--- loncom/auth/migrateuser.pm	2021/10/26 14:20:40	1.53
+++ loncom/auth/migrateuser.pm	2021/11/03 01:04:02	1.54
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Starts a user off based of an existing token.
 #
-# $Id: migrateuser.pm,v 1.53 2021/10/26 14:20:40 raeburn Exp $
+# $Id: migrateuser.pm,v 1.54 2021/11/03 01:04:02 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -283,19 +283,17 @@ sub ip_changed {
         my %info= (
                     'domain'          => $udom,
                     'username'        => $dataref->{'username'},
-                    'role'            => $dataref->{'role'},
                     'sessionserver'   => $lonhost,
                   );
-        if ($dataref->{'origurl'}) {
-            $info{'origurl'} = $dataref->{'origurl'};
-        }
-        if ($dataref->{'symb'}) {
-            $info{'symb'} = $dataref->{'symb'};
+        my @names = ('origurl','symb','role','linkprot','linkkey');
+        foreach my $name (@names) {
+            if ($dataref->{$name} ne '') {
+                $info{$name} = $dataref->{$name};
+            }
         }
-        my $iptoken = &Apache::lonnet::tmpput(\%info,$switchto);
+        my $iptoken = &Apache::lonnet::tmpput(\%info,$switchto,'link');
         unless ($iptoken eq 'conlost') {
-            $url .= ($url =~ /\?/) ? '&' : '?';
-            $url .= 'iptoken='.$iptoken;
+            $url .= (($url =~ /\?/) ? '&' : '?') . 'iptoken='.$iptoken;
         }
         $r->print(&Apache::loncommon::start_page($title,undef,
                                                  {'redirect' =>
@@ -709,8 +707,29 @@ sub handler {
 	if ($handle) {
 	    &Apache::lonnet::transfer_profile_to_env($r->dir_config('lonIDsDir'),
 						     $handle);
+            my $checklaunch;
+            if ($data{'origurl'} =~ m{^/tiny/$match_domain/\w+$}) {
+                if ($env{'request.linkprot'} ne '') {
+                     unless ($env{'request.linkprot'} eq $data{'linkprot'}) {
+                         $checklaunch = 1;
+                     }
+                }
+                if ($env{'request.linkkey'} ne '') {
+                    unless ($env{'request.linkkey'} eq $data{'linkkey'}) {
+                        $checklaunch = 1;
+                    }
+                }
+                if ($env{'request.deeplink.login'}) {
+                    unless ($env{'request.deeplink.login'} eq $data{'deeplink.login'}) {
+                        $checklaunch = 1;
+                    }
+                }
+            }
             if ($data{'linkprot'} ne '') {
                 &Apache::lonnet::appenv({'request.linkprot' => $data{'linkprot'}});
+                if ($env{'request.linkkey'}) {
+                    &Apache::lonnet::delenv('request.linkkey');
+                }
                 my ($linkprotector,$deeplink) = split(/:/,$data{'linkprot'},2);
                 if ($env{'user.linkprotector'}) {
                     my @protectors = split(/,/,$env{'user.linkprotector'});
@@ -734,6 +753,9 @@ sub handler {
                 }
             } elsif ($data{'linkkey'} ne '') {
                 &Apache::lonnet::appenv({'request.linkkey' => $data{'linkkey'}});
+                if ($env{'request.linkprot'}) {
+                    &Apache::lonnet::delenv('request.linkprot');
+                }
                 my $deeplink = $data{'deeplink.login'};
                 my $linkkey = $data{'linkkey'};
                 if ($env{'user.deeplinkkey'} ne '') {
@@ -837,7 +859,26 @@ sub handler {
                     }
                 }
             } elsif ($data{'origurl'} ne '') {
-                $r->internal_redirect($data{'origurl'});
+                my $dest = $data{'origurl'};
+                if (($env{'request.deeplink.login'} eq $data{'origurl'}) &&
+                    (($env{'request.linkprot'}) || ($env{'request.linkkey'} ne ''))) {
+                    my %info;
+                    if ($env{'request.linkprot'}) {
+                        $info{'linkprot'} = $env{'request.linkprot'};
+                    } elsif ($env{'request.linkkey'} ne '') {
+                        $info{'linkkey'} = $env{'request.linkkey'};
+                    }
+                    $info{'origurl'} = $data{'origurl'};
+                    if ($checklaunch) {
+                        $info{'checklaunch'} = 1;
+                    }
+                    my $token = &Apache::lonnet::tmpput(\%info,$r->dir_config('lonHostID'),'link');
+                    unless (($token eq 'con_lost') || ($token eq 'refused') ||
+                            ($token eq 'unknown_cmd') || ($token eq 'no_such_host')) {
+                        $dest .= (($dest =~ /\?/) ? '&' : '?') . 'ttoken='.$token;
+                    }
+                }
+                $r->internal_redirect($dest);
             } elsif ($env{'request.course.id'}) {
                 $r->internal_redirect('/adm/navmaps');
 	    } else {
@@ -889,7 +930,7 @@ sub handler {
                 }
                 if ($data{'deeplink.login'}) {
                    if (ref($extra_env) eq 'HASH') {
-                        $extra_env->{'request.deeplink.login' => $data{'deeplink.login'}};
+                        $extra_env->{'request.deeplink.login'} = $data{'deeplink.login'};
                     } else {
                         $extra_env = {'request.deeplink.login' => $data{'deeplink.login'}};
                     }
@@ -939,15 +980,15 @@ sub handler {
     } elsif ($data{'origurl'} =~ m{^/tiny/$match_domain/\w+$}) {
         $next_url=$data{'origurl'};
     } else {
-        $next_url='/adm/roles?selectrole=1&'.&escape($data{'role'}).'=1';
+        $next_url='/adm/roles?selectrole=1&'.&escape($data{'role'}).'=1';
         if ($data{'origurl'} ne '') {
-            $next_url .= '&orgurl='.&escape($data{'origurl'});
+            $next_url .= '&orgurl='.&escape($data{'origurl'});
         }
     }
     if ($data{'lti.login'}) {
         if (($data{'origurl'} =~ m{/default_\d+\.sequence$}) ||
             ($data{'origurl'} =~ m{^/res/.+\.sequence$})) {
-            $next_url .= '&navmap=1';
+            $next_url .= '&navmap=1';
         }
     }
     if ($reuse_session) {