X-Git-Url: http://git.rot13.org/?a=blobdiff_plain;f=C4%2FAuth_with_cas.pm;h=b69124b0f733a27d40eaa9e5e3bb73d67a1742c1;hb=3ee3cf10e61aaad8a47881fdc6cc565e74c847af;hp=a42a71cbb149f074d73ce4c16269a800c76ea8d4;hpb=b57d98517c5a9572a54412f7f4e5d872acfa85c3;p=koha.git

diff --git a/C4/Auth_with_cas.pm b/C4/Auth_with_cas.pm
index a42a71cbb1..b69124b0f7 100644
--- a/C4/Auth_with_cas.pm
+++ b/C4/Auth_with_cas.pm
@@ -4,47 +4,47 @@ package C4::Auth_with_cas;
 #
 # This file is part of Koha.
 #
-# Koha is free software; you can redistribute it and/or modify it under the
-# terms of the GNU General Public License as published by the Free Software
-# Foundation; either version 2 of the License, or (at your option) any later
-# version.
+# Koha is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
 #
-# Koha is distributed in the hope that it will be useful, but WITHOUT ANY
-# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
-# A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
+# Koha is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
 #
-# You should have received a copy of the GNU General Public License along
-# with Koha; if not, write to the Free Software Foundation, Inc.,
-# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+# You should have received a copy of the GNU General Public License
+# along with Koha; if not, see <http://www.gnu.org/licenses>.
 
 use strict;
 use warnings;
 
 use C4::Debug;
 use C4::Context;
+use Koha::AuthUtils qw(get_script_name);
 use Authen::CAS::Client;
-use CGI;
+use CGI qw ( -utf8 );
 use FindBin;
+use YAML;
 
 
-use vars qw($VERSION @ISA @EXPORT @EXPORT_OK %EXPORT_TAGS $debug);
+use vars qw(@ISA @EXPORT @EXPORT_OK %EXPORT_TAGS $debug);
 
 BEGIN {
 	require Exporter;
-    $VERSION = 3.07.00.049;	# set the version for version checking
 	$debug = $ENV{DEBUG};
 	@ISA    = qw(Exporter);
 	@EXPORT = qw(check_api_auth_cas checkpw_cas login_cas logout_cas login_cas_url);
 }
-my $context = C4::Context->new() or die 'C4::Context->new failed';
 my $defaultcasserver;
 my $casservers;
-my $yamlauthfile = "../C4/Auth_cas_servers.yaml";
+my $yamlauthfile = C4::Context->config('intranetdir') . "/C4/Auth_cas_servers.yaml";
 
 
 # If there's a configuration for multiple cas servers, then we get it
 if (multipleAuth()) {
-    ($defaultcasserver, $casservers) = YAML::LoadFile(qq($FindBin::Bin/$yamlauthfile));
+    ($defaultcasserver, $casservers) = YAML::LoadFile($yamlauthfile);
     $defaultcasserver = $defaultcasserver->{'default'};
 } else {
 # Else, we fall back to casServerUrl syspref
@@ -54,7 +54,7 @@ if (multipleAuth()) {
 
 # Is there a configuration file for multiple cas servers?
 sub multipleAuth {
-    return (-e qq($FindBin::Bin/$yamlauthfile));
+    return (-e qq($yamlauthfile));
 }
 
 # Returns configured CAS servers' list if multiple authentication is enabled
@@ -64,22 +64,22 @@ sub getMultipleAuth {
 
 # Logout from CAS
 sub logout_cas {
-    my ($query) = @_;
-    my ( $cas, $uri ) = _get_cas_and_service($query);
-    print $query->redirect( $cas->logout_url($uri));
+    my ($query, $type) = @_;
+    my ( $cas, $uri ) = _get_cas_and_service($query, undef, $type);
+    print $query->redirect( $cas->logout_url(url => $uri));
 }
 
 # Login to CAS
 sub login_cas {
-    my ($query) = @_;
-    my ( $cas, $uri ) = _get_cas_and_service($query);
+    my ($query, $type) = @_;
+    my ( $cas, $uri ) = _get_cas_and_service($query, undef, $type);
     print $query->redirect( $cas->login_url($uri));
 }
 
 # Returns CAS login URL with callback to the requesting URL
 sub login_cas_url {
-    my ( $query, $key ) = @_;
-    my ( $cas, $uri ) = _get_cas_and_service( $query, $key );
+    my ( $query, $key, $type ) = @_;
+    my ( $cas, $uri ) = _get_cas_and_service( $query, $key, $type );
     return $cas->login_url($uri);
 }
 
@@ -87,9 +87,9 @@ sub login_cas_url {
 # In our case : is there a ticket, is it valid and does it match one of our users ?
 sub checkpw_cas {
     $debug and warn "checkpw_cas";
-    my ($dbh, $ticket, $query) = @_;
+    my ($dbh, $ticket, $query, $type) = @_;
     my $retnumber;
-    my ( $cas, $uri ) = _get_cas_and_service($query);
+    my ( $cas, $uri ) = _get_cas_and_service($query, undef, $type);
 
     # If we got a ticket
     if ($ticket) {
@@ -135,9 +135,9 @@ sub checkpw_cas {
 # Proxy CAS auth
 sub check_api_auth_cas {
     $debug and warn "check_api_auth_cas";
-    my ($dbh, $PT, $query) = @_;
+    my ($dbh, $PT, $query, $type) = @_;
     my $retnumber;
-    my ( $cas, $uri ) = _get_cas_and_service($query);
+    my ( $cas, $uri ) = _get_cas_and_service($query, undef, $type);
 
     # If we have a Proxy Ticket
     if ($PT) {
@@ -183,8 +183,9 @@ sub check_api_auth_cas {
 sub _get_cas_and_service {
     my $query = shift;
     my $key   = shift;    # optional
+    my $type  = shift;
 
-    my $uri = _url_with_get_params($query);
+    my $uri = _url_with_get_params($query, $type);
 
     my $casparam = $defaultcasserver;
     $casparam = $query->param('cas') if defined $query->param('cas');
@@ -198,13 +199,22 @@ sub _get_cas_and_service {
 # This method replaces $query->url() which will give both GET and POST params
 sub _url_with_get_params {
     my $query = shift;
+    my $type = shift;
+
+    my $uri_base_part = ($type eq 'opac') ?
+                        C4::Context->preference('OPACBaseURL') . get_script_name() :
+                        C4::Context->preference('staffClientBaseURL');
 
-    my $uri_base_part = C4::Context->preference('OPACBaseURL') . $query->script_name();
     my $uri_params_part = '';
-    foreach ( $query->url_param() ) {
-        $uri_params_part .= '&' if $uri_params_part;
-        $uri_params_part .= $_ . '=';
-        $uri_params_part .= URI::Escape::uri_escape( $query->url_param($_) );
+    foreach my $param ( $query->url_param() ) {
+        # url_param() always returns parameters that were deleted by delete()
+        # This additional check ensure that parameter was not deleted.
+        my $uriPiece = $query->param($param);
+        if ($uriPiece) {
+            $uri_params_part .= '&' if $uri_params_part;
+            $uri_params_part .= $param . '=';
+            $uri_params_part .= URI::Escape::uri_escape( $uriPiece );
+        }
     }
     $uri_base_part .= '?' if $uri_params_part;