Customize POST preservation page

[kerrermanisNL]

Currently when posting a form, an authentication request is being performed and the OIDCPreservePost option is enabled a (or actually a couple) blank screen is shown with the text "Redirecting...". This page gets shown relatively long. It would be great if this page could either take less long, be customizable so it fits in better with the rest of the site or be avoided all together.

Any tips on how to go about this, or would this have to be implemented as a feature?

[zandbelt]

I haven't experienced this myself but I haven't done exhaustive testing either... Could you give a concrete example of the POST data that you send? Is it large and/or has many parameters?

FWIW: the text should say "Preserving..." rather than "Redirecting..." can you confirm that?

[kerrermanisNL]

Ah yes you're right. There are two pages shown, one showing "preserving..." which doesn't take too long. This then gets switched to "restoring..." which is the page that takes the longest (nothing too bad, but definitely noticeable. I would say around 1 second).

Example POST data (Django):

<QueryDict: {
    u'key_8_domain_16': [u'on'], 
    u'key_8_domain_17': [u'on'], 
    u'csrfmiddlewaretoken': [u'xxxxxxxxxxxxxxxxxxxxxxxx']
}>

[zandbelt]

I'm not a Javascript expert but I don't see how this code:
https://github.com/pingidentity/mod_auth_openidc/blob/master/src/mod_auth_openidc.c#L456
can be (much) more optimized. It pulls stuff from localstorage, uriDecodes it and puts in in the page dom...

[zandbelt]

Could it be that it is just the handler/page that it POSTs to is actually slow (i.e. your code :-O) ?

I do agree that a customizable screen would be a nice to have.

[kerrermanisNL]

It could be a possibility ;) Though I've noticed this over multiple pages and apps (though of course that doesn't say much).

In any case customizable pages would be very nice! A speed improvement is not my main wish at this point, I was just wondering if there was a possibility this was somewhere related in mod_auth_openidc.

[jamateo]

Hi!

We are looking for a way to customize the callback page that shows "Submitting...". Unfortunately we can not compile the code in order to rewrite the part that shows this page. Is there any option to reference a flat html that shows other content?

Thank you!

[zandbelt]

No, not at this point, that's what this enhancement issue is about.

[jamateo]

Yep,

I see, are you thinking about it?

Thanks!

Regards

[zandbelt]

Prioritizing it would require a commercial discussion.

[jamateo]

Ok!

Thanks a lot :)

Regards

[ajuvercr]

Bump, is there any new information about this?

[zandbelt]

nope, PRs or funding are welcome...

[spiazzi]

Hi all,  

Hi, let me propose a change like this to read from config file a path of an html/js taken from a path, instead of a hardcoded js:

#include <http_config.h>
#include <apr_file_io.h>

/*
* Function to generate HTML/JavaScript code from a file specified in the configuration
*/
static apr_byte_t generate_javascript_from_config(request_rec *r, const char *location, char **javascript, char **javascript_method) {
   if (oidc_cfg_dir_preserve_post(r) == 0)
       return FALSE;

   oidc_debug(r, "enter");

   oidc_cfg *cfg = ap_get_module_config(r->server->module_config, &auth_openidc_module);

   const char *method = oidc_original_request_method(r, cfg, FALSE);

   if (_oidc_strcmp(method, OIDC_METHOD_FORM_POST) != 0)
       return FALSE;

   /* Get the path to the JavaScript file from the configuration */
   const char *javascript_file_path = oidc_get_javascript_file_path(r);
   if (!javascript_file_path) {
       oidc_error(r, "JavaScript file path not defined in configuration");
       return FALSE;
   }

   /* Open the JavaScript file */
   apr_status_t rv;
   apr_file_t *javascript_file;
   rv = apr_file_open(&javascript_file, javascript_file_path, APR_READ, APR_OS_DEFAULT, r->pool);
   if (rv != APR_SUCCESS) {
       oidc_error(r, "Failed to open JavaScript file");
       return FALSE;
   }

   /* Read the content of the JavaScript file */
   char *jscript_content;
   rv = apr_file_read_full(javascript_file, jscript_content, -1, NULL);
   if (rv != APR_SUCCESS) {
       apr_file_close(javascript_file);
       oidc_error(r, "Failed to read JavaScript file");
       return FALSE;
   }

   /* Close the JavaScript file */
   apr_file_close(javascript_file);

   const char *jmethod = "preserveOnLoad";
   const char *jscript = jscript_content;

   if (location == NULL) {
       if (javascript_method)
           *javascript_method = apr_pstrdup(r->pool, jmethod);
       if (javascript)
           *javascript = apr_pstrdup(r->pool, jscript);
   } else {
       oidc_util_html_send(r, "Preserving...", jscript, jmethod, "<p>Preserving...</p>", OK);
   }

   return TRUE;
}

/*
* Function to get the path to the JavaScript file from the configuration
*/
static const char *oidc_get_javascript_file_path(request_rec *r) {
   oidc_cfg *cfg = ap_get_module_config(r->server->module_config, &auth_openidc_module);

   const char *javascript_file_path = cfg->javascript_file_path;

   if (!javascript_file_path || *javascript_file_path == '\0') {
       return NULL;
   }

   return ap_server_root_relative(r->pool, javascript_file_path);
}

It seems quite simple to achive - what do you think?

[zandbelt]

sure, please test and submit as a PR and we'll take it from there