--- loncom/auth/lonshibauth.pm 2021/12/12 20:49:26 1.14 +++ loncom/auth/lonshibauth.pm 2022/09/17 23:38:50 1.17 @@ -2,7 +2,7 @@ # Redirect Single Sign On authentication to designated URL: # /adm/sso, by default. # -# $Id: lonshibauth.pm,v 1.14 2021/12/12 20:49:26 raeburn Exp $ +# $Id: lonshibauth.pm,v 1.17 2022/09/17 23:38:50 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -202,6 +202,22 @@ information, and the destination is a de then the LTI number, type (c or d), and tiny URL will be saved as the linkprot item in a token file. +=item set_mailtoken() + +Inputs: 2 +$r - request object +$lonhost - hostID of current server + +Output: 1 +$querystring - query string to append to URL +when redirecting. + +Called if requested URL is /adm/email, dual SSO and non-SSO login +are supported by /adm/login and original query string contains values +for elements: display, username and domain, which will then be +stored in the token file on the server to support direct access +to a specific message sent to the user. + =back =cut @@ -239,7 +255,13 @@ sub handler { } my $dest = $protocol.'://'.$hostname.$target; if ($target eq '/adm/login') { - my $querystring = &set_token($r,$lonhost); + my $uri = $r->uri; + my $querystring; + if (($uri eq '/adm/email') && ($r->args ne '')) { + $querystring = &set_mailtoken($r,$lonhost); + } else { + $querystring = &set_token($r,$lonhost); + } if ($querystring ne '') { $dest .= '?'.$querystring; } @@ -250,6 +272,12 @@ sub handler { if ($querystring ne '') { $dest .= '?'.$querystring; } + } elsif ((&Apache::lonnet::get_saml_landing()) && + ($uri eq '/adm/email') && ($r->args ne '')) { + my $querystring = &set_mailtoken($r,$lonhost); + if ($querystring ne '') { + $dest .= '?'.$querystring; + } } else { if ($r->args ne '') { $dest .= (($dest=~/\?/)?'&':'?').$r->args; @@ -293,6 +321,10 @@ sub set_token { &Apache::lonacc::get_posted_cgi($r,['linkkey']); } } + unless (($r->is_initial_req()) || ($env{'form.ltoken'}) || + ($env{'form.linkkey'})) { + return; + } } my $extras; foreach my $name (@names) { @@ -302,6 +334,11 @@ sub set_token { &Apache::lonnet::tmpdel($env{'form.ltoken'}); if ($info{'linkprot'}) { $extras .= '&linkprot='.&escape($info{'linkprot'}); + foreach my $item ('linkprotuser','linkprotexit') { + if ($info{$item} ne '') { + $extras .= '&'.$item.'='.&escape($info{$item}); + } + } last; } } else { @@ -323,6 +360,36 @@ sub set_token { $querystring .= '&'.$name.'='.$env{$key}; } } + } + return $querystring; +} + +sub set_mailtoken { + my ($r,$lonhost) = @_; + my $firsturl = $r->uri; + my ($querystring,$ssotoken,$extras); + &Apache::loncommon::get_unprocessed_cgi($r->args); + my $extras; + if (($env{'form.display'} ne '') && + ($env{'form.username'} =~ /^$match_username$/) && + ($env{'form.domain'} =~ /^$match_domain$/)) { + $extras .= '&display='.&escape($env{'form.display'}). + '&mailrecip='.&escape($env{'form.username'}.':'.$env{'form.domain'}); + } + if (($firsturl ne '') || ($extras ne '')) { + $extras .= ':sso'; + $ssotoken = &Apache::lonnet::reply('tmpput:'.&escape($firsturl). + $extras,$lonhost); + $querystring = 'sso='.$ssotoken; + } + if ($r->args ne '') { + foreach my $key (sort(keys(%env))) { + if ($key =~ /^form\.(.+)$/) { + my $name = $1; + next if (($name eq 'display') || ($name eq 'username') || ($name eq 'domain')); + $querystring .= '&'.$name.'='.$env{$key}; + } + } } return $querystring; }