login endpoint
git-svn-id: https://modmellon.googlecode.com/svn/trunk/mod_mellon2@94 a716ebb1-153a-0410-b759-cfb97c6a1b53
This commit is contained in:
parent
d5771dc6ea
commit
e68154384b
13
README
13
README
|
@ -437,6 +437,19 @@ foreach($_SERVER as $key=>$value) {
|
|||
}
|
||||
?>
|
||||
|
||||
===========================================================================
|
||||
Manual login
|
||||
===========================================================================
|
||||
|
||||
It is possible to manually trigger login operations. This can be done by
|
||||
accessing "<endpoint path>/login". That endpoint accepts three parameters:
|
||||
|
||||
- ReturnTo: A mandatory parameter which contains the URL we should return
|
||||
to after login.
|
||||
- IdP: The entity ID of the IdP we should send a login request to. This
|
||||
parameter is optional.
|
||||
- IsPassive: This parameter can be set to "true" to send a passive
|
||||
authentication request to the IdP.
|
||||
|
||||
===========================================================================
|
||||
Logging out
|
||||
|
|
|
@ -2265,6 +2265,74 @@ static int am_auth_new_ticket(request_rec *r)
|
|||
return am_send_authn_request(r, am_get_idp(r), relay_state, FALSE);
|
||||
}
|
||||
|
||||
/* This function handles requests to the login handler.
|
||||
*
|
||||
* Parameters:
|
||||
* request_rec *r The request.
|
||||
*
|
||||
* Returns:
|
||||
* OK on success, or an error if any of the steps fail.
|
||||
*/
|
||||
static int am_handle_login(request_rec *r)
|
||||
{
|
||||
const char *idp;
|
||||
char *return_to;
|
||||
char *is_passive_str;
|
||||
int is_passive;
|
||||
int ret;
|
||||
|
||||
return_to = am_extract_query_parameter(r->pool, r->args, "ReturnTo");
|
||||
if(return_to == NULL) {
|
||||
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
|
||||
"Missing required ReturnTo parameter.");
|
||||
return HTTP_BAD_REQUEST;
|
||||
}
|
||||
|
||||
ret = am_urldecode(return_to);
|
||||
if(ret != OK) {
|
||||
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
|
||||
"Error urldecoding ReturnTo parameter.");
|
||||
return ret;
|
||||
}
|
||||
|
||||
idp = am_extract_query_parameter(r->pool, r->args, "IdP");
|
||||
if(idp != NULL) {
|
||||
ret = am_urldecode((char*)idp);
|
||||
if(ret != OK) {
|
||||
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
|
||||
"Error urldecoding IdP parameter.");
|
||||
return ret;
|
||||
}
|
||||
} else {
|
||||
/* Use the default IdP. */
|
||||
idp = am_get_idp(r);
|
||||
}
|
||||
|
||||
is_passive_str = am_extract_query_parameter(r->pool, r->args, "IsPassive");
|
||||
if(is_passive_str != NULL) {
|
||||
ret = am_urldecode((char*)is_passive_str);
|
||||
if(ret != OK) {
|
||||
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
|
||||
"Error urldecoding IsPassive parameter.");
|
||||
return ret;
|
||||
}
|
||||
if(!strcmp(is_passive_str, "true")) {
|
||||
is_passive = TRUE;
|
||||
} else if(!strcmp(is_passive_str, "false")) {
|
||||
is_passive = FALSE;
|
||||
} else {
|
||||
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
|
||||
"Invalid value for IsPassive parameter - must be \"true\" or \"false\".");
|
||||
return HTTP_BAD_REQUEST;
|
||||
}
|
||||
} else {
|
||||
is_passive = FALSE;
|
||||
}
|
||||
|
||||
return am_send_authn_request(r, idp, return_to, is_passive);
|
||||
}
|
||||
|
||||
|
||||
/* This function takes a request for an endpoint and passes it on to the
|
||||
* correct handler function.
|
||||
*
|
||||
|
@ -2303,6 +2371,8 @@ static int am_endpoint_handler(request_rec *r)
|
|||
* with version 0.0.6 and older.
|
||||
*/
|
||||
return am_handle_logout(r);
|
||||
} else if(!strcmp(endpoint, "login")) {
|
||||
return am_handle_login(r);
|
||||
} else {
|
||||
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
|
||||
"Endpoint \"%s\" not handled by mod_auth_mellon.",
|
||||
|
|
Loading…
Reference in New Issue