Annotation of loncom/auth/migrateuser.pm, revision 1.36
1.1 albertel 1: # The LearningOnline Network
2: # Starts a user off based of an existing token.
3: #
1.36 ! raeburn 4: # $Id: migrateuser.pm,v 1.35 2018/11/24 16:19:04 raeburn Exp $
1.1 albertel 5: #
6: # Copyright Michigan State University Board of Trustees
7: #
8: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
9: #
10: # LON-CAPA is free software; you can redistribute it and/or modify
11: # it under the terms of the GNU General Public License as published by
12: # the Free Software Foundation; either version 2 of the License, or
13: # (at your option) any later version.
14: #
15: # LON-CAPA is distributed in the hope that it will be useful,
16: # but WITHOUT ANY WARRANTY; without even the implied warranty of
17: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18: # GNU General Public License for more details.
19: #
20: # You should have received a copy of the GNU General Public License
21: # along with LON-CAPA; if not, write to the Free Software
22: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23: #
24: # /home/httpd/html/adm/gpl.txt
25: #
26: # http://www.lon-capa.org/
27: #
28:
1.2 albertel 29: package Apache::migrateuser;
1.1 albertel 30:
31: use strict;
1.19 raeburn 32: use LONCAPA qw(:DEFAULT :match);
1.1 albertel 33: use Apache::Constants qw(:common :http :methods);
34: use Apache::lonauth;
35: use Apache::lonnet;
1.6 albertel 36: use Apache::lonlocal;
1.18 raeburn 37: use Apache::lonlogin();
1.27 raeburn 38: use Apache::ltiauth;
1.28 raeburn 39: use CGI::Cookie;
1.1 albertel 40:
41: sub goto_login {
1.27 raeburn 42: my ($r,$domain,$data) = @_;
43: if ((ref($data) eq 'HASH') && ($data->{'lti.login'})) {
44: &Apache::ltiauth::invalid_request($r,'22');
45: } else {
46: &Apache::loncommon::content_type($r,'text/html');
47: $r->send_http_header;
48: my $url = '/adm/login';
49: if ($domain) {
50: $url .= '?domain='.$domain;
51: }
52: $r->print(&Apache::loncommon::start_page('Going to login',undef,
53: {'redirect' => [0,$url],}).
54: '<h1>'.&mt('One moment please...').'</h1>'.
55: '<p>'.&mt('Transferring to login page.').'</p>'.
56: &Apache::loncommon::end_page());
57: }
1.2 albertel 58: return OK;
1.1 albertel 59: }
60:
1.27 raeburn 61: sub sso_check {
1.7 albertel 62: my ($data) = @_;
1.8 albertel 63: my %extra_env;
1.18 raeburn 64: if (ref($data) eq 'HASH') {
65: if ($data->{'sso.login'}) {
66: $extra_env{'request.sso.login'} = $data->{'sso.login'};
67: }
68: if ($data->{'sso.reloginserver'}) {
69: $extra_env{'request.sso.reloginserver'} =
70: $data->{'sso.reloginserver'};
71: }
1.35 raeburn 72: if (($data->{'balancer'}) && ($data->{'server'}) && ($data->{'balcookie'})) {
73: $extra_env{'request.balancercookie'} = $data->{'server'}.':'.$data->{'balcookie'};
74: }
1.27 raeburn 75: }
76: return \%extra_env;
77: }
78:
79: sub lti_check {
80: my ($data) = @_;
81: my %lti_env;
82: if (ref($data) eq 'HASH') {
1.26 raeburn 83: if ($data->{'lti.login'}) {
1.27 raeburn 84: $lti_env{'request.lti.login'} = $data->{'lti.login'};
85: if ($data->{'lti.reqcrs'}) {
86: $lti_env{'request.lti.reqcrs'} = $data->{'lti.reqcrs'};
87: }
88: if ($data->{'lti.reqrole'}) {
89: $lti_env{'request.lti.reqrole'} = $data->{'lti.reqrole'};
90: }
91: if ($data->{'lti.selfenrollrole'}) {
92: $lti_env{'request.lti.selfenrollrole'} = $data->{'lti.selfenrollrole'};
93: }
1.29 raeburn 94: if ($data->{'lti.uri'}) {
95: $lti_env{'request.lti.uri'} = $data->{'lti.uri'};
96: }
97: if ($data->{'lti.target'}) {
98: $lti_env{'request.lti.target'} = $data->{'lti.target'};
99: }
1.32 raeburn 100: if ($data->{'lti.sourcecrs'}) {
101: $lti_env{'request.lti.sourcecrs'} = $data->{'lti.sourcecrs'};
102: }
1.26 raeburn 103: }
104: if ($data->{'lti.passbackid'}) {
1.27 raeburn 105: $lti_env{'request.lti.passbackid'} = $data->{'lti.passbackid'};
1.26 raeburn 106: }
107: if ($data->{'lti.passbackurl'}) {
1.27 raeburn 108: $lti_env{'request.lti.passbackurl'} = $data->{'lti.passbackurl'};
1.26 raeburn 109: }
110: if ($data->{'lti.rosterid'}) {
1.27 raeburn 111: $lti_env{'request.lti.rosterid'} = $data->{'lti.rosterid'};
1.26 raeburn 112: }
113: if ($data->{'lti.rosterurl'}) {
1.27 raeburn 114: $lti_env{'request.lti.rosterurl'} = $data->{'lti.rosterurl'};
1.26 raeburn 115: }
1.7 albertel 116: }
1.27 raeburn 117: return \%lti_env;
1.18 raeburn 118: }
119:
120: sub ip_changed {
121: my ($r,$udom,$camefrom,$dataref) = @_;
122: &Apache::loncommon::content_type($r,'text/html');
123: $r->send_http_header;
124: if (ref($dataref) eq 'HASH') {
125: my $title = 'LON-CAPA Session redirected';
126: my $message = &mt('Your internet address has changed since you logged in.');
127: my $rule_in_effect;
1.22 raeburn 128: if ($dataref->{'balancer'}) {
129: my $baldom = &Apache::lonnet::host_domain($camefrom);
130: my $balprimaryid = &Apache::lonnet::domain($baldom,'primary');
131: my $balintdom = &Apache::lonnet::internet_dom($balprimaryid);
132: my $uprimaryid = &Apache::lonnet::domain($udom,'primary');
133: my $uintdom = &Apache::lonnet::internet_dom($uprimaryid);
134: my $dom_in_use;
135: if (($uintdom ne '') && ($uintdom eq $balintdom)) {
136: $dom_in_use = $udom;
137: } else {
138: $dom_in_use = $baldom;
1.21 raeburn 139: }
1.22 raeburn 140: my ($result,$cached)=&Apache::lonnet::is_cached_new('loadbalancing',$dom_in_use);
1.18 raeburn 141: unless (defined($cached)) {
142: my $cachetime = 60*60*24;
143: my %domconfig =
1.22 raeburn 144: &Apache::lonnet::get_dom('configuration',['loadbalancing'],$dom_in_use);
1.18 raeburn 145: if (ref($domconfig{'loadbalancing'}) eq 'HASH') {
1.22 raeburn 146: $result = &Apache::lonnet::do_cache_new('loadbalancing',$dom_in_use,
1.18 raeburn 147: $domconfig{'loadbalancing'},$cachetime);
148: }
149: }
150: if (ref($result) eq 'HASH') {
151: (undef,my $currtargets,my $currrules) =
152: &Apache::lonnet::check_balancer_result($result,$dataref->{'server'});
153: if (ref($currrules) eq 'HASH') {
154: if ($dataref->{'sso.login'}) {
155: if ($currrules->{'_LC_ipchangesso'} ne '') {
156: $rule_in_effect = $currrules->{'_LC_ipchangesso'};
157: }
158: } else {
159: if ($currrules->{'_LC_ipchange'} ne '') {
160: $rule_in_effect = $currrules->{'_LC_ipchange'};
161: }
162: }
163: }
164: }
165: }
166: my $url;
167: my $lonhost= $r->dir_config('lonHostID');
168: my $switchto = $lonhost;
1.23 raeburn 169: if ($rule_in_effect ne 'offloadedto') {
1.18 raeburn 170: my $hosthere;
1.23 raeburn 171: my @ids=&Apache::lonnet::current_machine_ids();
172: unless ($rule_in_effect eq 'balancer') {
173: if (grep(/^\Q$rule_in_effect\E$/,@ids)) {
174: $hosthere = 1;
175: }
176: }
177: unless ($hosthere) {
178: if ($dataref->{'role'}) {
179: my ($adom,$aname);
180: if ($dataref->{'role'} =~ m{^au\./($match_domain)/$}) {
181: $adom = $1;
182: $aname = $dataref->{'username'};
183: } elsif ($dataref->{'role'} =~ m{^(?:ca|aa)\./($match_domain)/($match_username)$}) {
184: $adom = $1;
185: $aname = $2;
186: }
187: if ($adom ne '' && $aname ne '') {
188: my $ahome = &Apache::lonnet::homeserver($aname,$adom);
189: unless ($ahome eq 'no_host') {
190: if ($ahome && grep(/^\Q$ahome\E$/,@ids)) {
191: $hosthere = 1;
192: }
1.18 raeburn 193: }
194: }
195: }
196: }
1.23 raeburn 197: unless ($hosthere) {
198: my $hostname;
199: if ($rule_in_effect eq 'balancer') {
200: $hostname = &Apache::lonnet::hostname($dataref->{'server'});
201: if ($hostname) {
202: $switchto = $dataref->{'server'};
203: }
204: } else {
205: $hostname = &Apache::lonnet::hostname($rule_in_effect);
206: if ($hostname) {
207: $switchto = $rule_in_effect;
208: }
209: }
1.18 raeburn 210: if ($hostname) {
211: my $protocol = $Apache::lonnet::protocol{$switchto};
212: $protocol = 'http' if ($protocol ne 'https');
213: $url = $protocol.'://'.$hostname;
1.23 raeburn 214: if ($rule_in_effect eq 'balancer') {
215: $message .= '<br />'.
216: &mt('As a result, your LON-CAPA session is being redirected to the server where you originally logged in.');
217: } else {
218: $message .= '<br />'.
219: &mt('As a result, your LON-CAPA session is being redirected.');
220: }
1.18 raeburn 221: }
222: }
1.35 raeburn 223: unless ($hosthere) {
224: if (($dataref->{'balancer'}) && ($dataref->{'balcookie'})) {
225: &Apache::lonnet::delbalcookie($dataref->{'balcookie'},$dataref->{'balancer'});
226: }
227: }
1.18 raeburn 228: }
229: if ($dataref->{'sso.login'}) {
1.21 raeburn 230: $url .= '/adm/roles';
1.18 raeburn 231: } else {
1.21 raeburn 232: $url .= '/adm/login';
1.24 raeburn 233: if ($udom) {
234: $url .= '?domain='.$udom;
235: }
1.20 raeburn 236: $message .= '<br />'.&mt('You will need to provide your password one more time.');
1.18 raeburn 237: }
238: my %info= (
1.24 raeburn 239: 'domain' => $udom,
1.18 raeburn 240: 'username' => $dataref->{'username'},
241: 'role' => $dataref->{'role'},
242: 'sessionserver' => $lonhost,
243: );
244: if ($dataref->{'origurl'}) {
245: $info{'origurl'} = $dataref->{'origurl'};
246: }
247: if ($dataref->{'symb'}) {
248: $info{'symb'} = $dataref->{'symb'};
249: }
250: my $iptoken = &Apache::lonnet::tmpput(\%info,$switchto);
251: unless ($iptoken eq 'conlost') {
1.24 raeburn 252: $url .= ($url =~ /\?/) ? '&' : '?';
253: $url .= 'iptoken='.$iptoken;
1.18 raeburn 254: }
255: $r->print(&Apache::loncommon::start_page($title,undef,
256: {'redirect' =>
257: [2,$url],}).
258: '<h1>'.&mt('One moment please...').'</h1>'.
259: '<p class="LC_warning">'.$message.'</p>'.
260: &Apache::loncommon::end_page());
261: } else {
262: return &goto_login($r);
1.10 raeburn 263: }
1.18 raeburn 264: return OK;
1.7 albertel 265: }
266:
1.28 raeburn 267: sub logout {
268: my ($r,$handle,$data,$lti_env) = @_;
1.34 raeburn 269: my $lonidsdir=$r->dir_config('lonIDsDir');
270: if (unlink("$lonidsdir/$handle.id")) {
271: if (($env{'user.linkedenv'} =~ /^[a-f0-9]+_linked$/) &&
272: (-l "$lonidsdir/$env{'user.linkedenv'}.id") &&
273: (readlink("$lonidsdir/$env{'user.linkedenv'}.id") eq "$lonidsdir/$handle.id")) {
274: unlink("$lonidsdir/$env{'user.linkedenv'}.id");
1.28 raeburn 275: }
276: }
277: my %temp=('logout' => time);
278: &Apache::lonnet::put('email_status',\%temp);
279: &Apache::lonnet::log($env{'user.domain'},
280: $env{'user.name'},
281: $env{'user.home'},
282: "Logout $ENV{'REMOTE_ADDR'}");
283:
284: &Apache::loncommon::content_type($r,'text/html');
285:
1.34 raeburn 286: #expire the cookies
287: my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));
288: foreach my $name (keys(%cookies)) {
289: next unless ($name =~ /^lon(|S|Link|Pub)ID$/);
290: my $c = new CGI::Cookie(-name => $name,
291: -value => '',
292: -expires => '-10y',);
293: $r->headers_out->add('Set-cookie' => $c);
1.28 raeburn 294: }
295: my (%info,%user_info,%lti_info);
296: if (ref($lti_env) eq 'HASH') {
297: %lti_info = %{$lti_env};
298: }
299: my $lonhost = $r->dir_config('lonHostID');
300: if (ref($data) eq 'HASH') {
301: %user_info=('ip' => $ENV{'REMOTE_ADDR'},
302: 'domain' => $data->{'domain'},
303: 'username' => $data->{'username'},
1.36 ! raeburn 304: 'home' => $data->{'home'},
1.28 raeburn 305: 'role' => $data->{'role'},
306: 'origurl' => $data->{'origurl'},
307: 'symb' => $data->{'symb'},
308: 'server' => $lonhost);
309: }
310: %info = (%user_info,%lti_info);
311: my $token = &Apache::lonnet::tmpput(\%info,$lonhost);
312: my $url = '/adm/migrateuser?token='.$token;
313: $r->send_http_header;
314: $r->print(
315: &Apache::loncommon::start_page('Updating Session ...',undef,
316: {'redirect' => [0.1,$url],
317: 'only_body' => 1,}).
318: &Apache::loncommon::end_page());
319: $r->register_cleanup(\&flush_course_logs);
320: return;
321: }
322:
1.36 ! raeburn 323: sub conlost_userhome {
! 324: my ($r,$idsref,$dataref) = @_;
! 325: return unless ((ref($idsref) eq 'ARRAY') && (ref($dataref) eq 'HASH'));
! 326: my @ids = @{$idsref};
! 327: my %data = %{$dataref};
! 328: my (%conlost,%posstargets);
! 329: my $lonhost = $r->dir_config('lonHostID');
! 330: $conlost{$lonhost} = 1;
! 331: if ($data{'conlost'} ne '') {
! 332: map { $conlost{$_} = 1; } split(/,/,$data{'conlost'});
! 333: }
! 334: my ($lowest_load,$otherserver);
! 335: $lowest_load = 30000;
! 336: if ($data{'offloadto'} =~ /\&/) {
! 337: my @items = split(/\&/,$data{'offloadto'});
! 338: foreach my $item (@items) {
! 339: my ($type,$targets) = split(/\=/,$item);
! 340: @{$posstargets{$type}} = split(/,/,$targets);
! 341: }
! 342: } elsif ($data{'offloadto'} =~ /=/) {
! 343: my ($type,$targets) = split(/\=/,$data{'offloadto'});
! 344: @{$posstargets{$type}} = split(/,/,$targets);
! 345: } else {
! 346: @{$posstargets{'default'}} = split(/,/,$data{'offloadto'});
! 347: }
! 348: if (ref($posstargets{'primary'}) eq 'ARRAY') {
! 349: foreach my $try_server (@{$posstargets{'primary'}}) {
! 350: next if (grep(/^\Q$try_server\E$/,@ids));
! 351: next if ($conlost{$try_server});
! 352: ($otherserver,$lowest_load) =
! 353: &Apache::lonnet::compare_server_load($try_server,
! 354: $otherserver,
! 355: $lowest_load);
! 356: }
! 357: }
! 358: my $found_server = ($otherserver ne '' && $lowest_load < 100);
! 359: if (!$found_server) {
! 360: if (ref($posstargets{'default'}) eq 'ARRAY') {
! 361: foreach my $try_server (@{$posstargets{'default'}}) {
! 362: ($otherserver,$lowest_load) =
! 363: &Apache::lonnet::compare_server_load($try_server,
! 364: $otherserver,
! 365: $lowest_load);
! 366: }
! 367: }
! 368: }
! 369: if ($otherserver ne '') {
! 370: my $switchto = &Apache::lonnet::hostname($otherserver);
! 371: if ($switchto ne '') {
! 372: my $protocol = $Apache::lonnet::protocol{$switchto};
! 373: $protocol = 'http' if ($protocol ne 'https');
! 374: my $url = $protocol.'://'.$switchto.'/adm/login?'.
! 375: 'domain='.$env{'user.domain'}.
! 376: '&username='.$env{'user.name'};
! 377: $data{'conlost'} = join(',',sort(keys(%conlost)));
! 378: $data{'server'} = $lonhost;
! 379: if (grep(/^\Q$otherserver\E$/,split(/,/,$data{'dom_balancers'}))) {
! 380: $data{'noloadbalance'} = $otherserver;
! 381: }
! 382: my $token = &Apache::lonnet::tmpput(\%data,$otherserver);
! 383: $url .= '&token='.$token;
! 384: $r->send_http_header;
! 385: $r->print(
! 386: &Apache::loncommon::start_page('Switching Server ...',undef,
! 387: {'redirect' => [0.1,$url]}).
! 388: &Apache::loncommon::end_page());
! 389: return $otherserver;
! 390: }
! 391: }
! 392: }
! 393:
! 394: sub log_switch {
! 395: my ($r,$data,$lti_env) = @_;
! 396: my $lonhost = $r->dir_config('lonHostID');
! 397: return unless ((ref($data) eq 'HASH') && (ref($lti_env) eq 'HASH'));
! 398: my $now = time;
! 399: my %temp=('switchserver' => $now.':'.$lonhost,$data->{'role'});
! 400: &Apache::lonnet::put('email_status',\%temp);
! 401: my $logmsg = "Switch Server to $lonhost";
! 402: if ($data->{'role'}) {
! 403: $logmsg .= " with role: ".$data->{'role'};
! 404: } elsif (($lti_env->{'reqcrs'}) && ($lti_env->{'reqrole'} eq 'cc')) {
! 405: $logmsg .= " to create new LTI course";
! 406: } elsif ($lti_env->{'selfenrollrole'}) {
! 407: $logmsg .= " to selfenroll with role: ".$lti_env->{'selfenrollrole'};
! 408: } else {
! 409: $logmsg .= " (no role)";
! 410: }
! 411: $logmsg .= ' '.$ENV{'REMOTE_ADDR'};
! 412: &Apache::lonnet::log($data->{'domain'},$data->{'username'},$data->{'home'},$logmsg);
! 413: }
! 414:
1.28 raeburn 415: sub flush_course_logs {
416: &Apache::lonnet::flushcourselogs();
417: return OK;
418: }
419:
1.1 albertel 420: sub handler {
421: my ($r) = @_;
422:
423: &Apache::loncommon::get_unprocessed_cgi($ENV{'QUERY_STRING'},['token']);
1.4 albertel 424: my %data = &Apache::lonnet::tmpget($env{'form.token'});
1.13 raeburn 425: if (keys(%data) == 0) {
426: return &goto_login($r);
427: }
1.4 albertel 428: my $delete = &Apache::lonnet::tmpdel($env{'form.token'});
429:
1.6 albertel 430: &Apache::lonlocal::get_language_handle($r);
431:
1.4 albertel 432: if ($delete ne 'ok') {
1.27 raeburn 433: return &goto_login($r,undef,\%data);
1.4 albertel 434: }
1.2 albertel 435:
1.18 raeburn 436: if (!defined($data{'username'}) || !defined($data{'domain'})) {
1.27 raeburn 437: return &goto_login($r,undef,\%data);
1.18 raeburn 438: }
439: if ($data{'ip'} ne $ENV{'REMOTE_ADDR'}) {
1.24 raeburn 440: &Apache::lonnet::logthis('IP change when session migration requested -- was: '.
441: $data{'ip'}.'; now: '.$ENV{'REMOTE_ADDR'}.' for '.$data{'username'}.':'.$data{'domain'});
1.18 raeburn 442: return &ip_changed($r,$data{'domain'},$data{'server'},\%data);
1.2 albertel 443: }
444:
445: my $home=&Apache::lonnet::homeserver($data{'username'},$data{'domain'});
1.36 ! raeburn 446: if ($home eq 'no_host') {
! 447: if (($data{'home'} ne '') && (&Apache::lonnet::hostname($data{'home'}))) {
! 448: &Apache::lonnet::reconlonc($data{'home'});
! 449: $home=&Apache::lonnet::homeserver($data{'username'},$data{'domain'});
! 450: if ($home eq 'no_host') {
! 451: my @ids=&Apache::lonnet::current_machine_ids();
! 452: unless (grep(/^\Q$data{'home'}\E$/,@ids)) {
! 453: if (&Apache::lonnet::reply('ping',$data{'home'}) eq 'con_lost') {
! 454: my $otherserver = &conlost_userhome($r,\@ids,\%data);
! 455: if ($otherserver ne '') {
! 456: &Apache::lonnet::logthis("No connection to home server ($data{'home'}) for $data{'username'}:$data{'domain'}. Switching to $otherserver");
! 457: return OK;
! 458: }
! 459: }
! 460: }
! 461: }
! 462: }
! 463: }
! 464:
1.24 raeburn 465: my $udom;
466: if (&Apache::lonnet::domain($data{'domain'})) {
467: $udom=$data{'domain'};
468: }
1.36 ! raeburn 469: if ($home eq 'no_host') { return &goto_login($r,$udom,\%data); }
! 470: if (&Apache::lonnet::hostname($home) eq '') { return &goto_login($r,$udom,\%data); }
! 471:
! 472: my $rolemsg;
! 473: if ($data{'role'}) {
! 474: $rolemsg = "role: $data{'role'}";
! 475: } else {
! 476: $rolemsg = '(no role)';
! 477: }
! 478:
! 479: &Apache::lonnet::logthis("Allowing access for $data{'username'}:$data{'domain'} $rolemsg");
1.27 raeburn 480:
481: my $sso_env = &sso_check(\%data);
482: my $lti_env = <i_check(\%data);
1.2 albertel 483:
1.27 raeburn 484: my $extra_env;
485: if ((ref($sso_env) eq 'HASH') && (keys(%{$sso_env}))) {
486: $extra_env = $sso_env;
487: } elsif ((ref($lti_env) eq 'HASH') && (keys(%{$lti_env}))) {
488: $extra_env = $lti_env;
489: }
1.8 albertel 490:
1.16 raeburn 491: my %form;
492: if ($data{'symb'} ne '') {
493: $form{'symb'} = $data{'symb'};
494: }
1.21 raeburn 495: if ($data{'iptoken'} ne '') {
496: $form{'iptoken'} = $data{'iptoken'};
497: }
1.25 raeburn 498: if ($data{'noloadbalance'} ne '') {
499: $form{'noloadbalance'} = $data{'noloadbalance'};
500: }
1.16 raeburn 501:
1.36 ! raeburn 502: if (($data{'conlost'}) && ($data{'server'})) {
! 503: my @conlosts = split(/,/,$data{'conlost'});
! 504: my $switchfrom = $data{'server'};
! 505: if (@conlosts) {
! 506: if (grep(/^\Q$switchfrom\E$/,@conlosts)) {
! 507: &log_switch($r,\%data,$extra_env);
! 508: }
! 509: }
! 510: }
! 511:
1.3 albertel 512: if (!$data{'role'}) {
1.12 albertel 513: my $handle = &Apache::lonnet::check_for_valid_session($r);
514: if ($handle) {
1.11 albertel 515: &Apache::lonnet::transfer_profile_to_env($r->dir_config('lonIDsDir'),
516: $handle);
1.27 raeburn 517: if ($data{'lti.login'}) {
1.28 raeburn 518: my $needslogout;
519: if ($env{'request.lti.login'}) {
520: if (($env{'user.name'} ne $data{'username'}) ||
521: ($env{'user.domain'} ne $data{'domain'})) {
522: $needslogout = 1;
523: }
524: } else {
525: $needslogout = 1;
526: }
527: # If access is via LTI, and user already has a non-LTI session cookie
528: # (and session) or has an LTI session cookie for a different username,
529: # logout the existing session, and start a new one
530: if ($needslogout) {
531: &logout($r,$handle,\%data,$lti_env);
532: } elsif (($data{'lti.reqcrs'}) && ($data{'lti.reqrole'} eq 'cc')) {
1.27 raeburn 533: $form{'lti.reqcrs'} = $data{'lti.reqcrs'};
534: $form{'lti.reqrole'} = $data{'lti.reqrole'};
535: $form{'lti.sourcecrs'} = $data{'lti.sourcecrs'};
1.29 raeburn 536: $form{'lti.uri'} = $data{'lti.uri'};
1.28 raeburn 537: if ($data{'lti.passbackid'}) {
538: $form{'lti.passbackid'} = $data{'lti.passbackid'};
539: }
540: if ($data{'lti.passbackurl'}) {
541: $form{'lti.passbackurl'} = $data{'lti.passbackurl'};
542: }
543: if ($data{'lti.rosterid'}) {
544: $form{'lti.rosterid'} = $data{'lti.rosterid'};
545: }
546: if ($data{'lti.rosterurl'}) {
547: $form{'lti.rosterurl'} = $data{'lti.rosterurl'};
548: }
1.29 raeburn 549: if ($data{'lti.target'}) {
550: $form{'lti.target'} = $data{'lti.target'};
551: }
1.27 raeburn 552: &Apache::loncommon::content_type($r,'text/html');
553: $r->send_http_header;
554: &Apache::ltiauth::lti_reqcrs($r,$data{'domain'},\%form,$data{'username'},$data{'domain'});
1.28 raeburn 555: } else {
556: if (ref($lti_env) eq 'HASH') {
557: delete($lti_env->{'reqcrs'});
558: delete($lti_env->{'reqrole'});
559: delete($lti_env->{'selfenrollrole'});
560: }
561: if ($data{'lti.selfenrollrole'}) {
1.32 raeburn 562: if (&Apache::ltiauth::lti_enroll($data{'username'},$data{'domain'},
1.28 raeburn 563: $data{'lti.selfenrollrole'}) eq 'ok') {
564: my $url = '/adm/roles?selectrole=1&'.
565: &escape($data{'lti.selfenrollrole'}).'=1';
566: if ($data{'origurl'} =~ m{/default_\d+\.sequence$}) {
567: $url .= '&orgurl='.$data{'origurl'}.'&navmap=1';
568: } elsif ($data{'origurl'} ne '') {
569: $url .= '&orgurl='.$data{'origurl'};
570: }
571: if (ref($lti_env) eq 'HASH') {
572: &Apache::lonnet::appenv($lti_env);
573: }
574: $r->internal_redirect($url);
575: } else {
576: &Apache::ltiauth::invalid_request($r,23);
577: }
578: } elsif ($data{'origurl'} ne '') {
579: my $url = $data{'origurl'};
580: if ($url =~ m{/default_\d+\.sequence$}) {
581: $url .= (($url =~/\?/)?'&':'?').'navmap=1';
582: }
583: if (ref($lti_env) eq 'HASH') {
584: &Apache::lonnet::appenv($lti_env);
1.27 raeburn 585: }
586: $r->internal_redirect($url);
587: } else {
1.28 raeburn 588: if (ref($lti_env) eq 'HASH') {
589: &Apache::lonnet::appenv($lti_env);
590: }
1.27 raeburn 591: }
592: }
593: } elsif ($data{'origurl'} ne '') {
1.14 raeburn 594: $r->internal_redirect($data{'origurl'});
595: } elsif ($env{'request.course.id'}) {
596: $r->internal_redirect('/adm/navmaps');
1.11 albertel 597: } else {
598: $r->internal_redirect('/adm/roles');
599: }
600: } else {
1.14 raeburn 601: my $desturl = '/adm/roles';
602: if ($data{'origurl'} ne '') {
603: $desturl = $data{'origurl'};
1.27 raeburn 604: if ($data{'lti.login'}) {
605: $desturl = $data{'origurl'};
606: if ($desturl =~ m{/default_\d+\.sequence$}) {
607: $desturl .= (($desturl =~/\?/)?'&':'?').'navmap=1';
608: }
609: }
610: }
611: my $skipcritical;
612: if (($data{'lti.login'}) && ($data{'lti.reqcrs'}) &&
613: ($data{'lti.reqrole'} eq 'cc')) {
614: $skipcritical = 1;
1.14 raeburn 615: }
1.11 albertel 616: &Apache::lonauth::success($r,$data{'username'},$data{'domain'},
1.27 raeburn 617: $home,$desturl,$extra_env,\%form,$skipcritical);
1.11 albertel 618: }
1.1 albertel 619: return OK;
620: }
1.6 albertel 621:
1.33 raeburn 622: my $next_url='/adm/roles?selectrole=1&'.&escape($data{'role'}).'=1';
1.15 raeburn 623: if ($data{'origurl'} ne '') {
1.33 raeburn 624: $next_url .= '&orgurl='.&escape($data{'origurl'});
1.30 raeburn 625: if ($data{'lti.login'}) {
1.31 raeburn 626: if (($data{'origurl'} =~ m{/default_\d+\.sequence$}) ||
627: ($data{'origurl'} =~ m{^/res/.+\.sequence$})) {
1.33 raeburn 628: $next_url .= '&navmap=1';
1.30 raeburn 629: }
630: }
1.15 raeburn 631: }
1.6 albertel 632: &Apache::lonauth::success($r,$data{'username'},$data{'domain'},$home,
1.16 raeburn 633: $next_url,$extra_env,\%form);
1.6 albertel 634: return OK;
1.1 albertel 635: }
636:
637: 1;
638: __END__
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/back.gif){kind=icon}
Return to migrateuser.pm CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom / auth