From 5d6cb42a44f7116d122ce53cdda6531a11ac0d7b Mon Sep 17 00:00:00 2001
From: Michael M Slusarz <slusarz@curecanti.org>
Date: Thu, 6 Aug 2009 12:45:14 -0600
Subject: [PATCH] Handle DIMP/Ajax logout stuff entirely within ajax.php

---
 imp/ajax.php                           | 24 +++++++++++++++++++++---
 imp/js/DimpCore.js                     |  2 +-
 imp/lib/base.php                       | 30 ++++--------------------------
 imp/templates/javascript_defs_dimp.php |  1 -
 4 files changed, 26 insertions(+), 31 deletions(-)

diff --git a/imp/ajax.php b/imp/ajax.php
index c6038f24e..3bb8af30c 100644
--- a/imp/ajax.php
+++ b/imp/ajax.php
@@ -164,9 +164,21 @@ if (in_array($action, array('chunkContent', 'Html2Text', 'Text2Html', 'GetReplyD
     $imp_session_control = 'readonly';
 }
 
-$imp_dimp_logout = ($action == 'LogOut');
-$imp_session_timeout = 'json';
-require_once IMP_BASE . '/lib/base.php';
+$imp_authentication = 'throw';
+try {
+    require_once IMP_BASE . '/lib/base.php';
+} catch (Horde_Exception $e) {
+    /* Handle session timeouts when they come from an AJAX request. */
+    if ($e->getCode() == Horde_Registry::AUTH_FAILURE) {
+        $notification = Horde_Notification::singleton();
+        $imp_notify = $notification->attach('status', array('viewmode' => 'dimp'), 'IMP_Notification_Listener_Status');
+        $notification->push(str_replace('&amp;', '&', Horde_Auth::getLogoutUrl(array('reason' => Horde_Auth::REASON_SESSION))), 'dimp.timeout', array('content.raw'));
+        Horde::sendHTTPResponse(Horde::prepareResponse(null, $imp_notify), 'json');
+        exit;
+    }
+
+    Horde_Auth::authenticateFailure('imp', $e);
+}
 
 // Process common request variables.
 $mbox = Horde_Util::getPost('view');
@@ -181,6 +193,12 @@ $notify = true;
 $result = false;
 
 switch ($action) {
+case 'LogOut':
+    /* Handle logout requests. This needs to be done here because the logout
+     * tokens might expire otherwise. */
+    Horde::redirect(str_replace('&amp;', '&', Horde::getServiceLink('logout', 'imp')));
+    break;
+
 case 'CreateFolder':
     if (empty($mbox)) {
         break;
diff --git a/imp/js/DimpCore.js b/imp/js/DimpCore.js
index fe6ea0032..757106f8b 100644
--- a/imp/js/DimpCore.js
+++ b/imp/js/DimpCore.js
@@ -210,7 +210,7 @@ var DimpCore = {
 
             switch (m.type) {
             case 'dimp.timeout':
-                this.logout(DIMP.conf.URI_TIMEOUT);
+                this.logout(m.message);
                 return true;
 
             case 'horde.error':
diff --git a/imp/lib/base.php b/imp/lib/base.php
index 6b598551f..7a7dd6196 100644
--- a/imp/lib/base.php
+++ b/imp/lib/base.php
@@ -13,15 +13,12 @@
  *   [DEFAULT] - Authenticate to IMAP/POP server; on no auth redirect to login
  *               screen
  * $imp_compose_page - If true, we are on IMP's compose page
- * $imp_dimp_logout - Logout and redirect to the login page.
  * $imp_no_compress - Controls whether the page should be compressed
  * $imp_session_control - Sets special session control limitations:
  *   'netscape' - TODO; start read/write session
  *   'none' - Do not start a session
  *   'readonly' - Start session readonly
  *   [DEFAULT] - Start read/write session
- * $imp_session_timeout - Sets special handling for session timeouts:
- *   'json' - Send session logout request to browser.
  * </pre>
  *
  * Global variables defined:
@@ -63,16 +60,6 @@ case 'readonly':
 }
 $registry = Horde_Registry::singleton($s_ctrl);
 
-// Determine view mode.
-$viewmode = isset($_SESSION['imp']['view'])
-    ? $_SESSION['imp']['view']
-    : 'imp';
-
-// Handle dimp logout requests.
-if (($viewmode == 'dimp') && Horde_Util::nonInputVar('imp_dimp_logout')) {
-    Horde::redirect(str_replace('&amp;', '&', Horde::getServiceLink('logout', 'imp')));
-}
-
 // Determine imp authentication type.
 $authentication = Horde_Util::nonInputVar('imp_authentication');
 if ($authentication == 'horde') {
@@ -86,23 +73,14 @@ try {
     $registry->pushApp('imp', array('check_perms' => ($authentication != 'none'), 'logintasks' => true));
 } catch (Horde_Exception $e) {
     if ($e->getCode() == Horde_Registry::AUTH_FAILURE) {
-        if ($authentication == 'throw') {
-            throw $e;
-        }
-
-        // Handle session timeouts when they come from an AJAX request.
-        if (($viewmode == 'dimp') &&
-            (Horde_Util::nonInputVar('imp_session_timeout') == 'json')) {
-            $notification = Horde_Notification::singleton();
-            $notification->push(null, 'dimp.timeout');
-            Horde::sendHTTPResponse(Horde::prepareResponse(), 'json');
-            exit;
-        }
-
         if (Horde_Util::nonInputVar('imp_compose_page')) {
             $imp_compose = IMP_Compose::singleton();
             $imp_compose->sessionExpireDraft();
         }
+
+        if ($authentication == 'throw') {
+            throw $e;
+        }
     }
 
     Horde_Auth::authenticateFailure('imp', $e);
diff --git a/imp/templates/javascript_defs_dimp.php b/imp/templates/javascript_defs_dimp.php
index 0f7a317d0..24d4fa046 100644
--- a/imp/templates/javascript_defs_dimp.php
+++ b/imp/templates/javascript_defs_dimp.php
@@ -49,7 +49,6 @@ $code['conf'] = array_filter(array(
     'URI_MESSAGE' => Horde::applicationUrl('message-dimp.php'),
     'URI_PREFS' => Horde::getServiceLink('prefsapi', 'imp'),
     'URI_PREFS_IMP' => str_replace('&amp;', '&', Horde::getServiceLink('options', 'imp')),
-    'URI_TIMEOUT' => Horde_Auth::getLogoutUrl(array('reason' => Horde_Auth::REASON_SESSION)),
     'URI_VIEW' => Horde::applicationUrl('view.php'),
 
     'SESSION_ID' => defined('SID') ? SID : '',
-- 
2.11.0