From: Ian Jackson Date: Fri, 18 Jan 2013 19:16:47 +0000 (+0000) Subject: support check_https and also redirect to https version X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ian/git?p=cgi-auth-flexible.git;a=commitdiff_plain;h=6ca44cd905b9d2c8d83bc10d95428f3da8ed7e45;hp=0500f383b681a3260cfe478bef7b5b74ced21bc6 support check_https and also redirect to https version --- diff --git a/cgi-auth-flexible.pm b/cgi-auth-flexible.pm index 2f4cd83..4ab430d 100644 --- a/cgi-auth-flexible.pm +++ b/cgi-auth-flexible.pm @@ -207,6 +207,7 @@ sub new_verifier { get_path_info => sub { $_[0]->path_info() }, get_cookie => sub { $_[0]->cookie($_[1]->{S}{cookie_name}) }, get_method => sub { $_[0]->request_method() }, + check_https => sub { !!$_[0]->https() }, get_url => sub { $_[0]->url(); }, is_login => sub { defined $_[1]->_rp('password_param_name') }, login_ok => \&login_ok_password, @@ -503,8 +504,16 @@ my @ca = (-name => $r->{S}{cookie_name}, sub _check_divert_core ($) { my ($r) = @_; - my $meth = $r->_ch('get_method'); my $cooks = $r->_ch('get_cookie'); + + if (!$r->_ch('check_https')) { + return ({ Kind => 'REDIRECT-HTTPS', + Message => $r->_gt("Redirecting to secure server..."), + CookieSecret => undef, + Params => { } }); + } + + my $meth = $r->_ch('get_method'); my $parmh = $r->_rp('assoc_param_name'); my $cookh = defined $cooks ? $r->hash($cooks) : undef; @@ -781,11 +790,17 @@ sub check_ok ($) { $params->{$r->{S}{loggedout_param_names}[0]} = [ 1 ]; } elsif ($kind eq 'REDIRECT-LOGOUT') { $params->{$r->{S}{logout_param_names}[0]} = [ 1 ]; - } elsif ($kind eq 'REDIRECT-LOGGEDIN') { + } elsif ($kind =~ m/REDIRECT-(?:LOGGEDIN|HTTPS)/) { } else { die; } my $new_url = $r->url_with_query_params($params); + if ($kind eq 'REDIRECT-HTTPS') { + my $uri = URI->new($new_url); + die unless $uri->scheme eq 'http'; + $uri->scheme('https'); + $new_url = $uri->as_string(); + } $r->_ch('do_redirect',$new_url, $cookie); return 0; }