0;">');
	if ($saml_landing) {
	$ssoauthstyle = 'inline-block';
	$stdauthformstyle = 'none';
	$logintype = $samlssotext;
	my $ssologin = '/adm/sso';
	if ($samlssourl ne '') {
	$ssologin = $samlssourl;
	}
	if ($env{'form.firsturl'} ne '') {
	$ssologin .= (($ssologin=~/\?/)?'&':'?') .
	'origurl='.&HTML::Entities::encode($env{'form.firsturl'},'\'<>&"');
	}
	my $ssohref;
	if ($samlssoimg ne '') {
	$ssohref = '<a href="'.$ssologin.'" title="'.$samltooltip.'"><img src="'.$samlssoimg.'" alt="'.$samlssoalt.'" /></a>';
	} else {
	$ssohref = '<a href="'.$ssologin.'">'.$samlssotext.'</a>';
	}
	if (($env{'form.saml'} eq 'no') \|\|
	(($env{'form.username'} ne '') && ($env{'form.domain'} ne ''))) {
	$ssoauthstyle = 'none';
	$stdauthformstyle = 'inline-block';
	$logintype = $samlnonsso;
	}
	$r->print(<<ENDSAML);
	<p>
	Log-in type:
	<span style="font-weight:bold" id="LC_login_text">$logintype</span><br />
	<span><a href="javascript:toggleLClogin();" style="color:#000000">$lt{'change'}</a></span>
	</p>
	<div style="display:$ssoauthstyle" id="LC_SSO_login">
	<div class="LC_Box" style="padding-top: 10px;">
	$ssohref
	$noscript_warning
	</div>
	<div class="LC_Box" style="padding-top: 10px;">
	$loginhelp
	$contactblock
	$coursecatalog
	</div>
	</div>
	ENDSAML
	}

	$r->print(<<ENDLOGIN);
	<div style="display:$stdauthformstyle;" id="LC_standard_login">
<div class="LC_Box" style="background:$loginbox_bg;">	<div class="LC_Box" style="background:$loginbox_bg;">
$logintitle	$logintitle
$loginform	$loginform
Line 686 HEADER	Line 848 HEADER
</div>	</div>
</div>	</div>

<div>	ENDLOGIN
ENDTOP	$r->print('</div><div>'."\n");
if ($showmainlogo) {	if ($showmainlogo) {
$r->print(' <img src="'.$logo.'" alt="" class="LC_maxwidth" />'."\n");	$r->print(' <img src="'.$logo.'" alt="" class="LC_maxwidth" />'."\n");
}	}
Line 792 sub check_loginvia {	Line 954 sub check_loginvia {
my $output;	my $output;
if ($loginvia ne '') {	if ($loginvia ne '') {
my $noredirect;	my $noredirect;
my $ip = $ENV{'REMOTE_ADDR'};	my $ip = &Apache::lonnet::get_requestor_ip();
if ($ip eq '127.0.0.1') {	if ($ip eq '127.0.0.1') {
$noredirect = 1;	$noredirect = 1;
} else {	} else {
Line 852 sub check_loginvia {	Line 1014 sub check_loginvia {

sub redirect_page {	sub redirect_page {
my ($desthost,$path,$linkprot) = @_;	my ($desthost,$path,$linkprot) = @_;
	my $hostname = &Apache::lonnet::hostname($desthost);
my $protocol = $Apache::lonnet::protocol{$desthost};	my $protocol = $Apache::lonnet::protocol{$desthost};
$protocol = 'http' if ($protocol ne 'https');	$protocol = 'http' if ($protocol ne 'https');
unless ($path =~ m{^/}) {	unless ($path =~ m{^/}) {
$path = '/'.$path;	$path = '/'.$path;
}	}
my $url = $protocol.'://'.&Apache::lonnet::hostname($desthost).$path;	my $url = $protocol.'://'.$hostname.$path;
if ($env{'form.firsturl'} ne '') {	if ($env{'form.firsturl'} ne '') {
$url .='?firsturl='.$env{'form.firsturl'};	$url .='?firsturl='.&HTML::Entities::encode($env{'form.firsturl'},'\'"<>&');;
}	}
if ($linkprot) {	if ($linkprot) {
my $ltoken = &Apache::lonnet::tmpput({linkprot => $linkprot},$desthost);	my $ltoken = &Apache::lonnet::tmpput({linkprot => $linkprot},$desthost);
if ($ltoken) {	if ($ltoken) {
$url .= (($url =~ /\?/) ? '&' : '?').'ltoken='.$ltoken;	$url .= (($url =~ /\?/) ? '&' : '?').'ltoken='.$ltoken;
}	}
}	}
my $start_page = &Apache::loncommon::start_page('Switching Server ...',undef,	my $start_page = &Apache::loncommon::start_page('Switching Server ...',undef,

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.177
changed lines
	Added in v.1.187