/*
* send an OpenID Connect authorization request to the specified provider preserving POST parameters using HTML5 storage
*/
int oidc_proto_authorization_request_post_preserve(request_rec *r,
const char *authorization_request) {
/* read the parameters that are POST-ed to us */
apr_table_t *params = apr_table_make(r->pool, 8);
if (oidc_util_read_post(r, params) == FALSE) {
ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r,
"oidc_proto_authorization_request: something went wrong when reading the POST parameters");
return HTTP_INTERNAL_SERVER_ERROR;
}
// TODO: html encode names/values
const apr_array_header_t *arr = apr_table_elts(params);
const apr_table_entry_t *elts = (const apr_table_entry_t*) arr->elts;
int i;
char *json = "";
for (i = 0; i < arr->nelts; i++) {
json = apr_psprintf(r->pool, "%s'%s': '%s'%s", json, elts[i].key,
elts[i].val, i < arr->nelts - 1 ? "," : "");
}
json = apr_psprintf(r->pool, "{ %s }", json);
char *java_script =
apr_psprintf(r->pool,
"<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\n"
"<html xmlns=\"http://www.w3.org/1999/xhtml\" lang=\"en\" xml:lang=\"en\">\n"
" <head>\n"
" <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"/>\n"
" <script type=\"text/javascript\">\n"
" function preserveOnLoad() {\n"
" localStorage.setItem('mod_auth_openidc_preserve_post_params', JSON.stringify(%s));\n"
" window.location='%s';\n"
" }\n"
" </script>\n"
" <title>Preserving...</title>\n"
" </head>\n"
" <body onload=\"preserveOnLoad()\">\n"
" <p>Preserving...</p>\n"
" </body>\n"
"</html>\n", json, authorization_request);
return oidc_util_http_sendstring(r, java_script, DONE);
}
int oidc_proto_javascript_implicit(request_rec *r, oidc_cfg *c) {
ap_log_rerror(APLOG_MARK, OIDC_DEBUG, 0, r,
"oidc_proto_javascript_implicit: entering");
// char *java_script = NULL;
// if (oidc_util_file_read(r, "/Users/hzandbelt/eclipse-workspace/mod_auth_openidc/src/implicit_post.html", &java_script) == FALSE) return HTTP_INTERNAL_SERVER_ERROR;
const char *java_script =
"<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\n"
"<html xmlns=\"http://www.w3.org/1999/xhtml\" lang=\"en\" xml:lang=\"en\">\n"
" <head>\n"
" <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"/>\n"
" <script type=\"text/javascript\">\n"
" function postOnLoad() {\n"
" var params = {}\n"
" encoded = location.hash.substring(1).split(\"&\");\n"
" for (i = 0; i < encoded.length; i++) {\n"
" encoded[i].replace(/\\+/g, \" \");\n"
" var n = encoded[i].indexOf(\"=\");\n"
" var input = document.createElement(\"input\");\n"
" input.type = \"hidden\";\n"
" input.name = decodeURIComponent(encoded[i].substring(0, n));\n"
" input.value = decodeURIComponent(encoded[i].substring(n+1));\n"
" document.forms[0].appendChild(input);\n"
" }\n"
" document.forms[0].action = window.location.href.substr(0, window.location.href.indexOf('#'));\n"
" document.forms[0].submit();\n"
" }\n"
" </script>\n"
" <title>Submitting...</title>\n"
" </head>\n"
" <body onload=\"postOnLoad()\">\n"
" <p>Submitting...</p>\n"
" <form method=\"post\"><input type=\"hidden\" name=\"response_mode\" value=\"fragment\"></form>\n"
" </body>\n"
"</html>\n";
return oidc_util_http_sendstring(r, java_script, DONE);
}
