--- loncom/auth/lonuploadedacc.pm	2002/08/02 14:45:04	1.1
+++ loncom/auth/lonuploadedacc.pm	2008/11/20 15:19:22	1.15
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Access Handler for User Files
 #
-# $Id: lonuploadedacc.pm,v 1.1 2002/08/02 14:45:04 www Exp $
+# $Id: lonuploadedacc.pm,v 1.15 2008/11/20 15:19:22 jms Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -26,15 +26,37 @@
 # http://www.lon-capa.org/
 #
 
+
+
 package Apache::lonuploadedacc;
 
+
 use strict;
-use Apache::Constants qw(:common :remotehost);
-use Apache::lonnet();
-use Apache::File();
+use Apache::Constants qw(:common :http);
+use Apache::lonnet;
 
 sub handler {
     my $r = shift;
+    my $args=$r->args;
+    &Apache::loncommon::get_unprocessed_cgi($args,['token','tokenissued']); 
+    my (undef,undef,$udom,$uname,$ufile)=split(/\//,$r->uri,5);
+    $ufile=~s/^[\~\.]+//;
+    my $remoteserver=$env{'form.tokenissued'};
+    my $reply=&Apache::lonnet::reply('tokenauthuserfile:'.
+                 $udom.'/'.$uname.'/'.$ufile.':'.$env{'form.token'},
+				     $remoteserver);
+    if ($reply eq 'ok') {
+       return OK;
+   } elsif ($reply eq 'con_lost' || $reply eq 'no_such_host') {
+       &Apache::lonnet::logthis("Server unavailable for userfile access $uname at $udom for $ufile with $remoteserver token $env{'form.token'}: $reply");
+       return HTTP_SERVICE_UNAVAILABLE;
+   } else {
+       &Apache::lonnet::logthis("Refused userfile access $uname at $udom for $ufile with $remoteserver token $env{'form.token'}: $reply");
+       return FORBIDDEN;
+   }
+}
+
+sub skip_phase {
     return OK;
 }
 
@@ -43,7 +65,31 @@ __END__
 
 
 
+=head1 NAME
+
+Apache::lonuploadedacc
+
+=head1 SYNOPSIS
+
+The way this is supposed to work:
+
+ User A has client machine C 
+ User A is logged into LON-CAPA server S
+ needs file from user B
+ homeserver for user B is H
+
+This is part of the LearningOnline Network with CAPA project
+described at http://www.lon-capa.org.
+
+=head1 HANDLER SUBROUTINE
+
+This handler runs on H
+To access a userfile:
+Server S generates a token and puts it into the query string of URL for H
+Client box C asks H for file with token issued by C
+H now must ask S if token is valid, uses S's lond-command tokenauthuserfile
 
+=cut