Annotation of loncom/interface/lonexttool.pm, revision 1.6
1.1 raeburn 1: # The LearningOnline Network with CAPA
2: # Launch External Tool Provider (LTI)
3: #
1.6 ! raeburn 4: # $Id: lonexttool.pm,v 1.5 2017/11/30 01:52:14 raeburn Exp $
1.1 raeburn 5: #
6: # Copyright Michigan State University Board of Trustees
7: #
8: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
9: #
10: # LON-CAPA is free software; you can redistribute it and/or modify
11: # it under the terms of the GNU General Public License as published by
12: # the Free Software Foundation; either version 2 of the License, or
13: # (at your option) any later version.
14: #
15: # LON-CAPA is distributed in the hope that it will be useful,
16: # but WITHOUT ANY WARRANTY; without even the implied warranty of
17: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18: # GNU General Public License for more details.
19: #
20: # You should have received a copy of the GNU General Public License
21: # along with LON-CAPA; if not, write to the Free Software
22: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23: #
24: # /home/httpd/html/adm/gpl.txt
25: #
26: # http://www.lon-capa.org/
27: #
28:
29: =pod
30:
31: =head1 NAME
32:
33: Apache::lonexttool - Tool Provider launcher
34:
35: =head1 SYNOPSIS
36:
37:
38: =head1 OVERVIEW
39:
40: =cut
41:
42: package Apache::lonexttool;
43:
44: use strict;
45: use Apache::Constants qw(:common :http);
46: use Net::OAuth;
47: use Encode;
48: use Digest::SHA;
1.6 ! raeburn 49: use UUID::Tiny ':std';
1.1 raeburn 50: use HTML::Entities;
51: use Apache::lonlocal;
52: use Apache::lonnet;
53: use Apache::loncommon;
54:
55: sub handler {
56: my $r=shift;
57: &Apache::loncommon::content_type($r,'text/html');
58: $r->send_http_header;
59:
60: return OK if $r->header_only;
61:
62: my $target=$env{'form.grade_target'};
63: # ------------------------------------------------------------ Print the screen
64: if ($target eq 'tex') {
65: $r->print(&Apache::lonprintout::print_latex_header($env{'form.latex_type'}));
66: }
67:
68: # Is this even in a course?
69: unless ($env{'request.course.id'}) {
70: if ($target ne 'tex') {
71: &Apache::loncommon::simple_error_page($r,'','Not in a course');
72: } else {
73: $r->print('\textbf{Not in a course}\end{document}');
74: }
75: return OK;
76: }
77:
1.3 raeburn 78: my ($marker,$exttool) = (split(m{/},$r->uri))[4,5];
1.1 raeburn 79: $marker=~s/\D//g;
80:
81: if (!$marker) {
82: if ($target ne 'tex') {
1.3 raeburn 83: $r->print(&mt('Invalid Call'));
1.1 raeburn 84: } else {
1.3 raeburn 85: $r->print('\textbf{'&mt('Invalid Call').'}\end{document}');
1.1 raeburn 86: }
87: return OK;
88: }
89:
90: my $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'};
91: my $cnum = $env{'course.'.$env{'request.course.id'}.'.num'};
92: my $chome = $env{'course.'.$env{'request.course.id'}.'.home'};
1.3 raeburn 93: my $is_tool;
1.1 raeburn 94:
1.3 raeburn 95: if ($r->uri eq "/adm/$cdom/$cnum/$marker/$exttool") {
96: my %toolsettings=&Apache::lonnet::dump('exttool_'.$marker,$cdom,$cnum);
97: if ($toolsettings{'id'}) {
1.6 ! raeburn 98: my $idx = $toolsettings{'id'};
1.3 raeburn 99: my %ltitools = &Apache::lonnet::get_domain_ltitools($cdom);
1.6 ! raeburn 100: if (ref($ltitools{$idx}) eq 'HASH') {
! 101: my %toolhash = %{$ltitools{$idx}};
1.3 raeburn 102: $toolhash{'display'} = {
103: target => $toolsettings{'target'},
104: width => $toolsettings{'width'},
105: height => $toolsettings{'height'},
106: };
1.4 raeburn 107: $toolhash{'crslabel'} = $toolsettings{'crslabel'};
108: $toolhash{'crstitle'} = $toolsettings{'crstitle'};
1.5 raeburn 109: $toolhash{'crsappend'} = $toolsettings{'crsappend'};
1.3 raeburn 110: $is_tool = 1;
1.6 ! raeburn 111: my $launchok = 1;
1.3 raeburn 112: if ($target eq 'tex') {
113: $r->print(&mt('External Tool'));
114: } else {
1.6 ! raeburn 115: my $now = time;
! 116: if ($toolhash{'passback'}) {
! 117: unless (&set_callback_secret($cdom,$cnum,$marker,'grade',$now,
! 118: \%toolsettings,\%toolhash) eq 'ok') {
! 119: undef($launchok);
! 120: }
! 121: }
! 122: if ($toolhash{'roster'}) {
! 123: &set_callback_secret($cdom,$cnum,$marker,'roster',$now,
! 124: \%toolsettings,\%toolhash);
! 125: }
1.3 raeburn 126: my $submittext = &mt('Launch [_1]',$toolhash{'title'});
1.6 ! raeburn 127: if (($toolhash{'key'} ne '') && ($toolhash{'secret'} ne '') &&
! 128: ($toolhash{'url'} ne '') && ($launchok)) {
! 129: my %lti = <i_params($r,$cnum,$cdom,$idx,$submittext,\%toolhash);
1.5 raeburn 130: my $url = $toolhash{'url'};
131: if ($toolhash{'crsappend'} ne '') {
132: $url .= $toolhash{'crsappend'};
133: }
134: $r->print(&launch_html($url,$toolhash{'key'},$toolhash{'secret'},
135: $submittext,\%lti));
1.3 raeburn 136: } else {
137: $r->print('<div>'.&mt('External Tool Unavailable').'</div>');
138: }
139: }
1.1 raeburn 140: }
141: }
1.3 raeburn 142: }
143: unless ($is_tool) {
1.1 raeburn 144: if ($target ne 'tex') {
1.3 raeburn 145: $r->print('<div>'.&mt('Invalid Call').'</div>');
1.1 raeburn 146: } else {
1.3 raeburn 147: $r->print('\textbf{'.&mt(Invalid Call).'}\end{document}');
1.1 raeburn 148: }
149: }
150: return OK;
151: }
152:
1.6 ! raeburn 153: sub set_callback_secret {
! 154: my ($cdom,$cnum,$marker,$name,$now,$toolsettings,$toolhash) = @_;
! 155: return unless ((ref($toolsettings) eq 'HASH') && (ref($toolhash) eq 'HASH'));
! 156: my $warning;
! 157: my ($needsnew,$oldsecret,$lifetime);
! 158: if ($name eq 'grade') {
! 159: $lifetime = $toolhash->{'passbackvalid'}
! 160: } elsif ($name eq 'roster') {
! 161: $lifetime = $toolhash->{'rostervalid'};
! 162: }
! 163: if ($toolsettings->{$name} eq '') {
! 164: $needsnew = 1;
! 165: } elsif (($toolsettings->{$name.'date'} + $lifetime) < $now) {
! 166: $oldsecret = $toolsettings->{$name.'secret'};
! 167: $needsnew = 1;
! 168: }
! 169: if ($needsnew) {
! 170: if (&get_tool_lock($cdom,$cnum,$marker,$now) eq 'ok') {
! 171: my $secret = UUID::Tiny::create_uuid_as_string(UUID_V4);
! 172: $toolhash->{$name.'secret'} = $secret;
! 173: my %secrethash = (
! 174: $name.'secret' => $secret,
! 175: $name.'secretdate' => $now,
! 176: );
! 177: if ($oldsecret ne '') {
! 178: $secrethash{'old'.$name.'secret'} = $oldsecret;
! 179: }
! 180: my $putres = &Apache::lonnet::put('exttool_'.$marker,
! 181: \%secrethash,$cdom,$cnum);
! 182: my $delresult = &release_tool_lock($cdom,$cnum,$marker);
! 183: if ($delresult ne 'ok') {
! 184: $warning = $delresult ;
! 185: }
! 186: if ($putres eq 'ok') {
! 187: return 'ok';
! 188: }
! 189: } else {
! 190: $warning = '<span class="LC_error">'.
! 191: &mt('Could not obtain exclusive lock').
! 192: '</span>';
! 193: }
! 194: } else {
! 195: $toolhash->{$name.'secret'} = $toolsettings->{$name.'secret'};
! 196: return 'ok';
! 197: }
! 198: return;
! 199: }
! 200:
1.1 raeburn 201: sub lti_params {
1.6 ! raeburn 202: my ($r,$cnum,$cdom,$idx,$submittext,$toolsref) = @_;
1.1 raeburn 203: my ($version,$context_type,$msgtype,$toolname,$passback,$roster,$locale,
1.6 ! raeburn 204: $crslabel,$crstitle,$gradesecret,$rostersecret,%fields,%rolesmap,
! 205: %display,%custom,@userlangs);
1.1 raeburn 206: if (ref($toolsref) eq 'HASH') {
207: $version = $toolsref->{'version'};
208: $toolname = $toolsref->{'title'};
209: $passback = $toolsref->{'passback'};
1.6 ! raeburn 210: $gradesecret = $toolsref->{'gradesecret'};
1.1 raeburn 211: $roster = $toolsref->{'roster'};
1.6 ! raeburn 212: $rostersecret = $toolsref->{'rostersecret'};
1.1 raeburn 213: $msgtype = $toolsref->{'messagetype'};
214: if (ref($toolsref->{'fields'}) eq 'HASH') {
215: %fields = %{$toolsref->{'fields'}};
216: }
217: if (ref($toolsref->{'roles'}) eq 'HASH') {
218: %rolesmap = %{$toolsref->{'roles'}};
219: }
220: if (ref($toolsref->{'display'}) eq 'HASH') {
221: %display = %{$toolsref->{'display'}};
222: }
223: if (ref($toolsref->{'custom'}) eq 'HASH') {
224: %custom = %{$toolsref->{'custom'}};
225: }
1.4 raeburn 226: $crslabel = $toolsref->{'crslabel'};
227: $crstitle = $toolsref->{'crstitle'};
1.1 raeburn 228: }
229: if ($version eq '') {
230: $version = 'LTI-1p0';
231: }
232: if ($context_type eq '') {
233: $context_type = 'CourseSection';
234: }
235: if ($msgtype eq '') {
236: $msgtype = 'basic-lti-launch-request';
237: }
1.4 raeburn 238: if ($crslabel eq '') {
239: $crslabel = $env{'course.'.$env{'request.course.id'}.'.internal.coursecode'},
240: }
241: if ($crstitle eq '') {
242: $crstitle = $env{'course.'.$env{'request.course.id'}.'.description'},;
243: }
1.1 raeburn 244: my $lonhost = $r->dir_config('lonHostID');
245: my $loncaparev = $r->dir_config('lonVersion');
246: my $uname = $env{'user.name'};
247: my $udom = $env{'user.domain'};
248: my @possroles = qw(Instructor ContentDeveloper TeachingAssistant Learner);
1.3 raeburn 249: my ($roleprefix) = ($env{'request.role'} =~ /^(\w+)\./);
250: my $ltirole = $rolesmap{$roleprefix};
1.1 raeburn 251: unless (grep(/^\Q$ltirole\E$/,@possroles)) {
252: $ltirole = 'Learner';
253: }
254: my $digest_user = &Encode::decode_utf8($uname.':'.$udom);
255: $digest_user = &Digest::SHA::sha1_hex($digest_user);
256: if ($env{'course.'.$env{'request.course.id'}.'.languages'} ne '') {
257: @userlangs=(@userlangs,split(/\s*(\,|\;|\:)\s*/,
258: $env{'course.'.$env{'request.course.id'}.'.languages'}));
259: } else {
1.2 raeburn 260: my %langhash = &Apache::loncommon::getlangs($uname,$udom);
1.1 raeburn 261: if ($langhash{'languages'} ne '') {
262: @userlangs = split(/\s*(\,|\;|\:)\s*/,$langhash{'languages'});
263: } else {
264: my %domdefs = &Apache::lonnet::get_domain_defaults($udom);
265: if ($domdefs{'lang_def'} ne '') {
266: @userlangs = ($domdefs{'lang_def'});
267: }
268: }
269: }
270: if (scalar(@userlangs) == 1) {
271: $locale = $userlangs[0];
272: }
273: my ($title,$digest_symb);
274: my ($symb) = &Apache::lonnet::whichuser();
275: if ($symb) {
276: $digest_symb = &Encode::decode_utf8($symb);
277: $digest_symb = &Digest::SHA::sha1_hex($digest_symb);
278: my $navmap = Apache::lonnavmaps::navmap->new();
279: if (ref($navmap)) {
280: my $res = $navmap->getBySymb($symb);
281: if (ref($res)) {
282: $title = $res->compTitle();
283: }
284: }
285: }
1.4 raeburn 286: my $domdesc = &Apache::lonnet::domain($cdom);
287: my $primary_id = &Apache::lonnet::domain($cdom,'primary');
288: my $int_dom = &Apache::lonnet::internet_dom($primary_id);
289: my $portal_url = &Apache::lonnet::course_portal_url($cnum,$cdom);
290:
1.1 raeburn 291: my %ltiparams = (
292: lti_version => $version,
293: lti_message_type => $msgtype,
294: resource_link_title => $title,
295: resource_link_id => $digest_symb,
296: tool_consumer_instance_guid => $lonhost,
1.4 raeburn 297: tool_consumer_instance_description => $domdesc,
1.1 raeburn 298: tool_consumer_info_product_family_code => 'loncapa',
1.4 raeburn 299: tool_consumer_instance_name => $int_dom,
300: tool_consumer_instance_url => $portal_url,
1.1 raeburn 301: tool_consumer_info_version => $loncaparev,
302: user_id => $digest_user,
303: roles => $ltirole,
304: context_id => $env{'request.course.id'},
305: context_type => $context_type,
1.4 raeburn 306: context_label => $crslabel,
307: context_title => $crstitle,
1.1 raeburn 308: launch_presentation_locale => $locale,
309: );
1.3 raeburn 310: my $crshome = $env{'course.'.$env{'request.course.id'}.'.home'};
311: my $crshostname = &Apache::lonnet::hostname($crshome);
1.1 raeburn 312: if ($crshostname) {
1.3 raeburn 313: my $crsprotocol = $Apache::lonnet::protocol{$crshome};
1.1 raeburn 314: unless ($crsprotocol eq 'https') {
315: $crsprotocol = 'http';
1.6 ! raeburn 316: }
! 317: if (($passback) || ($roster)) {
! 318: if ($passback) {
1.5 raeburn 319: $ltiparams{'lis_outcome_service_url'} = $crsprotocol.'//'.$crshostname.'/adm/service/passback';
1.1 raeburn 320: $ltiparams{'ext_ims_lis_basic_outcome_url'} = $ltiparams{'lis_outcome_service_url'};
1.6 ! raeburn 321: if ($gradesecret) {
! 322: my $result_sig =
! 323: Digest::SHA::sha1_hex($gradesecret.':::'.$digest_symb.':::'.$digest_user.':::'.$env{'request.course.id'});
! 324: $ltiparams{'lis_result_sourcedid'} =
! 325: $result_sig.':::'.$digest_symb.':::'.$digest_user.':::'.$env{'request.course.id'};
! 326: }
! 327: }
! 328: if ($roster) {
! 329: if (&Apache::lonnet::allowed('opa',$env{'request.course.id'})) {
! 330: $ltiparams{'ext_ims_lis_memberships_url'} = $crsprotocol.'//'.$crshostname.'/adm/service/roster';
! 331: if ($rostersecret) {
! 332: my $roster_sig = Digest::SHA::sha1_hex($gradesecret.':::'.$digest_symb.':::'.$env{'request.course.id'});
! 333: $ltiparams{'ext_ims_lis_memberships_id'} = $roster_sig.':::'.$digest_symb.':::'.$env{'request.course.id'};
! 334: }
! 335: }
! 336: }
! 337: my %digesthash;
! 338: if ($ltiparams{'lis_result_sourcedid'}) {
! 339: $digesthash{$ltiparams{'lis_result_sourcedid'}} = "$idx\0".time;
! 340: }
! 341: if ($ltiparams{'ext_ims_lis_memberships_id'}) {
! 342: $digesthash{$ltiparams{'ext_ims_lis_memberships_id'}} = "$idx\0".time;
1.1 raeburn 343: }
1.6 ! raeburn 344: if (($digest_symb) && ($gradesecret || $rostersecret)) {
! 345: $digesthash{$digest_symb} = $symb;
! 346: }
! 347: if (($passback) && ($gradesecret)) {
! 348: $digesthash{$digest_user} = $uname.':'.$udom;
! 349: }
! 350: if (keys(%digesthash)) {
! 351: &Apache::lonnet::put('exttools',\%digesthash,$cdom,$cnum);
1.1 raeburn 352: }
353: }
354: }
355: if ($display{'target'}) {
356: $ltiparams{'launch_presentation_document_target'} = $display{'target'};
357: }
358: if ($display{'width'}) {
359: $ltiparams{'launch_presentation_width'} = $display{'width'};
360: }
361: if ($display{'height'}) {
362: $ltiparams{'launch_presentation_height'} = $display{'height'};
363: }
364: if ($fields{'firstname'}) {
365: $ltiparams{'lis_person_name_given'} = $env{'environment.firstname'};
366: }
367: if ($fields{'lastname'}) {
368: $ltiparams{'lis_person_name_family'} = $env{'environment.lastname'};
369: }
370: if ($fields{'fullname'}) {
371: $ltiparams{'lis_person_name_full'} = &Apache::loncommon::plainname($uname,$udom);
372: }
373: if ($fields{'email'}) {
374: my %emails = &Apache::loncommon::getemails($uname,$udom);
375: my $contact_email;
1.3 raeburn 376: foreach my $type ('permanentemail','critnotification','notification') {
377: if ($emails{$type} =~ /\@/) {
378: $contact_email = $emails{$type};
1.1 raeburn 379: last;
380: }
381: }
1.2 raeburn 382: $ltiparams{'lis_person_contact_email_primary'} = $contact_email;
1.1 raeburn 383: }
1.4 raeburn 384: if ($fields{'user'}) {
1.6 ! raeburn 385: $ltiparams{'lis_person_sourcedid'} = $uname.':'.$udom;
1.4 raeburn 386: }
1.1 raeburn 387: if (keys(%custom)) {
388: foreach my $key (keys(%custom)) {
1.5 raeburn 389: my $value = $custom{$key};
390: $value =~ s/^\s+|\s+\$//g;
391: if ($value =~ /^\QLONCAPA::env{\E([^\}]+)\}$/) {
392: if (exists($env{$1})) {
393: $value = $env{$1};
394: }
395: }
396: $ltiparams{'custom_'.$key} = $value;
1.1 raeburn 397: }
398: }
399: foreach my $key (keys(%ltiparams)) {
400: $ltiparams{$key} = &Encode::decode_utf8($ltiparams{$key});
401: }
1.3 raeburn 402: $ltiparams{'basiclti_submit'} = $submittext;
1.1 raeburn 403: return %ltiparams;
404: }
405:
406: sub launch_html {
1.3 raeburn 407: my ($url,$key,$secret,$submittext,$paramsref) = @_;
1.1 raeburn 408: my $hashref = &sign_params($url,$key,$secret,$paramsref);
1.5 raeburn 409: my $action = &HTML::Entities::encode($url,'<>&"');
1.1 raeburn 410: my $form = <<"END";
411: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
412: <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
413: <body>
414: <div id="LCltiLaunch">
1.5 raeburn 415: <form name="LCltiLaunchForm" id="LCltiLaunchFormId" action="$action" method="post" encType="application/x-www-form-urlencoded">
1.1 raeburn 416: END
417: if (ref($hashref) eq 'HASH') {
418: foreach my $item (keys(%{$hashref})) {
1.3 raeburn 419: my $type = 'hidden';
420: if ($item eq 'basiclti_submit') {
421: $type = 'submit';
422: }
423: $form .= '<input type="'.$type.'" name="'.$item.'" value="'.$hashref->{$item}.'" id="id_'.$item.'" />'."\n";
1.1 raeburn 424: }
425: }
426: $form .= "</form></div>\n";
427: $form .= <<"ENDJS";
428: <script type="text/javascript">
429: document.getElementById("LCltiLaunch").style.display = "none";
430: nei = document.createElement('input');
431: nei.setAttribute('type','hidden');
1.3 raeburn 432: nei.setAttribute('name','basiclti_submit');
1.1 raeburn 433: nei.setAttribute('value','$submittext');
1.3 raeburn 434: document.getElementById("LCltiLaunchFormId").appendChild(nei);
1.1 raeburn 435: document.LCltiLaunchForm.submit();
436: </script>
437: ENDJS
438: $form .= "</body></html>\n";
439: return $form;
440: }
441:
442: sub sign_params {
443: my ($url,$key,$secret,$paramsref) = @_;
444: my $nonce = Digest::SHA::sha1_hex(sprintf("%06x%06x",rand(0xfffff0),rand(0xfffff0)));
1.6 ! raeburn 445:
1.1 raeburn 446: my $request = Net::OAuth->request("request token")->new(
447: consumer_key => $key,
448: consumer_secret => $secret,
449: request_url => $url,
450: request_method => 'POST',
451: signature_method => 'HMAC-SHA1',
452: timestamp => time,
453: nonce => $nonce,
454: callback => 'about:blank',
455: extra_params => $paramsref,
456: version => '1.0',
457: );
458: $request->sign;
459: return $request->to_hash();
460: }
461:
1.6 ! raeburn 462: sub get_tool_lock {
! 463: my ($cdom,$cnum,$marker,$now) = @_;
! 464: # get lock for tool for which gradesecret is being set
! 465: my $lockhash = {
! 466: $marker."\0".'lock' => $now.':'.$env{'user.name'}.
! 467: ':'.$env{'user.domain'},
! 468: };
! 469: my $tries = 0;
! 470: my $gotlock = &Apache::lonnet::newput('exttools',$lockhash,$cdom,$cnum);
! 471:
! 472: while (($gotlock ne 'ok') && $tries <3) {
! 473: $tries ++;
! 474: sleep(1);
! 475: $gotlock = &Apache::lonnet::newput('exttools',$lockhash,$cdom,$cnum);
! 476: }
! 477: return $gotlock;
! 478: }
! 479:
! 480: sub release_tool_lock {
! 481: my ($cdom,$cnum,$marker) = @_;
! 482: # remove lock
! 483: my @del_lock = ($marker."\0".'lock');
! 484: my $dellockoutcome=&Apache::lonnet::del('exttools',\@del_lock,$cdom,$cnum);
! 485: if ($dellockoutcome ne 'ok') {
! 486: return ('<div class="LC_error">'
! 487: .&mt('Warning: failed to release lock for exttool: [_1].','<tt>'.$marker.'</tt>')
! 488: .'</div>'
! 489: );
! 490: } else {
! 491: return 'ok';
! 492: }
! 493: }
! 494:
1.1 raeburn 495: 1;
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>