summaryrefslogtreecommitdiff
path: root/module
diff options
context:
space:
mode:
authorStef Walter <stef@memberwebs.com>2009-06-18 21:15:08 +0000
committerStef Walter <stef@memberwebs.com>2009-06-18 21:15:08 +0000
commitf1c07457701e9d0eb474bb41ae5d573754dff3d4 (patch)
tree66a48412018a23e2a071116f6c635d2d6018cfcb /module
parent3296c112b6f3cb45e195958c3e8ab8a533aaf35f (diff)
Allow setting cookie name.
Diffstat (limited to 'module')
-rw-r--r--module/mod_auth_singleid.c51
1 files changed, 36 insertions, 15 deletions
diff --git a/module/mod_auth_singleid.c b/module/mod_auth_singleid.c
index 541ded1..4ee7421 100644
--- a/module/mod_auth_singleid.c
+++ b/module/mod_auth_singleid.c
@@ -67,10 +67,13 @@
#include <assert.h>
#include <ctype.h>
+#include <string.h>
#include <unistd.h>
extern module AP_MODULE_DECLARE_DATA auth_singleid_module;
+#define VALID_NAME "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_-."
+
enum {
NONE = 0,
SUFFIX = 1,
@@ -83,6 +86,7 @@ enum {
typedef struct sid_context {
const char *trust_root;
const char *identifier;
+ const char *cookie_name;
int user_match;
ap_regex_t *converter;
sid_storage_t *store;
@@ -250,6 +254,7 @@ dir_config_creator (apr_pool_t* p, char* dir)
{
sid_context_t* ctx = apr_pcalloc (p, sizeof (*ctx));
memset (ctx, 0, sizeof (*ctx));
+ ctx->cookie_name = "mod-auth-singleid";
return ctx;
}
@@ -325,6 +330,20 @@ set_cache_size (cmd_parms *cmd, void *config, const char *val)
return NULL;
}
+static const char*
+set_cookie_name (cmd_parms *cmd, void *config, const char *val)
+{
+ sid_context_t *ctx = config;
+ const char *end;
+
+ end = val + strspn (val, VALID_NAME);
+ if (*val == '\0' || *end != '\0')
+ return "Not a valid cookie name in SingleCookieName";
+
+ ctx->cookie_name = apr_pstrdup (cmd->pool, val);
+ return NULL;
+}
+
static const command_rec command_table[] = {
AP_INIT_TAKE1 ("SingleIdentifier", set_identifier, NULL, OR_AUTHCFG,
"The OpenID identifier we should perform ID selection on when authenticating" ),
@@ -332,6 +351,8 @@ static const command_rec command_table[] = {
"The OpenID trust root of this site."),
AP_INIT_TAKE1 ("SingleCache", set_cache_size, NULL, OR_AUTHCFG,
"Enable and optionally set the size of the OpenID association cache"),
+ AP_INIT_TAKE1 ("SingleCookieName", set_cookie_name, NULL, OR_AUTHCFG,
+ "Set the cookie name used once user has logged in via OpenID"),
AP_INIT_RAW_ARGS ("SingleUserMatch", set_user_match, NULL, OR_AUTHCFG,
"How to convert an OpenID identifier into a user name" ),
{ NULL }
@@ -429,7 +450,7 @@ session_validate_sig (apr_pool_t *p, const char *sig, const char *value)
}
static sid_session_t*
-session_load_info (request_rec *r)
+session_load_info (sid_context_t *ctx, request_rec *r)
{
sid_session_t *sess;
const char *value;
@@ -438,7 +459,7 @@ session_load_info (request_rec *r)
long expiry;
size_t len;
- value = session_cookie_value (r, "mod-auth-single-id");
+ value = session_cookie_value (r, ctx->cookie_name);
if (!value)
return NULL;
@@ -479,7 +500,7 @@ session_load_info (request_rec *r)
}
static void
-session_send_info (request_rec *r, sid_session_t *sess)
+session_send_info (sid_context_t *ctx, request_rec *r, sid_session_t *sess)
{
char *cookie, *sig, *value;
@@ -488,8 +509,8 @@ session_send_info (request_rec *r, sid_session_t *sess)
sig = session_create_sig (r->pool, value);
/* Build up the full cookie spec */
- cookie = apr_psprintf (r->pool, "mod-auth-single-id=%s %s; httponly; max-age=86400", sig, value);
- apr_table_addn (r->headers_out, "Set-Cookie", cookie);
+ cookie = apr_psprintf (r->pool, "%s=%s %s; httponly; max-age=86400", ctx->cookie_name, sig, value);
+ apr_table_addn (r->err_headers_out, "Set-Cookie", cookie);
}
static sid_session_t*
@@ -580,14 +601,10 @@ sid_request_respond (sid_request_t *req, int code, const char *reason,
}
static void
-set_request_authenticated (request_rec *r, sid_session_t *sess)
+set_request_authenticated (sid_context_t *ctx, request_rec *r, sid_session_t *sess)
{
ap_regmatch_t matches[AP_MAX_REG_MATCH];
char *user = NULL;
- sid_context_t *ctx;
-
- ctx = ap_get_module_config (r->per_dir_config, &auth_singleid_module);
- assert (ctx);
/* Try and calculate a user name */
switch (ctx->user_match) {
@@ -621,14 +638,18 @@ set_request_authenticated (request_rec *r, sid_session_t *sess)
void
sid_request_authenticated (sid_request_t *req, const char *identifier)
{
+ sid_context_t *ctx;
sid_session_t *sess;
sess = apr_pcalloc (req->rec->pool, sizeof (sid_session_t));
sess->identifier = apr_pstrdup (req->rec->pool, identifier);
sess->expiry = time (NULL) + 86400;
- set_request_authenticated (req->rec, sess);
- session_send_info (req->rec, sess);
+ ctx = ap_get_module_config (req->rec->per_dir_config, &auth_singleid_module);
+ assert (ctx);
+
+ set_request_authenticated (ctx, req->rec, sess);
+ session_send_info (ctx, req->rec, sess);
}
/* ---------------------------------------------------------------------------------------
@@ -683,15 +704,15 @@ hook_authenticate (request_rec* r)
if (sess != NULL) {
if (mainreq != r) {
sess = session_copy_info (r->pool, sess);
- set_request_authenticated (r, sess);
+ set_request_authenticated (ctx, r, sess);
}
return OK;
}
/* Load the session info from the request and see if we've authenticated */
- sess = session_load_info (r);
+ sess = session_load_info (ctx, r);
if (sess != NULL) {
- set_request_authenticated (r, sess);
+ set_request_authenticated (ctx, r, sess);
return OK;
}