|
version 1.192, 2021/10/26 15:52:54
|
version 1.193, 2021/11/03 01:04:02
|
|
Line 49 sub handler {
|
Line 49 sub handler {
|
| (join('&',$ENV{'QUERY_STRING'},$env{'request.querystring'},
|
(join('&',$ENV{'QUERY_STRING'},$env{'request.querystring'},
|
| $ENV{'REDIRECT_QUERY_STRING'}),
|
$ENV{'REDIRECT_QUERY_STRING'}),
|
| ['interface','username','domain','firsturl','localpath','localres',
|
['interface','username','domain','firsturl','localpath','localres',
|
| 'token','role','symb','iptoken','btoken','ltoken','linkkey','saml',
|
'token','role','symb','iptoken','btoken','ltoken','ttoken','linkkey',
|
| 'sso','retry']);
|
'saml','sso','retry']);
|
| |
|
| |
# -- check if they are a migrating user
|
| |
if (defined($env{'form.token'})) {
|
| |
return &Apache::migrateuser::handler($r);
|
| |
}
|
| |
|
| my $lonhost = $r->dir_config('lonHostID');
|
my $lonhost = $r->dir_config('lonHostID');
|
| my $linkkey;
|
if ($env{'form.ttoken'}) {
|
| if (($env{'form.sso'}) || ($env{'form.retry'})) {
|
my %info = &Apache::lonnet::tmpget($env{'form.ttoken'});
|
| |
&Apache::lonnet::tmpdel($env{'form.ttoken'});
|
| |
if ($info{'origurl'}) {
|
| |
$env{'form.firsturl'} = $info{'origurl'};
|
| |
}
|
| |
if ($info{'ltoken'}) {
|
| |
$env{'form.ltoken'} = $info{'ltoken'};
|
| |
} elsif ($info{'linkprot'}) {
|
| |
$env{'form.linkprot'} = $info{'linkprot'};
|
| |
} elsif ($info{'linkkey'} ne '') {
|
| |
$env{'form.linkkey'} = $info{'linkkey'};
|
| |
}
|
| |
} elsif (($env{'form.sso'}) || ($env{'form.retry'})) {
|
| my $infotoken;
|
my $infotoken;
|
| if ($env{'form.sso'}) {
|
if ($env{'form.sso'}) {
|
| $infotoken = $env{'form.sso'};
|
$infotoken = $env{'form.sso'};
|
|
Line 70 sub handler {
|
Line 88 sub handler {
|
| &Apache::lonnet::tmpdel($infotoken);
|
&Apache::lonnet::tmpdel($infotoken);
|
| }
|
}
|
| } else {
|
} else {
|
| if ($env{'form.linkkey'}) {
|
|
| $linkkey = $env{'form.linkkey'};
|
|
| }
|
|
| if (!defined($env{'form.firsturl'})) {
|
if (!defined($env{'form.firsturl'})) {
|
| &Apache::lonacc::get_posted_cgi($r,['firsturl']);
|
&Apache::lonacc::get_posted_cgi($r,['firsturl']);
|
| }
|
}
|
|
Line 82 sub handler {
|
Line 97 sub handler {
|
| }
|
}
|
| }
|
}
|
| if (($env{'form.firsturl'} =~ m{^/+tiny/+$LONCAPA::match_domain/+\w+$}) &&
|
if (($env{'form.firsturl'} =~ m{^/+tiny/+$LONCAPA::match_domain/+\w+$}) &&
|
| (!$env{'form.ltoken'}) && (!$env{'form.linkkey'})) {
|
(!$env{'form.ltoken'}) && (!$env{'form.linkprot'}) && (!$env{'form.linkkey'})) {
|
| &Apache::lonacc::get_posted_cgi($r,['linkkey']);
|
&Apache::lonacc::get_posted_cgi($r,['linkkey']);
|
| }
|
}
|
| if ($env{'form.firsturl'} eq '/adm/logout') {
|
if ($env{'form.firsturl'} eq '/adm/logout') {
|
|
Line 90 sub handler {
|
Line 105 sub handler {
|
| }
|
}
|
| }
|
}
|
|
|
|
| # -- check if they are a migrating user
|
|
| if (defined($env{'form.token'})) {
|
|
| return &Apache::migrateuser::handler($r);
|
|
| }
|
|
|
|
|
| # For "public user" - remove any exising "public" cookie, as user really wants to log-in
|
# For "public user" - remove any exising "public" cookie, as user really wants to log-in
|
| my ($handle,$lonidsdir,$expirepub,$userdom);
|
my ($handle,$lonidsdir,$expirepub,$userdom);
|
| $lonidsdir=$r->dir_config('lonIDsDir');
|
$lonidsdir=$r->dir_config('lonIDsDir');
|
|
Line 149 sub handler {
|
Line 159 sub handler {
|
| $protocol = 'http' if ($protocol ne 'https');
|
$protocol = 'http' if ($protocol ne 'https');
|
| my $dest = '/adm/roles';
|
my $dest = '/adm/roles';
|
| if ($env{'form.firsturl'} ne '') {
|
if ($env{'form.firsturl'} ne '') {
|
| if ($env{'form.firsturl'} =~ /[^\x00-\xFF]/) {
|
$dest = &HTML::Entities::encode($env{'form.firsturl'},'\'"<>&');
|
| $dest = &uri_escape_utf8($env{'form.firsturl'});
|
|
| } else {
|
|
| $dest = &uri_escape($env{'form.firsturl'});
|
|
| }
|
|
| $dest = &HTML::Entities::encode($dest,"'");
|
|
| }
|
}
|
| my %info = (
|
my %info = (
|
| balcookie => $lonhost.':'.$balancer_cookie,
|
balcookie => $lonhost.':'.$balancer_cookie,
|
| );
|
);
|
| if ($env{'form.ltoken'}) {
|
if ($env{'form.role'}) {
|
| my %link_info = &Apache::lonnet::tmpget($env{'form.ltoken'});
|
$info{'role'} = $env{'form.role'};
|
| if ($link_info{'linkprot'}) {
|
}
|
| $info{'linkprot'} = $link_info{'linkprot'};
|
if ($env{'form.symb'}) {
|
| }
|
$info{'symb'} = $env{'form.symb'};
|
| &Apache::lonnet::tmpdel($env{'form.ltoken'});
|
|
| delete($env{'form.ltoken'});
|
|
| } elsif ($env{'form.linkkey'}) {
|
|
| $info{'linkkey'} = $env{'form.linkkey'};
|
|
| delete($env{'form.linkkey'});
|
|
| }
|
}
|
| my $balancer_token = &Apache::lonnet::tmpput(\%info,$found_server);
|
my $balancer_token = &Apache::lonnet::tmpput(\%info,$found_server);
|
| if ($balancer_token) {
|
unless (($balancer_token eq 'con_lost') || ($balancer_token eq 'refused') ||
|
| |
($balancer_token eq 'unknown_cmd') || ($balancer_token eq 'no_such_host')) {
|
| $dest .= (($dest=~/\?/)?'&':'?') . 'btoken='.$balancer_token;
|
$dest .= (($dest=~/\?/)?'&':'?') . 'btoken='.$balancer_token;
|
| }
|
}
|
| |
if ($env{'form.firsturl'} =~ m{^/tiny/$match_domain/\w+$}) {
|
| |
my %link_info;
|
| |
if ($env{'form.ltoken'}) {
|
| |
$link_info{'ltoken'} = $env{'form.ltoken'};
|
| |
} elsif ($env{'form.linkprot'}) {
|
| |
$link_info{'linkprot'} = $env{'form.linkprot'};
|
| |
} elsif ($env{'form.linkkey'} ne '') {
|
| |
$link_info{'linkkey'} = $env{'form.linkkey'};
|
| |
}
|
| |
if (keys(%link_info)) {
|
| |
$link_info{'origurl'} = $env{'form.firsturl'};
|
| |
my $token = &Apache::lonnet::tmpput(\%link_info,$found_server,'link');
|
| |
unless (($token eq 'con_lost') || ($token eq 'refused') ||
|
| |
($token eq 'unknown_cmd') || ($token eq 'no_such_host')) {
|
| |
$dest .= (($dest=~/\?/)?'&':'?') . 'ttoken='.$token;
|
| |
}
|
| |
}
|
| |
}
|
| unless ($found_server eq $lonhost) {
|
unless ($found_server eq $lonhost) {
|
| my $alias = &Apache::lonnet::use_proxy_alias($r,$found_server);
|
my $alias = &Apache::lonnet::use_proxy_alias($r,$found_server);
|
| $hostname = $alias if ($alias ne '');
|
$hostname = $alias if ($alias ne '');
|
|
Line 193 sub handler {
|
Line 212 sub handler {
|
| # it a balancer cookie for an active session on this server.
|
# it a balancer cookie for an active session on this server.
|
| #
|
#
|
|
|
|
| my ($balcookie,$linkprot,$linkkey);
|
my $balcookie;
|
| if ($env{'form.btoken'}) {
|
if ($env{'form.btoken'}) {
|
| my %info = &Apache::lonnet::tmpget($env{'form.btoken'});
|
my %info = &Apache::lonnet::tmpget($env{'form.btoken'});
|
| $balcookie = $info{'balcookie'};
|
$balcookie = $info{'balcookie'};
|
| if ($balcookie) {
|
|
| if ($info{'linkprot'}) {
|
|
| $linkprot = $info{'linkprot'};
|
|
| } elsif ($info{'linkkey'}) {
|
|
| $linkkey = $info{'linkkey'};
|
|
| }
|
|
| }
|
|
| &Apache::lonnet::tmpdel($env{'form.btoken'});
|
&Apache::lonnet::tmpdel($env{'form.btoken'});
|
| delete($env{'form.btoken'});
|
delete($env{'form.btoken'});
|
| }
|
}
|
|
Line 234 sub handler {
|
Line 246 sub handler {
|
| &Apache::loncommon::end_page();
|
&Apache::loncommon::end_page();
|
| my $dest = '/adm/roles';
|
my $dest = '/adm/roles';
|
| if ($env{'form.firsturl'} ne '') {
|
if ($env{'form.firsturl'} ne '') {
|
| if ($env{'form.firsturl'} =~ /[^\x00-\xFF]/) {
|
$dest = &HTML::Entities::encode($env{'form.firsturl'},'\'"<>&');
|
| $dest = &uri_escape_utf8($env{'form.firsturl'});
|
|
| } else {
|
|
| $dest = &uri_escape($env{'form.firsturl'});
|
|
| }
|
|
| $dest = &HTML::Entities::encode($dest,"'");
|
|
| }
|
}
|
| if (($env{'form.ltoken'}) || ($linkprot)) {
|
if (($env{'form.ltoken'}) || ($env{'form.linkprot'})) {
|
| unless ($linkprot) {
|
my $linkprot;
|
| |
if ($env{'form.ltoken'}) {
|
| my %info = &Apache::lonnet::tmpget($env{'form.ltoken'});
|
my %info = &Apache::lonnet::tmpget($env{'form.ltoken'});
|
| $linkprot = $info{'linkprot'};
|
$linkprot = $info{'linkprot'};
|
| my $delete = &Apache::lonnet::tmpdel($env{'form.ltoken'});
|
my $delete = &Apache::lonnet::tmpdel($env{'form.ltoken'});
|
| delete($env{'form.ltoken'});
|
} else {
|
| |
$linkprot = $env{'form.linkprot'};
|
| }
|
}
|
| if ($linkprot) {
|
if ($linkprot) {
|
| my ($linkprotector,$deeplink) = split(/:/,$linkprot,2);
|
my ($linkprotector,$deeplink) = split(/:/,$linkprot,2);
|
|
Line 271 sub handler {
|
Line 280 sub handler {
|
| &Apache::lonnet::appenv({'user.linkproturi' => $deeplink});
|
&Apache::lonnet::appenv({'user.linkproturi' => $deeplink});
|
| }
|
}
|
| }
|
}
|
| } elsif (($env{'form.linkkey'}) || ($linkkey)) {
|
} elsif ($env{'form.linkkey'} ne '') {
|
| if ($env{'form.firsturl'} =~ m{^/tiny/$match_domain/\w+$}) {
|
if ($env{'form.firsturl'} =~ m{^/tiny/$match_domain/\w+$}) {
|
| if ($linkkey eq '') {
|
my $linkkey = $env{'form.linkkey'};
|
| $linkkey = $env{'form.linkkey'};
|
|
| }
|
|
| if ($env{'user.deeplinkkey'}) {
|
if ($env{'user.deeplinkkey'}) {
|
| my @linkkeys = split(/,/,$env{'user.deeplinkkey'});
|
my @linkkeys = split(/,/,$env{'user.deeplinkkey'});
|
| unless (grep(/^\Q$linkkey\E$/,@linkkeys)) {
|
unless (grep(/^\Q$linkkey\E$/,@linkkeys)) {
|
| push(@linkkeys,$linkkey);
|
push(@linkkeys,$linkkey);
|
| &Apache::lonnet::appenv({'user.deeplinkkey' => join(',',sort(@linkkeys))});
|
&Apache::lonnet::appenv({'user.deeplinkkey' => join(',',sort(@linkkeys))});
|
| }
|
}
|
| } else {
|
} else {
|
| &Apache::lonnet::appenv({'user.deeplinkkey' => $linkkey});
|
&Apache::lonnet::appenv({'user.deeplinkkey' => $linkkey});
|
|
Line 337 sub handler {
|
Line 344 sub handler {
|
| my $defdom = $domain;
|
my $defdom = $domain;
|
| if ($lonhost ne '') {
|
if ($lonhost ne '') {
|
| unless ($sessiondata{'sessionserver'}) {
|
unless ($sessiondata{'sessionserver'}) {
|
| my $redirect = &check_loginvia($domain,$lonhost,$lonidsdir,$balcookie,
|
my $redirect = &check_loginvia($domain,$lonhost,$lonidsdir,$balcookie);
|
| $linkprot,$linkkey);
|
|
| if ($redirect) {
|
if ($redirect) {
|
| $r->print($redirect);
|
$r->print($redirect);
|
| return OK;
|
return OK;
|
|
Line 423 sub handler {
|
Line 429 sub handler {
|
|
|
|
| # -------------------------------------------------------- Store away log token
|
# -------------------------------------------------------- Store away log token
|
| my ($tokenextras,$tokentype);
|
my ($tokenextras,$tokentype);
|
| my @names = ('role','symb','iptoken','ltoken','linkkey');
|
my @names = ('role','symb','iptoken','ltoken','linkprot','linkkey');
|
| foreach my $name (@names) {
|
foreach my $name (@names) {
|
| if ($env{'form.'.$name} ne '') {
|
if ($env{'form.'.$name} ne '') {
|
| if ($name eq 'ltoken') {
|
if ($name eq 'ltoken') {
|
| my %info = &Apache::lonnet::tmpget($env{'form.ltoken'});
|
my %info = &Apache::lonnet::tmpget($env{'form.'.$name});
|
| if ($info{'linkprot'}) {
|
if ($info{'linkprot'}) {
|
| $tokenextras .= '&linkprot='.&escape($info{'linkprot'});
|
$tokenextras .= '&linkprot='.&escape($info{'linkprot'});
|
| $tokentype = 'link';
|
$tokentype = 'link';
|
|
Line 435 sub handler {
|
Line 441 sub handler {
|
| }
|
}
|
| } else {
|
} else {
|
| $tokenextras .= '&'.$name.'='.&escape($env{'form.'.$name});
|
$tokenextras .= '&'.$name.'='.&escape($env{'form.'.$name});
|
| if ($name eq 'linkkey') {
|
if (($name eq 'linkkey') || ($name eq 'linkprot')) {
|
| $tokentype = 'link';
|
$tokentype = 'link';
|
| }
|
}
|
| }
|
}
|
|
Line 445 sub handler {
|
Line 451 sub handler {
|
| $tokenextras .= ":$tokentype";
|
$tokenextras .= ":$tokentype";
|
| }
|
}
|
| my $logtoken=Apache::lonnet::reply(
|
my $logtoken=Apache::lonnet::reply(
|
| 'tmpput:'.$ukey.$lkey.'&'.$firsturl.$tokenextras,
|
'tmpput:'.$ukey.$lkey.'&'.&escape($firsturl).$tokenextras,
|
| $lonhost);
|
$lonhost);
|
|
|
|
| # -- If we cannot talk to ourselves, or hostID does not map to a hostname
|
# -- If we cannot talk to ourselves, or hostID does not map to a hostname
|
|
Line 1000 ENDDOCUMENT
|
Line 1006 ENDDOCUMENT
|
| }
|
}
|
|
|
|
| sub check_loginvia {
|
sub check_loginvia {
|
| my ($domain,$lonhost,$lonidsdir,$balcookie,$linkprot,$linkkey) = @_;
|
my ($domain,$lonhost,$lonidsdir,$balcookie) = @_;
|
| if ($domain eq '' || $lonhost eq '' || $lonidsdir eq '') {
|
if ($domain eq '' || $lonhost eq '' || $lonidsdir eq '') {
|
| return;
|
return;
|
| }
|
}
|
|
Line 1060 sub check_loginvia {
|
Line 1066 sub check_loginvia {
|
| }
|
}
|
| }
|
}
|
| }
|
}
|
| $output = &redirect_page($newhost,$path,$linkprot,$linkkey);
|
$output = &redirect_page($newhost,$path);
|
| }
|
}
|
| }
|
}
|
| }
|
}
|
|
Line 1069 sub check_loginvia {
|
Line 1075 sub check_loginvia {
|
| }
|
}
|
|
|
|
| sub redirect_page {
|
sub redirect_page {
|
| my ($desthost,$path,$linkprot,$linkkey) = @_;
|
my ($desthost,$path) = @_;
|
| my $hostname = &Apache::lonnet::hostname($desthost);
|
my $hostname = &Apache::lonnet::hostname($desthost);
|
| my $protocol = $Apache::lonnet::protocol{$desthost};
|
my $protocol = $Apache::lonnet::protocol{$desthost};
|
| $protocol = 'http' if ($protocol ne 'https');
|
$protocol = 'http' if ($protocol ne 'https');
|
|
Line 1087 sub redirect_page {
|
Line 1093 sub redirect_page {
|
| $querystring = &HTML::Entities::encode($querystring,"'");
|
$querystring = &HTML::Entities::encode($querystring,"'");
|
| $url .='?firsturl='.$querystring;
|
$url .='?firsturl='.$querystring;
|
| }
|
}
|
| if ($linkprot) {
|
if (($env{'form.ltoken'}) || ($env{'form.linkkey'} ne '')) {
|
| my $ltoken = &Apache::lonnet::tmpput({linkprot => $linkprot},$desthost);
|
my %link_info;
|
| if ($ltoken) {
|
if ($env{'form.ltoken'}) {
|
| $url .= (($url =~ /\?/) ? '&' : '?').'ltoken='.$ltoken;
|
$link_info{'ltoken'} = $env{'form.ltoken'};
|
| |
} elsif ($env{'form.linkkey'} ne '') {
|
| |
$link_info{'linkkey'} = $env{'form.linkkey'};
|
| |
}
|
| |
my $token = &Apache::lonnet::tmpput(\%link_info,$desthost,'link');
|
| |
unless (($token eq 'con_lost') || ($token eq 'refused') ||
|
| |
($token eq 'unknown_cmd') || ($token eq 'no_such_host')) {
|
| |
$url .= (($url=~/\?/)?'&':'?') . 'ttoken='.$token;
|
| }
|
}
|
| } elsif ($linkkey) {
|
|
| $url .= (($url =~ /\?/) ? '&' : '?').'linkkey='.&uri_escape($linkkey);
|
|
| }
|
}
|
| my $start_page = &Apache::loncommon::start_page('Switching Server ...',undef,
|
my $start_page = &Apache::loncommon::start_page('Switching Server ...',undef,
|
| {'redirect' => [0,$url],});
|
{'redirect' => [0,$url],});
|
![[BACK]](/icons/back.gif){kind=icon}
Return to lonlogin.pm CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom / auth