File:
[LON-CAPA] /
loncom /
auth /
lonrelaunch.pm
Revision
1.1:
download - view:
text,
annotated -
select for diffs
Sat Jun 18 02:10:18 2022 UTC (22 months, 4 weeks ago) by
raeburn
Branches:
MAIN
CVS tags:
HEAD
- Bug 6907
For LTI-protected deep links in which username is included in launch payload
compare username in payload with username for any existing LON-CAPA session
in current web browser and expire old session, if different user.
1: # The LearningOnline Network
2: # Re-launch guidance for deep linked access with username mismatch
3: #
4: # $Id: lonrelaunch.pm,v 1.1 2022/06/18 02:10:18 raeburn Exp $
5: #
6: # Copyright Michigan State University Board of Trustees
7: #
8: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
9: #
10: # LON-CAPA is free software; you can redistribute it and/or modify
11: # it under the terms of the GNU General Public License as published by
12: # the Free Software Foundation; either version 2 of the License, or
13: # (at your option) any later version.
14: #
15: # LON-CAPA is distributed in the hope that it will be useful,
16: # but WITHOUT ANY WARRANTY; without even the implied warranty of
17: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18: # GNU General Public License for more details.
19: #
20: # You should have received a copy of the GNU General Public License
21: # along with LON-CAPA; if not, write to the Free Software
22: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23: #
24: # /home/httpd/html/adm/gpl.txt
25: #
26: # http://www.lon-capa.org/
27: #
28:
29: package Apache::lonrelaunch;
30:
31: use strict;
32: use lib '/home/httpd/lib/perl/';
33: use Apache::Constants qw(:common :http REDIRECT);
34: use Apache::lonnet;
35: use Apache::loncommon();
36: use Apache::lonlocal;
37: use LONCAPA qw(:DEFAULT :match);
38: use CGI::Cookie();
39:
40: sub handler {
41: my $r = shift;
42:
43: my %data;
44: if ($r->args) {
45: &Apache::loncommon::get_unprocessed_cgi($r->args,['rtoken']);
46: if (exists($env{'form.rtoken'})) {
47: %data = &Apache::lonnet::tmpget($env{'form.rtoken'});
48: my $delete = &Apache::lonnet::tmpdel($env{'form.rtoken'});
49: }
50: }
51: my $handle = &Apache::lonnet::check_for_valid_session($r);
52: if ($handle ne '') {
53: my $lonidsdir=$r->dir_config('lonIDsDir');
54: &Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle);
55: if (unlink("$lonidsdir/$handle.id")) {
56: if (($env{'user.linkedenv'} =~ /^[a-f0-9]+_linked$/) &&
57: (-l "$lonidsdir/$env{'user.linkedenv'}.id") &&
58: (readlink("$lonidsdir/$env{'user.linkedenv'}.id") eq "$lonidsdir/$handle.id")) {
59: unlink("$lonidsdir/$env{'user.linkedenv'}.id");
60: }
61: }
62: my %temp=('logout' => time);
63: my $ip = &Apache::lonnet::get_requestor_ip();
64: &Apache::lonnet::put('email_status',\%temp);
65: &Apache::lonnet::log($env{'user.domain'},
66: $env{'user.name'},
67: $env{'user.home'},
68: "Logout $ip");
69: #expire the cookies
70: my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));
71: foreach my $name (keys(%cookies)) {
72: next unless ($name =~ /^lon(|S|Link|Pub)ID$/);
73: my $c = new CGI::Cookie(-name => $name,
74: -value => '',
75: -expires => '-10y',);
76: $r->headers_out->add('Set-cookie' => $c);
77: }
78: }
79: if (!$Apache::lonlocal::lh) {
80: &Apache::lonlocal::get_language_handle($r);
81: }
82: &Apache::loncommon::content_type($r,'text/html');
83: $r->send_http_header;
84: return OK if $r->header_only;
85:
86: if ((keys(%data)) && ($data{'origurl'} =~ m{^/tiny/$match_domain/\w+$})) {
87: my $url = $data{'origurl'};
88: if (($data{'linkprot'} =~ m{^\w+(c|d):\Q$url\E$}) &&
89: ($data{'linkprotuser'} =~ m{^($match_username):($match_domain)$})) {
90: my $brcrum = [{'href' => '','text' => 'Update session'},];
91: $url .= '?ltoken='.$env{'form.rtoken'};
92: $r->print(&Apache::loncommon::start_page('Updating session',undef,
93: {'only_body' => 1,
94: 'redirect' => [1,$url],
95: 'bread_crumbs' => $brcrum,}).
96: '<p>'.&mt('Updating old session information').'</p>'.
97: &Apache::loncommon::end_page());
98: return OK;
99: }
100: }
101: $r->print(&Apache::loncommon::start_page('Username mismatch',undef,{'only_body' => 1}));
102: $r->print(&mt('Although your credentials were authenticated, the username you entered did not match what was expected [_1] from the link you followed',"($data{'linkprotuser'})"));
103: $r->print(&Apache::loncommon::end_page());
104: return OK;
105: }
106:
107: 1;
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>