--- loncom/auth/lonlogin.pm	2021/05/03 15:27:44	1.183
+++ loncom/auth/lonlogin.pm	2021/09/21 22:54:26	1.184
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Login Screen
 #
-# $Id: lonlogin.pm,v 1.183 2021/05/03 15:27:44 raeburn Exp $
+# $Id: lonlogin.pm,v 1.184 2021/09/21 22:54:26 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -47,7 +47,7 @@ sub handler {
 	(join('&',$ENV{'QUERY_STRING'},$env{'request.querystring'},
 	      $ENV{'REDIRECT_QUERY_STRING'}),
 	 ['interface','username','domain','firsturl','localpath','localres',
-	  'token','role','symb','iptoken','btoken','ltoken','linkkey']);
+	  'token','role','symb','iptoken','btoken','ltoken','linkkey','saml']);
     if (!defined($env{'form.firsturl'})) {
         &Apache::lonacc::get_posted_cgi($r,['firsturl']);
     }
@@ -581,17 +581,9 @@ function enableInput() {
 
 ENDSCRIPT
 
-# --------------------------------------------------- Print login screen header
-
-    my %add_entries = (
-	       bgcolor      => "$mainbg",
-	       text         => "$font",
-	       link         => "$link",
-	       vlink        => "$vlink",
-	       alink        => "$alink",
-               onload       => 'javascript:enableInput();',);
-
-    my ($lonhost_in_use,$headextra,$headextra_exempt,@hosts,%defaultdomconf);
+    my ($lonhost_in_use,@hosts,%defaultdomconf,$saml_prefix,$saml_landing,
+        $samlssotext,$samlnonsso,$samlssoimg,$samlssoalt,$samlssourl,$samltooltip);
+    %defaultdomconf = &Apache::loncommon::get_domainconf($defdom);
     @hosts = &Apache::lonnet::current_machine_ids();
     $lonhost_in_use = $lonhost;
     if (@hosts > 1) {
@@ -602,7 +594,67 @@ ENDSCRIPT
             }
         }
     }
-    %defaultdomconf = &Apache::loncommon::get_domainconf($defdom);
+    $saml_prefix = $defdom.'.login.saml_';
+    if ($defaultdomconf{$saml_prefix.$lonhost_in_use}) {
+        $saml_landing = 1;
+        $samlssotext = $defaultdomconf{$saml_prefix.'text_'.$lonhost_in_use};
+        $samlnonsso = $defaultdomconf{$saml_prefix.'notsso_'.$lonhost_in_use};
+        $samlssoimg = $defaultdomconf{$saml_prefix.'img_'.$lonhost_in_use};
+        $samlssoalt = $defaultdomconf{$saml_prefix.'alt_'.$lonhost_in_use};
+        $samlssourl = $defaultdomconf{$saml_prefix.'url_'.$lonhost_in_use};
+        $samltooltip = $defaultdomconf{$saml_prefix.'title_'.$lonhost_in_use};
+    }
+    if ($saml_landing) {
+       if ($samlssotext eq '') {
+           $samlssotext = 'SSO Login';
+       }
+       if ($samlnonsso eq '') {
+           $samlnonsso = 'Non-SSO Login';
+       }
+       $js .= <<"ENDSAMLJS";
+
+<script type="text/javascript">
+// <![CDATA[
+function toggleLClogin() {
+    if (document.getElementById('LC_standard_login')) {
+        if (document.getElementById('LC_standard_login').style.display == 'none') {
+            document.getElementById('LC_standard_login').style.display = 'inline-block';
+            if (document.getElementById('LC_login_text')) {
+                document.getElementById('LC_login_text').innerHTML = '$samlnonsso';
+            }
+            if (document.getElementById('LC_SSO_login')) {
+                document.getElementById('LC_SSO_login').style.display = 'none';
+            }
+        } else {
+            document.getElementById('LC_standard_login').style.display = 'none';
+            if (document.getElementById('LC_login_text')) {
+                document.getElementById('LC_login_text').innerHTML = '$samlssotext';
+            }
+            if (document.getElementById('LC_SSO_login')) {
+                document.getElementById('LC_SSO_login').style.display = 'inline-block';
+            }
+        }
+    }
+    return;
+}
+
+// ]]>
+</script>
+
+ENDSAMLJS
+    }
+
+# --------------------------------------------------- Print login screen header
+
+    my %add_entries = (
+	       bgcolor      => "$mainbg",
+	       text         => "$font",
+	       link         => "$link",
+	       vlink        => "$vlink",
+	       alink        => "$alink",
+               onload       => 'javascript:enableInput();',);
+
+    my ($headextra,$headextra_exempt,@hosts,%defaultdomconf);
     $headextra = $defaultdomconf{$defdom.'.login.headtag_'.$lonhost_in_use};
     $headextra_exempt = $defaultdomconf{$domain.'.login.headtag_exempt_'.$lonhost_in_use};
     if ($headextra) {
@@ -647,6 +699,7 @@ ENDSCRIPT
           'helpdesk' => 'Contact Helpdesk',
           'forgotpw' => 'Forgot password?',
           'newuser'  => 'New User?',
+          'change'   => 'Change?',
        );
 # -------------------------------------------------- Change password field name
 
@@ -708,7 +761,7 @@ ENDSERVERFORM
         $mobileargs = 'autocapitalize="off" autocorrect="off"'; 
     }
     my $loginform=(<<LFORM);
-<form name="client" action="" onsubmit="return(send())">
+<form name="client" action="" onsubmit="return(send())" id="lclogin">
   <input type="hidden" name="lextkey" value="$lextkey" />
   <input type="hidden" name="uextkey" value="$uextkey" />
   <b><label for="uname">$lt{'un'}</label>:</b><br />
@@ -729,8 +782,56 @@ LFORM
 </div>
 HEADER
     }
-    $r->print(<<ENDTOP);
-<div style="float:left;margin-top:0;">
+
+    my $stdauthformstyle = 'inline-block';
+    my $ssoauthstyle = 'none';
+    my $logintype;
+    $r->print('<div style="float:left;margin-top:0;">');
+    if ($saml_landing) {
+        $ssoauthstyle = 'inline-block';
+        $stdauthformstyle = 'none';
+        $logintype = $samlssotext;
+        my $ssologin = '/adm/sso';
+        if ($samlssourl  ne '') {
+            $ssologin = $samlssourl;
+        }
+        my $ssohref;
+        if ($samlssoimg ne '') {
+            $ssohref = '<a href="'.$ssologin.'" title="'.$samltooltip.'"><img src="'.$samlssoimg.'" alt="'.$samlssoalt.'" /></a>';
+        } else {
+            $ssohref = '<a href="'.$ssologin.'">'.$samlssotext.'</a>';
+        }
+        if ($env{'form.firsturl'}) {
+            $ssologin .= '?origurl='.&HTML::Entities::encode($env{'form.firsturl'},'<>&"');
+        }
+        if (($env{'form.saml'} eq 'no') ||
+            (($env{'form.username'} ne '') && ($env{'form.domain'} ne ''))) {
+            $ssoauthstyle = 'none';
+            $stdauthformstyle = 'inline-block';
+            $logintype = $samlnonsso;
+        }
+        $r->print(<<ENDSAML);
+<p>
+Log-in type:
+<span style="font-weight:bold" id="LC_login_text">$logintype</span><br />
+<span><a href="javascript:toggleLClogin();" style="color:#000000">$lt{'change'}</a></span>
+</p>
+<div style="display:$ssoauthstyle" id="LC_SSO_login">
+<div class="LC_Box" style="padding-top: 10px;">
+$ssohref
+$noscript_warning
+</div>
+<div class="LC_Box" style="padding-top: 10px;">
+$loginhelp
+$contactblock
+$coursecatalog
+</div>
+</div>
+ENDSAML
+    }
+
+    $r->print(<<ENDLOGIN);
+<div style="display:$stdauthformstyle;" id="LC_standard_login">
 <div class="LC_Box" style="background:$loginbox_bg;">
   $logintitle
   $loginform
@@ -746,8 +847,8 @@ HEADER
 </div>
 </div>
 
-<div>
-ENDTOP
+ENDLOGIN
+    $r->print('</div><div>'."\n");
     if ($showmainlogo) {
         $r->print(' <img src="'.$logo.'" alt="" class="LC_maxwidth" />'."\n");
     }