]> git.evergreen-ils.org Git - Evergreen.git/blob - Open-ILS/src/c-apps/oils_auth.c
projects / Evergreen.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Patch from Scott McKellar:
[Evergreen.git] / Open-ILS / src / c-apps / oils_auth.c
1 #include "opensrf/osrf_app_session.h"
2 #include "opensrf/osrf_application.h"
3 #include "opensrf/osrf_settings.h"
4 #include "opensrf/osrf_json.h"
5 #include "opensrf/log.h"
6 #include "openils/oils_utils.h"
7 #include "openils/oils_constants.h"
8 #include "openils/oils_event.h"
9
10 #define OILS_AUTH_CACHE_PRFX "oils_auth_"
11
12 #define MODULENAME "open-ils.auth"
13
14 #define OILS_AUTH_OPAC "opac"
15 #define OILS_AUTH_STAFF "staff"
16 #define OILS_AUTH_TEMP "temp"
17
18 int osrfAppInitialize();
19 int osrfAppChildInit();
20
21 static int _oilsAuthOPACTimeout = 0;
22 static int _oilsAuthStaffTimeout = 0;
23 static int _oilsAuthOverrideTimeout = 0;
24
25
26 int osrfAppInitialize() {
27
28         osrfLogInfo(OSRF_LOG_MARK, "Initializing Auth Server...");
29
30     /* load and parse the IDL */
31         if (!oilsInitIDL(NULL)) return 1; /* return non-zero to indicate error */
32
33         osrfAppRegisterMethod( 
34                 MODULENAME, 
35                 "open-ils.auth.authenticate.init", 
36                 "oilsAuthInit", 
37                 "Start the authentication process and returns the intermediate authentication seed"
38                 " PARAMS( username )", 1, 0 );
39
40         osrfAppRegisterMethod( 
41                 MODULENAME, 
42                 "open-ils.auth.authenticate.complete", 
43                 "oilsAuthComplete", 
44                 "Completes the authentication process.  Returns an object like so: "
45                 "{authtoken : <token>, authtime:<time>}, where authtoken is the login "
46                 "token and authtime is the number of seconds the session will be active"
47                 "PARAMS(username, md5sum( seed + password ), type, org_id ) "
48                 "type can be one of 'opac','staff', or 'temp' and it defaults to 'staff' "
49                 "org_id is the location at which the login should be considered "
50                 "active for login timeout purposes"     , 1, 0 );
51
52         osrfAppRegisterMethod( 
53                 MODULENAME, 
54                 "open-ils.auth.session.retrieve", 
55                 "oilsAuthSessionRetrieve", 
56                 "Pass in the auth token and this retrieves the user object.  The auth "
57                 "timeout is reset when this call is made "
58                 "Returns the user object (password blanked) for the given login session "
59                 "PARAMS( authToken )", 1, 0 );
60
61         osrfAppRegisterMethod( 
62                 MODULENAME, 
63                 "open-ils.auth.session.delete", 
64                 "oilsAuthSessionDelete", 
65                 "Destroys the given login session "
66                 "PARAMS( authToken )",  1, 0 );
67
68         osrfAppRegisterMethod(
69                 MODULENAME,
70                 "open-ils.auth.session.reset_timeout",
71                 "oilsAuthResetTimeout",
72                 "Resets the login timeout for the given session "
73                 "Returns an ILS Event with payload = session_timeout of session "
74                 "if found, otherwise returns the NO_SESSION event"
75                 "PARAMS( authToken )", 1, 0 );
76
77         return 0;
78 }
79
80 int osrfAppChildInit() {
81         return 0;
82 }
83
84 int oilsAuthInit( osrfMethodContext* ctx ) {
85         OSRF_METHOD_VERIFY_CONTEXT(ctx); 
86
87         jsonObject* resp;
88
89         char* username = NULL;
90         char* seed              = NULL;
91         char* md5seed   = NULL;
92         char* key               = NULL;
93
94         if( (username = jsonObjectToSimpleString(jsonObjectGetIndex(ctx->params, 0))) ) {
95
96                 if( strchr( username, ' ' ) ) {
97
98                         /* spaces are not allowed */
99                         resp = jsonNewObject("x");       /* 'x' will never be a valid seed */
100                         osrfAppRespondComplete( ctx, resp );
101
102                 } else {
103
104                         seed = va_list_to_string( "%d.%ld.%s", time(NULL), (long) getpid(), username );
105                         key = va_list_to_string( "%s%s", OILS_AUTH_CACHE_PRFX, username );
106         
107                         md5seed = md5sum(seed);
108                         osrfCachePutString( key, md5seed, 30 );
109         
110                         osrfLogDebug( OSRF_LOG_MARK, "oilsAuthInit(): has seed %s and key %s", md5seed, key );
111         
112                         resp = jsonNewObject(md5seed);  
113                         osrfAppRespondComplete( ctx, resp );
114         
115                         free(seed);
116                         free(md5seed);
117                         free(key);
118                 }
119
120                 jsonObjectFree(resp);
121                 free(username);
122                 return 0;
123         }
124
125         return -1;
126 }
127
128 /** Verifies that the user has permission to login with the 
129  * given type.  If the permission fails, an oilsEvent is returned
130  * to the caller.
131  * @return -1 if the permission check failed, 0 if ther permission
132  * is granted
133  */
134 static int oilsAuthCheckLoginPerm( 
135                 osrfMethodContext* ctx, const jsonObject* userObj, const char* type ) {
136
137         if(!(userObj && type)) return -1;
138         oilsEvent* perm = NULL;
139
140         if(!strcasecmp(type, OILS_AUTH_OPAC)) {
141                 char* permissions[] = { "OPAC_LOGIN" };
142                 perm = oilsUtilsCheckPerms( oilsFMGetObjectId( userObj ), -1, permissions, 1 );
143
144         } else if(!strcasecmp(type, OILS_AUTH_STAFF)) {
145                 char* permissions[] = { "STAFF_LOGIN" };
146                 perm = oilsUtilsCheckPerms( oilsFMGetObjectId( userObj ), -1, permissions, 1 );
147
148         } else if(!strcasecmp(type, OILS_AUTH_TEMP)) {
149                 char* permissions[] = { "STAFF_LOGIN" };
150                 perm = oilsUtilsCheckPerms( oilsFMGetObjectId( userObj ), -1, permissions, 1 );
151         }
152
153         if(perm) {
154                 osrfAppRespondComplete( ctx, oilsEventToJSON(perm) ); 
155                 oilsEventFree(perm);
156                 return -1;
157         }
158
159         return 0;
160 }
161
162 /**
163  * Returns 1 if the password provided matches the user's real password
164  * Returns 0 otherwise
165  * Returns -1 on error
166  */
167 static int oilsAuthVerifyPassword( const osrfMethodContext* ctx,
168                 const jsonObject* userObj, const char* uname, const char* password ) {
169
170         int ret = 0;
171         char* realPassword = oilsFMGetString( userObj, "passwd" ); /**/
172         char* seed = osrfCacheGetString( "%s%s", OILS_AUTH_CACHE_PRFX, uname ); /**/
173
174         if(!seed) {
175                 free(realPassword);
176                 return osrfAppRequestRespondException( ctx->session,
177                         ctx->request, "No authentication seed found. "
178                         "open-ils.auth.authenticate.init must be called first");
179         }
180
181         osrfLogInternal(OSRF_LOG_MARK, "oilsAuth retrieved real password: [%s]", realPassword);
182         osrfLogDebug(OSRF_LOG_MARK,  "oilsAuth retrieved seed from cache: %s", seed );
183         char* maskedPw = md5sum( "%s%s", seed, realPassword );
184         if(!maskedPw) {
185                 free(realPassword);
186                 free(seed);
187                 return -1;
188         }
189         osrfLogDebug(OSRF_LOG_MARK,  "oilsAuth generated masked password %s. "
190                         "Testing against provided password %s", maskedPw, password );
191
192         if( !strcmp( maskedPw, password ) ) ret = 1;
193
194         free(realPassword);
195         free(seed);
196         free(maskedPw);
197
198         return ret;
199 }
200
201 /**
202  * Calculates the login timeout
203  * 1. If orgloc is 1 or greater and has a timeout specified as an 
204  * org unit setting, it is used
205  * 2. If orgloc is not valid, we check the org unit auth timeout 
206  * setting for the home org unit of the user logging in
207  * 3. If that setting is not defined, we use the configured defaults
208  */
209 static double oilsAuthGetTimeout( const jsonObject* userObj, const char* type, double orgloc ) {
210
211         if(!_oilsAuthOPACTimeout) { /* Load the default timeouts */
212
213                 jsonObject* value_obj;
214
215                 value_obj = osrf_settings_host_value_object(
216                         "/apps/open-ils.auth/app_settings/default_timeout/opac" );
217                 _oilsAuthOPACTimeout = jsonObjectGetNumber(value_obj);
218                 jsonObjectFree(value_obj);
219
220                 value_obj = osrf_settings_host_value_object(
221                         "/apps/open-ils.auth/app_settings/default_timeout/staff" );
222                 _oilsAuthStaffTimeout = jsonObjectGetNumber(value_obj);
223                 jsonObjectFree(value_obj);
224
225                 value_obj = osrf_settings_host_value_object(
226                                 "/apps/open-ils.auth/app_settings/default_timeout/temp" );
227                 _oilsAuthOverrideTimeout = jsonObjectGetNumber(value_obj);
228                 jsonObjectFree(value_obj);
229
230
231                 osrfLogInfo(OSRF_LOG_MARK, "Set default auth timetouts: opac => %d : staff => %d : temp => %d",
232                                 _oilsAuthOPACTimeout, _oilsAuthStaffTimeout, _oilsAuthOverrideTimeout );
233         }
234
235         char* setting = NULL;
236
237         double home_ou = jsonObjectGetNumber( oilsFMGetObject( userObj, "home_ou" ) );
238         if(orgloc < 1) orgloc = (int) home_ou;
239
240         if(!strcmp(type, OILS_AUTH_OPAC)) 
241                 setting = OILS_ORG_SETTING_OPAC_TIMEOUT;
242         else if(!strcmp(type, OILS_AUTH_STAFF)) 
243                 setting = OILS_ORG_SETTING_STAFF_TIMEOUT;
244         else if(!strcmp(type, OILS_AUTH_TEMP)) 
245                 setting = OILS_ORG_SETTING_TEMP_TIMEOUT;
246
247         char* timeout = oilsUtilsFetchOrgSetting( orgloc, setting );
248
249         if(!timeout) {
250                 if( orgloc != home_ou ) {
251                         osrfLogDebug(OSRF_LOG_MARK, "Auth timeout not defined for org %d, "
252                                                                 "trying home_ou %d", orgloc, home_ou );
253                         timeout = oilsUtilsFetchOrgSetting( (int) home_ou, setting );
254                 }
255                 if(!timeout) {
256                         if(!strcmp(type, OILS_AUTH_STAFF)) return _oilsAuthStaffTimeout;
257                         if(!strcmp(type, OILS_AUTH_TEMP)) return _oilsAuthOverrideTimeout;
258                         return _oilsAuthOPACTimeout;
259                 }
260         }
261
262         double t = atof(timeout);
263         free(timeout);
264         return t ;
265 }
266
267 /* Adds the authentication token to the user cache.  The timeout for the 
268  * auth token is based on the type of login as well as (if type=='opac') 
269  * the org location id.
270  * Returns the event that should be returned to the user.  
271  * Event must be freed
272  */
273 static oilsEvent* oilsAuthHandleLoginOK( jsonObject* userObj, const char* uname,
274                 const char* type, double orgloc, const char* workstation ) {
275                 
276         oilsEvent* response;
277
278         double timeout;
279         char* wsorg = jsonObjectToSimpleString(oilsFMGetObject(userObj, "ws_ou"));
280         if(wsorg) { /* if there is a workstation, use it for the timeout */
281                 osrfLogDebug( OSRF_LOG_MARK, 
282                                 "Auth session trying workstation id %d for auth timeout", atoi(wsorg));
283                 timeout = oilsAuthGetTimeout( userObj, type, atoi(wsorg) );
284                 free(wsorg);
285         } else {
286                 osrfLogDebug( OSRF_LOG_MARK, 
287                                 "Auth session trying org from param [%d] for auth timeout", orgloc );
288                 timeout = oilsAuthGetTimeout( userObj, type, orgloc );
289         }
290         osrfLogDebug(OSRF_LOG_MARK, "Auth session timeout for %s: %f", uname, timeout );
291
292         char* string = va_list_to_string( 
293                         "%d.%ld.%s", (long) getpid(), time(NULL), uname ); 
294         char* authToken = md5sum(string); 
295         char* authKey = va_list_to_string( 
296                         "%s%s", OILS_AUTH_CACHE_PRFX, authToken ); 
297
298         const char* ws = (workstation) ? workstation : "";
299         osrfLogActivity(OSRF_LOG_MARK,  
300                 "successful login: username=%s, authtoken=%s, workstation=%s", uname, authToken, ws );
301
302         oilsFMSetString( userObj, "passwd", "" );
303         jsonObject* cacheObj = jsonParseStringFmt("{\"authtime\": %f}", timeout);
304         jsonObjectSetKey( cacheObj, "userobj", jsonObjectClone(userObj));
305
306         osrfCachePutObject( authKey, cacheObj, timeout ); 
307         jsonObjectFree(cacheObj);
308         osrfLogInternal(OSRF_LOG_MARK, "oilsAuthComplete(): Placed user object into cache");
309         jsonObject* payload = jsonParseStringFmt(
310                 "{ \"authtoken\": \"%s\", \"authtime\": %f }", authToken, timeout );
311
312         response = oilsNewEvent2( OSRF_LOG_MARK, OILS_EVENT_SUCCESS, payload );
313         free(string); free(authToken); free(authKey);
314         jsonObjectFree(payload);
315
316         return response;
317 }
318
319 static oilsEvent* oilsAuthVerifyWorkstation( 
320                 const osrfMethodContext* ctx, jsonObject* userObj, const char* ws ) {
321         osrfLogInfo(OSRF_LOG_MARK, "Attaching workstation to user at login: %s", ws);
322         jsonObject* workstation = oilsUtilsFetchWorkstationByName(ws);
323         if(!workstation) return oilsNewEvent(OSRF_LOG_MARK, "WORKSTATION_NOT_FOUND");
324         long wsid = oilsFMGetObjectId(workstation);
325         LONG_TO_STRING(wsid);
326         char* orgid = oilsFMGetString(workstation, "owning_lib");
327         oilsFMSetString(userObj, "wsid", LONGSTR);
328         oilsFMSetString(userObj, "ws_ou", orgid);
329         free(orgid);
330         jsonObjectFree(workstation);
331         return NULL;
332 }
333
334
335
336 /* see if the card used to login is marked as barred */
337 static oilsEvent* oilsAuthCheckCard( const char* barcode ) {
338         if(!barcode) return NULL;
339         osrfLogDebug(OSRF_LOG_MARK, "Checking to see if barcode %s is active", barcode);
340
341         jsonObject* params = jsonParseStringFmt("{\"barcode\":\"%s\"}", barcode);
342         jsonObject* card = oilsUtilsQuickReq(
343                 "open-ils.cstore", "open-ils.cstore.direct.actor.card.search", params );
344         jsonObjectFree(params);
345
346         char* active = oilsFMGetString(card, "active");
347         jsonObjectFree(card);
348
349         oilsEvent* return_event = NULL;
350         if( ! oilsUtilsIsDBTrue(active) ) {
351                 osrfLogInfo(OSRF_LOG_MARK, "barcode %s is not active, returning event", barcode);
352                 return_event = oilsNewEvent(OSRF_LOG_MARK, "PATRON_CARD_INACTIVE");
353         }
354
355         free(active);
356         return return_event;
357 }
358
359
360
361 int oilsAuthComplete( osrfMethodContext* ctx ) {
362         OSRF_METHOD_VERIFY_CONTEXT(ctx); 
363
364         const jsonObject* args  = jsonObjectGetIndex(ctx->params, 0);
365
366         const char* uname               = jsonObjectGetString(jsonObjectGetKeyConst(args, "username"));
367         const char* password    = jsonObjectGetString(jsonObjectGetKeyConst(args, "password"));
368         const char* type                = jsonObjectGetString(jsonObjectGetKeyConst(args, "type"));
369         double orgloc                   = jsonObjectGetNumber(jsonObjectGetKeyConst(args, "org"));
370         const char* workstation = jsonObjectGetString(jsonObjectGetKeyConst(args, "workstation"));
371         char* barcode                   = jsonObjectToSimpleString(jsonObjectGetKeyConst(args, "barcode"));
372
373         const char* ws = (workstation) ? workstation : "";
374
375
376         if(!type) type = OILS_AUTH_STAFF;
377
378         if( !( (uname || barcode) && password) ) {
379                 free(barcode);
380                 return osrfAppRequestRespondException( ctx->session, ctx->request, 
381                         "username/barcode and password required for method: %s", ctx->method->name );
382         }
383
384         oilsEvent* response = NULL;
385         jsonObject* userObj = NULL;
386
387         if(uname) userObj = oilsUtilsFetchUserByUsername( uname ); 
388         else if(barcode) userObj = oilsUtilsFetchUserByBarcode( barcode );
389         
390         if(!userObj) { 
391                 response = oilsNewEvent( OSRF_LOG_MARK, OILS_EVENT_AUTH_FAILED );
392                 osrfLogInfo(OSRF_LOG_MARK,  "failed login: username=%s, barcode=%s, workstation=%s", uname, barcode, ws );
393                 osrfAppRespondComplete( ctx, oilsEventToJSON(response) ); 
394                 oilsEventFree(response);
395                 free(barcode);
396                 return 0;
397         }
398
399         /* first let's see if they have the right credentials */
400         int passOK = -1;
401         if(uname) passOK = oilsAuthVerifyPassword( ctx, userObj, uname, password );
402         else if (barcode) 
403                 passOK = oilsAuthVerifyPassword( ctx, userObj, barcode, password );
404
405         if( passOK < 0 ) {
406                 jsonObjectFree(userObj);
407                 free(barcode);
408                 return passOK;
409         }
410
411         /* first see if their account is inactive */
412         char* active = oilsFMGetString(userObj, "active");
413         if( !oilsUtilsIsDBTrue(active) ) {
414                 response = oilsNewEvent(OSRF_LOG_MARK, "PATRON_INACTIVE");
415                 osrfAppRespondComplete( ctx, oilsEventToJSON(response) ); 
416                 oilsEventFree(response);
417                 jsonObjectFree(userObj);
418                 free(barcode);
419                 free(active);
420                 return 0;
421         }
422         free(active);
423
424         /* then see if the barcode they used is active */
425         if( barcode && ctx && userObj && (response = oilsAuthCheckCard( barcode )) ) {
426                 osrfAppRespondComplete( ctx, oilsEventToJSON(response) ); 
427                 oilsEventFree(response);
428                 jsonObjectFree(userObj);
429                 free(barcode);
430                 return 0;
431         }
432
433
434         /* check to see if the user is even allowed to login */
435         if( oilsAuthCheckLoginPerm( ctx, userObj, type ) == -1 ) {
436                 jsonObjectFree(userObj);
437                 free(barcode);
438                 return 0;
439         }
440         
441
442         /* if a workstation is defined, flesh the user with the workstation info */
443         if( workstation != NULL ) {
444                 osrfLogDebug(OSRF_LOG_MARK, "Workstation is %s", workstation);
445                 response = oilsAuthVerifyWorkstation( ctx, userObj, workstation );
446                 if(response) {
447                         jsonObjectFree(userObj);
448                         osrfAppRespondComplete( ctx, oilsEventToJSON(response) ); 
449                         oilsEventFree(response);
450                         free(barcode);
451                         return 0;
452                 }
453
454         } else {
455                 /* otherwise, use the home org as the workstation org on the user */
456                 char* orgid = oilsFMGetString(userObj, "home_ou");
457                 oilsFMSetString(userObj, "ws_ou", orgid);
458                 free(orgid);
459         }
460
461         char* freeable_uname = NULL;
462         if(!uname) {
463                 uname = freeable_uname = oilsFMGetString( userObj, "usrname" );
464         }
465
466         if( passOK ) {
467                 response = oilsAuthHandleLoginOK( userObj, uname, type, orgloc, workstation );
468
469         } else {
470                 response = oilsNewEvent( OSRF_LOG_MARK, OILS_EVENT_AUTH_FAILED );
471                 osrfLogInfo(OSRF_LOG_MARK,  "failed login: username=%s, barcode=%s, workstation=%s", uname, barcode, ws );
472         }
473
474         jsonObjectFree(userObj);
475         osrfAppRespondComplete( ctx, oilsEventToJSON(response) ); 
476         oilsEventFree(response);
477         free(barcode);
478
479         if(freeable_uname) free(freeable_uname);
480
481         return 0;
482 }
483
484
485
486 int oilsAuthSessionDelete( osrfMethodContext* ctx ) {
487         OSRF_METHOD_VERIFY_CONTEXT(ctx); 
488
489         const char* authToken = jsonObjectGetString( jsonObjectGetIndex(ctx->params, 0) );
490         jsonObject* resp = NULL;
491
492         if( authToken ) {
493                 osrfLogDebug(OSRF_LOG_MARK, "Removing auth session: %s", authToken );
494                 char* key = va_list_to_string("%s%s", OILS_AUTH_CACHE_PRFX, authToken ); /**/
495                 osrfCacheRemove(key);
496                 resp = jsonNewObject(authToken); /**/
497                 free(key);
498         }
499
500         osrfAppRespondComplete( ctx, resp );
501         jsonObjectFree(resp);
502         return 0;
503 }
504
505 /** Resets the auth login timeout
506  * @return The event object, OILS_EVENT_SUCCESS, or OILS_EVENT_NO_SESSION
507  */
508 static oilsEvent*  _oilsAuthResetTimeout( const char* authToken ) {
509         if(!authToken) return NULL;
510
511         oilsEvent* evt = NULL;
512         double timeout;
513
514         osrfLogDebug(OSRF_LOG_MARK, "Resetting auth timeout for session %s", authToken);
515         char* key = va_list_to_string("%s%s", OILS_AUTH_CACHE_PRFX, authToken ); 
516         jsonObject* cacheObj = osrfCacheGetObject( key ); 
517
518         if(!cacheObj) {
519                 osrfLogInfo(OSRF_LOG_MARK, "No user in the cache exists with key %s", key);
520                 evt = oilsNewEvent(OSRF_LOG_MARK, OILS_EVENT_NO_SESSION);
521
522         } else {
523
524                 timeout = jsonObjectGetNumber( jsonObjectGetKeyConst( cacheObj, "authtime"));
525                 osrfCacheSetExpire( timeout, key );
526                 jsonObject* payload = jsonNewNumberObject(timeout);
527                 evt = oilsNewEvent2(OSRF_LOG_MARK, OILS_EVENT_SUCCESS, payload);
528                 jsonObjectFree(payload);
529                 jsonObjectFree(cacheObj);
530         }
531
532         free(key);
533         return evt;
534 }
535
536 int oilsAuthResetTimeout( osrfMethodContext* ctx ) {
537         OSRF_METHOD_VERIFY_CONTEXT(ctx); 
538         const char* authToken = jsonObjectGetString( jsonObjectGetIndex(ctx->params, 0));
539         oilsEvent* evt = _oilsAuthResetTimeout(authToken);
540         osrfAppRespondComplete( ctx, oilsEventToJSON(evt) );
541         oilsEventFree(evt);
542         return 0;
543 }
544
545
546 int oilsAuthSessionRetrieve( osrfMethodContext* ctx ) {
547         OSRF_METHOD_VERIFY_CONTEXT(ctx); 
548
549         const char* authToken = jsonObjectGetString( jsonObjectGetIndex(ctx->params, 0));
550         jsonObject* cacheObj = NULL;
551         oilsEvent* evt = NULL;
552
553         if( authToken ){
554
555                 evt = _oilsAuthResetTimeout(authToken);
556
557                 if( evt && strcmp(evt->event, OILS_EVENT_SUCCESS) ) {
558                         osrfAppRespondComplete( ctx, oilsEventToJSON(evt) );
559
560                 } else {
561
562                         osrfLogDebug(OSRF_LOG_MARK, "Retrieving auth session: %s", authToken);
563                         char* key = va_list_to_string("%s%s", OILS_AUTH_CACHE_PRFX, authToken ); 
564                         cacheObj = osrfCacheGetObject( key ); 
565                         if(cacheObj) {
566                                 osrfAppRespondComplete( ctx, jsonObjectGetKeyConst( cacheObj, "userobj"));
567                                 jsonObjectFree(cacheObj);
568                         } else {
569                                 oilsEvent* evt2 = oilsNewEvent(OSRF_LOG_MARK, OILS_EVENT_NO_SESSION);
570                                 osrfAppRespondComplete( ctx, oilsEventToJSON(evt2) ); /* should be event.. */
571                                 oilsEventFree(evt2);
572                         }
573                         free(key);
574                 }
575
576         } else {
577
578                 evt = oilsNewEvent(OSRF_LOG_MARK, OILS_EVENT_NO_SESSION);
579                 osrfAppRespondComplete( ctx, oilsEventToJSON(evt) );
580         }
581
582         if(evt)
583                 oilsEventFree(evt);
584
585         return 0;
586 }
587
588
589
Evergreen ILS