refactor reading from templates into shared util function

Signed-off-by: Hans Zandbelt <[email protected]>
OpenIDC · Sep 19, 2023 · 7f49fd4 · 7f49fd4
1 parent 33a20f0
commit 7f49fd4
Show file tree

Hide file tree

Showing 3 changed files with 60 additions and 46 deletions.
diff --git a/src/mod_auth_openidc.c b/src/mod_auth_openidc.c
@@ -458,33 +458,15 @@ apr_byte_t oidc_post_preserve_javascript(request_rec *r, const char *location,
 	}
 	json = apr_psprintf(r->pool, "{ %s }", json);
 
-	const char *jscript = NULL;
-	char *template = NULL;
-
-	if (cfg->post_preserve_template != NULL) {
-		if (post_preserve_template_contents == NULL) {
-			template = oidc_util_get_full_path(r->pool,
-					cfg->post_preserve_template);
-			if (oidc_util_file_read(r, template, r->server->process->pool,
-					&post_preserve_template_contents) == FALSE) {
-				oidc_error(r, "could not read POST template: %s", template);
-				post_preserve_template_contents = NULL;
-			}
-		}
-		if (post_preserve_template_contents != NULL) {
-			jscript = apr_psprintf(r->pool, post_preserve_template_contents,
-					json,
-					location ?
-							oidc_util_javascript_escape(r->pool, location) :
-							"");
-			oidc_util_http_send(r, jscript, _oidc_strlen(jscript),
-					OIDC_CONTENT_TYPE_TEXT_HTML, OK);
+	if (cfg->post_preserve_template != NULL)
+		if (oidc_util_html_send_in_template(r, cfg->post_preserve_template,
+				&post_preserve_template_contents, json,
+				OIDC_POST_PRESERVE_ESCAPE_NONE, location,
+				OIDC_POST_PRESERVE_ESCAPE_JAVASCRIPT, OK) == OK)
 			return TRUE;
-		}
-	}
 
 	const char *jmethod = "preserveOnLoad";
-	jscript =
+	const char *jscript =
 			apr_psprintf(r->pool,
 					"    <script type=\"text/javascript\">\n"
 					"      function %s() {\n"
@@ -2321,29 +2303,12 @@ static int oidc_handle_authorization_response(request_rec *r, oidc_cfg *c,
 
 	/* check whether form post data was preserved; if so restore it */
 	if (_oidc_strcmp(original_method, OIDC_METHOD_FORM_POST) == 0) {
-		char *template = NULL;
-		char *jscript = NULL;
-		if (c->post_restore_template != NULL) {
-			if (post_restore_template_contents == NULL) {
-				template = oidc_util_get_full_path(r->pool,
-						c->post_restore_template);
-				if (oidc_util_file_read(r, template, r->server->process->pool,
-						&post_restore_template_contents) == FALSE) {
-					oidc_error(r, "could not read POST template: %s", template);
-					post_restore_template_contents = NULL;
-				}
-			}
-			if (post_restore_template_contents != NULL) {
-				jscript = apr_psprintf(r->pool, post_restore_template_contents,
-						original_url ?
-								oidc_util_javascript_escape(r->pool,
-										original_url) :
-										"");
-				oidc_util_http_send(r, jscript, _oidc_strlen(jscript),
-						OIDC_CONTENT_TYPE_TEXT_HTML, OK);
+		if (c->post_restore_template != NULL)
+			if (oidc_util_html_send_in_template(r, c->post_restore_template,
+					&post_restore_template_contents, original_url,
+					OIDC_POST_PRESERVE_ESCAPE_JAVASCRIPT, "",
+					OIDC_POST_PRESERVE_ESCAPE_NONE, OK) == OK)
 				return TRUE;
-			}
-		}
 		return oidc_request_post_preserved_restore(r, original_url);
 	}
 

diff --git a/src/mod_auth_openidc.h b/src/mod_auth_openidc.h
@@ -201,6 +201,10 @@ APLOG_USE_MODULE(auth_openidc);
 #define OIDC_USERDATA_SESSION "mod_auth_openidc_session"
 #define OIDC_USERDATA_POST_PARAMS_KEY "oidc_userdata_post_params"
 
+#define OIDC_POST_PRESERVE_ESCAPE_NONE       0
+#define OIDC_POST_PRESERVE_ESCAPE_HTML       1
+#define OIDC_POST_PRESERVE_ESCAPE_JAVASCRIPT 2
+
 /* input filter hook name */
 #define OIDC_UTIL_HTTP_SENDSTRING "OIDC_UTIL_HTTP_SENDSTRING"
 
@@ -949,6 +953,7 @@ const char *oidc_util_hdr_out_location_get(const request_rec *r);
 void oidc_util_hdr_err_out_add(const request_rec *r, const char *name, const char *value);
 apr_byte_t oidc_util_hdr_in_accept_contains(const request_rec *r, const char *needle);
 apr_byte_t oidc_util_json_validate_cnf(request_rec *r, json_t *jwt, int token_binding_policy);
+apr_byte_t oidc_util_html_send_in_template(request_rec *r, const char *filename, char **static_template_content, const char *arg1, int arg1_esc, const char *arg2, int arg2_esc, int status_code);
 
 // oidc_metadata.c
 apr_byte_t oidc_metadata_provider_get(request_rec *r, oidc_cfg *cfg, const char *issuer, json_t **j_provider, apr_byte_t allow_discovery);

diff --git a/src/util.c b/src/util.c
@@ -1820,6 +1820,50 @@ char* oidc_util_get_full_path(apr_pool_t *pool, const char *abs_or_rel_filename)
 			ap_server_root_relative(pool, abs_or_rel_filename) : NULL;
 }
 
+/*
+ * escape characters in an HTML/Javascript template
+ */
+static char* oidc_util_template_escape(request_rec *r, const char *arg,
+		int escape) {
+	char *rv = NULL;
+	if (escape == OIDC_POST_PRESERVE_ESCAPE_HTML) {
+		rv = oidc_util_html_escape(r->pool, arg ? arg : "");
+	} else if (escape == OIDC_POST_PRESERVE_ESCAPE_JAVASCRIPT) {
+		rv = oidc_util_javascript_escape(r->pool, arg ? arg : "");
+	} else {
+		rv = apr_pstrdup(r->pool, arg);
+	}
+	return rv;
+}
+
+/*
+ * fill and send a HTML template
+ */
+apr_byte_t oidc_util_html_send_in_template(request_rec *r, const char *filename,
+		char **static_template_content, const char *arg1, int arg1_esc,
+		const char *arg2, int arg2_esc, int status_code) {
+	char *fullname = NULL;
+	char *html = NULL;
+	int rc = status_code;
+	if (*static_template_content == NULL) {
+		fullname = oidc_util_get_full_path(r->pool, filename);
+		// NB: templates go into the server process pool
+		if (oidc_util_file_read(r, fullname, r->server->process->pool,
+				static_template_content) == FALSE) {
+			oidc_error(r, "could not read template: %s", fullname);
+			*static_template_content = NULL;
+		}
+	}
+	if (static_template_content) {
+		html = apr_psprintf(r->pool, *static_template_content,
+				oidc_util_template_escape(r, arg1, arg1_esc),
+				oidc_util_template_escape(r, arg2, arg2_esc));
+		rc = oidc_util_http_send(r, html, _oidc_strlen(html),
+				OIDC_CONTENT_TYPE_TEXT_HTML, status_code);
+	}
+	return rc;
+}
+
 /*
  * send a user-facing error to the browser
  */