[LON-CAPA-cvs] cvs: loncom / loncron /auth lontokacc.pm /lonnet/perl lonnet.pm

www lon-capa-cvs@mail.lon-capa.org
Sat, 27 Jul 2002 19:06:41 -0000


www		Sat Jul 27 15:06:41 2002 EDT

  Modified files:              
    /loncom	loncron 
    /loncom/auth	lontokacc.pm 
    /loncom/lonnet/perl	lonnet.pm 
  Log:
  Toward bug 481.
  
  To use token-based access, use for example
  
  '<img src="'.&Apache::lonnet::tokenwrapper($fulluri).'" />'
  
  
Index: loncom/loncron
diff -u loncom/loncron:1.31 loncom/loncron:1.32
--- loncom/loncron:1.31	Thu Jul 25 14:24:27 2002
+++ loncom/loncron	Sat Jul 27 15:06:41 2002
@@ -264,7 +264,7 @@
                                  $cleaned++;
                                  unlink("$fname");
 			      } else {
-				  if ($since>100*$perlvar{'lonExpire'}) {
+				  if ($since>365*$perlvar{'lonExpire'}) {
                                      $cleaned++;
                                      unlink("$fname");
 				 } else { $old++; }
Index: loncom/auth/lontokacc.pm
diff -u loncom/auth/lontokacc.pm:1.1 loncom/auth/lontokacc.pm:1.2
--- loncom/auth/lontokacc.pm:1.1	Sat Jul 27 14:48:19 2002
+++ loncom/auth/lontokacc.pm	Sat Jul 27 15:06:41 2002
@@ -2,7 +2,7 @@
 # Low security Access Handler for Token-based access 
 # (clearance given by other loncapa host)
 #
-# $Id: lontokacc.pm,v 1.1 2002/07/27 18:48:19 www Exp $
+# $Id: lontokacc.pm,v 1.2 2002/07/27 19:06:41 www Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -30,23 +30,25 @@
 package Apache::lontokacc;
 
 use strict;
-use Apache::Constants qw(:common :remotehost);
+use Apache::Constants qw(:common);
 use Apache::lonnet();
 use Apache::loncommon();
 
 sub handler {
     my $r = shift;
     &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},
-    ['token','server']);
+                                            ['token','server']);
+    my $tmpinfo='no_token';
     if (($ENV{'form.token'}) || ($ENV{'form.server'})) {
-        my $tmpinfo=Apache::lonnet::reply('tmpget:'.$ENV{'form.token'},
-                                                    $ENV{'form.server'});
-
+        $tmpinfo=&Apache::lonnet::unescape(
+                   &Apache::lonnet::reply('tmpget:'.$ENV{'form.token'},
+                                                    $ENV{'form.server'}));
         if ($tmpinfo eq $r->uri) {
 	   return OK;
         }
     }
-    $r->log_reason("Invalid token-based access",$r->filename); 
+    $r->log_reason("Invalid token-based access ".$r->uri.' '.$tmpinfo,
+        $r->filename); 
     return FORBIDDEN;
 }
 
Index: loncom/lonnet/perl/lonnet.pm
diff -u loncom/lonnet/perl/lonnet.pm:1.253 loncom/lonnet/perl/lonnet.pm:1.254
--- loncom/lonnet/perl/lonnet.pm:1.253	Wed Jul 17 15:18:47 2002
+++ loncom/lonnet/perl/lonnet.pm	Sat Jul 27 15:06:41 2002
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # TCP networking package
 #
-# $Id: lonnet.pm,v 1.253 2002/07/17 19:18:47 stredwic Exp $
+# $Id: lonnet.pm,v 1.254 2002/07/27 19:06:41 www Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -707,6 +707,16 @@
 
     return $response->content;
 }
+
+# ------- Add a token to a remote URI's query string to vouch for access rights
+
+sub tokenwrapper {
+    my $uri=shift;
+    my $token=&reply('tmpput:'.&escape($uri),$perlvar{'lonHostID'});
+    return $uri.(($uri=~/\?/)?'&':'?').
+	'token='.$token.'&server='.$perlvar{'lonHostID'};
+}
+    
 
 # ------------------------------------------------------------------------- Log