From: Mike Rylander Date: Thu, 1 Dec 2022 19:41:34 +0000 (-0500) Subject: LP#1996908: Expand support for eg.auth.token to other legacy mod_perl handlers (but... X-Git-Url: https://old-git.evergreen-ils.org/?a=commitdiff_plain;h=836d66582fd2fdfd8412172ee971392c5519642a;p=Evergreen.git LP#1996908: Expand support for eg.auth.token to other legacy mod_perl handlers (but not the OPAC) Signed-off-by: Mike Rylander Signed-off-by: Jason Boyer --- diff --git a/Open-ILS/src/perlmods/lib/OpenILS/Reporter/Proxy.pm b/Open-ILS/src/perlmods/lib/OpenILS/Reporter/Proxy.pm index cf5e9b051a..cd935cd5b8 100644 --- a/Open-ILS/src/perlmods/lib/OpenILS/Reporter/Proxy.pm +++ b/Open-ILS/src/perlmods/lib/OpenILS/Reporter/Proxy.pm @@ -29,7 +29,10 @@ sub child_init { sub handler { my $apache = shift; my $cgi = new CGI; - my $auth_ses = $cgi->cookie('ses'); + my $auth_ses = $cgi->cookie('ses') || $cgi->cookie('eg.auth.token'); + if ($auth_ses =~ /^"(.+)"$/) { + $auth_ses = $1; + } my $ws_ou = $cgi->cookie('ws_ou') || 1; my $url = $cgi->url; diff --git a/Open-ILS/src/perlmods/lib/OpenILS/WWW/BadDebt.pm b/Open-ILS/src/perlmods/lib/OpenILS/WWW/BadDebt.pm index 523b6d417b..5f5aea2de6 100644 --- a/Open-ILS/src/perlmods/lib/OpenILS/WWW/BadDebt.pm +++ b/Open-ILS/src/perlmods/lib/OpenILS/WWW/BadDebt.pm @@ -43,7 +43,10 @@ sub child_init { sub handler { my $r = shift; my $cgi = new CGI; - my $auth_ses = $cgi->cookie('ses') || $cgi->param('ses'); + my $auth_ses = $cgi->cookie('ses') || $cgi->param('ses') || $cgi->cookie('eg.auth.token'); + if ($auth_ses =~ /^"(.+)"$/) { + $auth_ses = $1; + } # find some IDs ... my @xacts; diff --git a/Open-ILS/src/perlmods/lib/OpenILS/WWW/Exporter.pm b/Open-ILS/src/perlmods/lib/OpenILS/WWW/Exporter.pm index 576dffd515..51e116c74c 100644 --- a/Open-ILS/src/perlmods/lib/OpenILS/WWW/Exporter.pm +++ b/Open-ILS/src/perlmods/lib/OpenILS/WWW/Exporter.pm @@ -95,7 +95,10 @@ sub handler { return Apache2::Const::NOT_FOUND; } if ($bucket->pub !~ /t|1/oi) { - my $authid = $cgi->cookie('ses') || $cgi->param('ses'); + my $authid = $cgi->cookie('ses') || $cgi->param('ses') || $cgi->cookie('eg.auth.token'); + if ($authid =~ /^"(.+)"$/) { + $authid = $1; + } my $auth = verify_login($authid); if (!$auth) { return 403; @@ -111,7 +114,10 @@ sub handler { my $queue_id = $cgi->param('queueid'); if ($queue_id) { # check that we're logged in -- XXX necessary? conservative for now - my $authid = $cgi->cookie('ses') || $cgi->param('ses'); + my $authid = $cgi->cookie('ses') || $cgi->param('ses') || $cgi->cookie('eg.auth.token'); + if ($authid =~ /^"(.+)"$/) { + $authid = $1; + } my $auth = verify_login($authid); if (!$auth) { return 403; diff --git a/Open-ILS/src/perlmods/lib/OpenILS/WWW/PhoneList.pm b/Open-ILS/src/perlmods/lib/OpenILS/WWW/PhoneList.pm index 6e6c9fd7b1..1b2b1492c3 100644 --- a/Open-ILS/src/perlmods/lib/OpenILS/WWW/PhoneList.pm +++ b/Open-ILS/src/perlmods/lib/OpenILS/WWW/PhoneList.pm @@ -60,7 +60,10 @@ sub child_init { sub handler { my $r = shift; my $cgi = new CGI; - my $authid = $cgi->cookie('ses') || $cgi->param('ses'); + my $authid = $cgi->cookie('ses') || $cgi->param('ses') || $cgi->cookie('eg.auth.token'); + if ($authid =~ /^"(.+)"$/) { + $authid = $1; + } my $user = $U->simplereq('open-ils.auth', 'open-ils.auth.session.retrieve', $authid); if (!$user || (ref($user) eq 'HASH' && $user->{ilsevent} == 1001)) { return Apache2::Const::FORBIDDEN; diff --git a/Open-ILS/src/perlmods/lib/OpenILS/WWW/Proxy.pm b/Open-ILS/src/perlmods/lib/OpenILS/WWW/Proxy.pm index 74c460455f..53da9d4a17 100644 --- a/Open-ILS/src/perlmods/lib/OpenILS/WWW/Proxy.pm +++ b/Open-ILS/src/perlmods/lib/OpenILS/WWW/Proxy.pm @@ -72,7 +72,10 @@ sub handler { return Apache2::Const::NOT_FOUND unless (@$perms); my $cgi = new CGI; - my $auth_ses = $cgi->cookie('ses') || $cgi->param('ses'); + my $auth_ses = $cgi->cookie('ses') || $cgi->param('ses') || $cgi->cookie('eg.auth.token'); + if ($auth_ses =~ /^"(.+)"$/) { + $auth_ses = $1; + } my $ws_ou = $apache->dir_config('OILSProxyLoginOU') || $cgi->cookie('ws_ou') || $cgi->param('ws_ou'); my $url = $cgi->url; diff --git a/Open-ILS/src/perlmods/lib/OpenILS/WWW/Reporter.pm b/Open-ILS/src/perlmods/lib/OpenILS/WWW/Reporter.pm index 882c12d711..92a76d4133 100644 --- a/Open-ILS/src/perlmods/lib/OpenILS/WWW/Reporter.pm +++ b/Open-ILS/src/perlmods/lib/OpenILS/WWW/Reporter.pm @@ -70,7 +70,12 @@ sub handler { my $user; # if the user is not logged in via cookie, route them to the login page - if(! ($user = verify_login($cgi->cookie("ses"))) ) { + my $auth_ses = $cgi->param('ses') || $cgi->cookie('ses') || $cgi->cookie('eg.auth.token'); + if ($auth_ses =~ /^"(.+)"$/) { # came from eg2 login, is json encoded + $auth_ses = $1; + } + + if(! ($user = verify_login($auth_ses)) ) { $ttk = "login"; } diff --git a/Open-ILS/src/perlmods/lib/OpenILS/WWW/Vandelay.pm b/Open-ILS/src/perlmods/lib/OpenILS/WWW/Vandelay.pm index 85a58841b3..b2a6fcad68 100644 --- a/Open-ILS/src/perlmods/lib/OpenILS/WWW/Vandelay.pm +++ b/Open-ILS/src/perlmods/lib/OpenILS/WWW/Vandelay.pm @@ -58,7 +58,10 @@ sub spool_marc { my $r = shift; my $cgi = new CGI; - my $auth = $cgi->param('ses') || $cgi->cookie('ses'); + my $auth = $cgi->param('ses') || $cgi->cookie('ses') || $cgi->cookie('eg.auth.token'); + if ($auth =~ /^"(.+)"$/) { + $auth = $1; + } unless(verify_login($auth)) { $logger->error("authentication failed on vandelay record import: $auth"); @@ -123,7 +126,10 @@ sub spool_jacket { my $r = shift; my $cgi = new CGI; - my $auth = $cgi->param('ses') || $cgi->cookie('ses'); + my $auth = $cgi->param('ses') || $cgi->cookie('ses') || $cgi->cookie('eg.auth.token'); + if ($auth =~ /^"(.+)"$/) { + $auth = $1; + } my $user = verify_login($auth); my $perm_check = verify_permission($auth, $user, $user->ws_ou, ['UPLOAD_COVER_IMAGE']);