[LON-CAPA-cvs] cvs: loncom /auth migrateuser.pm switchserver.pm

Fri Jun 14 22:50:04 EDT 2019

raeburn		Sat Jun 15 02:50:04 2019 EDT

  Modified files:              
    /loncom/auth	migrateuser.pm switchserver.pm 
  Log:
  - Bug 6754
    - Domain config for load balancer to use cookie to record offload target
      will apply when LON-CAPA is an LTI Provider, and launch URL is a load
      balancer.  
  
  
Index: loncom/auth/migrateuser.pm
diff -u loncom/auth/migrateuser.pm:1.43 loncom/auth/migrateuser.pm:1.44

--- loncom/auth/migrateuser.pm:1.43	Sun Jan 27 16:02:43 2019
+++ loncom/auth/migrateuser.pm	Sat Jun 15 02:50:04 2019
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Starts a user off based of an existing token.
 #
-# $Id: migrateuser.pm,v 1.43 2019/01/27 16:02:43 raeburn Exp $
+# $Id: migrateuser.pm,v 1.44 2019/06/15 02:50:04 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -115,6 +115,9 @@
         if ($data->{'lti.rosterurl'}) {
             $lti_env{'request.lti.rosterurl'} = $data->{'lti.rosterurl'};
         }
+        if (($data->{'balancer'}) && ($data->{'server'}) && ($data->{'balcookie'})) {
+            $lti_env{'request.balancercookie'} = $data->{'server'}.':'.$data->{'balcookie'};
+        }
     }
     return \%lti_env;
 }
@@ -340,7 +343,11 @@
     }
     my (%info,%user_info,%lti_info);
     if (ref($lti_env) eq 'HASH') {
-        %lti_info = %{$lti_env};
+        foreach my $key (sort(keys(%{$lti_env}))) {
+            if ($key =~ /^request\.(.+)$/) {
+                $lti_info{$1} = $lti_env->{$key};
+            }
+        }
     }
     my $lonhost = $r->dir_config('lonHostID');
     if (ref($data) eq 'HASH') {
@@ -362,6 +369,13 @@
                                        {'redirect'       => [0.1,$url],
                                         'only_body'      => 1,}).
         &Apache::loncommon::end_page());
+    if ($env{'request.balancercookie'}) {
+        my ($balancer,$cookie) = split(/:/,$env{'request.balancercookie'});
+        if ((&Apache::lonnet::hostname($balancer)) && ($cookie =~ /^[a-f0-9]{32}$/)) {
+            $cookie = $env{'user.domain'}.'_'.$env{'user.name'}.'_'.$cookie;
+            &Apache::lonnet::delbalcookie($cookie,$balancer);
+        }
+    }
     $r->register_cleanup(\&flush_course_logs);
     return;
 }
@@ -844,9 +858,12 @@
                 }
             }
             my $skipcritical;
-            if (($data{'lti.login'}) && ($data{'lti.reqcrs'}) &&
-                ($data{'lti.reqrole'} eq 'cc')) {
-                $skipcritical = 1;
+            if ($data{'lti.login'}) {
+                if ((($data{'lti.reqcrs'}) &&
+                     ($data{'lti.reqrole'} eq 'cc')) ||
+                    ($data{'lti.selfenrollrole'})) {
+                    $skipcritical = 1;
+                }
             }
 	    &Apache::lonauth::success($r,$data{'username'},$data{'domain'},
 				      $home,$desturl,$extra_env,\%form,$skipcritical);
@@ -854,18 +871,51 @@
 	return OK;
     }
 
-    my $next_url='/adm/roles?selectrole=1&'.&escape($data{'role'}).'=1';
-    if ($data{'origurl'} ne '') {
-        $next_url .= '&orgurl='.&escape($data{'origurl'});
-        if ($data{'lti.login'}) {
-            if (($data{'origurl'} =~ m{/default_\d+\.sequence$}) ||
-                ($data{'origurl'} =~ m{^/res/.+\.sequence$})) {
-                $next_url .= '&navmap=1';
+    if ($data{'lti.login'}) {
+        my $handle = &Apache::lonnet::check_for_valid_session($r);
+        if ($handle) {
+            &Apache::lonnet::transfer_profile_to_env($r->dir_config('lonIDsDir'),
+                                                     $handle);
+            my $needslogout;
+            if ($env{'request.lti.login'}) {
+                if (($env{'user.name'} ne $data{'username'}) ||
+                    ($env{'user.domain'} ne $data{'domain'})) {
+                    $needslogout = 1;
+                }
+            } else {
+                $needslogout = 1;
+            }
+            if ($needslogout) {
+                &logout($r,$handle,\%data,$lti_env);
+                return OK;
             }
         }
     }
-    &Apache::lonauth::success($r,$data{'username'},$data{'domain'},$home,
-			      $next_url,$extra_env,\%form);
+
+# check if current user, and role match those expected.
+    my ($next_url,$reuse_session);
+    if (($env{'user.name'} eq $data{'username'}) && ($env{'user.domain'} eq $data{'domain'}) &&
+        ($env{'request.role'} eq $data{'role'}) && ($data{'origurl'} ne '')) {
+        $next_url = $data{'origurl'};
+        $reuse_session = 1;
+    } else {
+        $next_url='/adm/roles?selectrole=1&'.&escape($data{'role'}).'=1';
+        if ($data{'origurl'} ne '') {
+            $next_url .= '&orgurl='.&escape($data{'origurl'});
+        }
+    }
+    if ($data{'lti.login'}) {
+        if (($data{'origurl'} =~ m{/default_\d+\.sequence$}) ||
+            ($data{'origurl'} =~ m{^/res/.+\.sequence$})) {
+            $next_url .= '&navmap=1';
+        }
+    }
+    if ($reuse_session) {
+        $r->internal_redirect($next_url);
+    } else {
+        &Apache::lonauth::success($r,$data{'username'},$data{'domain'},$home,
+                                  $next_url,$extra_env,\%form);
+    }
     return OK;
 }
 
Index: loncom/auth/switchserver.pm
diff -u loncom/auth/switchserver.pm:1.48 loncom/auth/switchserver.pm:1.49
--- loncom/auth/switchserver.pm:1.48	Sun Jan 27 16:02:43 2019
+++ loncom/auth/switchserver.pm	Sat Jun 15 02:50:04 2019
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Switch Servers Handler
 #
-# $Id: switchserver.pm,v 1.48 2019/01/27 16:02:43 raeburn Exp $
+# $Id: switchserver.pm,v 1.49 2019/06/15 02:50:04 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -56,9 +56,13 @@
 sub do_redirect {
     my ($r,$url,$only_body,$extra_text) = @_;
     $r->send_http_header;
+    my $delay = 0.5;
+    if ($only_body) {
+        $delay = 0;
+    }
     my $start_page = 
 	&Apache::loncommon::start_page('Switching Server ...',undef,
-				       {'redirect'       => [0.5,$url],
+				       {'redirect'       => [$delay,$url],
 					'only_body'      => $only_body,});
     my $end_page   = &Apache::loncommon::end_page();
     $r->print($start_page.$extra_text.$end_page);
@@ -231,6 +235,7 @@
 # ---------------------------------------------------------------- Get handover
 
     my $newcookieid;
+    my $only_body = 0;
     my ($is_balancer,$posshost,$setcookie,$offloadto,$dom_balancers) =
         &Apache::lonnet::check_loadbalancing($env{'user.name'},$env{'user.domain'});
     if ($is_balancer && $setcookie && $env{'form.otherserver'}) {
@@ -239,8 +244,10 @@
         # cookie which points at the target server
         my ($found_server,$balancer_cookie) = &Apache::lonnet::check_for_balancer_cookie($r,1);
 
-        unless (($found_server eq $env{'form.otherserver'}) &&
-                ($balancer_cookie =~ /^\Q$env{'user.domain'}\E_\Q$env{'user.name'}\E_/)) {
+        if (($found_server eq $env{'form.otherserver'}) &&
+            ($balancer_cookie =~ /^\Q$env{'user.domain'}\E_\Q$env{'user.name'}\E_/)) {
+            $only_body = 1;
+        } else {
             $newcookieid = &balancer_cookieid($r,$env{'form.otherserver'},
                                               $env{'user.name'},$env{'user.domain'});
         }
@@ -328,7 +335,7 @@
 	'&username='.$env{'user.name'}.
 	'&token='.$token;
 # --------------------------------------------------------------- Screen Output
-    return &do_redirect($r, $url, 0);
+    return &do_redirect($r, $url, $only_body);
 }
 
 1;


