From 3969967cfc767daf6e5f52b58e8dd7305443160d Mon Sep 17 00:00:00 2001 From: Stef Walter Date: Thu, 11 Feb 2010 04:01:12 +0000 Subject: Implement redirect after a successful authentication option. --- NEWS | 3 +++ configure.in | 4 ++-- module/consumer.cc | 23 +++++++++++++++++++++++ module/mod_auth_singleid.c | 19 +++++++++++++++++-- module/mod_auth_singleid.h | 2 ++ 5 files changed, 47 insertions(+), 4 deletions(-) diff --git a/NEWS b/NEWS index 910b246..7a816f5 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,6 @@ +0.3 + - Add support for redirect after authenticate = clean url + 0.2 - Add support for POST'd responses from IDP. - Fix problems with apache restarting and associations going away. diff --git a/configure.in b/configure.in index e853b8b..25942c0 100644 --- a/configure.in +++ b/configure.in @@ -36,8 +36,8 @@ dnl Stef Walter dnl dnl Process this file with autoconf to produce a configure script. -AC_INIT(mod_auth_singleid, 0.2, stef@memberwebs.com) -AM_INIT_AUTOMAKE(mod_auth_singleid, 0.2) +AC_INIT(mod_auth_singleid, 0.3, stef@memberwebs.com) +AM_INIT_AUTOMAKE(mod_auth_singleid, 0.3) AC_CONFIG_SRCDIR([module/mod_auth_singleid.c]) AM_CONFIG_HEADER([config.h]) diff --git a/module/consumer.cc b/module/consumer.cc index e4d2906..3d1686c 100644 --- a/module/consumer.cc +++ b/module/consumer.cc @@ -641,3 +641,26 @@ sid_consumer_authenticate(sid_request_t *req, sid_storage_t *store, begin_auth (req, consumer, trust_root, identity, attributes); } } + +void +sid_consumer_redirect_after (sid_request_t *req) +{ + assert (req); + + const char *qs = sid_request_qs (req); + + params_t params; + parse_query_string (qs, params); + + params_t unused; + filter_prefixed_params (params, unused, "openid."); + + string url = sid_request_url (req, 1); + if (!params.empty()) + url = params.append_query (url, ""); + + sid_request_respond_headers (req, 302, "Found", + "Location", url.c_str(), + "Cache-Control", "no-cache", + NULL); +} diff --git a/module/mod_auth_singleid.c b/module/mod_auth_singleid.c index 3559ddd..13770fd 100644 --- a/module/mod_auth_singleid.c +++ b/module/mod_auth_singleid.c @@ -107,6 +107,7 @@ typedef struct sid_context { ap_regex_t *converter; sid_storage_t *store; sid_attribute_t *attributes; + int redirect_after; } sid_context_t; #define SID_AUTHTYPE "SingleID" @@ -347,7 +348,8 @@ dir_config_creator (apr_pool_t* p, char* dir) sid_context_t* ctx = apr_pcalloc (p, sizeof (*ctx)); memset (ctx, 0, sizeof (*ctx)); ctx->cookie_name = "mod-auth-singleid"; - return ctx; + ctx->redirect_after = 1; + return ctx; } static const char* @@ -513,6 +515,14 @@ set_attribute (cmd_parms *cmd, void *config, const char *val) return NULL; } +static const char* +set_redirect (cmd_parms *cmd, void *config, int val) +{ + sid_context_t *ctx = config; + ctx->redirect_after = val; + return NULL; +} + static const command_rec command_table[] = { AP_INIT_TAKE1 ("SingleIdProvider", set_identifier, NULL, OR_AUTHCFG, "The OpenID identifier we should perform identifier selection on when authenticating" ), @@ -526,6 +536,8 @@ static const command_rec command_table[] = { "How to convert an OpenID identifier into a user name" ), AP_INIT_RAW_ARGS ("SingleIdAttribute", set_attribute, NULL, OR_AUTHCFG, "Specify an attribute exchange url and alias."), + AP_INIT_FLAG ("SingleIdRedirect", set_redirect, NULL, OR_AUTHCFG, + "Redirect after authentication for a clean bookmarkable URL."), { NULL } }; @@ -1141,8 +1153,11 @@ hook_authenticate (request_rec* r) ap_set_module_config (r->request_config, &auth_singleid_module, sess); /* If we actually authenticated the user, then set the cookie */ - if (authenticated) + if (authenticated) { session_send_info (ctx, r, sess); + if (ctx->redirect_after) + sid_consumer_redirect_after (&req); + } } /* If any output, send it */ diff --git a/module/mod_auth_singleid.h b/module/mod_auth_singleid.h index ade55b2..0c9b6d8 100644 --- a/module/mod_auth_singleid.h +++ b/module/mod_auth_singleid.h @@ -139,6 +139,8 @@ void sid_consumer_authenticate (sid_request_t *req, const char *identity, sid_attribute_t *attributes); +void sid_consumer_redirect_after (sid_request_t *req); + #ifdef __cplusplus } /* extern "C" */ #endif -- cgit v1.2.3