1: # The LearningOnline Network
2: # Starts a user off based of an existing token.
3: #
4: # $Id: migrateuser.pm,v 1.25.2.5.2.7 2022/08/30 15:32:51 raeburn Exp $
5: #
6: # Copyright Michigan State University Board of Trustees
7: #
8: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
9: #
10: # LON-CAPA is free software; you can redistribute it and/or modify
11: # it under the terms of the GNU General Public License as published by
12: # the Free Software Foundation; either version 2 of the License, or
13: # (at your option) any later version.
14: #
15: # LON-CAPA is distributed in the hope that it will be useful,
16: # but WITHOUT ANY WARRANTY; without even the implied warranty of
17: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18: # GNU General Public License for more details.
19: #
20: # You should have received a copy of the GNU General Public License
21: # along with LON-CAPA; if not, write to the Free Software
22: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23: #
24: # /home/httpd/html/adm/gpl.txt
25: #
26: # http://www.lon-capa.org/
27: #
28:
29: package Apache::migrateuser;
30:
31: use strict;
32: use LONCAPA qw(:DEFAULT :match);
33: use Apache::Constants qw(:common :http :methods :remotehost);
34: use Apache::lonauth;
35: use Apache::lonnet;
36: use Apache::lonlocal;
37: use Apache::lonlogin();
38: use CGI::Cookie;
39:
40: sub goto_login {
41: my ($r,$domain,$data) = @_;
42: my $write_to_opener;
43: if (ref($data) eq 'HASH') {
44: $write_to_opener = $data->{'lcssowin'};
45: }
46: &Apache::loncommon::content_type($r,'text/html');
47: $r->send_http_header;
48: my $url = '/adm/login';
49: if ($domain) {
50: $url .= '?domain='.$domain;
51: }
52: $r->print(&Apache::loncommon::start_page('Going to login',undef,
53: {'redirect' => [0,$url,'',$write_to_opener],}).
54: '<h1>'.&mt('One moment please...').'</h1>'.
55: '<p>'.&mt('Transferring to login page.').'</p>'.
56: &Apache::loncommon::end_page());
57: return OK;
58: }
59:
60: sub sso_check {
61: my ($data) = @_;
62: my %extra_env;
63: if (ref($data) eq 'HASH') {
64: if ($data->{'sso.login'}) {
65: $extra_env{'request.sso.login'} = $data->{'sso.login'};
66: }
67: if ($data->{'sso.reloginserver'}) {
68: $extra_env{'request.sso.reloginserver'} =
69: $data->{'sso.reloginserver'};
70: }
71: }
72: return \%extra_env;
73: }
74:
75: sub ip_changed {
76: my ($r,$udom,$camefrom,$dataref) = @_;
77: &Apache::loncommon::content_type($r,'text/html');
78: $r->send_http_header;
79: if (ref($dataref) eq 'HASH') {
80: my $title = 'LON-CAPA Session redirected';
81: my $message = &mt('Your internet address has changed since you logged in.');
82: my $rule_in_effect;
83: if ($dataref->{'balancer'}) {
84: my $baldom = &Apache::lonnet::host_domain($camefrom);
85: my $balprimaryid = &Apache::lonnet::domain($baldom,'primary');
86: my $balintdom = &Apache::lonnet::internet_dom($balprimaryid);
87: my $uprimaryid = &Apache::lonnet::domain($udom,'primary');
88: my $uintdom = &Apache::lonnet::internet_dom($uprimaryid);
89: my $dom_in_use;
90: if (($uintdom ne '') && ($uintdom eq $balintdom)) {
91: $dom_in_use = $udom;
92: } else {
93: $dom_in_use = $baldom;
94: }
95: my ($result,$cached)=&Apache::lonnet::is_cached_new('loadbalancing',$dom_in_use);
96: unless (defined($cached)) {
97: my $cachetime = 60*60*24;
98: my %domconfig =
99: &Apache::lonnet::get_dom('configuration',['loadbalancing'],$dom_in_use);
100: if (ref($domconfig{'loadbalancing'}) eq 'HASH') {
101: $result = &Apache::lonnet::do_cache_new('loadbalancing',$dom_in_use,
102: $domconfig{'loadbalancing'},$cachetime);
103: }
104: }
105: if (ref($result) eq 'HASH') {
106: (undef,my $currtargets,my $currrules) =
107: &Apache::lonnet::check_balancer_result($result,$dataref->{'server'});
108: if (ref($currrules) eq 'HASH') {
109: if ($dataref->{'sso.login'}) {
110: if ($currrules->{'_LC_ipchangesso'} ne '') {
111: $rule_in_effect = $currrules->{'_LC_ipchangesso'};
112: }
113: } else {
114: if ($currrules->{'_LC_ipchange'} ne '') {
115: $rule_in_effect = $currrules->{'_LC_ipchange'};
116: }
117: }
118: }
119: }
120: }
121: my $url;
122: my $lonhost= $r->dir_config('lonHostID');
123: my $switchto = $lonhost;
124: if ($rule_in_effect ne 'offloadedto') {
125: my $hosthere;
126: my @ids=&Apache::lonnet::current_machine_ids();
127: unless ($rule_in_effect eq 'balancer') {
128: if (grep(/^\Q$rule_in_effect\E$/,@ids)) {
129: $hosthere = 1;
130: }
131: }
132: unless ($hosthere) {
133: if ($dataref->{'role'}) {
134: my ($adom,$aname);
135: if ($dataref->{'role'} =~ m{^au\./($match_domain)/$}) {
136: $adom = $1;
137: $aname = $dataref->{'username'};
138: } elsif ($dataref->{'role'} =~ m{^(?:ca|aa)\./($match_domain)/($match_username)$}) {
139: $adom = $1;
140: $aname = $2;
141: }
142: if ($adom ne '' && $aname ne '') {
143: my $ahome = &Apache::lonnet::homeserver($aname,$adom);
144: unless ($ahome eq 'no_host') {
145: if ($ahome && grep(/^\Q$ahome\E$/,@ids)) {
146: $hosthere = 1;
147: }
148: }
149: }
150: }
151: }
152: unless ($hosthere) {
153: my $hostname;
154: if ($rule_in_effect eq 'balancer') {
155: $hostname = &Apache::lonnet::hostname($dataref->{'server'});
156: if ($hostname) {
157: $switchto = $dataref->{'server'};
158: }
159: } else {
160: $hostname = &Apache::lonnet::hostname($rule_in_effect);
161: if ($hostname) {
162: $switchto = $rule_in_effect;
163: }
164: }
165: if ($hostname) {
166: my $protocol = $Apache::lonnet::protocol{$switchto};
167: $protocol = 'http' if ($protocol ne 'https');
168: my $alias = &Apache::lonnet::use_proxy_alias($r,$switchto);
169: $hostname = $alias if ($alias ne '');
170: $url = $protocol.'://'.$hostname;
171: if ($rule_in_effect eq 'balancer') {
172: $message .= '<br />'.
173: &mt('As a result, your LON-CAPA session is being redirected to the server where you originally logged in.');
174: } else {
175: $message .= '<br />'.
176: &mt('As a result, your LON-CAPA session is being redirected.');
177: }
178: }
179: }
180: unless ($hosthere) {
181: if (($dataref->{'balancer'}) && ($dataref->{'balcookie'})) {
182: &Apache::lonnet::delbalcookie($dataref->{'balcookie'},$dataref->{'balancer'});
183: }
184: }
185: }
186: if ($dataref->{'sso.login'}) {
187: $url .= '/adm/roles';
188: } else {
189: $url .= '/adm/login';
190: if ($udom) {
191: $url .= '?domain='.$udom;
192: }
193: $message .= '<br />'.&mt('You will need to provide your password one more time.');
194: }
195: my %info= (
196: 'domain' => $udom,
197: 'username' => $dataref->{'username'},
198: 'sessionserver' => $lonhost,
199: );
200: my @names = ('origurl','symb','role','linkprotuser','linkprotexit','linkprot','linkkey');
201: foreach my $name (@names) {
202: if ($dataref->{$name} ne '') {
203: $info{$name} = $dataref->{$name};
204: }
205: }
206: my $iptoken = &Apache::lonnet::tmpput(\%info,$switchto,'link');
207: unless ($iptoken eq 'conlost') {
208: $url .= (($url =~ /\?/) ? '&' : '?') . 'iptoken='.$iptoken;
209: }
210: $r->print(&Apache::loncommon::start_page($title,undef,
211: {'redirect' =>
212: [2,$url,'',$dataref->{'lcssowin'}]}).
213: '<h1>'.&mt('One moment please...').'</h1>'.
214: '<p class="LC_warning">'.$message.'</p>'.
215: &Apache::loncommon::end_page());
216: } else {
217: return &goto_login($r);
218: }
219: return OK;
220: }
221:
222: sub logout {
223: my ($r,$ip,$handle,$data,$lti_env,$linkprot_info) = @_;
224: my $lonidsdir=$r->dir_config('lonIDsDir');
225: if (unlink("$lonidsdir/$handle.id")) {
226: if (($env{'user.linkedenv'} =~ /^[a-f0-9]+_linked$/) &&
227: (-l "$lonidsdir/$env{'user.linkedenv'}.id") &&
228: (readlink("$lonidsdir/$env{'user.linkedenv'}.id") eq "$lonidsdir/$handle.id")) {
229: unlink("$lonidsdir/$env{'user.linkedenv'}.id");
230: }
231: }
232: my %temp=('logout' => time);
233: &Apache::lonnet::put('email_status',\%temp);
234: &Apache::lonnet::log($env{'user.domain'},
235: $env{'user.name'},
236: $env{'user.home'},
237: "Logout $ip");
238:
239: &Apache::loncommon::content_type($r,'text/html');
240:
241: #expire the cookies
242: my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));
243: foreach my $name (keys(%cookies)) {
244: next unless ($name =~ /^lon(|S|Link|Pub)ID$/);
245: my $c = new CGI::Cookie(-name => $name,
246: -value => '',
247: -expires => '-10y',);
248: $r->headers_out->add('Set-cookie' => $c);
249: }
250: my $lonhost = $r->dir_config('lonHostID');
251: my ($url,$token,$delay,$write_to_opener,%info,%user_info);
252: if (ref($data) eq 'HASH') {
253: %user_info=('ip' => $ip,
254: 'domain' => $data->{'domain'},
255: 'username' => $data->{'username'},
256: 'home' => $data->{'home'},
257: 'role' => $data->{'role'},
258: 'origurl' => $data->{'origurl'},
259: 'symb' => $data->{'symb'},
260: 'server' => $lonhost);
261: $write_to_opener = $data->{'lcssowin'};
262: }
263: $delay = 0.1;
264: if (ref($linkprot_info) eq 'HASH') {
265: if ($linkprot_info->{'linkprotuser'} ne '') {
266: $token = &Apache::lonnet::tmpput($linkprot_info,$lonhost);
267: $url = '/adm/login?ltoken='.$token;
268: } else {
269: foreach my $key (keys(%user_info)) {
270: if ($user_info{$key} eq '') {
271: delete($user_info{$key});
272: }
273: }
274: %info = (%user_info,%{$linkprot_info});
275: $token = &Apache::lonnet::tmpput(\%info,$lonhost);
276: $url = '/adm/migrateuser?token='.$token;
277: }
278: $delay = 0;
279: } else {
280: my %lti_info;
281: if (ref($lti_env) eq 'HASH') {
282: foreach my $key (sort(keys(%{$lti_env}))) {
283: if ($key =~ /^request\.(.+)$/) {
284: $lti_info{$1} = $lti_env->{$key};
285: }
286: }
287: }
288: %info = (%user_info,%lti_info);
289: $token = &Apache::lonnet::tmpput(\%info,$lonhost);
290: $url = '/adm/migrateuser?token='.$token;
291: }
292: $r->send_http_header;
293: $r->print(
294: &Apache::loncommon::start_page('Updating Session ...',undef,
295: {'redirect' => [$delay,$url,'',$write_to_opener],
296: 'only_body' => 1,}).
297: &Apache::loncommon::end_page());
298: if ($env{'request.balancercookie'}) {
299: my ($balancer,$cookie) = split(/:/,$env{'request.balancercookie'});
300: if ((&Apache::lonnet::hostname($balancer)) && ($cookie =~ /^[a-f0-9]{32}$/)) {
301: $cookie = $env{'user.domain'}.'_'.$env{'user.name'}.'_'.$cookie;
302: &Apache::lonnet::delbalcookie($cookie,$balancer);
303: }
304: }
305: $r->register_cleanup(\&flush_course_logs);
306: return;
307: }
308:
309: sub flush_course_logs {
310: &Apache::lonnet::flushcourselogs();
311: return OK;
312: }
313:
314: sub handler {
315: my ($r) = @_;
316:
317: &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},['token']);
318: my %data = &Apache::lonnet::tmpget($env{'form.token'});
319: if (keys(%data) == 0) {
320: return &goto_login($r);
321: }
322: my $delete = &Apache::lonnet::tmpdel($env{'form.token'});
323:
324: &Apache::lonlocal::get_language_handle($r);
325:
326: if ($delete ne 'ok') {
327: return &goto_login($r,'',\%data);
328: }
329:
330: if (!defined($data{'username'}) || !defined($data{'domain'})) {
331: return &goto_login($r,'',\%data);
332: }
333: my $ip = &Apache::lonnet::get_requestor_ip($r,REMOTE_NOLOOKUP);
334: if ($data{'ip'} ne $ip) {
335: &Apache::lonnet::logthis('IP change when session migration requested -- was: '.
336: $data{'ip'}.'; now: '.$ip.' for '.$data{'username'}.':'.$data{'domain'});
337: return &ip_changed($r,$data{'domain'},$data{'server'},\%data);
338: }
339:
340: &Apache::lonnet::logthis("Allowing access for $data{'username'}:$data{'domain'} to $data{'role'}");
341: my $home=&Apache::lonnet::homeserver($data{'username'},$data{'domain'});
342: my $udom;
343: if (&Apache::lonnet::domain($data{'domain'})) {
344: $udom=$data{'domain'};
345: }
346: if ($home =~ /(con_lost|no_such_host)/) { return &goto_login($r,$udom,\%data); }
347:
348: my $extra_env = &sso_check(\%data);
349: if (($data{'balancer'}) && ($data{'server'}) && ($data{'balcookie'})) {
350: if (ref($extra_env) eq 'HASH') {
351: $extra_env->{'request.balancercookie'} = $data{'server'}.':'.$data{'balcookie'};
352: } else {
353: $extra_env = { 'request.balancercookie' => $data{'server'}.':'.$data{'balcookie'} };
354: }
355: } elsif (($data{'server'}) && ($data{'otherbalcookie'})) {
356: my ($balancer,$balcookie) = split(/:/,$data{'otherbalcookie'});
357: if (defined(&Apache::lonnet::hostname($balancer)) && $balcookie =~ /^[a-f0-9]{32}$/) {
358: my $baldom = &Apache::lonnet::host_domain($balancer);
359: if (&Apache::lonnet::shared_institution($baldom)) {
360: my $cookieid = join('_',$udom,$data{'username'},$balcookie);
361: &Apache::lonnet::updatebalcookie($cookieid,$balancer,$data{'server'});
362: if (ref($extra_env) eq 'HASH') {
363: $extra_env->{'request.balancercookie'} = $data{'otherbalcookie'};
364: } else {
365: $extra_env = { 'request.balancercookie' => $data{'otherbalcookie'} };
366: }
367: }
368: }
369: }
370:
371: my (%form,$cid);
372: if ($data{'symb'} ne '') {
373: $form{'symb'} = $data{'symb'};
374: }
375: if ($data{'iptoken'} ne '') {
376: $form{'iptoken'} = $data{'iptoken'};
377: }
378: if ($data{'noloadbalance'} ne '') {
379: $form{'noloadbalance'} = $data{'noloadbalance'};
380: }
381: if ($data{'role'}) {
382: if ($data{'role'} =~ m{\./($match_domain)/($match_courseid)(?:/\w+|$)}) {
383: unless (&Apache::lonnet::homeserver($2,$1) eq 'no_host') {
384: $cid = $1.'_'.$2;
385: }
386: }
387: } else {
388: my ($handle,$expirepub);
389: $handle = &Apache::lonnet::check_for_valid_session($r);
390:
391: # For "public user" - remove any existing "public" cookie so actual user is logged in.
392: if ($handle) {
393: if ($handle=~/^publicuser\_/) {
394: my $lonidsdir=$r->dir_config('lonIDsDir');
395: if ($lonidsdir ne '') {
396: unlink("$lonidsdir/$handle.id");
397: }
398: undef($handle);
399: $expirepub = 1;
400: }
401: }
402: if ($handle) {
403: &Apache::lonnet::transfer_profile_to_env($r->dir_config('lonIDsDir'),
404: $handle);
405: my $checklaunch;
406: if ($data{'origurl'} =~ m{^/tiny/$match_domain/\w+$}) {
407: unless ($env{'request.linkprot'} eq $data{'linkprot'}) {
408: $checklaunch = 1;
409: }
410: unless ($env{'request.linkprotexit'} eq $data{'linkprotexit'}) {
411: $checklaunch = 1;
412: }
413: unless ($env{'request.linkkey'} eq $data{'linkkey'}) {
414: $checklaunch = 1;
415: }
416: unless ($env{'request.deeplink.login'} eq $data{'deeplink.login'}) {
417: $checklaunch = 1;
418: }
419: }
420: if ($data{'linkprot'} ne '') {
421: if (($env{'user.name'} ne $data{'username'}) ||
422: ($env{'user.domain'} ne $data{'domain'})) {
423: my %linkprot_env;
424: foreach my $item ('linkprot','linkprotexit','deeplink.login') {
425: if ($data{$item}) {
426: $linkprot_env{$item} = $data{$item};
427: }
428: }
429: &logout($r,$ip,$handle,\%data,undef,\%linkprot_env);
430: return OK;
431: }
432: &Apache::lonnet::appenv({'request.linkprot' => $data{'linkprot'}});
433: if ($data{'linkprotexit'}) {
434: &Apache::lonnet::appenv({'request.linkprotexit' => $data{'linkprotexit'}});
435: }
436: if ($env{'request.linkkey'}) {
437: &Apache::lonnet::delenv('request.linkkey');
438: }
439: my ($linkprotector,$deeplink) = split(/:/,$data{'linkprot'},2);
440: if ($env{'user.linkprotector'}) {
441: my @protectors = split(/,/,$env{'user.linkprotector'});
442: unless (grep(/^\Q$linkprotector\E$/,@protectors)) {
443: push(@protectors,$linkprotector);
444: @protectors = sort { $a <=> $b } @protectors;
445: &Apache::lonnet::appenv({'user.linkprotector' => join(',',@protectors)});
446: }
447: } else {
448: &Apache::lonnet::appenv({'user.linkprotector' => $linkprotector });
449: }
450: if ($env{'user.linkproturi'}) {
451: my @proturis = split(/,/,$env{'user.linkproturi'});
452: unless(grep(/^\Q$deeplink\E$/,@proturis)) {
453: push(@proturis,$deeplink);
454: @proturis = sort @proturis;
455: &Apache::lonnet::appenv({'user.linkproturi' => join(',',@proturis)});
456: }
457: } else {
458: &Apache::lonnet::appenv({'user.linkproturi' => $deeplink});
459: }
460: } elsif ($data{'linkkey'} ne '') {
461: &Apache::lonnet::appenv({'request.linkkey' => $data{'linkkey'}});
462: if ($env{'request.linkprot'}) {
463: &Apache::lonnet::delenv('request.linkprot');
464: }
465: my $deeplink = $data{'deeplink.login'};
466: my $linkkey = $data{'linkkey'};
467: if ($env{'user.deeplinkkey'} ne '') {
468: my @linkkeys = split(/,/,$env{'user.deeplinkkey'});
469: unless (grep(/^\Q$linkkey\E$/,@linkkeys)) {
470: push(@linkkeys,$linkkey);
471: &Apache::lonnet::appenv({'user.deeplinkkey' => join(',',sort(@linkkeys))});
472: }
473: } else {
474: &Apache::lonnet::appenv({'user.deeplinkkey' => $linkkey});
475: }
476: if ($deeplink) {
477: if ($env{'user.keyedlinkuri'}) {
478: my @keyeduris = split(/,/,$env{'user.keyedlinkuri'});
479: unless (grep(/^\Q$deeplink\E$/,@keyeduris)) {
480: push(@keyeduris,$deeplink);
481: &Apache::lonnet::appenv({'user.keyedlinkuri' => join(',',sort(@keyeduris))});
482: }
483: } else {
484: &Apache::lonnet::appenv({'user.keyedlinkuri' => $deeplink});
485: }
486: }
487: }
488: if ($data{'deeplink.login'}) {
489: &Apache::lonnet::appenv({'request.deeplink.login' => $data{'deeplink.login'}});
490: if ($env{'environment.remote'} eq 'on') {
491: &Apache::lonnet::appenv({'environment.remote' => 'off'});
492: }
493: }
494: if ($data{'origurl'} ne '') {
495: my $dest = $data{'origurl'};
496: if (($env{'request.deeplink.login'} eq $data{'origurl'}) &&
497: (($env{'request.linkprot'}) || ($env{'request.linkkey'} ne ''))) {
498: my %info;
499: if ($env{'request.linkprot'}) {
500: $info{'linkprot'} = $env{'request.linkprot'};
501: foreach my $item ('linkprotuser','linkprotexit') {
502: if ($data{$item}) {
503: $info{$item} = $data{$item};
504: }
505: }
506: } elsif ($env{'request.linkkey'} ne '') {
507: $info{'linkkey'} = $env{'request.linkkey'};
508: }
509: $info{'origurl'} = $data{'origurl'};
510: if ($checklaunch) {
511: $info{'checklaunch'} = 1;
512: }
513: my $token = &Apache::lonnet::tmpput(\%info,$r->dir_config('lonHostID'),'link');
514: unless (($token eq 'con_lost') || ($token eq 'refused') || ($token =~ /^error:/) ||
515: ($token eq 'unknown_cmd') || ($token eq 'no_such_host')) {
516: $dest .= (($dest =~ /\?/) ? '&' : '?') . 'ttoken='.$token;
517: }
518: }
519: $r->internal_redirect($dest);
520: } elsif ($env{'request.course.id'}) {
521: $r->internal_redirect('/adm/navmaps');
522: } else {
523: $r->internal_redirect('/adm/roles');
524: }
525: } else {
526: my $desturl = '/adm/roles';
527: if ($data{'origurl'} ne '') {
528: $desturl = $data{'origurl'};
529: if ($data{'linkprot'}) {
530: my ($linkprotector,$linkuri) = split(/:/,$data{'linkprot'},2);
531: if ($linkprotector) {
532: if (ref($extra_env) eq 'HASH') {
533: $extra_env->{'user.linkprotector'} = $linkprotector;
534: $extra_env->{'user.linkproturi'} = $linkuri;
535: $extra_env->{'request.linkprot'} = $data{'linkprot'};
536: } else {
537: $extra_env = {'user.linkprotector' => $linkprotector,
538: 'user.linkproturi' => $linkuri,
539: 'request.linkprot' => $data{'linkprot'}};
540: }
541: if ($data{'linkprotexit'}) {
542: $extra_env->{'request.linkprotexit'} = $data{'linkprotexit'};
543: }
544: }
545: foreach my $item ('linkprotuser','linkprotexit') {
546: if ($data{$item} ne '') {
547: $form{$item} = $data{$item};
548: }
549: }
550: } elsif ($data{'linkkey'}) {
551: if (ref($extra_env) eq 'HASH') {
552: $extra_env->{'user.deeplinkkey'} = $data{'linkkey'};
553: $extra_env->{'user.keyedlinkuri'} = $data{'deeplink.login'};
554: $extra_env->{'request.linkkey'} = $data{'linkkey'};
555: } else {
556: $extra_env = {'user.deeplinkkey' => $data{'linkkey'},
557: 'user.keyedlinkuri' => $data{'deeplink.login'},
558: 'request.linkkey' => $data{'linkkey'}};
559: }
560: }
561: if ($data{'deeplink.login'}) {
562: if (ref($extra_env) eq 'HASH') {
563: $extra_env->{'request.deeplink.login'} = $data{'deeplink.login'};
564: } else {
565: $extra_env = {'request.deeplink.login' => $data{'deeplink.login'}};
566: }
567: }
568: }
569: &Apache::lonauth::success($r,$data{'username'},$data{'domain'},
570: $home,$desturl,$extra_env,\%form,'',
571: $expirepub,$data{'lcssowin'});
572: }
573: return OK;
574: }
575:
576: my $next_url='/adm/roles?selectrole=1&'.&escape($data{'role'}).'=1';
577: if ($data{'origurl'} ne '') {
578: $next_url .= '&orgurl='.&escape($data{'origurl'});
579: }
580: if ($data{'deeplink.login'}) {
581: if (ref($extra_env) eq 'HASH') {
582: $extra_env->{'request.deeplink.login'} = $data{'deeplink.login'};
583: } else {
584: $extra_env = {'request.deeplink.login' => $data{'deeplink.login'}};
585: }
586: if ($data{'linkprot'}) {
587: $extra_env->{'request.linkprot'} = $data{'linkprot'};
588: if ($data{'linkprotexit'}) {
589: $extra_env->{'request.linkprotexit'} = $data{'linkprotexit'};
590: }
591: foreach my $item ('linkprotuser','linkprotexit') {
592: if ($data{$item}) {
593: $form{'request.'.$item} = $data{$item};
594: }
595: }
596: } elsif ($data{'linkkey'} ne '') {
597: $extra_env->{'request.linkkey'} = $data{'linkkey'};
598: }
599: }
600: &Apache::lonauth::success($r,$data{'username'},$data{'domain'},$home,
601: $next_url,$extra_env,\%form,$cid,'',$data{'lcssowin'});
602: return OK;
603: }
604:
605: 1;
606: __END__
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>