--- loncom/auth/lonuploadedacc.pm	2002/09/30 21:01:41	1.3
+++ loncom/auth/lonuploadedacc.pm	2003/05/13 01:56:32	1.9
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Access Handler for User Files
 #
-# $Id: lonuploadedacc.pm,v 1.3 2002/09/30 21:01:41 albertel Exp $
+# $Id: lonuploadedacc.pm,v 1.9 2003/05/13 01:56:32 www Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -28,26 +28,39 @@
 
 package Apache::lonuploadedacc;
 
+#
+# The way this is supposed to work:
+#
+# User A has client machine C
+# User A is logged into LON-CAPA server S
+# needs file from user B
+# homeserver for user B is H
+# 
+# This handler runs on H
+# To access a userfile:
+# Server S generates a token and puts it into the query string of URL for H
+# Client box C asks H for file with token issued by C
+# H now must ask S if token is valid, uses S's lond-command tokenauthuserfile
+
 use strict;
-use Apache::Constants qw(:common :remotehost);
+use Apache::Constants qw(:common);
 use Apache::lonnet();
 
 sub handler {
     my $r = shift;
     my $args=$r->args;
-    &Apache::loncommon::get_unprocessed_cgi($args,['token']); 
+    &Apache::loncommon::get_unprocessed_cgi($args,['token','tokenissued']); 
     my (undef,undef,$udom,$uname,$ufile)=split(/\//,$r->uri);
     $ufile=~s/^[\~\.]+//;
-    my ($server)=($ENV{'form.token'}=~/\_([a-zA-Z0-9]+)$/);
-
+    my $remoteserver=$ENV{'form.tokenissued'};
     my $reply=&Apache::lonnet::reply('tokenauthuserfile:'.
                  $udom.'/'.$uname.'/'.$ufile.':'.$ENV{'form.token'},
-				     $server);
+				     $remoteserver);
     if ($reply eq 'ok') {
        return OK;
    } else {
        &Apache::lonnet::logthis(
-"Refused userfile access $uname at $udom for $ufile from $server with $ENV{'form.token'}: $reply");
+"Refused userfile access $uname at $udom for $ufile with $remoteserver token $ENV{'form.token'}: $reply");
        return FORBIDDEN;
    }
 }