version 1.3, 2015/05/17 17:34:43
|
version 1.11, 2021/10/26 15:52:54
|
Line 68 package Apache::lonshibauth;
|
Line 68 package Apache::lonshibauth;
|
use strict; |
use strict; |
use lib '/home/httpd/lib/perl/'; |
use lib '/home/httpd/lib/perl/'; |
use Apache::lonnet; |
use Apache::lonnet; |
|
use Apache::loncommon; |
|
use Apache::lonacc; |
use Apache::Constants qw(:common REDIRECT); |
use Apache::Constants qw(:common REDIRECT); |
use LONCAPA qw(:DEFAULT); |
use LONCAPA qw(:DEFAULT :match); |
|
|
sub handler { |
sub handler { |
my $r = shift; |
my $r = shift; |
my $target = '/adm/sso'; |
my $target = '/adm/sso'; |
if (($r->user eq '') && ($r->uri() ne $target)) { |
if (&Apache::lonnet::get_saml_landing()) { |
|
$target = '/adm/login'; |
|
} |
|
if (($r->user eq '') && ($r->uri ne $target) && ($r->uri ne '/adm/sso')) { |
my $lonhost = $Apache::lonnet::perlvar{'lonHostID'}; |
my $lonhost = $Apache::lonnet::perlvar{'lonHostID'}; |
my $hostname = &Apache::lonnet::hostname($lonhost); |
my $hostname = &Apache::lonnet::hostname($lonhost); |
if (!$hostname) { $hostname = $r->hostname(); } |
if (!$hostname) { $hostname = $r->hostname(); } |
my $protocol = $Apache::lonnet::protocol{$lonhost}; |
my $protocol = $Apache::lonnet::protocol{$lonhost}; |
unless ($protocol eq 'https') { $protocol = 'http'; } |
unless ($protocol eq 'https') { $protocol = 'http'; } |
|
my $alias = &Apache::lonnet::use_proxy_alias($r,$lonhost); |
|
if (($alias ne '') && |
|
(&Apache::lonnet::alias_shibboleth($lonhost))) { |
|
$hostname = $alias; |
|
} |
my $dest = $protocol.'://'.$hostname.$target; |
my $dest = $protocol.'://'.$hostname.$target; |
$r->subprocess_env; |
if ($target eq '/adm/login') { |
if ($ENV{'QUERY_STRING'} ne '') { |
my $querystring = &set_token($r,$lonhost); |
$dest .= '?'.$ENV{'QUERY_STRING'}; |
if ($querystring ne '') { |
|
$dest .= '?'.$querystring; |
|
} |
|
} else { |
|
my $uri = $r->uri; |
|
if ($r->args ne '') { |
|
$dest .= (($dest=~/\?/)?'&':'?').$r->args; |
|
} |
|
unless (($uri eq '/adm/roles') || ($uri eq '/adm/logout')) { |
|
unless ($r->args =~ /origurl=/) { |
|
$dest.=(($dest=~/\?/)?'&':'?').'origurl='.$uri; |
|
} |
|
} |
|
if ($uri =~ m{^/tiny/$match_domain/\w+$}) { |
|
unless (($r->args =~ /ltoken=/) || ($r->args =~ /linkkey=/)) { |
|
&Apache::lonacc::get_posted_cgi($r,['linkkey']); |
|
if ($env{'form.linkkey'} ne '') { |
|
$dest.=(($dest=~/\?/)?'&':'?').'linkkey='.$env{'form.linkkey'}; |
|
} |
|
} |
|
} |
} |
} |
$r->header_out(Location => $dest); |
$r->header_out(Location => $dest); |
return REDIRECT; |
return REDIRECT; |
Line 92 sub handler {
|
Line 122 sub handler {
|
} |
} |
} |
} |
|
|
|
sub set_token { |
|
my ($r,$lonhost) = @_; |
|
my ($firsturl,$querystring,$ssotoken,@names,%token); |
|
@names = ('role','symb','ltoken','linkkey'); |
|
map { $token{$_} = 1; } @names; |
|
unless (($r->uri eq '/adm/roles') || ($r->uri eq '/adm/logout')) { |
|
$firsturl = $r->uri; |
|
} |
|
if ($r->args ne '') { |
|
&Apache::loncommon::get_unprocessed_cgi($r->args); |
|
} |
|
if ($r->uri =~ m{^/tiny/$match_domain/\w+$}) { |
|
unless (($env{'form.ltoken'}) || ($env{'form.linkkey'})) { |
|
&Apache::lonacc::get_posted_cgi($r,['linkkey']); |
|
} |
|
} |
|
my $extras; |
|
foreach my $name (@names) { |
|
if ($env{'form.'.$name} ne '') { |
|
if ($name eq 'ltoken') { |
|
my %info = &Apache::lonnet::tmpget($env{'form.ltoken'}); |
|
if ($info{'linkprot'}) { |
|
$extras .= '&linkprot='.&escape($info{'linkprot'}); |
|
last; |
|
} |
|
} else { |
|
$extras .= '&'.$name.'='.&escape($env{'form.'.$name}); |
|
} |
|
} |
|
} |
|
if (($firsturl ne '') || ($extras ne '')) { |
|
$extras .= ':sso'; |
|
$ssotoken = &Apache::lonnet::reply('tmpput:'.&escape($firsturl). |
|
$extras,$lonhost); |
|
$querystring = 'sso='.$ssotoken; |
|
} |
|
if ($r->args ne '') { |
|
foreach my $key (sort(keys(%env))) { |
|
if ($key =~ /^form\.(.+)$/) { |
|
my $name = $1; |
|
next if ($token{$name}); |
|
$querystring .= '&'.$name.'='.$env{$key}; |
|
} |
|
} |
|
} |
|
return $querystring; |
|
} |
|
|
1; |
1; |
__END__ |
__END__ |