[LON-CAPA-cvs] cvs: loncom /auth migrateuser.pm
raeburn
raeburn at source.lon-capa.org
Fri Apr 13 21:50:43 EDT 2018
raeburn Sat Apr 14 01:50:43 2018 EDT
Modified files:
/loncom/auth migrateuser.pm
Log:
- Bug 6754 LON-CAPA as LTI Provider
If user is currently logged in, but not as an LTI log-in, log them out.
-------------- next part --------------
Index: loncom/auth/migrateuser.pm
diff -u loncom/auth/migrateuser.pm:1.27 loncom/auth/migrateuser.pm:1.28
--- loncom/auth/migrateuser.pm:1.27 Fri Mar 23 01:01:29 2018
+++ loncom/auth/migrateuser.pm Sat Apr 14 01:50:43 2018
@@ -1,7 +1,7 @@
# The LearningOnline Network
# Starts a user off based of an existing token.
#
-# $Id: migrateuser.pm,v 1.27 2018/03/23 01:01:29 raeburn Exp $
+# $Id: migrateuser.pm,v 1.28 2018/04/14 01:50:43 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -36,6 +36,7 @@
use Apache::lonlocal;
use Apache::lonlogin();
use Apache::ltiauth;
+use CGI::Cookie;
sub goto_login {
my ($r,$domain,$data) = @_;
@@ -246,6 +247,69 @@
return OK;
}
+sub logout {
+ my ($r,$handle,$data,$lti_env) = @_;
+ unlink($handle);
+ if ($env{'user.linkedenv'} ne '') {
+ my $lonidsdir=$r->dir_config('lonIDsDir');
+ if ((-l $env{'user.linkedenv'}) &&
+ (readlink($env{'user.linkedenv'}) eq "$lonidsdir/$handle.id")) {
+ unlink($env{'user.linkedenv'});
+ }
+ }
+ my %temp=('logout' => time);
+ &Apache::lonnet::put('email_status',\%temp);
+ &Apache::lonnet::log($env{'user.domain'},
+ $env{'user.name'},
+ $env{'user.home'},
+ "Logout $ENV{'REMOTE_ADDR'}");
+
+ &Apache::loncommon::content_type($r,'text/html');
+
+ #expire the cookie
+ my $c = new CGI::Cookie(-name => 'lonID',
+ -value => '',
+ -expires => '-10y',);
+ $r->headers_out->add('Set-cookie' => $c);
+ if ($env{'user.linkedenv'}) {
+ my $linked = new CGI::Cookie(-name => 'lonLinkID',
+ -value => '',
+ -expires => '-10y',);
+ $r->headers_out->add('Set-cookie' => $linked);
+ }
+ my $lonhost = $r->dir_config('lonHostID');
+ my (%info,%user_info,%lti_info);
+ if (ref($lti_env) eq 'HASH') {
+ %lti_info = %{$lti_env};
+ }
+ my $lonhost = $r->dir_config('lonHostID');
+ if (ref($data) eq 'HASH') {
+ %user_info=('ip' => $ENV{'REMOTE_ADDR'},
+ 'domain' => $data->{'domain'},
+ 'username' => $data->{'username'},
+ 'role' => $data->{'role'},
+ 'origurl' => $data->{'origurl'},
+ 'symb' => $data->{'symb'},
+ 'server' => $lonhost);
+ }
+ %info = (%user_info,%lti_info);
+ my $token = &Apache::lonnet::tmpput(\%info,$lonhost);
+ my $url = '/adm/migrateuser?token='.$token;
+ $r->send_http_header;
+ $r->print(
+ &Apache::loncommon::start_page('Updating Session ...',undef,
+ {'redirect' => [0.1,$url],
+ 'only_body' => 1,}).
+ &Apache::loncommon::end_page());
+ $r->register_cleanup(\&flush_course_logs);
+ return;
+}
+
+sub flush_course_logs {
+ &Apache::lonnet::flushcourselogs();
+ return OK;
+}
+
sub handler {
my ($r) = @_;
@@ -305,35 +369,77 @@
if ($handle) {
&Apache::lonnet::transfer_profile_to_env($r->dir_config('lonIDsDir'),
$handle);
-#FIXME if user is not currently logged in as an LTI log-in log them out.
if ($data{'lti.login'}) {
- if (($data{'lti.reqcrs'}) && ($data{'lti.reqrole'} eq 'cc')) {
+ my $needslogout;
+ if ($env{'request.lti.login'}) {
+ if (($env{'user.name'} ne $data{'username'}) ||
+ ($env{'user.domain'} ne $data{'domain'})) {
+ $needslogout = 1;
+ }
+ } else {
+ $needslogout = 1;
+ }
+# If access is via LTI, and user already has a non-LTI session cookie
+# (and session) or has an LTI session cookie for a different username,
+# logout the existing session, and start a new one
+ if ($needslogout) {
+ &logout($r,$handle,\%data,$lti_env);
+ } elsif (($data{'lti.reqcrs'}) && ($data{'lti.reqrole'} eq 'cc')) {
$form{'lti.reqcrs'} = $data{'lti.reqcrs'};
$form{'lti.reqrole'} = $data{'lti.reqrole'};
$form{'lti.sourcecrs'} = $data{'lti.sourcecrs'};
+ if ($data{'lti.passbackid'}) {
+ $form{'lti.passbackid'} = $data{'lti.passbackid'};
+ }
+ if ($data{'lti.passbackurl'}) {
+ $form{'lti.passbackurl'} = $data{'lti.passbackurl'};
+ }
+ if ($data{'lti.rosterid'}) {
+ $form{'lti.rosterid'} = $data{'lti.rosterid'};
+ }
+ if ($data{'lti.rosterurl'}) {
+ $form{'lti.rosterurl'} = $data{'lti.rosterurl'};
+ }
&Apache::loncommon::content_type($r,'text/html');
$r->send_http_header;
&Apache::ltiauth::lti_reqcrs($r,$data{'domain'},\%form,$data{'username'},$data{'domain'});
- } elsif ($data{'lti.selfenrollrole'}) {
- if (&Apache::ltiauth::lti_enroll($data{'username'},data{'domain'},
- $data{'lti.selfenrollrole'}) eq 'ok') {
- my $url = '/adm/roles?selectrole=1&'.
- &escape($data{'lti.selfenrollrole'}).'=1';
- if ($data{'origurl'} =~ m{/default_\d+\.sequence$}) {
- $url .= '&orgurl='.$data{'origurl'}.'&navmap=1';
- } elsif ($data{'origurl'} ne '') {
- $url .= '&orgurl='.$data{'origurl'};
+ } else {
+ if (ref($lti_env) eq 'HASH') {
+ delete($lti_env->{'reqcrs'});
+ delete($lti_env->{'reqrole'});
+ delete($lti_env->{'selfenrollrole'});
+ }
+ if ($data{'lti.selfenrollrole'}) {
+ if (&Apache::ltiauth::lti_enroll($data{'username'},data{'domain'},
+ $data{'lti.selfenrollrole'}) eq 'ok') {
+ my $url = '/adm/roles?selectrole=1&'.
+ &escape($data{'lti.selfenrollrole'}).'=1';
+ if ($data{'origurl'} =~ m{/default_\d+\.sequence$}) {
+ $url .= '&orgurl='.$data{'origurl'}.'&navmap=1';
+ } elsif ($data{'origurl'} ne '') {
+ $url .= '&orgurl='.$data{'origurl'};
+ }
+ if (ref($lti_env) eq 'HASH') {
+ &Apache::lonnet::appenv($lti_env);
+ }
+ $r->internal_redirect($url);
+ } else {
+ &Apache::ltiauth::invalid_request($r,23);
+ }
+ } elsif ($data{'origurl'} ne '') {
+ my $url = $data{'origurl'};
+ if ($url =~ m{/default_\d+\.sequence$}) {
+ $url .= (($url =~/\?/)?'&':'?').'navmap=1';
+ }
+ if (ref($lti_env) eq 'HASH') {
+ &Apache::lonnet::appenv($lti_env);
}
$r->internal_redirect($url);
} else {
- &Apache::ltiauth::invalid_request($r,23);
- }
- } elsif ($data{'origurl'} ne '') {
- my $url = $data{'origurl'};
- if ($url =~ m{/default_\d+\.sequence$}) {
- $url .= (($url =~/\?/)?'&':'?').'navmap=1';
+ if (ref($lti_env) eq 'HASH') {
+ &Apache::lonnet::appenv($lti_env);
+ }
}
- $r->internal_redirect($url);
}
} elsif ($data{'origurl'} ne '') {
$r->internal_redirect($data{'origurl'});
More information about the LON-CAPA-cvs
mailing list