summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--NEWS3
-rw-r--r--configure.in4
-rw-r--r--module/consumer.cc23
-rw-r--r--module/mod_auth_singleid.c19
-rw-r--r--module/mod_auth_singleid.h2
5 files changed, 47 insertions, 4 deletions
diff --git a/NEWS b/NEWS
index 910b246..7a816f5 100644
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,6 @@
+0.3
+ - Add support for redirect after authenticate = clean url
+
0.2
- Add support for POST'd responses from IDP.
- Fix problems with apache restarting and associations going away.
diff --git a/configure.in b/configure.in
index e853b8b..25942c0 100644
--- a/configure.in
+++ b/configure.in
@@ -36,8 +36,8 @@ dnl Stef Walter <stef@memberwebs.com>
dnl
dnl Process this file with autoconf to produce a configure script.
-AC_INIT(mod_auth_singleid, 0.2, stef@memberwebs.com)
-AM_INIT_AUTOMAKE(mod_auth_singleid, 0.2)
+AC_INIT(mod_auth_singleid, 0.3, stef@memberwebs.com)
+AM_INIT_AUTOMAKE(mod_auth_singleid, 0.3)
AC_CONFIG_SRCDIR([module/mod_auth_singleid.c])
AM_CONFIG_HEADER([config.h])
diff --git a/module/consumer.cc b/module/consumer.cc
index e4d2906..3d1686c 100644
--- a/module/consumer.cc
+++ b/module/consumer.cc
@@ -641,3 +641,26 @@ sid_consumer_authenticate(sid_request_t *req, sid_storage_t *store,
begin_auth (req, consumer, trust_root, identity, attributes);
}
}
+
+void
+sid_consumer_redirect_after (sid_request_t *req)
+{
+ assert (req);
+
+ const char *qs = sid_request_qs (req);
+
+ params_t params;
+ parse_query_string (qs, params);
+
+ params_t unused;
+ filter_prefixed_params (params, unused, "openid.");
+
+ string url = sid_request_url (req, 1);
+ if (!params.empty())
+ url = params.append_query (url, "");
+
+ sid_request_respond_headers (req, 302, "Found",
+ "Location", url.c_str(),
+ "Cache-Control", "no-cache",
+ NULL);
+}
diff --git a/module/mod_auth_singleid.c b/module/mod_auth_singleid.c
index 3559ddd..13770fd 100644
--- a/module/mod_auth_singleid.c
+++ b/module/mod_auth_singleid.c
@@ -107,6 +107,7 @@ typedef struct sid_context {
ap_regex_t *converter;
sid_storage_t *store;
sid_attribute_t *attributes;
+ int redirect_after;
} sid_context_t;
#define SID_AUTHTYPE "SingleID"
@@ -347,7 +348,8 @@ dir_config_creator (apr_pool_t* p, char* dir)
sid_context_t* ctx = apr_pcalloc (p, sizeof (*ctx));
memset (ctx, 0, sizeof (*ctx));
ctx->cookie_name = "mod-auth-singleid";
- return ctx;
+ ctx->redirect_after = 1;
+ return ctx;
}
static const char*
@@ -513,6 +515,14 @@ set_attribute (cmd_parms *cmd, void *config, const char *val)
return NULL;
}
+static const char*
+set_redirect (cmd_parms *cmd, void *config, int val)
+{
+ sid_context_t *ctx = config;
+ ctx->redirect_after = val;
+ return NULL;
+}
+
static const command_rec command_table[] = {
AP_INIT_TAKE1 ("SingleIdProvider", set_identifier, NULL, OR_AUTHCFG,
"The OpenID identifier we should perform identifier selection on when authenticating" ),
@@ -526,6 +536,8 @@ static const command_rec command_table[] = {
"How to convert an OpenID identifier into a user name" ),
AP_INIT_RAW_ARGS ("SingleIdAttribute", set_attribute, NULL, OR_AUTHCFG,
"Specify an attribute exchange url and alias."),
+ AP_INIT_FLAG ("SingleIdRedirect", set_redirect, NULL, OR_AUTHCFG,
+ "Redirect after authentication for a clean bookmarkable URL."),
{ NULL }
};
@@ -1141,8 +1153,11 @@ hook_authenticate (request_rec* r)
ap_set_module_config (r->request_config, &auth_singleid_module, sess);
/* If we actually authenticated the user, then set the cookie */
- if (authenticated)
+ if (authenticated) {
session_send_info (ctx, r, sess);
+ if (ctx->redirect_after)
+ sid_consumer_redirect_after (&req);
+ }
}
/* If any output, send it */
diff --git a/module/mod_auth_singleid.h b/module/mod_auth_singleid.h
index ade55b2..0c9b6d8 100644
--- a/module/mod_auth_singleid.h
+++ b/module/mod_auth_singleid.h
@@ -139,6 +139,8 @@ void sid_consumer_authenticate (sid_request_t *req,
const char *identity,
sid_attribute_t *attributes);
+void sid_consumer_redirect_after (sid_request_t *req);
+
#ifdef __cplusplus
} /* extern "C" */
#endif