From f1c07457701e9d0eb474bb41ae5d573754dff3d4 Mon Sep 17 00:00:00 2001
From: Stef Walter <stef@memberwebs.com>
Date: Thu, 18 Jun 2009 21:15:08 +0000
Subject: Allow setting cookie name.

---
 module/mod_auth_singleid.c | 51 ++++++++++++++++++++++++++++++++--------------
 1 file changed, 36 insertions(+), 15 deletions(-)

diff --git a/module/mod_auth_singleid.c b/module/mod_auth_singleid.c
index 541ded1..4ee7421 100644
--- a/module/mod_auth_singleid.c
+++ b/module/mod_auth_singleid.c
@@ -67,10 +67,13 @@
 
 #include <assert.h>
 #include <ctype.h>
+#include <string.h>
 #include <unistd.h>
 
 extern module AP_MODULE_DECLARE_DATA auth_singleid_module;
 
+#define VALID_NAME "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_-."
+
 enum {
 	NONE = 0,
 	SUFFIX = 1,
@@ -83,6 +86,7 @@ enum {
 typedef struct sid_context {
 	const char *trust_root;
 	const char *identifier;
+	const char *cookie_name;
 	int user_match;
 	ap_regex_t *converter;
 	sid_storage_t *store;
@@ -250,6 +254,7 @@ dir_config_creator (apr_pool_t* p, char* dir)
 {
 	sid_context_t* ctx = apr_pcalloc (p, sizeof (*ctx));
 	memset (ctx, 0, sizeof (*ctx));
+	ctx->cookie_name = "mod-auth-singleid";
   	return ctx;
 }
 
@@ -325,6 +330,20 @@ set_cache_size (cmd_parms *cmd, void *config, const char *val)
 	return NULL;
 }
 
+static const char*
+set_cookie_name (cmd_parms *cmd, void *config, const char *val)
+{
+	sid_context_t *ctx = config;
+	const char *end;
+
+	end = val + strspn (val, VALID_NAME);
+	if (*val == '\0' || *end != '\0')
+		return "Not a valid cookie name in SingleCookieName";
+
+	ctx->cookie_name = apr_pstrdup (cmd->pool, val);
+	return NULL;
+}
+
 static const command_rec command_table[] = {
 	AP_INIT_TAKE1 ("SingleIdentifier", set_identifier, NULL, OR_AUTHCFG,
 	               "The OpenID identifier we should perform ID selection on when authenticating" ),
@@ -332,6 +351,8 @@ static const command_rec command_table[] = {
 	               "The OpenID trust root of this site."),
 	AP_INIT_TAKE1 ("SingleCache", set_cache_size, NULL, OR_AUTHCFG,
 	               "Enable and optionally set the size of the OpenID association cache"),
+	AP_INIT_TAKE1 ("SingleCookieName", set_cookie_name, NULL, OR_AUTHCFG,
+	               "Set the cookie name used once user has logged in via OpenID"),
 	AP_INIT_RAW_ARGS ("SingleUserMatch", set_user_match, NULL, OR_AUTHCFG,
 	                 "How to convert an OpenID identifier into a user name" ),
 	{ NULL }
@@ -429,7 +450,7 @@ session_validate_sig (apr_pool_t *p, const char *sig, const char *value)
 }
 
 static sid_session_t*
-session_load_info (request_rec *r)
+session_load_info (sid_context_t *ctx, request_rec *r)
 {
 	sid_session_t *sess;
 	const char *value;
@@ -438,7 +459,7 @@ session_load_info (request_rec *r)
 	long expiry;
 	size_t len;
 
-	value = session_cookie_value (r, "mod-auth-single-id");
+	value = session_cookie_value (r, ctx->cookie_name);
 	if (!value)
 		return NULL;
 
@@ -479,7 +500,7 @@ session_load_info (request_rec *r)
 }
 
 static void
-session_send_info (request_rec *r, sid_session_t *sess)
+session_send_info (sid_context_t *ctx, request_rec *r, sid_session_t *sess)
 {
 	char *cookie, *sig, *value;
 
@@ -488,8 +509,8 @@ session_send_info (request_rec *r, sid_session_t *sess)
 	sig = session_create_sig (r->pool, value);
 
 	/* Build up the full cookie spec */
-	cookie = apr_psprintf (r->pool, "mod-auth-single-id=%s %s; httponly; max-age=86400", sig, value);
-	apr_table_addn (r->headers_out, "Set-Cookie", cookie);
+	cookie = apr_psprintf (r->pool, "%s=%s %s; httponly; max-age=86400", ctx->cookie_name, sig, value);
+	apr_table_addn (r->err_headers_out, "Set-Cookie", cookie);
 }
 
 static sid_session_t*
@@ -580,14 +601,10 @@ sid_request_respond (sid_request_t *req, int code, const char *reason,
 }
 
 static void
-set_request_authenticated (request_rec *r, sid_session_t *sess)
+set_request_authenticated (sid_context_t *ctx, request_rec *r, sid_session_t *sess)
 {
 	ap_regmatch_t matches[AP_MAX_REG_MATCH];
 	char *user = NULL;
-	sid_context_t *ctx;
-
-	ctx = ap_get_module_config (r->per_dir_config, &auth_singleid_module);
-	assert (ctx);
 
 	/* Try and calculate a user name */
 	switch (ctx->user_match) {
@@ -621,14 +638,18 @@ set_request_authenticated (request_rec *r, sid_session_t *sess)
 void
 sid_request_authenticated (sid_request_t *req, const char *identifier)
 {
+	sid_context_t *ctx;
 	sid_session_t *sess;
 
 	sess = apr_pcalloc (req->rec->pool, sizeof (sid_session_t));
 	sess->identifier = apr_pstrdup (req->rec->pool, identifier);
 	sess->expiry = time (NULL) + 86400;
 
-	set_request_authenticated (req->rec, sess);
-	session_send_info (req->rec, sess);
+	ctx = ap_get_module_config (req->rec->per_dir_config, &auth_singleid_module);
+	assert (ctx);
+
+	set_request_authenticated (ctx, req->rec, sess);
+	session_send_info (ctx, req->rec, sess);
 }
 
 /* ---------------------------------------------------------------------------------------
@@ -683,15 +704,15 @@ hook_authenticate (request_rec* r)
 	if (sess != NULL) {
 	 	if (mainreq != r) {
 	 		sess = session_copy_info (r->pool, sess);
-	 		set_request_authenticated (r, sess);
+	 		set_request_authenticated (ctx, r, sess);
 	 	}
 	 	return OK;
 	}
 
 	/* Load the session info from the request and see if we've authenticated */
-	sess = session_load_info (r);
+	sess = session_load_info (ctx, r);
 	if (sess != NULL) {
-		set_request_authenticated (r, sess);
+		set_request_authenticated (ctx, r, sess);
 		return OK;
 	}
 
-- 
cgit v1.2.3