/* * send an OpenID Connect authorization request to the specified provider preserving POST parameters using HTML5 storage */ int oidc_proto_authorization_request_post_preserve(request_rec *r, const char *authorization_request) { /* read the parameters that are POST-ed to us */ apr_table_t *params = apr_table_make(r->pool, 8); if (oidc_util_read_post(r, params) == FALSE) { ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, "oidc_proto_authorization_request: something went wrong when reading the POST parameters"); return HTTP_INTERNAL_SERVER_ERROR; } // TODO: html encode names/values const apr_array_header_t *arr = apr_table_elts(params); const apr_table_entry_t *elts = (const apr_table_entry_t*) arr->elts; int i; char *json = ""; for (i = 0; i < arr->nelts; i++) { json = apr_psprintf(r->pool, "%s'%s': '%s'%s", json, elts[i].key, elts[i].val, i < arr->nelts - 1 ? "," : ""); } json = apr_psprintf(r->pool, "{ %s }", json); char *java_script = apr_psprintf(r->pool, "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\n" "<html xmlns=\"http://www.w3.org/1999/xhtml\" lang=\"en\" xml:lang=\"en\">\n" " <head>\n" " <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"/>\n" " <script type=\"text/javascript\">\n" " function preserveOnLoad() {\n" " localStorage.setItem('mod_auth_openidc_preserve_post_params', JSON.stringify(%s));\n" " window.location='%s';\n" " }\n" " </script>\n" " <title>Preserving...</title>\n" " </head>\n" " <body onload=\"preserveOnLoad()\">\n" " <p>Preserving...</p>\n" " </body>\n" "</html>\n", json, authorization_request); return oidc_util_http_sendstring(r, java_script, DONE); }
int oidc_proto_javascript_implicit(request_rec *r, oidc_cfg *c) { ap_log_rerror(APLOG_MARK, OIDC_DEBUG, 0, r, "oidc_proto_javascript_implicit: entering"); // char *java_script = NULL; // if (oidc_util_file_read(r, "/Users/hzandbelt/eclipse-workspace/mod_auth_openidc/src/implicit_post.html", &java_script) == FALSE) return HTTP_INTERNAL_SERVER_ERROR; const char *java_script = "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\n" "<html xmlns=\"http://www.w3.org/1999/xhtml\" lang=\"en\" xml:lang=\"en\">\n" " <head>\n" " <meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"/>\n" " <script type=\"text/javascript\">\n" " function postOnLoad() {\n" " var params = {}\n" " encoded = location.hash.substring(1).split(\"&\");\n" " for (i = 0; i < encoded.length; i++) {\n" " encoded[i].replace(/\\+/g, \" \");\n" " var n = encoded[i].indexOf(\"=\");\n" " var input = document.createElement(\"input\");\n" " input.type = \"hidden\";\n" " input.name = decodeURIComponent(encoded[i].substring(0, n));\n" " input.value = decodeURIComponent(encoded[i].substring(n+1));\n" " document.forms[0].appendChild(input);\n" " }\n" " document.forms[0].action = window.location.href.substr(0, window.location.href.indexOf('#'));\n" " document.forms[0].submit();\n" " }\n" " </script>\n" " <title>Submitting...</title>\n" " </head>\n" " <body onload=\"postOnLoad()\">\n" " <p>Submitting...</p>\n" " <form method=\"post\"><input type=\"hidden\" name=\"response_mode\" value=\"fragment\"></form>\n" " </body>\n" "</html>\n"; return oidc_util_http_sendstring(r, java_script, DONE); }