From b6a77260215da8e647e6a5f9b51a01c7c7c1ccf3 Mon Sep 17 00:00:00 2001 From: Mike Rylander Date: Thu, 1 Dec 2022 14:41:34 -0500 Subject: [PATCH] LP#1996908: Expand support for eg.auth.token to other legacy mod_perl handlers (but not the OPAC) Signed-off-by: Mike Rylander Signed-off-by: Jason Boyer --- Open-ILS/src/perlmods/lib/OpenILS/Reporter/Proxy.pm | 5 ++++- Open-ILS/src/perlmods/lib/OpenILS/WWW/BadDebt.pm | 5 ++++- Open-ILS/src/perlmods/lib/OpenILS/WWW/Exporter.pm | 10 ++++++++-- Open-ILS/src/perlmods/lib/OpenILS/WWW/PhoneList.pm | 5 ++++- Open-ILS/src/perlmods/lib/OpenILS/WWW/Proxy.pm | 5 ++++- Open-ILS/src/perlmods/lib/OpenILS/WWW/Reporter.pm | 7 ++++++- Open-ILS/src/perlmods/lib/OpenILS/WWW/Vandelay.pm | 10 ++++++++-- 7 files changed, 38 insertions(+), 9 deletions(-) diff --git a/Open-ILS/src/perlmods/lib/OpenILS/Reporter/Proxy.pm b/Open-ILS/src/perlmods/lib/OpenILS/Reporter/Proxy.pm index cf5e9b051a..cd935cd5b8 100644 --- a/Open-ILS/src/perlmods/lib/OpenILS/Reporter/Proxy.pm +++ b/Open-ILS/src/perlmods/lib/OpenILS/Reporter/Proxy.pm @@ -29,7 +29,10 @@ sub child_init { sub handler { my $apache = shift; my $cgi = new CGI; - my $auth_ses = $cgi->cookie('ses'); + my $auth_ses = $cgi->cookie('ses') || $cgi->cookie('eg.auth.token'); + if ($auth_ses =~ /^"(.+)"$/) { + $auth_ses = $1; + } my $ws_ou = $cgi->cookie('ws_ou') || 1; my $url = $cgi->url; diff --git a/Open-ILS/src/perlmods/lib/OpenILS/WWW/BadDebt.pm b/Open-ILS/src/perlmods/lib/OpenILS/WWW/BadDebt.pm index 523b6d417b..5f5aea2de6 100644 --- a/Open-ILS/src/perlmods/lib/OpenILS/WWW/BadDebt.pm +++ b/Open-ILS/src/perlmods/lib/OpenILS/WWW/BadDebt.pm @@ -43,7 +43,10 @@ sub child_init { sub handler { my $r = shift; my $cgi = new CGI; - my $auth_ses = $cgi->cookie('ses') || $cgi->param('ses'); + my $auth_ses = $cgi->cookie('ses') || $cgi->param('ses') || $cgi->cookie('eg.auth.token'); + if ($auth_ses =~ /^"(.+)"$/) { + $auth_ses = $1; + } # find some IDs ... my @xacts; diff --git a/Open-ILS/src/perlmods/lib/OpenILS/WWW/Exporter.pm b/Open-ILS/src/perlmods/lib/OpenILS/WWW/Exporter.pm index 576dffd515..51e116c74c 100644 --- a/Open-ILS/src/perlmods/lib/OpenILS/WWW/Exporter.pm +++ b/Open-ILS/src/perlmods/lib/OpenILS/WWW/Exporter.pm @@ -95,7 +95,10 @@ sub handler { return Apache2::Const::NOT_FOUND; } if ($bucket->pub !~ /t|1/oi) { - my $authid = $cgi->cookie('ses') || $cgi->param('ses'); + my $authid = $cgi->cookie('ses') || $cgi->param('ses') || $cgi->cookie('eg.auth.token'); + if ($authid =~ /^"(.+)"$/) { + $authid = $1; + } my $auth = verify_login($authid); if (!$auth) { return 403; @@ -111,7 +114,10 @@ sub handler { my $queue_id = $cgi->param('queueid'); if ($queue_id) { # check that we're logged in -- XXX necessary? conservative for now - my $authid = $cgi->cookie('ses') || $cgi->param('ses'); + my $authid = $cgi->cookie('ses') || $cgi->param('ses') || $cgi->cookie('eg.auth.token'); + if ($authid =~ /^"(.+)"$/) { + $authid = $1; + } my $auth = verify_login($authid); if (!$auth) { return 403; diff --git a/Open-ILS/src/perlmods/lib/OpenILS/WWW/PhoneList.pm b/Open-ILS/src/perlmods/lib/OpenILS/WWW/PhoneList.pm index 6e6c9fd7b1..1b2b1492c3 100644 --- a/Open-ILS/src/perlmods/lib/OpenILS/WWW/PhoneList.pm +++ b/Open-ILS/src/perlmods/lib/OpenILS/WWW/PhoneList.pm @@ -60,7 +60,10 @@ sub child_init { sub handler { my $r = shift; my $cgi = new CGI; - my $authid = $cgi->cookie('ses') || $cgi->param('ses'); + my $authid = $cgi->cookie('ses') || $cgi->param('ses') || $cgi->cookie('eg.auth.token'); + if ($authid =~ /^"(.+)"$/) { + $authid = $1; + } my $user = $U->simplereq('open-ils.auth', 'open-ils.auth.session.retrieve', $authid); if (!$user || (ref($user) eq 'HASH' && $user->{ilsevent} == 1001)) { return Apache2::Const::FORBIDDEN; diff --git a/Open-ILS/src/perlmods/lib/OpenILS/WWW/Proxy.pm b/Open-ILS/src/perlmods/lib/OpenILS/WWW/Proxy.pm index 74c460455f..53da9d4a17 100644 --- a/Open-ILS/src/perlmods/lib/OpenILS/WWW/Proxy.pm +++ b/Open-ILS/src/perlmods/lib/OpenILS/WWW/Proxy.pm @@ -72,7 +72,10 @@ sub handler { return Apache2::Const::NOT_FOUND unless (@$perms); my $cgi = new CGI; - my $auth_ses = $cgi->cookie('ses') || $cgi->param('ses'); + my $auth_ses = $cgi->cookie('ses') || $cgi->param('ses') || $cgi->cookie('eg.auth.token'); + if ($auth_ses =~ /^"(.+)"$/) { + $auth_ses = $1; + } my $ws_ou = $apache->dir_config('OILSProxyLoginOU') || $cgi->cookie('ws_ou') || $cgi->param('ws_ou'); my $url = $cgi->url; diff --git a/Open-ILS/src/perlmods/lib/OpenILS/WWW/Reporter.pm b/Open-ILS/src/perlmods/lib/OpenILS/WWW/Reporter.pm index 882c12d711..92a76d4133 100644 --- a/Open-ILS/src/perlmods/lib/OpenILS/WWW/Reporter.pm +++ b/Open-ILS/src/perlmods/lib/OpenILS/WWW/Reporter.pm @@ -70,7 +70,12 @@ sub handler { my $user; # if the user is not logged in via cookie, route them to the login page - if(! ($user = verify_login($cgi->cookie("ses"))) ) { + my $auth_ses = $cgi->param('ses') || $cgi->cookie('ses') || $cgi->cookie('eg.auth.token'); + if ($auth_ses =~ /^"(.+)"$/) { # came from eg2 login, is json encoded + $auth_ses = $1; + } + + if(! ($user = verify_login($auth_ses)) ) { $ttk = "login"; } diff --git a/Open-ILS/src/perlmods/lib/OpenILS/WWW/Vandelay.pm b/Open-ILS/src/perlmods/lib/OpenILS/WWW/Vandelay.pm index 85a58841b3..b2a6fcad68 100644 --- a/Open-ILS/src/perlmods/lib/OpenILS/WWW/Vandelay.pm +++ b/Open-ILS/src/perlmods/lib/OpenILS/WWW/Vandelay.pm @@ -58,7 +58,10 @@ sub spool_marc { my $r = shift; my $cgi = new CGI; - my $auth = $cgi->param('ses') || $cgi->cookie('ses'); + my $auth = $cgi->param('ses') || $cgi->cookie('ses') || $cgi->cookie('eg.auth.token'); + if ($auth =~ /^"(.+)"$/) { + $auth = $1; + } unless(verify_login($auth)) { $logger->error("authentication failed on vandelay record import: $auth"); @@ -123,7 +126,10 @@ sub spool_jacket { my $r = shift; my $cgi = new CGI; - my $auth = $cgi->param('ses') || $cgi->cookie('ses'); + my $auth = $cgi->param('ses') || $cgi->cookie('ses') || $cgi->cookie('eg.auth.token'); + if ($auth =~ /^"(.+)"$/) { + $auth = $1; + } my $user = verify_login($auth); my $perm_check = verify_permission($auth, $user, $user->ws_ou, ['UPLOAD_COVER_IMAGE']); -- 2.11.0