version 1.158.2.10, 2020/10/24 19:49:06
|
version 1.158.2.15, 2022/02/24 16:00:23
|
Line 38 use Apache::lonlocal;
|
Line 38 use Apache::lonlocal;
|
use Apache::migrateuser(); |
use Apache::migrateuser(); |
use lib '/home/httpd/lib/perl/'; |
use lib '/home/httpd/lib/perl/'; |
use LONCAPA qw(:DEFAULT :match); |
use LONCAPA qw(:DEFAULT :match); |
|
use URI::Escape; |
|
use HTML::Entities(); |
use CGI::Cookie(); |
use CGI::Cookie(); |
|
|
sub handler { |
sub handler { |
Line 47 sub handler {
|
Line 49 sub handler {
|
(join('&',$ENV{'QUERY_STRING'},$env{'request.querystring'}, |
(join('&',$ENV{'QUERY_STRING'},$env{'request.querystring'}, |
$ENV{'REDIRECT_QUERY_STRING'}), |
$ENV{'REDIRECT_QUERY_STRING'}), |
['interface','username','domain','firsturl','localpath','localres', |
['interface','username','domain','firsturl','localpath','localres', |
'token','role','symb','iptoken','btoken']); |
'token','role','symb','iptoken','btoken','saml','sso','retry']); |
if (!defined($env{'form.firsturl'})) { |
|
&Apache::lonacc::get_posted_cgi($r,['firsturl']); |
|
} |
|
|
|
# -- check if they are a migrating user |
# -- check if they are a migrating user |
if (defined($env{'form.token'})) { |
if (defined($env{'form.token'})) { |
return &Apache::migrateuser::handler($r); |
return &Apache::migrateuser::handler($r); |
} |
} |
|
|
|
my $lonhost = $r->dir_config('lonHostID'); |
|
if (($env{'form.sso'}) || ($env{'form.retry'})) { |
|
my $infotoken; |
|
if ($env{'form.sso'}) { |
|
$infotoken = $env{'form.sso'}; |
|
} else { |
|
$infotoken = $env{'form.retry'}; |
|
} |
|
my $data = &Apache::lonnet::reply('tmpget:'.$infotoken,$lonhost); |
|
unless (($data=~/^error/) || ($data eq 'con_lost') || |
|
($data eq 'no_such_host')) { |
|
my %info = &decode_token($data); |
|
foreach my $item (keys(%info)) { |
|
$env{'form.'.$item} = $info{$item}; |
|
} |
|
&Apache::lonnet::tmpdel($infotoken); |
|
} |
|
} else { |
|
if (!defined($env{'form.firsturl'})) { |
|
&Apache::lonacc::get_posted_cgi($r,['firsturl']); |
|
} |
|
if ($env{'form.firsturl'} eq '/adm/logout') { |
|
delete($env{'form.firsturl'}); |
|
} |
|
} |
|
|
# For "public user" - remove any exising "public" cookie, as user really wants to log-in |
# For "public user" - remove any exising "public" cookie, as user really wants to log-in |
my ($handle,$lonidsdir,$expirepub,$userdom); |
my ($handle,$lonidsdir,$expirepub,$userdom); |
$lonidsdir=$r->dir_config('lonIDsDir'); |
$lonidsdir=$r->dir_config('lonIDsDir'); |
Line 101 sub handler {
|
Line 126 sub handler {
|
return OK; |
return OK; |
} |
} |
|
|
my $lonhost = $r->dir_config('lonHostID'); |
|
$env{'form.firsturl'} =~ s/(`)/'/g; |
|
|
|
# Check if browser sent a LON-CAPA load balancer cookie (and this is a balancer) |
# Check if browser sent a LON-CAPA load balancer cookie (and this is a balancer) |
|
|
my ($found_server,$balancer_cookie) = &Apache::lonnet::check_for_balancer_cookie($r,1); |
my ($found_server,$balancer_cookie) = &Apache::lonnet::check_for_balancer_cookie($r,1); |
Line 114 sub handler {
|
Line 136 sub handler {
|
$protocol = 'http' if ($protocol ne 'https'); |
$protocol = 'http' if ($protocol ne 'https'); |
my $dest = '/adm/roles'; |
my $dest = '/adm/roles'; |
if ($env{'form.firsturl'} ne '') { |
if ($env{'form.firsturl'} ne '') { |
$dest = $env{'form.firsturl'}; |
$dest = &HTML::Entities::encode($env{'form.firsturl'},'\'"<>&'); |
} |
} |
my %info = ( |
my %info = ( |
balcookie => $lonhost.':'.$balancer_cookie, |
balcookie => $lonhost.':'.$balancer_cookie, |
); |
); |
|
if ($env{'form.role'}) { |
|
$info{'role'} = $env{'form.role'}; |
|
} |
|
if ($env{'form.symb'}) { |
|
$info{'symb'} = $env{'form.symb'}; |
|
} |
my $balancer_token = &Apache::lonnet::tmpput(\%info,$found_server); |
my $balancer_token = &Apache::lonnet::tmpput(\%info,$found_server); |
if ($balancer_token) { |
unless (($balancer_token eq 'con_lost') || ($balancer_token eq 'refused') || |
$dest .= (($dest=~/\?/)?'&;':'?') . 'btoken='.$balancer_token; |
($balancer_token eq 'unknown_cmd') || ($balancer_token eq 'no_such_host')) { |
|
$dest .= (($dest=~/\?/)?'&':'?') . 'btoken='.$balancer_token; |
|
} |
|
unless ($found_server eq $lonhost) { |
|
my $alias = &Apache::lonnet::use_proxy_alias($r,$found_server); |
|
$hostname = $alias if ($alias ne ''); |
} |
} |
my $url = $protocol.'://'.$hostname.$dest; |
my $url = $protocol.'://'.$hostname.$dest; |
my $start_page = |
my $start_page = |
Line 163 sub handler {
|
Line 196 sub handler {
|
} |
} |
} |
} |
|
|
$env{'form.firsturl'} =~ s/(`)/'/g; |
|
|
|
# -------------------------------- Prevent users from attempting to login twice |
# -------------------------------- Prevent users from attempting to login twice |
if ($handle ne '') { |
if ($handle ne '') { |
&Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle); |
&Apache::lonnet::transfer_profile_to_env($lonidsdir,$handle); |
Line 174 sub handler {
|
Line 205 sub handler {
|
&Apache::loncommon::end_page(); |
&Apache::loncommon::end_page(); |
my $dest = '/adm/roles'; |
my $dest = '/adm/roles'; |
if ($env{'form.firsturl'} ne '') { |
if ($env{'form.firsturl'} ne '') { |
$dest = $env{'form.firsturl'}; |
$dest = &HTML::Entities::encode($env{'form.firsturl'},'\'"<>&'); |
} |
} |
$r->print( |
$r->print( |
$start_page |
$start_page |
Line 207 sub handler {
|
Line 238 sub handler {
|
$env{'form.interface'}=~s/\W//g; |
$env{'form.interface'}=~s/\W//g; |
|
|
(undef,undef,undef,undef,undef,undef,my $clientmobile) = |
(undef,undef,undef,undef,undef,undef,my $clientmobile) = |
&Apache::loncommon::decode_user_agent(); |
&Apache::loncommon::decode_user_agent($r); |
|
|
my $iconpath= |
my $iconpath= |
&Apache::loncommon::lonhttpdurl($r->dir_config('lonIconsURL')); |
&Apache::loncommon::lonhttpdurl($r->dir_config('lonIconsURL')); |
Line 301 sub handler {
|
Line 332 sub handler {
|
|
|
# -------------------------------------------------------- Store away log token |
# -------------------------------------------------------- Store away log token |
my $tokenextras; |
my $tokenextras; |
if ($env{'form.role'}) { |
my @names = ('role','symb','iptoken'); |
$tokenextras = '&role='.&escape($env{'form.role'}); |
foreach my $name (@names) { |
} |
if ($env{'form.'.$name} ne '') { |
if ($env{'form.symb'}) { |
$tokenextras .= '&'.$name.'='.&escape($env{'form.'.$name}); |
if (!$tokenextras) { |
|
$tokenextras = '&'; |
|
} |
} |
$tokenextras .= '&symb='.&escape($env{'form.symb'}); |
|
} |
|
if ($env{'form.iptoken'}) { |
|
if (!$tokenextras) { |
|
$tokenextras = '&&'; |
|
} |
|
$tokenextras .= '&iptoken='.&escape($env{'form.iptoken'}); |
|
} |
} |
my $logtoken=Apache::lonnet::reply( |
my $logtoken=Apache::lonnet::reply( |
'tmpput:'.$ukey.$lkey.'&'.$firsturl.$tokenextras, |
'tmpput:'.$ukey.$lkey.'&'.&escape($firsturl).$tokenextras, |
$lonhost); |
$lonhost); |
|
|
# -- If we cannot talk to ourselves, or hostID does not map to a hostname |
# -- If we cannot talk to ourselves, or hostID does not map to a hostname |
Line 372 sub handler {
|
Line 394 sub handler {
|
next if ($hostid eq $lonhost); |
next if ($hostid eq $lonhost); |
my $hostname = &Apache::lonnet::hostname($hostid); |
my $hostname = &Apache::lonnet::hostname($hostid); |
next if (($hostname eq '') || ($spareservers{$hostname})); |
next if (($hostname eq '') || ($spareservers{$hostname})); |
|
$spareservers{$hostname} = 1; |
my $protocol = $Apache::lonnet::protocol{$hostid}; |
my $protocol = $Apache::lonnet::protocol{$hostid}; |
$protocol = 'http' if ($protocol ne 'https'); |
$protocol = 'http' if ($protocol ne 'https'); |
$spares.='<br /><a href="'.$protocol.'://'. |
$spares.='<br /><a href="'.$protocol.'://'. |
Line 474 function enableInput() {
|
Line 497 function enableInput() {
|
|
|
ENDSCRIPT |
ENDSCRIPT |
|
|
# --------------------------------------------------- Print login screen header |
my ($lonhost_in_use,@hosts,%defaultdomconf,$saml_prefix,$saml_landing, |
|
$samlssotext,$samlnonsso,$samlssoimg,$samlssoalt,$samlssourl,$samltooltip); |
my %add_entries = ( |
%defaultdomconf = &Apache::loncommon::get_domainconf($defdom); |
bgcolor => "$mainbg", |
|
text => "$font", |
|
link => "$link", |
|
vlink => "$vlink", |
|
alink => "$alink", |
|
onload => 'javascript:enableInput();',); |
|
|
|
my ($lonhost_in_use,$headextra,$headextra_exempt,@hosts,%defaultdomconf); |
|
@hosts = &Apache::lonnet::current_machine_ids(); |
@hosts = &Apache::lonnet::current_machine_ids(); |
$lonhost_in_use = $lonhost; |
$lonhost_in_use = $lonhost; |
if (@hosts > 1) { |
if (@hosts > 1) { |
Line 495 ENDSCRIPT
|
Line 510 ENDSCRIPT
|
} |
} |
} |
} |
} |
} |
%defaultdomconf = &Apache::loncommon::get_domainconf($defdom); |
$saml_prefix = $defdom.'.login.saml_'; |
|
if ($defaultdomconf{$saml_prefix.$lonhost_in_use}) { |
|
$saml_landing = 1; |
|
$samlssotext = $defaultdomconf{$saml_prefix.'text_'.$lonhost_in_use}; |
|
$samlnonsso = $defaultdomconf{$saml_prefix.'notsso_'.$lonhost_in_use}; |
|
$samlssoimg = $defaultdomconf{$saml_prefix.'img_'.$lonhost_in_use}; |
|
$samlssoalt = $defaultdomconf{$saml_prefix.'alt_'.$lonhost_in_use}; |
|
$samlssourl = $defaultdomconf{$saml_prefix.'url_'.$lonhost_in_use}; |
|
$samltooltip = $defaultdomconf{$saml_prefix.'title_'.$lonhost_in_use}; |
|
} |
|
if ($saml_landing) { |
|
if ($samlssotext eq '') { |
|
$samlssotext = 'SSO Login'; |
|
} |
|
if ($samlnonsso eq '') { |
|
$samlnonsso = 'Non-SSO Login'; |
|
} |
|
$js .= <<"ENDSAMLJS"; |
|
|
|
<script type="text/javascript"> |
|
// <![CDATA[ |
|
function toggleLClogin() { |
|
if (document.getElementById('LC_standard_login')) { |
|
if (document.getElementById('LC_standard_login').style.display == 'none') { |
|
document.getElementById('LC_standard_login').style.display = 'inline-block'; |
|
if (document.getElementById('LC_login_text')) { |
|
document.getElementById('LC_login_text').innerHTML = '$samlnonsso'; |
|
} |
|
if ( document.client.uname ) { document.client.uname.focus(); } |
|
if (document.getElementById('LC_SSO_login')) { |
|
document.getElementById('LC_SSO_login').style.display = 'none'; |
|
} |
|
} else { |
|
document.getElementById('LC_standard_login').style.display = 'none'; |
|
if (document.getElementById('LC_login_text')) { |
|
document.getElementById('LC_login_text').innerHTML = '$samlssotext'; |
|
} |
|
if (document.getElementById('LC_SSO_login')) { |
|
document.getElementById('LC_SSO_login').style.display = 'inline-block'; |
|
} |
|
} |
|
} |
|
return; |
|
} |
|
|
|
// ]]> |
|
</script> |
|
|
|
ENDSAMLJS |
|
} |
|
|
|
# --------------------------------------------------- Print login screen header |
|
|
|
my %add_entries = ( |
|
bgcolor => "$mainbg", |
|
text => "$font", |
|
link => "$link", |
|
vlink => "$vlink", |
|
alink => "$alink", |
|
onload => 'javascript:enableInput();',); |
|
|
|
my ($headextra,$headextra_exempt); |
$headextra = $defaultdomconf{$defdom.'.login.headtag_'.$lonhost_in_use}; |
$headextra = $defaultdomconf{$defdom.'.login.headtag_'.$lonhost_in_use}; |
$headextra_exempt = $defaultdomconf{$domain.'.login.headtag_exempt_'.$lonhost_in_use}; |
$headextra_exempt = $defaultdomconf{$domain.'.login.headtag_exempt_'.$lonhost_in_use}; |
if ($headextra) { |
if ($headextra) { |
my $omitextra; |
my $omitextra; |
if ($headextra_exempt ne '') { |
if ($headextra_exempt ne '') { |
my @exempt = split(',',$headextra_exempt); |
my @exempt = split(',',$headextra_exempt); |
my $ip = $ENV{'REMOTE_ADDR'}; |
my $ip = &Apache::lonnet::get_requestor_ip(); |
if (grep(/^\Q$ip\E$/,@exempt)) { |
if (grep(/^\Q$ip\E$/,@exempt)) { |
$omitextra = 1; |
$omitextra = 1; |
} |
} |
Line 540 ENDSCRIPT
|
Line 616 ENDSCRIPT
|
'helpdesk' => 'Contact Helpdesk', |
'helpdesk' => 'Contact Helpdesk', |
'forgotpw' => 'Forgot password?', |
'forgotpw' => 'Forgot password?', |
'newuser' => 'New User?', |
'newuser' => 'New User?', |
|
'change' => 'Change?', |
); |
); |
# -------------------------------------------------- Change password field name |
# -------------------------------------------------- Change password field name |
|
|
Line 601 ENDSERVERFORM
|
Line 678 ENDSERVERFORM
|
$mobileargs = 'autocapitalize="off" autocorrect="off"'; |
$mobileargs = 'autocapitalize="off" autocorrect="off"'; |
} |
} |
my $loginform=(<<LFORM); |
my $loginform=(<<LFORM); |
<form name="client" action="" onsubmit="return(send())"> |
<form name="client" action="" onsubmit="return(send())" id="lclogin"> |
<input type="hidden" name="lextkey" value="$lextkey" /> |
<input type="hidden" name="lextkey" value="$lextkey" /> |
<input type="hidden" name="uextkey" value="$uextkey" /> |
<input type="hidden" name="uextkey" value="$uextkey" /> |
<b><label for="uname">$lt{'un'}</label>:</b><br /> |
<b><label for="uname">$lt{'un'}</label>:</b><br /> |
Line 615 ENDSERVERFORM
|
Line 692 ENDSERVERFORM
|
LFORM |
LFORM |
|
|
if ($showbanner) { |
if ($showbanner) { |
|
my $alttext = &Apache::loncommon::designparm('login.alttext_img',$domain); |
|
if ($alttext eq '') { |
|
$alttext = 'The Learning Online Network with CAPA'; |
|
} |
$r->print(<<HEADER); |
$r->print(<<HEADER); |
<!-- The LON-CAPA Header --> |
<!-- The LON-CAPA Header --> |
<div style="background:$pgbg;margin:0;width:100%;"> |
<div style="background:$pgbg;margin:0;width:100%;"> |
<img src="$img" border="0" alt="The Learning Online Network with CAPA" class="LC_maxwidth" /> |
<img src="$img" border="0" alt="$alttext" class="LC_maxwidth" id="lcloginbanner" /> |
</div> |
</div> |
HEADER |
HEADER |
} |
} |
$r->print(<<ENDTOP); |
|
<div style="float:left;margin-top:0;"> |
my $stdauthformstyle = 'inline-block'; |
|
my $ssoauthstyle = 'none'; |
|
my $logintype; |
|
$r->print('<div style="float:left;margin-top:0;">'); |
|
if ($saml_landing) { |
|
$ssoauthstyle = 'inline-block'; |
|
$stdauthformstyle = 'none'; |
|
$logintype = $samlssotext; |
|
my $ssologin = '/adm/sso'; |
|
if ($samlssourl ne '') { |
|
$ssologin = $samlssourl; |
|
} |
|
if (($logtoken eq 'con_lost') || ($logtoken eq 'no_such_host')) { |
|
my $querystring; |
|
if ($env{'form.firsturl'} ne '') { |
|
$querystring = 'origurl='; |
|
if ($env{'form.firsturl'} =~ /[^\x00-\xFF]/) { |
|
$querystring .= &uri_escape_utf8($env{'form.firsturl'}); |
|
} else { |
|
$querystring .= &uri_escape($env{'form.firsturl'}); |
|
} |
|
$querystring = &HTML::Entities::encode($querystring,"'"); |
|
} |
|
if ($querystring ne '') { |
|
$ssologin .= (($ssologin=~/\?/)?'&':'?') . $querystring; |
|
} |
|
} elsif ($logtoken ne '') { |
|
$ssologin .= (($ssologin=~/\?/)?'&':'?') . 'logtoken='.$logtoken; |
|
} |
|
my $ssohref; |
|
if ($samlssoimg ne '') { |
|
$ssohref = '<a href="'.$ssologin.'" title="'.$samltooltip.'">'. |
|
'<img src="'.$samlssoimg.'" alt="'.$samlssoalt.'" id="lcssobutton" /></a>'; |
|
} else { |
|
$ssohref = '<a href="'.$ssologin.'">'.$samlssotext.'</a>'; |
|
} |
|
if (($env{'form.saml'} eq 'no') || |
|
(($env{'form.username'} ne '') && ($env{'form.domain'} ne ''))) { |
|
$ssoauthstyle = 'none'; |
|
$stdauthformstyle = 'inline-block'; |
|
$logintype = $samlnonsso; |
|
} |
|
$r->print(<<ENDSAML); |
|
<p> |
|
Log-in type: |
|
<span style="font-weight:bold" id="LC_login_text">$logintype</span><br /> |
|
<span><a href="javascript:toggleLClogin();" style="color:#000000">$lt{'change'}</a></span> |
|
</p> |
|
<div style="display:$ssoauthstyle" id="LC_SSO_login"> |
|
<div class="LC_Box" style="padding-top: 10px;"> |
|
$ssohref |
|
$noscript_warning |
|
</div> |
|
<div class="LC_Box" style="padding-top: 10px;"> |
|
$loginhelp |
|
$contactblock |
|
$coursecatalog |
|
</div> |
|
</div> |
|
ENDSAML |
|
} |
|
|
|
$r->print(<<ENDLOGIN); |
|
<div style="display:$stdauthformstyle;" id="LC_standard_login"> |
<div class="LC_Box" style="background:$loginbox_bg;"> |
<div class="LC_Box" style="background:$loginbox_bg;"> |
$logintitle |
$logintitle |
$loginform |
$loginform |
Line 639 HEADER
|
Line 783 HEADER
|
</div> |
</div> |
</div> |
</div> |
|
|
<div> |
ENDLOGIN |
ENDTOP |
$r->print('</div><div>'."\n"); |
if ($showmainlogo) { |
if ($showmainlogo) { |
$r->print(' <img src="'.$logo.'" alt="" class="LC_maxwidth" />'."\n"); |
my $alttext = &Apache::loncommon::designparm('login.alttext_logo',$domain); |
|
$r->print(' <img src="'.$logo.'" alt="'.$alttext.'" class="LC_maxwidth" id="lcloginmainlogo" />'."\n"); |
} |
} |
$r->print(<<ENDTOP); |
$r->print(<<ENDTOP); |
$announcements |
$announcements |
Line 745 sub check_loginvia {
|
Line 890 sub check_loginvia {
|
my $output; |
my $output; |
if ($loginvia ne '') { |
if ($loginvia ne '') { |
my $noredirect; |
my $noredirect; |
my $ip = $ENV{'REMOTE_ADDR'}; |
my $ip = &Apache::lonnet::get_requestor_ip(); |
if ($ip eq '127.0.0.1') { |
if ($ip eq '127.0.0.1') { |
$noredirect = 1; |
$noredirect = 1; |
} else { |
} else { |
Line 813 sub redirect_page {
|
Line 958 sub redirect_page {
|
} |
} |
my $url = $protocol.'://'.$hostname.$path; |
my $url = $protocol.'://'.$hostname.$path; |
if ($env{'form.firsturl'} ne '') { |
if ($env{'form.firsturl'} ne '') { |
$url .='?firsturl='.$env{'form.firsturl'}; |
my $querystring; |
|
if ($env{'form.firsturl'} =~ /[^\x00-\xFF]/) { |
|
$querystring = &uri_escape_utf8($env{'form.firsturl'}); |
|
} else { |
|
$querystring = &uri_escape($env{'form.firsturl'}); |
|
} |
|
$querystring = &HTML::Entities::encode($querystring,"'"); |
|
$url .='?firsturl='.$querystring; |
} |
} |
my $start_page = &Apache::loncommon::start_page('Switching Server ...',undef, |
my $start_page = &Apache::loncommon::start_page('Switching Server ...',undef, |
{'redirect' => [0,$url],}); |
{'redirect' => [0,$url],}); |
Line 889 sub newuser_link {
|
Line 1041 sub newuser_link {
|
return '<a href="/adm/createaccount">'.$linkname.'</a>'; |
return '<a href="/adm/createaccount">'.$linkname.'</a>'; |
} |
} |
|
|
|
sub decode_token { |
|
my ($info) = @_; |
|
my ($firsturl,@rest)=split(/\&/,$info); |
|
my %form; |
|
if ($firsturl ne '') { |
|
$form{'firsturl'} = &unescape($firsturl); |
|
} |
|
foreach my $item (@rest) { |
|
my ($key,$value) = split(/=/,$item); |
|
$form{$key} = &unescape($value); |
|
} |
|
return %form; |
|
} |
|
|
1; |
1; |
__END__ |
__END__ |