loncom/auth/lonlogin.pm - diff

Return to lonlogin.pm CVS log

Up to [LON-CAPA] / loncom / auth

Diff for /loncom/auth/lonlogin.pm between versions 1.186 and 1.192

version 1.186, 2021/09/28 20:47:46	version 1.192, 2021/10/26 15:52:54
Line 38 use Apache::lonlocal;	Line 38 use Apache::lonlocal;
use Apache::migrateuser();	use Apache::migrateuser();
use lib '/home/httpd/lib/perl/';	use lib '/home/httpd/lib/perl/';
use LONCAPA qw(:DEFAULT :match);	use LONCAPA qw(:DEFAULT :match);
	use URI::Escape;
	use HTML::Entities();
use CGI::Cookie();	use CGI::Cookie();

sub handler {	sub handler {
Line 47 sub handler {	Line 49 sub handler {
(join('&',$ENV{'QUERY_STRING'},$env{'request.querystring'},	(join('&',$ENV{'QUERY_STRING'},$env{'request.querystring'},
$ENV{'REDIRECT_QUERY_STRING'}),	$ENV{'REDIRECT_QUERY_STRING'}),
['interface','username','domain','firsturl','localpath','localres',	['interface','username','domain','firsturl','localpath','localres',
'token','role','symb','iptoken','btoken','ltoken','linkkey','saml']);	'token','role','symb','iptoken','btoken','ltoken','linkkey','saml',
if (!defined($env{'form.firsturl'})) {	'sso','retry']);
&Apache::lonacc::get_posted_cgi($r,['firsturl']);	my $lonhost = $r->dir_config('lonHostID');
}	my $linkkey;
if (!defined($env{'form.firsturl'})) {	if (($env{'form.sso'}) \|\| ($env{'form.retry'})) {
if ($ENV{'REDIRECT_URL'} =~ m{^/+tiny/+$LONCAPA::match_domain/+\w+$}) {	my $infotoken;
$env{'form.firsturl'} = $ENV{'REDIRECT_URL'};	if ($env{'form.sso'}) {
	$infotoken = $env{'form.sso'};
	} else {
	$infotoken = $env{'form.retry'};
	}
	my $data = &Apache::lonnet::reply('tmpget:'.$infotoken,$lonhost);
	unless (($data=~/^error/) \|\| ($data eq 'con_lost') \|\|
	($data eq 'no_such_host')) {
	my %info = &decode_token($data);
	foreach my $item (keys(%info)) {
	$env{'form.'.$item} = $info{$item};
	}
	&Apache::lonnet::tmpdel($infotoken);
	}
	} else {
	if ($env{'form.linkkey'}) {
	$linkkey = $env{'form.linkkey'};
	}
	if (!defined($env{'form.firsturl'})) {
	&Apache::lonacc::get_posted_cgi($r,['firsturl']);
	}
	if (!defined($env{'form.firsturl'})) {
	if ($ENV{'REDIRECT_URL'} =~ m{^/+tiny/+$LONCAPA::match_domain/+\w+$}) {
	$env{'form.firsturl'} = $ENV{'REDIRECT_URL'};
	}
	}
	if (($env{'form.firsturl'} =~ m{^/+tiny/+$LONCAPA::match_domain/+\w+$}) &&
	(!$env{'form.ltoken'}) && (!$env{'form.linkkey'})) {
	&Apache::lonacc::get_posted_cgi($r,['linkkey']);
	}
	if ($env{'form.firsturl'} eq '/adm/logout') {
	delete($env{'form.firsturl'});
}	}
}
if (($env{'form.firsturl'} =~ m{^/+tiny/+$LONCAPA::match_domain/+\w+$}) &&
(!$env{'form.ltoken'}) && (!$env{'form.linkkey'})) {
&Apache::lonacc::get_posted_cgi($r,['linkkey']);
}	}

# -- check if they are a migrating user	# -- check if they are a migrating user
Line 110 sub handler {	Line 139 sub handler {
return OK;	return OK;
}	}

my $lonhost = $r->dir_config('lonHostID');
$env{'form.firsturl'} =~ s/(`)/'/g;

# Check if browser sent a LON-CAPA load balancer cookie (and this is a balancer)	# Check if browser sent a LON-CAPA load balancer cookie (and this is a balancer)

my ($found_server,$balancer_cookie) = &Apache::lonnet::check_for_balancer_cookie($r,1);	my ($found_server,$balancer_cookie) = &Apache::lonnet::check_for_balancer_cookie($r,1);
Line 123 sub handler {	Line 149 sub handler {
$protocol = 'http' if ($protocol ne 'https');	$protocol = 'http' if ($protocol ne 'https');
my $dest = '/adm/roles';	my $dest = '/adm/roles';
if ($env{'form.firsturl'} ne '') {	if ($env{'form.firsturl'} ne '') {
$dest = $env{'form.firsturl'};	if ($env{'form.firsturl'} =~ /[^\x00-\xFF]/) {
	$dest = &uri_escape_utf8($env{'form.firsturl'});
	} else {
	$dest = &uri_escape($env{'form.firsturl'});
	}
	$dest = &HTML::Entities::encode($dest,"'");
}	}
my %info = (	my %info = (
balcookie => $lonhost.':'.$balancer_cookie,	balcookie => $lonhost.':'.$balancer_cookie,
Line 141 sub handler {	Line 172 sub handler {
}	}
my $balancer_token = &Apache::lonnet::tmpput(\%info,$found_server);	my $balancer_token = &Apache::lonnet::tmpput(\%info,$found_server);
if ($balancer_token) {	if ($balancer_token) {
$dest .= (($dest=~/\?/)?'&;':'?') . 'btoken='.$balancer_token;	$dest .= (($dest=~/\?/)?'&':'?') . 'btoken='.$balancer_token;
}	}
unless ($found_server eq $lonhost) {	unless ($found_server eq $lonhost) {
my $alias = &Apache::lonnet::use_proxy_alias($r,$found_server);	my $alias = &Apache::lonnet::use_proxy_alias($r,$found_server);
Line 203 sub handler {	Line 234 sub handler {
&Apache::loncommon::end_page();	&Apache::loncommon::end_page();
my $dest = '/adm/roles';	my $dest = '/adm/roles';
if ($env{'form.firsturl'} ne '') {	if ($env{'form.firsturl'} ne '') {
$dest = $env{'form.firsturl'};	if ($env{'form.firsturl'} =~ /[^\x00-\xFF]/) {
	$dest = &uri_escape_utf8($env{'form.firsturl'});
	} else {
	$dest = &uri_escape($env{'form.firsturl'});
	}
	$dest = &HTML::Entities::encode($dest,"'");
}	}
if (($env{'form.ltoken'}) \|\| ($linkprot)) {	if (($env{'form.ltoken'}) \|\| ($linkprot)) {
unless ($linkprot) {	unless ($linkprot) {
Line 292 sub handler {	Line 328 sub handler {
$env{'form.interface'}=~s/\W//g;	$env{'form.interface'}=~s/\W//g;

(undef,undef,undef,undef,undef,undef,my $clientmobile) =	(undef,undef,undef,undef,undef,undef,my $clientmobile) =
&Apache::loncommon::decode_user_agent();	&Apache::loncommon::decode_user_agent($r);

my $iconpath=	my $iconpath=
&Apache::loncommon::lonhttpdurl($r->dir_config('lonIconsURL'));	&Apache::loncommon::lonhttpdurl($r->dir_config('lonIconsURL'));
Line 301 sub handler {	Line 337 sub handler {
my $defdom = $domain;	my $defdom = $domain;
if ($lonhost ne '') {	if ($lonhost ne '') {
unless ($sessiondata{'sessionserver'}) {	unless ($sessiondata{'sessionserver'}) {
my $redirect = &check_loginvia($domain,$lonhost,$lonidsdir,$balcookie,$linkprot);	my $redirect = &check_loginvia($domain,$lonhost,$lonidsdir,$balcookie,
	$linkprot,$linkkey);
if ($redirect) {	if ($redirect) {
$r->print($redirect);	$r->print($redirect);
return OK;	return OK;
Line 385 sub handler {	Line 422 sub handler {
if ($uextkey>2147483647) { $uextkey-=4294967296; }	if ($uextkey>2147483647) { $uextkey-=4294967296; }

# -------------------------------------------------------- Store away log token	# -------------------------------------------------------- Store away log token
my $tokenextras;	my ($tokenextras,$tokentype);
if ($env{'form.role'}) {	my @names = ('role','symb','iptoken','ltoken','linkkey');
$tokenextras = '&role='.&escape($env{'form.role'});	foreach my $name (@names) {
}	if ($env{'form.'.$name} ne '') {
if ($env{'form.symb'}) {	if ($name eq 'ltoken') {
if (!$tokenextras) {	my %info = &Apache::lonnet::tmpget($env{'form.ltoken'});
$tokenextras = '&';	if ($info{'linkprot'}) {
}	$tokenextras .= '&linkprot='.&escape($info{'linkprot'});
$tokenextras .= '&symb='.&escape($env{'form.symb'});	$tokentype = 'link';
}	last;
if ($env{'form.iptoken'}) {	}
if (!$tokenextras) {	} else {
$tokenextras = '&&';	$tokenextras .= '&'.$name.'='.&escape($env{'form.'.$name});
	if ($name eq 'linkkey') {
	$tokentype = 'link';
	}
	}
}	}
$tokenextras .= '&iptoken='.&escape($env{'form.iptoken'});
}	}
if ($env{'form.ltoken'}) {	if ($tokentype) {
my %info = &Apache::lonnet::tmpget($env{'form.ltoken'});	$tokenextras .= ":$tokentype";
&Apache::lonnet::tmpdel($env{'form.ltoken'});
delete($env{'form.ltoken'});
if ($info{'linkprot'}) {
if (!$tokenextras) {
$tokenextras = '&&&';
}
$tokenextras .= '&linkprot='.&escape($info{'linkprot'});
}
} elsif ($env{'form.linkkey'}) {
if (!$tokenextras) {
$tokenextras = '&&&';
}
$tokenextras .= '&linkkey='.&escape($env{'form.linkkey'});
}	}
my $logtoken=Apache::lonnet::reply(	my $logtoken=Apache::lonnet::reply(
'tmpput:'.$ukey.$lkey.'&'.$firsturl.$tokenextras,	'tmpput:'.$ukey.$lkey.'&'.$firsturl.$tokenextras,
Line 428 sub handler {	Line 455 sub handler {
if ($logtoken eq 'no_such_host') {	if ($logtoken eq 'no_such_host') {
&Apache::lonnet::logthis('No valid logtoken for log-in page -- unable to determine hostname for hostID: '.$lonhost.'. Check entry in hosts.tab');	&Apache::lonnet::logthis('No valid logtoken for log-in page -- unable to determine hostname for hostID: '.$lonhost.'. Check entry in hosts.tab');
}	}
	if ($env{'form.ltoken'}) {
	&Apache::lonnet::tmpdel($env{'form.ltoken'});
	delete($env{'form.ltoken'});
	}
my $spares='';	my $spares='';
my (@sparehosts,%spareservers);	my (@sparehosts,%spareservers);
my $sparesref = &Apache::lonnet::this_host_spares($defdom);	my $sparesref = &Apache::lonnet::this_host_spares($defdom);
Line 795 HEADER	Line 826 HEADER
if ($samlssourl ne '') {	if ($samlssourl ne '') {
$ssologin = $samlssourl;	$ssologin = $samlssourl;
}	}
	if (($logtoken eq 'con_lost') \|\| ($logtoken eq 'no_such_host')) {
	my $querystring;
	if ($env{'form.firsturl'} ne '') {
	$querystring = 'origurl=';
	if ($env{'form.firsturl'} =~ /[^\x00-\xFF]/) {
	$querystring .= &uri_escape_utf8($env{'form.firsturl'});
	} else {
	$querystring .= &uri_escape($env{'form.firsturl'});
	}
	$querystring = &HTML::Entities::encode($querystring,"'");
	}
	if ($env{'form.ltoken'} ne '') {
	$querystring .= (($querystring eq '')?'':'&') . 'ltoken='.
	&HTML::Entities::encode(&uri_escape($env{'form.ltoken'}));
	} elsif ($env{'form.linkkey'}) {
	$querystring .= (($querystring eq '')?'':'&') . 'linkkey='.
	&HTML::Entities::encode(&uri_escape($env{'form.linkkey'}));
	}
	if ($querystring ne '') {
	$ssologin .= (($ssologin=~/\?/)?'&':'?') . $querystring;
	}
	} elsif ($logtoken ne '') {
	$ssologin .= (($ssologin=~/\?/)?'&':'?') . 'logtoken='.$logtoken;
	}
my $ssohref;	my $ssohref;
if ($samlssoimg ne '') {	if ($samlssoimg ne '') {
$ssohref = '<a href="'.$ssologin.'" title="'.$samltooltip.'"><img src="'.$samlssoimg.'" alt="'.$samlssoalt.'" /></a>';	$ssohref = '<a href="'.$ssologin.'" title="'.$samltooltip.'"><img src="'.$samlssoimg.'" alt="'.$samlssoalt.'" /></a>';
} else {	} else {
$ssohref = '<a href="'.$ssologin.'">'.$samlssotext.'</a>';	$ssohref = '<a href="'.$ssologin.'">'.$samlssotext.'</a>';
}	}
if ($env{'form.firsturl'}) {
$ssologin .= '?origurl='.&HTML::Entities::encode($env{'form.firsturl'},'<>&"');
}
if (($env{'form.saml'} eq 'no') \|\|	if (($env{'form.saml'} eq 'no') \|\|
(($env{'form.username'} ne '') && ($env{'form.domain'} ne ''))) {	(($env{'form.username'} ne '') && ($env{'form.domain'} ne ''))) {
$ssoauthstyle = 'none';	$ssoauthstyle = 'none';
Line 828 $coursecatalog	Line 880 $coursecatalog
</div>	</div>
</div>	</div>
ENDSAML	ENDSAML
	} else {
	if ($env{'form.ltoken'}) {
	&Apache::lonnet::tmpdel($env{'form.ltoken'});
	delete($env{'form.ltoken'});
	}
}	}

$r->print(<<ENDLOGIN);	$r->print(<<ENDLOGIN);
Line 943 ENDDOCUMENT	Line 1000 ENDDOCUMENT
}	}

sub check_loginvia {	sub check_loginvia {
my ($domain,$lonhost,$lonidsdir,$balcookie,$linkprot) = @_;	my ($domain,$lonhost,$lonidsdir,$balcookie,$linkprot,$linkkey) = @_;
if ($domain eq '' \|\| $lonhost eq '' \|\| $lonidsdir eq '') {	if ($domain eq '' \|\| $lonhost eq '' \|\| $lonidsdir eq '') {
return;	return;
}	}
Line 1003 sub check_loginvia {	Line 1060 sub check_loginvia {
}	}
}	}
}	}
$output = &redirect_page($newhost,$path,$linkprot);	$output = &redirect_page($newhost,$path,$linkprot,$linkkey);
}	}
}	}
}	}
Line 1012 sub check_loginvia {	Line 1069 sub check_loginvia {
}	}

sub redirect_page {	sub redirect_page {
my ($desthost,$path,$linkprot) = @_;	my ($desthost,$path,$linkprot,$linkkey) = @_;
my $hostname = &Apache::lonnet::hostname($desthost);	my $hostname = &Apache::lonnet::hostname($desthost);
my $protocol = $Apache::lonnet::protocol{$desthost};	my $protocol = $Apache::lonnet::protocol{$desthost};
$protocol = 'http' if ($protocol ne 'https');	$protocol = 'http' if ($protocol ne 'https');
Line 1021 sub redirect_page {	Line 1078 sub redirect_page {
}	}
my $url = $protocol.'://'.$hostname.$path;	my $url = $protocol.'://'.$hostname.$path;
if ($env{'form.firsturl'} ne '') {	if ($env{'form.firsturl'} ne '') {
$url .='?firsturl='.$env{'form.firsturl'};	my $querystring;
	if ($env{'form.firsturl'} =~ /[^\x00-\xFF]/) {
	$querystring = &uri_escape_utf8($env{'form.firsturl'});
	} else {
	$querystring = &uri_escape($env{'form.firsturl'});
	}
	$querystring = &HTML::Entities::encode($querystring,"'");
	$url .='?firsturl='.$querystring;
}	}
if ($linkprot) {	if ($linkprot) {
my $ltoken = &Apache::lonnet::tmpput({linkprot => $linkprot},$desthost);	my $ltoken = &Apache::lonnet::tmpput({linkprot => $linkprot},$desthost);
if ($ltoken) {	if ($ltoken) {
$url .= (($url =~ /\?/) ? '&' : '?').'ltoken='.$ltoken;	$url .= (($url =~ /\?/) ? '&' : '?').'ltoken='.$ltoken;
}	}
	} elsif ($linkkey) {
	$url .= (($url =~ /\?/) ? '&' : '?').'linkkey='.&uri_escape($linkkey);
}	}
my $start_page = &Apache::loncommon::start_page('Switching Server ...',undef,	my $start_page = &Apache::loncommon::start_page('Switching Server ...',undef,
{'redirect' => [0,$url],});	{'redirect' => [0,$url],});
Line 1103 sub newuser_link {	Line 1169 sub newuser_link {
return '<a href="/adm/createaccount">'.$linkname.'</a>';	return '<a href="/adm/createaccount">'.$linkname.'</a>';
}	}

	sub decode_token {
	my ($info) = @_;
	my ($firsturl,@rest)=split(/\&/,$info);
	my %form;
	if ($firsturl ne '') {
	$form{'firsturl'} = &unescape($firsturl);
	}
	foreach my $item (@rest) {
	my ($key,$value) = split(/=/,$item);
	$form{$key} = &unescape($value);
	}
	return %form;
	}

1;	1;
__END__	__END__

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.186
changed lines
	Added in v.1.192