/auth/logout.cgi - Annotate - Origo OS - Origo Project Zone

95b003ff

Origo

#!/usr/bin/perl -w

2

3

4

# mod_auth_tkt sample logout script

5

6

# Note that this needs script needs to be available locally on all domains

7

#   if using multiple domains (unlike login.cgi, which only needs to exist

8

#   on one domain).

9

10

11

use File::Basename;

12

#use lib dirname($ENV{SCRIPT_FILENAME});

13

use lib "./";

14

use Apache::AuthTkt 0.03;

15

use AuthTktConfig;

16

use CGI qw(:standard);

17

use URI::Escape;

18

use URI;

19

use Data::Dumper;

20

use strict;

21

22

# Clear up tainted environment

23

$ENV{PATH} = '/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin';

24

delete @ENV{'IFS', 'CDPATH', 'ENV', 'BASH_ENV'};

25

26

# ------------------------------------------------------------------------

27

# Configuration settings in AuthTktConfig.pm

28

29

# ------------------------------------------------------------------------

30

# Main code begins

31

my $at = Apache::AuthTkt->new(conf => $ENV{MOD_AUTH_TKT_CONF});

32

my $q = CGI->new;

33

my ($server_name, $server_port) = split /:/, $ENV{HTTP_HOST};

34

$server_name ||= $ENV{SERVER_NAME};

35

$server_port ||= $ENV{SERVER_PORT};

37

95b003ff

Origo

my $back = '';

38

$back = $AuthTktConfig::FIXED_BACK_LOCATION if $AuthTktConfig::FIXED_BACK_LOCATION;

39

$back ||= $q->cookie($at->back_cookie_name) if $at->back_cookie_name;

40

$back ||= $q->param($at->back_arg_name) if $at->back_arg_name;

41

$back = $AuthTktConfig::DEFAULT_BACK_LOCATION if $AuthTktConfig::DEFAULT_BACK_LOCATION;

42

#$back ||= $ENV{HTTP_REFERER} if $ENV{HTTP_REFERER} && $AuthTktConfig::BACK_REFERER;

43

if ($back && $back =~ m!^/!) {

44

  my $hostname = $server_name;

45

  my $port = $server_port;

46

  $hostname .= ':' . $port if $port && $port != 80 && $port != 443;

47

  $back = sprintf "http%s://%s%s", ($port == 443 ? 's' : ''), $hostname, $back;

48

} elsif ($back && $back !~ m/^http/i) {

49

  $back = 'http://' . $back;

50

51

$back = uri_unescape($back) if $back =~ m/^https?%3A%2F%2F/;

52

my $back_html = escapeHTML($back) if $back;

53

54

# Logout by resetting the auth cookie

55

my @cookies = cookie(-name => $at->cookie_name, -value => '', -expires => '-1h', -path => '/',

56

    ($AUTH_DOMAIN ? (-domain => $AUTH_DOMAIN) : ()));

57

push @cookies, map { cookie(-name => $_, -value => '', -expires => '-1h', path => '/',

58

    ($AUTH_DOMAIN ? (-domain => $AUTH_DOMAIN) : ()) ) } @AuthTktConfig::NUKE_COOKIES;

59

60

61

#my $user = $ENV{'REMOTE_USER'};

62

#my $account = $q->cookie('steamaccount') if ($q); # User is requesting access to another account

63

#if ($account ne $user) {

64

#    $user = $account;

65

#}

66

#$user = $1 if $user =~ /(.+)/; #untaint

67

#`pkill -TERM -f "$user~ui_update.cgi"`; # Kill ui_update which in turn removes tasks from /tmp

68

69

my $session = $q->param('s');

70

`pkill -f ~$session.tasks` if ($session);

71

72

my $redirected = 0;

73

if ( $q->param('js') ) {

74

  print $q->header(-content_type => "application/javascript", -cookie => \@cookies);

75

  print qq|document.cookie = '| . $at->cookie_name . qq|=; Domain=$AUTH_DOMAIN; Path=/; Expires=Thu, 01 Jan 1970 00:00:01 GMT;';\n|;

76

  exit;

77

} elsif ($back) {

78

  my $b = URI->new($back);

79

  # If $back domain doesn't match $AUTH_DOMAIN, add ticket reset to back

80

  if (!($b->host =~ /$AUTH_DOMAIN/i) && !($AUTH_DOMAIN !~ /$b->host/i)) {

81

    $back .= $b->query ? '&' : '?';

82

    $back .= $at->cookie_name . '=';

83

84

85

  if ($AuthTktConfig::DEBUG) {

86

    print $q->header(-cookie => \@cookies);

87

  } else {

88

    # Set (local) cookie, and redirect to $back

89

    print $q->header(

90

      -cookie => \@cookies,

91

      -location => $back,

92

);

93

    # For some reason, a Location: redirect doesn't seem to then see the cookie,

94

    #   but a meta refresh one does - weird

95

    print $q->start_html(

96

      -head => meta({

97

        -http_equiv => 'Pragma', -content => "no-cache"

98

}),

99

#      -head => meta({

100

#        -http_equiv => 'refresh', -content => "0;URL=$back"

101

#        -http_equiv => 'refresh', -content => "0;URL=login"

102

#      })

103

);

104

#    $redirected = 1;

# If no $back, just set the auth cookie and hope for the best

109

else {

110

  print $q->header(-cookie => \@cookies);

111

112

113

my @style = ();

114

@style = ( '-style' => { src => $AuthTktConfig::STYLESHEET } )

115

  if $AuthTktConfig::STYLESHEET;

116

my $title = $AuthTktConfig::TITLE || "Logout Page";

117

118

unless ($redirected) {

119

  # If here, either some kind of error or no back ref found

120

  print $q->start_html(

121

      -head => meta({

122

        -http_equiv => 'Pragma', -content => "no-cache"

123

}),

124

      -title => $title,

125

      @style,

126

);

127

  print <<EOD;

128

<div align="center">

129

<!-- h1>$title</h1 -->

130

EOD

131

  if ($AuthTktConfig::DEBUG) {

132

    print <<EOD;

133

<pre>

134

back: $back

135

back_html: $back_html

136

</pre>

137

EOD

138

139

  print <<EOD;

140

<p>You are now logged out of $AUTH_DOMAIN.</p>

141

<!-- script>document.location="login";</script -->

142

EOD

143

  print qq(<p><a href="$back_html">Previous Page</a></p>\n) if $back_html;

144

  print <<EOD;

145

</div>

146

</body>

147

</html>

148

EOD

149

150

151

# vim:sw=2:sm:cin

Project

General

Profile

Origo OS

Project

General

Profile

Origo OS

stabile/auth/logout.cgi @ master