version 1.37, 2018/12/02 14:41:19
|
version 1.46, 2020/03/15 23:04:11
|
Line 71 sub sso_check {
|
Line 71 sub sso_check {
|
$extra_env{'request.sso.reloginserver'} = |
$extra_env{'request.sso.reloginserver'} = |
$data->{'sso.reloginserver'}; |
$data->{'sso.reloginserver'}; |
} |
} |
if (($data->{'balancer'}) && ($data->{'server'}) && ($data->{'balcookie'})) { |
|
$extra_env{'request.balancercookie'} = $data->{'server'}.':'.$data->{'balcookie'}; |
|
} |
|
} |
} |
return \%extra_env; |
return \%extra_env; |
} |
} |
Line 119 sub lti_check {
|
Line 116 sub lti_check {
|
return \%lti_env; |
return \%lti_env; |
} |
} |
|
|
|
sub canhost { |
|
my ($uname,$udom,$lonhost,$loncaparev) = @_; |
|
my $canhost; |
|
if (&Apache::lonnet::is_library($lonhost)) { |
|
my @possdoms = &Apache::lonnet::current_machine_domains(); |
|
my %roleshash = &Apache::lonnet::get_my_roles($uname,$udom,'userroles','',['ca','aa'],\@possdoms); |
|
if (keys(%roleshash)) { |
|
foreach my $key (keys(%roleshash)) { |
|
my $audom = (split(/:/,$key))[1]; |
|
if ((&Apache::lonnet::will_trust('othcoau',$udom,$audom)) && |
|
(&Apache::lonnet::will_trust('coaurem',$audom,$udom))) { |
|
$canhost = 1; |
|
last; |
|
} |
|
} |
|
} |
|
} |
|
unless ($canhost) { |
|
my $uprimary_id = &Apache::lonnet::domain($udom,'primary'); |
|
my $uint_dom = &Apache::lonnet::internet_dom($uprimary_id); |
|
my @intdoms; |
|
my $internet_names = &Apache::lonnet::get_internet_names($lonhost); |
|
if (ref($internet_names) eq 'ARRAY') { |
|
@intdoms = @{$internet_names}; |
|
} |
|
if ($uint_dom ne '' && grep(/^\Q$uint_dom\E$/,@intdoms)) { |
|
$canhost = 1; |
|
} else { |
|
my $hostname = &Apache::lonnet::hostname($lonhost); |
|
my $serverhomeID = &Apache::lonnet::get_server_homeID($hostname); |
|
my $serverhomedom = &Apache::lonnet::host_domain($serverhomeID); |
|
my %defdomdefaults = &Apache::lonnet::get_domain_defaults($serverhomedom); |
|
my %udomdefaults = &Apache::lonnet::get_domain_defaults($udom); |
|
$canhost = |
|
&Apache::lonnet::can_host_session($udom,$lonhost,$loncaparev, |
|
$udomdefaults{'remotesessions'}, |
|
$defdomdefaults{'hostedsessions'}); |
|
} |
|
} |
|
return $canhost; |
|
} |
|
|
sub ip_changed { |
sub ip_changed { |
my ($r,$udom,$camefrom,$idsref,$dataref) = @_; |
my ($r,$udom,$camefrom,$idsref,$dataref) = @_; |
&Apache::loncommon::content_type($r,'text/html'); |
&Apache::loncommon::content_type($r,'text/html'); |
Line 298 sub logout {
|
Line 337 sub logout {
|
} |
} |
my (%info,%user_info,%lti_info); |
my (%info,%user_info,%lti_info); |
if (ref($lti_env) eq 'HASH') { |
if (ref($lti_env) eq 'HASH') { |
%lti_info = %{$lti_env}; |
foreach my $key (sort(keys(%{$lti_env}))) { |
|
if ($key =~ /^request\.(.+)$/) { |
|
$lti_info{$1} = $lti_env->{$key}; |
|
} |
|
} |
} |
} |
my $lonhost = $r->dir_config('lonHostID'); |
my $lonhost = $r->dir_config('lonHostID'); |
if (ref($data) eq 'HASH') { |
if (ref($data) eq 'HASH') { |
Line 320 sub logout {
|
Line 363 sub logout {
|
{'redirect' => [0.1,$url], |
{'redirect' => [0.1,$url], |
'only_body' => 1,}). |
'only_body' => 1,}). |
&Apache::loncommon::end_page()); |
&Apache::loncommon::end_page()); |
|
if ($env{'request.balancercookie'}) { |
|
my ($balancer,$cookie) = split(/:/,$env{'request.balancercookie'}); |
|
if ((&Apache::lonnet::hostname($balancer)) && ($cookie =~ /^[a-f0-9]{32}$/)) { |
|
$cookie = $env{'user.domain'}.'_'.$env{'user.name'}.'_'.$cookie; |
|
&Apache::lonnet::delbalcookie($cookie,$balancer); |
|
} |
|
} |
$r->register_cleanup(\&flush_course_logs); |
$r->register_cleanup(\&flush_course_logs); |
return; |
return; |
} |
} |
Line 339 sub conlost_userhome {
|
Line 389 sub conlost_userhome {
|
map { $conlost{$_} = 1; } split(/,/,$data{'conlost'}); |
map { $conlost{$_} = 1; } split(/,/,$data{'conlost'}); |
} |
} |
if ($data{'loncfail'}) { |
if ($data{'loncfail'}) { |
if ($is_balancer) { |
if ($lonhost ne $data{'from_balancer'}) { |
if ($lonhost ne $data{'from_balancer'}) { |
my ($is_balancer,$posshost,$setcookie,$offloadto,$dom_balancers) = |
my ($is_balancer,$posshost,$setcookie,$offloadto,$dom_balancers) = |
&Apache::lonnet::check_loadbalancing($data{'username'},$data{'domain'}); |
&Apache::lonnet::check_loadbalancing($data{'username'},$data{'domain'}); |
if ($is_balancer) { |
if ($is_balancer) { |
if (ref($offloadto) eq 'HASH') { |
if (ref($offloadto) eq 'HASH') { |
$data{'offloadto'} = ''; |
$data{'offloadto'} = ''; |
foreach my $key (keys(%{$offloadto})) { |
foreach my $key (keys(%{$offloadto})) { |
if (ref($offloadto->{$key}) eq 'ARRAY') { |
if (ref($offloadto->{$key}) eq 'ARRAY') { |
$data{'offloadto'} .= $key.'='.join(',',@{$offloadto->{$key}}).'&'; |
$data{'offloadto'} .= $key.'='.join(',',@{$offloadto->{$key}}).'&'; |
|
} |
|
} |
} |
$data{'offloadto'} =~ s/\&$//; |
|
} elsif (ref($offloadto) eq 'ARRAY') { |
|
$data{'offloadto'} = join(',',@{$offloadto}); |
|
} |
} |
|
$data{'offloadto'} =~ s/\&$//; |
|
} elsif (ref($offloadto) eq 'ARRAY') { |
|
$data{'offloadto'} = join(',',@{$offloadto}); |
} |
} |
} |
} |
} |
} |
Line 446 sub conlost_userhome {
|
Line 494 sub conlost_userhome {
|
return $otherserver; |
return $otherserver; |
} else { |
} else { |
#FIXME Contents of $data{'dom_balancers'} contains invalid hostID. |
#FIXME Contents of $data{'dom_balancers'} contains invalid hostID. |
} |
} |
} else { |
} else { |
if ($data{'loncfail'}) { |
if ($data{'loncfail'}) { |
#FIXME Nowhere to go. |
#FIXME Nowhere to go. |
Line 577 sub handler {
|
Line 625 sub handler {
|
$udom=$data{'domain'}; |
$udom=$data{'domain'}; |
} |
} |
if ($home eq 'no_host') { return &goto_login($r,$udom,\%data); } |
if ($home eq 'no_host') { return &goto_login($r,$udom,\%data); } |
if (&Apache::lonnet::hostname($home) eq '') { return &goto_login($r,$udom,\%data); } |
if (&Apache::lonnet::hostname($home) eq '') { return &goto_login($r,$udom,\%data); } |
|
|
|
unless (grep(/^\Q$home\E$/,@ids)) { |
|
my $lonhost = $r->dir_config('lonHostID'); |
|
my $loncaparev = $r->dir_config('lonVersion'); |
|
unless (&canhost($data{'username'},$data{'domain'},$lonhost,$loncaparev)) { |
|
return &goto_login($r,$udom,\%data); |
|
} |
|
} |
|
|
my $rolemsg; |
my $rolemsg; |
if ($data{'role'}) { |
if ($data{'role'}) { |
$rolemsg = "role: $data{'role'}"; |
$rolemsg = "role: $data{'role'}"; |
} else { |
} else { |
$rolemsg = '(no role)'; |
$rolemsg = '(no role)'; |
} |
} |
Line 597 sub handler {
|
Line 653 sub handler {
|
} elsif ((ref($lti_env) eq 'HASH') && (keys(%{$lti_env}))) { |
} elsif ((ref($lti_env) eq 'HASH') && (keys(%{$lti_env}))) { |
$extra_env = $lti_env; |
$extra_env = $lti_env; |
} |
} |
|
if (($data{'balancer'}) && ($data{'server'}) && ($data{'balcookie'})) { |
|
if (ref($extra_env) eq 'HASH') { |
|
$extra_env->{'request.balancercookie'} = $data{'server'}.':'.$data{'balcookie'}; |
|
} else { |
|
$extra_env = { 'request.balancercookie' => $data{'server'}.':'.$data{'balcookie'} }; |
|
} |
|
} |
|
|
if (($data{'conlost'}) && ($data{'server'})) { |
if (($data{'conlost'}) && ($data{'server'})) { |
my @conlosts = split(/,/,$data{'conlost'}); |
my @conlosts = split(/,/,$data{'conlost'}); |
Line 608 sub handler {
|
Line 671 sub handler {
|
} |
} |
} |
} |
|
|
my %form; |
my (%form,$cid); |
if ($data{'symb'} ne '') { |
if ($data{'symb'} ne '') { |
$form{'symb'} = $data{'symb'}; |
$form{'symb'} = $data{'symb'}; |
} |
} |
Line 618 sub handler {
|
Line 681 sub handler {
|
if ($data{'noloadbalance'} ne '') { |
if ($data{'noloadbalance'} ne '') { |
$form{'noloadbalance'} = $data{'noloadbalance'}; |
$form{'noloadbalance'} = $data{'noloadbalance'}; |
} |
} |
|
if ($data{'role'}) { |
if (!$data{'role'}) { |
if ($data{'role'} =~ m{\./($match_domain)/($match_courseid)(?:/\w+|$)}) { |
|
unless (&Apache::lonnet::homeserver($2,$1) eq 'no_host') { |
|
$cid = $1.'_'.$2; |
|
} |
|
} |
|
} else { |
my $handle = &Apache::lonnet::check_for_valid_session($r); |
my $handle = &Apache::lonnet::check_for_valid_session($r); |
if ($handle) { |
if ($handle) { |
&Apache::lonnet::transfer_profile_to_env($r->dir_config('lonIDsDir'), |
&Apache::lonnet::transfer_profile_to_env($r->dir_config('lonIDsDir'), |
$handle); |
$handle); |
|
if ($data{'linkprot'} ne '') { |
|
my ($linkprotector,$deeplink) = split(/:/,$data{'linkprot'},2); |
|
if ($deeplink ne '') { |
|
&Apache::lonnet::appenv({'request.deeplink.login' => $deeplink}); |
|
} |
|
if ($env{'user.linkprotector'}) { |
|
my @protectors = split(/,/,$env{'user.linkprotector'}); |
|
unless (grep(/^\Q$linkprotector\E$/,@protectors)) { |
|
push(@protectors,$linkprotector); |
|
@protectors = sort { $a <=> $b } @protectors; |
|
&Apache::lonnet::appenv({'user.linkprotector' => join(',',@protectors)}); |
|
} |
|
} else { |
|
&Apache::lonnet::appenv({'user.linkprotector' => $linkprotector }); |
|
} |
|
if ($env{'user.linkproturi'}) { |
|
my @proturis = split(/,/,$env{'user.linkproturi'}); |
|
unless(grep(/^\Q$deeplink\E$/,@proturis)) { |
|
push(@proturis,$deeplink); |
|
@proturis = sort @proturis; |
|
&Apache::lonnet::appenv({'user.linkproturi' => join(',',@proturis)}); |
|
} |
|
} else { |
|
&Apache::lonnet::appenv({'user.linkproturi' => $deeplink}); |
|
} |
|
} elsif ($data{'deeplink.login'}) { |
|
my $deeplink = $data{'deeplink.login'}; |
|
if ($data{'linkkey'}) { |
|
my $linkkey = $data{'linkkey'}; |
|
if ($env{'user.deeplinkkey'}) { |
|
my @linkkeys = split(/,/,$env{'user.deeplinkkey'}); |
|
unless (grep(/^\Q$linkkey\E$/,@linkkeys)) { |
|
push(@linkkeys,$linkkey); |
|
&Apache::lonnet::appenv({'user.deeplinkkey' => join(',',sort(@linkkeys))}); |
|
} |
|
} else { |
|
&Apache::lonnet::appenv({'user.deeplinkkey' => $linkkey}); |
|
} |
|
if ($env{'user.keyedlinkuri'}) { |
|
my @keyeduris = split(/,/,$env{'user.keyedlinkuri'}); |
|
unless (grep(/^\Q$deeplink\E$/,@keyeduris)) { |
|
push(@keyeduris,$deeplink); |
|
&Apache::lonnet::appenv({'user.keyedlinkuri' => join(',',sort(@keyeduris))}); |
|
} |
|
} else { |
|
&Apache::lonnet::appenv({'user.keyedlinkuri' => $deeplink}); |
|
} |
|
} |
|
&Apache::lonnet::appenv({'request.deeplink.login' => $data{'deeplink.login'}}); |
|
} |
if ($data{'lti.login'}) { |
if ($data{'lti.login'}) { |
my $needslogout; |
my $needslogout; |
if ($env{'request.lti.login'}) { |
if ($env{'request.lti.login'}) { |
Line 717 sub handler {
|
Line 835 sub handler {
|
$desturl .= (($desturl =~/\?/)?'&':'?').'navmap=1'; |
$desturl .= (($desturl =~/\?/)?'&':'?').'navmap=1'; |
} |
} |
} |
} |
|
if ($data{'linkprot'}) { |
|
my ($linkprotector,$linkuri) = split(/:/,$data{'linkprot'},2); |
|
if ($linkprotector) { |
|
if (ref($extra_env) eq 'HASH') { |
|
$extra_env->{'user.linkprotector'} = $linkprotector; |
|
$extra_env->{'user.linkproturi'} = $linkuri; |
|
} else { |
|
$extra_env = {'user.linkprotector' => $linkprotector, |
|
'user.linkproturi' => $linkuri,}; |
|
} |
|
} |
|
} elsif ($data{'deeplink.login'}) { |
|
if ($data{'linkkey'}) { |
|
if (ref($extra_env) eq 'HASH') { |
|
$extra_env->{'user.deeplinkkey'} = $data{'linkkey'}; |
|
$extra_env->{'user.keyedlinkuri'} = $data{'deeplink.login'}, |
|
} else { |
|
$extra_env = {'user.deeplinkkey' => $data{'linkkey'}, |
|
'user.keyedlinkuri' => $data{'deeplink.login'}}; |
|
} |
|
} |
|
if (ref($extra_env) eq 'HASH') { |
|
$extra_env->{'request.deeplink.login' => $data{'deeplink.login'}}; |
|
} else { |
|
$extra_env = {'request.deeplink.login' => $data{'deeplink.login'}}; |
|
} |
|
} |
} |
} |
my $skipcritical; |
my $skipcritical; |
if (($data{'lti.login'}) && ($data{'lti.reqcrs'}) && |
if ($data{'lti.login'}) { |
($data{'lti.reqrole'} eq 'cc')) { |
if ((($data{'lti.reqcrs'}) && |
$skipcritical = 1; |
($data{'lti.reqrole'} eq 'cc')) || |
|
($data{'lti.selfenrollrole'})) { |
|
$skipcritical = 1; |
|
} |
} |
} |
&Apache::lonauth::success($r,$data{'username'},$data{'domain'}, |
&Apache::lonauth::success($r,$data{'username'},$data{'domain'}, |
$home,$desturl,$extra_env,\%form,$skipcritical); |
$home,$desturl,$extra_env,\%form,$skipcritical); |
Line 729 sub handler {
|
Line 877 sub handler {
|
return OK; |
return OK; |
} |
} |
|
|
my $next_url='/adm/roles?selectrole=1&'.&escape($data{'role'}).'=1'; |
if ($data{'lti.login'}) { |
if ($data{'origurl'} ne '') { |
my $handle = &Apache::lonnet::check_for_valid_session($r); |
$next_url .= '&orgurl='.&escape($data{'origurl'}); |
if ($handle) { |
if ($data{'lti.login'}) { |
&Apache::lonnet::transfer_profile_to_env($r->dir_config('lonIDsDir'), |
if (($data{'origurl'} =~ m{/default_\d+\.sequence$}) || |
$handle); |
($data{'origurl'} =~ m{^/res/.+\.sequence$})) { |
my $needslogout; |
$next_url .= '&navmap=1'; |
if ($env{'request.lti.login'}) { |
|
if (($env{'user.name'} ne $data{'username'}) || |
|
($env{'user.domain'} ne $data{'domain'})) { |
|
$needslogout = 1; |
|
} |
|
} else { |
|
$needslogout = 1; |
|
} |
|
if ($needslogout) { |
|
&logout($r,$handle,\%data,$lti_env); |
|
return OK; |
} |
} |
} |
} |
} |
} |
&Apache::lonauth::success($r,$data{'username'},$data{'domain'},$home, |
|
$next_url,$extra_env,\%form); |
# check if current user, and role match those expected. |
|
my ($next_url,$reuse_session); |
|
if (($env{'user.name'} eq $data{'username'}) && ($env{'user.domain'} eq $data{'domain'}) && |
|
($env{'request.role'} eq $data{'role'}) && ($data{'origurl'} ne '')) { |
|
$next_url = $data{'origurl'}; |
|
$reuse_session = 1; |
|
} else { |
|
$next_url='/adm/roles?selectrole=1&'.&escape($data{'role'}).'=1'; |
|
if ($data{'origurl'} ne '') { |
|
$next_url .= '&orgurl='.&escape($data{'origurl'}); |
|
} |
|
} |
|
if ($data{'lti.login'}) { |
|
if (($data{'origurl'} =~ m{/default_\d+\.sequence$}) || |
|
($data{'origurl'} =~ m{^/res/.+\.sequence$})) { |
|
$next_url .= '&navmap=1'; |
|
} |
|
} |
|
if ($reuse_session) { |
|
$r->internal_redirect($next_url); |
|
} else { |
|
&Apache::lonauth::success($r,$data{'username'},$data{'domain'},$home, |
|
$next_url,$extra_env,\%form,'',$cid); |
|
} |
return OK; |
return OK; |
} |
} |
|
|