version 1.168, 2021/10/26 15:52:54
|
version 1.169, 2021/11/03 01:04:02
|
Line 178 sub success {
|
Line 178 sub success {
|
$destination .= 'source=login';
|
$destination .= 'source=login';
|
}
|
}
|
|
|
|
if (($env{'request.deeplink.login'} eq $lowerurl) &&
|
|
(($env{'request.linkprot'}) || ($env{'request.linkkey'} ne ''))) {
|
|
my %info;
|
|
if ($env{'request.linkprot'}) {
|
|
$info{'linkprot'} = $env{'request.linkprot'};
|
|
} elsif ($env{'request.linkkey'} ne '') {
|
|
$info{'linkkey'} = $env{'request.linkkey'};
|
|
}
|
|
$info{'origurl'} = $lowerurl;
|
|
my $token = &Apache::lonnet::tmpput(\%info,$r->dir_config('lonHostID'),'link');
|
|
unless (($token eq 'con_lost') || ($token eq 'refused') ||
|
|
($token eq 'unknown_cmd') || ($token eq 'no_such_host')) {
|
|
$destination .= (($destination =~ /\?/) ? '&' : '?') . 'ttoken='.$token;
|
|
}
|
|
}
|
|
|
my $windowname = 'loncapaclient';
|
my $windowname = 'loncapaclient';
|
if ($env{'request.lti.login'}) {
|
if ($env{'request.lti.login'}) {
|
$windowname .= 'lti';
|
$windowname .= 'lti';
|
Line 329 sub failed {
|
Line 345 sub failed {
|
}
|
}
|
if (exists($form->{linkprot})) {
|
if (exists($form->{linkprot})) {
|
my $ltoken = &Apache::lonnet::tmpput({linkprot => $form->{'linkprot'}},
|
my $ltoken = &Apache::lonnet::tmpput({linkprot => $form->{'linkprot'}},
|
$r->dir_config('lonHostID'));
|
$r->dir_config('lonHostID'),'retry');
|
if ($ltoken) {
|
if ($ltoken) {
|
$retry .= (($retry =~ /\?/) ? '&' : '?').'ltoken='.$ltoken;
|
$retry .= (($retry =~ /\?/) ? '&' : '?').'ltoken='.$ltoken;
|
}
|
}
|
Line 398 sub handler {
|
Line 414 sub handler {
|
my $end_page =
|
my $end_page =
|
&Apache::loncommon::end_page();
|
&Apache::loncommon::end_page();
|
my $dest = '/adm/roles';
|
my $dest = '/adm/roles';
|
if ($env{'form.firsturl'} ne '') {
|
my %form = &get_form_items($r);
|
$dest = $env{'form.firsturl'};
|
if ($form{'logtoken'}) {
|
if (($dest =~ m{^/tiny/$match_domain/\w+$}) && ($env{'request.course.id'})) {
|
my $tmpinfo = &Apache::lonnet::reply('tmpget:'.$form{'logtoken'},
|
my $cnum = $env{'course.'.$env{'request.course.id'}.'.num'};
|
$form{'serverid'});
|
my $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'};
|
unless (($tmpinfo=~/^error/) || ($tmpinfo eq 'con_lost') ||
|
my $symb = &Apache::loncommon::symb_from_tinyurl($dest,$cnum,$cdom);
|
($tmpinfo eq 'no_such_host')) {
|
if ($symb) {
|
my ($des_key,$firsturl,@rest)=split(/&/,$tmpinfo);
|
my $buffer;
|
$firsturl = &unescape($firsturl);
|
if ($r->header_in('Content-length') > 0) {
|
my %info;
|
$r->read($buffer,$r->header_in('Content-length'),0);
|
foreach my $item (@rest) {
|
}
|
my ($key,$value) = split(/=/,$item);
|
my %form;
|
$info{$key} = &unescape($value);
|
foreach my $pair (split(/&/,$buffer)) {
|
}
|
my ($name,$value) = split(/=/,$pair);
|
if ($firsturl ne '') {
|
$value =~ tr/+/ /;
|
$info{'firsturl'} = $firsturl;
|
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C",hex($1))/eg;
|
$dest = $firsturl;
|
$form{$name}=$value;
|
my $relogin;
|
|
if ($dest =~ m{^/tiny/$match_domain/\w+$}) {
|
|
if ($env{'request.course.id'}) {
|
|
my $cnum = $env{'course.'.$env{'request.course.id'}.'.num'};
|
|
my $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'};
|
|
my $symb = &Apache::loncommon::symb_from_tinyurl($dest,$cnum,$cdom);
|
|
if ($symb) {
|
|
unless (&set_deeplink_login(%info) eq 'ok') {
|
|
$relogin = 1;
|
|
}
|
|
}
|
|
}
|
|
if ($relogin) {
|
|
$r->print(
|
|
$start_page
|
|
.'<p class="LC_warning">'.&mt('You are already logged in!').'</p>'
|
|
.'<p>'.&mt('Please [_1]log out[_2] first, and then try your access again',
|
|
'<a href="/adm/logout">','</a>')
|
|
.'</p>'
|
|
.$end_page);
|
|
} else {
|
|
if (($info{'linkprot'}) || ($info{'linkkey'} ne '')) {
|
|
my $token = &Apache::lonnet::tmpput(\%info,$r->dir_config('lonHostID'),'link');
|
|
unless (($token eq 'con_lost') || ($token eq 'refused') ||
|
|
($token eq 'unknown_cmd') || ($token eq 'no_such_host')) {
|
|
$dest .= (($dest =~ /\?/) ? '&' : '?') . 'ttoken='.$token;
|
|
}
|
|
}
|
|
$r->print(
|
|
$start_page
|
|
.'<p class="LC_warning">'.&mt('You are already logged in!').'</p>'
|
|
.'<p>'.&mt('Please either [_1]continue the current session[_2] or [_3]log out[_4] first, and then try your access again',
|
|
'<a href="'.$dest.'">','</a>',
|
|
'<a href="/adm/logout">','</a>')
|
|
.'</p>'
|
|
.$end_page);
|
|
}
|
|
return OK;
|
}
|
}
|
&set_deeplink_login(%form);
|
|
} else {
|
|
$r->print(
|
|
$start_page
|
|
.'<p class="LC_warning">'.&mt('You are already logged in!').'</p>'
|
|
.'<p>'.&mt('Please [_1]log out[_2] first, and then try your access again',
|
|
'<a href="/adm/logout">','</a>')
|
|
.'</p>'
|
|
.$end_page);
|
|
return OK;
|
|
}
|
}
|
}
|
}
|
}
|
}
|
$r->print(
|
$r->print(
|
$start_page
|
$start_page
|
.'<p class="LC_warning">'.&mt('You are already logged in!').'</p>'
|
.'<p class="LC_warning">'.&mt('You are already logged in!').'</p>'
|
.'<p>'.&mt('Please either [_1]continue the current session[_2] or [_3]log out[_4].'
|
.'<p>'.&mt('Please either [_1]continue the current session[_2] or [_3]log out[_4].'
|
,'<a href="'.$dest.'">','</a>','<a href="/adm/logout">','</a>')
|
,'<a href="'.$dest.'">','</a>','<a href="/adm/logout">','</a>')
|
.'</p>'
|
.'</p>'
|
.$end_page
|
.$end_page
|
);
|
);
|
return OK;
|
return OK;
|
}
|
}
|
Line 443 sub handler {
|
Line 486 sub handler {
|
|
|
# ---------------------------------------------------- No valid token, continue
|
# ---------------------------------------------------- No valid token, continue
|
|
|
|
my %form = &get_form_items($r);
|
my $buffer;
|
|
if ($r->header_in('Content-length') > 0) {
|
|
$r->read($buffer,$r->header_in('Content-length'),0);
|
|
}
|
|
my %form;
|
|
foreach my $pair (split(/&/,$buffer)) {
|
|
my ($name,$value) = split(/=/,$pair);
|
|
$value =~ tr/+/ /;
|
|
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C",hex($1))/eg;
|
|
$form{$name}=$value;
|
|
}
|
|
|
|
if ((!$form{'uname'}) || (!$form{'upass0'}) || (!$form{'udom'})) {
|
if ((!$form{'uname'}) || (!$form{'upass0'}) || (!$form{'udom'})) {
|
&failed($r,'Username, password and domain need to be specified.',
|
&failed($r,'Username, password and domain need to be specified.',
|
\%form);
|
\%form);
|
Line 499 sub handler {
|
Line 530 sub handler {
|
return OK;
|
return OK;
|
}
|
}
|
|
|
my ($key,$firsturl,@rest)=split(/&/,$tmpinfo);
|
my ($des_key,$firsturl,@rest)=split(/&/,$tmpinfo);
|
|
$firsturl = &unescape($firsturl);
|
foreach my $item (@rest) {
|
foreach my $item (@rest) {
|
my ($key,$value) = split(/=/,$item);
|
my ($key,$value) = split(/=/,$item);
|
$form{$key} = &unescape($value);
|
$form{$key} = &unescape($value);
|
Line 508 sub handler {
|
Line 540 sub handler {
|
$form{'firsturl'} = $firsturl;
|
$form{'firsturl'} = $firsturl;
|
}
|
}
|
my $upass = $ENV{HTTPS} ? $form{'upass0'}
|
my $upass = $ENV{HTTPS} ? $form{'upass0'}
|
: &Apache::loncommon::des_decrypt($key,$form{'upass0'});
|
: &Apache::loncommon::des_decrypt($des_key,$form{'upass0'});
|
|
|
# ---------------------------------------------------------------- Authenticate
|
# ---------------------------------------------------------------- Authenticate
|
|
|
Line 570 sub handler {
|
Line 602 sub handler {
|
$firsturl='/adm/roles';
|
$firsturl='/adm/roles';
|
}
|
}
|
|
|
my $hosthere;
|
my ($hosthere,%sessiondata);
|
if ($form{'iptoken'}) {
|
if ($form{'iptoken'}) {
|
my %sessiondata = &Apache::lonnet::tmpget($form{'iptoken'});
|
%sessiondata = &Apache::lonnet::tmpget($form{'iptoken'});
|
my $delete = &Apache::lonnet::tmpdel($form{'iptoken'});
|
my $delete = &Apache::lonnet::tmpdel($form{'iptoken'});
|
if (($sessiondata{'domain'} eq $form{'udom'}) &&
|
if (($sessiondata{'domain'} eq $form{'udom'}) &&
|
($sessiondata{'username'} eq $form{'uname'})) {
|
($sessiondata{'username'} eq $form{'uname'})) {
|
Line 616 sub handler {
|
Line 648 sub handler {
|
unless ($suprim eq $uprim) {
|
unless ($suprim eq $uprim) {
|
unless ($suintdom eq $uintdom) {
|
unless ($suintdom eq $uintdom) {
|
&Apache::lonnet::logthis('Attempted switch user '
|
&Apache::lonnet::logthis('Attempted switch user '
|
.'to user with different "internet domain".');
|
.'to user with different "internet domain".');
|
$noprivswitch = 1;
|
$noprivswitch = 1;
|
}
|
}
|
}
|
}
|
Line 778 sub handler {
|
Line 810 sub handler {
|
$form{'noloadbalance'} = $hosthere;
|
$form{'noloadbalance'} = $hosthere;
|
}
|
}
|
my $extra_env;
|
my $extra_env;
|
|
if (($hosthere) && ($sessiondata{'sessionserver'} ne '')) {
|
|
if ($sessiondata{'origurl'} ne '') {
|
|
$firsturl = $sessiondata{'origurl'};
|
|
$form{'firsturl'} = $sessiondata{'origurl'};
|
|
my @names = ('role','symb','linkprot','linkkey');
|
|
foreach my $item (@names) {
|
|
if ($sessiondata{$item} ne '') {
|
|
$form{$item} = $sessiondata{$item};
|
|
}
|
|
}
|
|
}
|
|
}
|
if ($form{'linkprot'}) {
|
if ($form{'linkprot'}) {
|
my ($linkprotector,$uri) = split(/:/,$form{'linkprot'},2);
|
my ($linkprotector,$uri) = split(/:/,$form{'linkprot'},2);
|
if ($linkprotector) {
|
if ($linkprotector) {
|
Line 817 sub handler {
|
Line 861 sub handler {
|
}
|
}
|
}
|
}
|
|
|
|
sub get_form_items {
|
|
my ($r) = @_;
|
|
my $buffer;
|
|
if ($r->header_in('Content-length') > 0) {
|
|
$r->read($buffer,$r->header_in('Content-length'),0);
|
|
}
|
|
my %form;
|
|
foreach my $pair (split(/&/,$buffer)) {
|
|
my ($name,$value) = split(/=/,$pair);
|
|
$value =~ tr/+/ /;
|
|
$value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C",hex($1))/eg;
|
|
$form{$name}=$value;
|
|
}
|
|
return %form;
|
|
}
|
|
|
sub set_deeplink_login {
|
sub set_deeplink_login {
|
my (%form) = @_;
|
my (%form) = @_;
|
|
my $disallow;
|
if ($form{'firsturl'} =~ m{^/tiny/($match_domain)/\w+$}) {
|
if ($form{'firsturl'} =~ m{^/tiny/($match_domain)/\w+$}) {
|
my $cdom = $1;
|
my $cdom = $1;
|
my ($cnum,$symb) = &Apache::loncommon::symb_from_tinyurl($form{'firsturl'},'',$cdom);
|
my ($cnum,$symb) = &Apache::loncommon::symb_from_tinyurl($form{'firsturl'},'',$cdom);
|
if ($symb) {
|
if ($symb) {
|
if ($env{'request.course.id'} eq $cdom.'_'.$cnum) {
|
if ($env{'request.course.id'} eq $cdom.'_'.$cnum) {
|
my ($disallow,$deeplink);
|
my $deeplink;
|
if ($symb =~ /\.(page|sequence)$/) {
|
if ($symb =~ /\.(page|sequence)$/) {
|
my $mapname = &Apache::lonnet::deversion((&Apache::lonnet::decode_symb($symb))[2]);
|
my $mapname = &Apache::lonnet::deversion((&Apache::lonnet::decode_symb($symb))[2]);
|
my $navmap = Apache::lonnavmaps::navmap->new();
|
my $navmap = Apache::lonnavmaps::navmap->new();
|
Line 857 sub set_deeplink_login {
|
Line 918 sub set_deeplink_login {
|
}
|
}
|
}
|
}
|
}
|
}
|
return;
|
if ($disallow) {
|
|
return;
|
|
}
|
|
return 'ok';
|
}
|
}
|
|
|
sub set_retry_token {
|
sub set_retry_token {
|
my ($form,$lonhost,$querystr) = @_;
|
my ($form,$lonhost,$querystr) = @_;
|
if (ref($form) eq 'HASH') {
|
if (ref($form) eq 'HASH') {
|
my ($firsturl,$token,$extras,@names);
|
my ($firsturl,$token,$extras,@names);
|
@names = ('role','symb','linkprot','linkkey');
|
@names = ('role','symb','linkprot','linkkey','iptoken');
|
foreach my $name (@names) {
|
foreach my $name (@names) {
|
if ($form->{$name} ne '') {
|
if ($form->{$name} ne '') {
|
$extras .= '&'.$name.'='.&escape($form->{$name});
|
$extras .= '&'.$name.'='.&escape($form->{$name});
|