Make non-cookie option a supplement instead of replacement.

git-svn-id: https://svn.middleware.georgetown.edu/cpp-sp/branches/REL_2@3359 cb58f699-b61c-0410-a6fe-9272a202ed29

diff --git a/shibsp/impl/StorageServiceSessionCache.cpp b/shibsp/impl/StorageServiceSessionCache.cpp
index 764f057..3641be9 100644 (file)
--- a/shibsp/impl/StorageServiceSessionCache.cpp
+++ b/shibsp/impl/StorageServiceSessionCache.cpp
@@ -118,18 +118,14 @@ namespace shibsp {
         void test();
 
         string active(const Application& app, const HTTPRequest& request) {
-            if (m_inboundHeader.empty()) {
-                pair<string,const char*> shib_cookie = app.getCookieNameProps("_shibsession_");
-                const char* session_id = request.getCookie(shib_cookie.first.c_str());
-                return (session_id ? session_id : "");
-            }
-            else {
+            if (!m_inboundHeader.empty()) {
                 string session_id = request.getHeader(m_inboundHeader.c_str());
                 if (!session_id.empty())
                     return session_id;
-                const char* p = request.getParameter(m_inboundHeader.c_str());
-                return (p ? p : "");
             }
+            pair<string,const char*> shib_cookie = app.getCookieNameProps("_shibsession_");
+            const char* session_id = request.getCookie(shib_cookie.first.c_str());
+            return (session_id ? session_id : "");
         }
 
         Session* find(const Application& app, const HTTPRequest& request, const char* client_addr=nullptr, time_t* timeout=nullptr) {
@@ -1105,30 +1101,27 @@ void SSCache::insert(
         xlog->log.info("}");
     }
 
-    if (m_outboundHeader.empty()) {
-        time_t cookieLifetime = 0;
-        pair<string,const char*> shib_cookie = app.getCookieNameProps("_shibsession_", &cookieLifetime);
-        string k(key.get());
-        k += shib_cookie.second;
+    if (!m_outboundHeader.empty())
+        httpResponse.setResponseHeader(m_outboundHeader.c_str(), key.get());
+
+    time_t cookieLifetime = 0;
+    pair<string,const char*> shib_cookie = app.getCookieNameProps("_shibsession_", &cookieLifetime);
+    string k(key.get());
+    k += shib_cookie.second;
 
-        if (cookieLifetime > 0) {
-            cookieLifetime += now;
+    if (cookieLifetime > 0) {
+        cookieLifetime += now;
 #ifndef HAVE_GMTIME_R
-            ptime=gmtime(&cookieLifetime);
+        ptime=gmtime(&cookieLifetime);
 #else
-            ptime=gmtime_r(&cookieLifetime,&res);
+        ptime=gmtime_r(&cookieLifetime,&res);
 #endif
-            char cookietimebuf[64];
-            strftime(cookietimebuf,64,"; expires=%a, %d %b %Y %H:%M:%S GMT",ptime);
-            k += cookietimebuf;
-        }
-
-        httpResponse.setCookie(shib_cookie.first.c_str(), k.c_str());
-    }
-    else {
-        // Use an arbitrary header to pass back the session ID instead of a cookie.
-        httpResponse.setResponseHeader(m_outboundHeader.c_str(), key.get());
+        char cookietimebuf[64];
+        strftime(cookietimebuf,64,"; expires=%a, %d %b %Y %H:%M:%S GMT",ptime);
+        k += cookietimebuf;
     }
+
+    httpResponse.setCookie(shib_cookie.first.c_str(), k.c_str());
 }
 
 bool SSCache::matches(
@@ -1520,31 +1513,23 @@ Session* SSCache::find(const Application& app, HTTPRequest& request, const char*
             return session;
         HTTPResponse* response = dynamic_cast<HTTPResponse*>(&request);
         if (response) {
-            if (m_outboundHeader.empty()) {
-                pair<string,const char*> shib_cookie = app.getCookieNameProps("_shibsession_");
-                string exp(shib_cookie.second);
-                exp += "; expires=Mon, 01 Jan 2001 00:00:00 GMT";
-                response->setCookie(shib_cookie.first.c_str(), exp.c_str());
-            }
-            else {
+            if (!m_outboundHeader.empty())
                 response->setResponseHeader(m_outboundHeader.c_str(), nullptr);
-            }
+            pair<string,const char*> shib_cookie = app.getCookieNameProps("_shibsession_");
+            string exp(shib_cookie.second);
+            exp += "; expires=Mon, 01 Jan 2001 00:00:00 GMT";
+            response->setCookie(shib_cookie.first.c_str(), exp.c_str());
         }
     }
     catch (exception&) {
-        if (m_outboundHeader.empty()) {
-            HTTPResponse* response = dynamic_cast<HTTPResponse*>(&request);
-            if (response) {
-                if (m_outboundHeader.empty()) {
-                    pair<string,const char*> shib_cookie = app.getCookieNameProps("_shibsession_");
-                    string exp(shib_cookie.second);
-                    exp += "; expires=Mon, 01 Jan 2001 00:00:00 GMT";
-                    response->setCookie(shib_cookie.first.c_str(), exp.c_str());
-                }
-                else {
-                    response->setResponseHeader(m_outboundHeader.c_str(), nullptr);
-                }
-            }
+        HTTPResponse* response = dynamic_cast<HTTPResponse*>(&request);
+        if (response) {
+            if (!m_outboundHeader.empty())
+                response->setResponseHeader(m_outboundHeader.c_str(), nullptr);
+            pair<string,const char*> shib_cookie = app.getCookieNameProps("_shibsession_");
+            string exp(shib_cookie.second);
+            exp += "; expires=Mon, 01 Jan 2001 00:00:00 GMT";
+            response->setCookie(shib_cookie.first.c_str(), exp.c_str());
         }
         throw;
     }
@@ -1553,35 +1538,26 @@ Session* SSCache::find(const Application& app, HTTPRequest& request, const char*
 
 void SSCache::remove(const Application& app, const HTTPRequest& request, HTTPResponse* response)
 {
-    if (m_inboundHeader.empty()) {
-        pair<string,const char*> shib_cookie = app.getCookieNameProps("_shibsession_");
-        const char* session_id = request.getCookie(shib_cookie.first.c_str());
-        if (session_id && *session_id) {
-            if (response) {
-                if (m_outboundHeader.empty()) {
-                    string exp(shib_cookie.second);
-                    exp += "; expires=Mon, 01 Jan 2001 00:00:00 GMT";
-                    response->setCookie(shib_cookie.first.c_str(), exp.c_str());
-                }
-                else {
-                    response->setResponseHeader(m_outboundHeader.c_str(), nullptr);
-                }
-            }
-            remove(app, session_id);
-        }
+    string session_id;
+    pair<string,const char*> shib_cookie = app.getCookieNameProps("_shibsession_");
+
+    if (!m_inboundHeader.empty())
+        session_id = request.getHeader(m_inboundHeader.c_str());
+    if (session_id.empty()) {
+        const char* c = request.getCookie(shib_cookie.first.c_str());
+        if (c && *c)
+            session_id = c;
     }
-    else {
-        string session_id = request.getHeader(m_inboundHeader.c_str());
-        if (session_id.empty()) {
-            const char* p = request.getParameter(m_inboundHeader.c_str());
-            if (p)
-                session_id = p;
-        }
-        if (!session_id.empty()) {
-            if (response && !m_outboundHeader.empty())
+
+    if (!session_id.empty()) {
+        if (response) {
+            if (!m_outboundHeader.empty())
                 response->setResponseHeader(m_outboundHeader.c_str(), nullptr);
-            remove(app, session_id.c_str());
+            string exp(shib_cookie.second);
+            exp += "; expires=Mon, 01 Jan 2001 00:00:00 GMT";
+            response->setCookie(shib_cookie.first.c_str(), exp.c_str());
         }
+        remove(app, session_id.c_str());
     }
 }