[BACK]Return to lond CVS log [TXT] [DIR] Up to [LON-CAPA] / loncom

Diff for /loncom/lond between versions 1.576 and 1.579

version 1.576, 2022/07/25 23:31:40 version 1.579, 2023/06/07 14:21:52
Line 306  my %trust = ( Line 306  my %trust = (
                servertimezone => {remote => 1, enroll => 1},                 servertimezone => {remote => 1, enroll => 1},
                setannounce => {remote => 1, domroles => 1},                 setannounce => {remote => 1, domroles => 1},
                sethost => {anywhere => 1},                 sethost => {anywhere => 1},
                  signlti => {remote => 1},
                store => {remote => 1, enroll => 1, reqcrs => 1,},                 store => {remote => 1, enroll => 1, reqcrs => 1,},
                studentphoto => {remote => 1, enroll => 1},                 studentphoto => {remote => 1, enroll => 1},
                sub => {content => 1,},                 sub => {content => 1,},
Line 5264  sub encrypted_get_domain_handler { Line 5265  sub encrypted_get_domain_handler {
 #   0       - Exit.  #   0       - Exit.
 #  Side effects:  #  Side effects:
 #     The reply will contain an LTI itemID, if the signed LTI payload  #     The reply will contain an LTI itemID, if the signed LTI payload
 #     could be verified using the consumer key and the shared secret   #     could be verified using the consumer key and the shared secret
 #     available for that key (for the itemID) for either the course or domain,   #     available for that key (for the itemID) for either the course or domain,
 #     depending on values for cnum and context. The reply is encrypted before   #     depending on values for cnum and context. The reply is encrypted before
 #     being written to $client.  #     being written to $client.
 #  #
 sub lti_handler {  sub lti_handler {
Line 5307  sub lti_handler { Line 5308  sub lti_handler {
 &register_handler("lti", \&lti_handler, 1, 1, 0);  &register_handler("lti", \&lti_handler, 1, 1, 0);
   
 #  #
   # Data for LTI payload (received encrypted) are unencrypted and
   # then signed with the appropriate key and secret, before re-encrypting
   # the signed payload which is sent to the client for unencryption by
   # the caller: lonnet::sign_lti()) before dispatch either to a web browser
   # (launch) or to a remote web service (roster, logout, or grade).  
   #
   # Parameters:
   #   $cmd             - Command request keyword (signlti).
   #   $tail            - Tail of the command.  This is a colon-separated list
   #                      consisting of the domain, coursenum (if for an External
   #                      Tool defined in a course), crsdef (true if defined in
   #                      a course), type (linkprot or lti)
   #                      context (launch, roster, logout, or grade),
   #                      escaped launch URL, numeric ID of external tool,
   #                      version number for encryption key (if tool's LTI secret was
   #                      encrypted before storing), a frozen hash of LTI launch 
   #                      parameters, and a frozen hash of LTI information,
   #                      (e.g., method => 'HMAC-SHA1',
   #                             respfmt => 'to_authorization_header').
   #   $client          - File descriptor open on the client.
   # Returns:
   #   1       - Continue processing.
   #   0       - Exit.
   #  Side effects:
   #     The reply will contain the LTI payload, as & separated key=value pairs,
   #     where value is itself a frozen hash, if the required key and secret
   #     for the specific tool ID are available. The payload data are retrieved from
   #     a call to Lond::sign_lti_payload(), and the reply is encrypted before being
   #     written to $client.
   #
   sub sign_lti_handler {
       my ($cmd, $tail, $client) = @_;
   
       my $userinput = "$cmd:$tail";
   
       my ($cdom,$cnum,$crsdef,$type,$context,$escurl,
           $ltinum,$keynum,$paramsref,$inforef) = split(/:/,$tail);
       my $url = &unescape($escurl);
       my $params = &Apache::lonnet::thaw_unescape($paramsref);
       my $info = &Apache::lonnet::thaw_unescape($inforef);
       my $res =
           &LONCAPA::Lond::sign_lti_payload($cdom,$cnum,$crsdef,$type,$context,$url,$ltinum,
                                            $keynum,$perlvar{'lonVersion'},$params,$info);
       my $result;
       if (ref($res) eq 'HASH') {
           foreach my $key (keys(%{$res})) {
               $result .= &escape($key).'='.&Apache::lonnet::freeze_escape($res->{$key}).'&';
           }
           $result =~ s/\&$//;
       } else {
           $result = $res;
       }
       if ($result =~ /^error:/) {
           &Failure($client, \$result, $userinput);
       } else {
           if ($cipher) {
               my $cmdlength=length($result);
               $result.="         ";
               my $encres='';
               for (my $encidx=0;$encidx<=$cmdlength;$encidx+=8) {
                   $encres.= unpack("H16",
                                    $cipher->encrypt(substr($result,
                                                            $encidx,
                                                            8)));
               }
               &Reply( $client,"enc:$cmdlength:$encres\n",$userinput);
           } else {
               &Failure( $client, "error:no_key\n",$userinput);
           }
       }
       return 1;
   }
   &register_handler("signlti", \&sign_lti_handler, 1, 1, 0);
   
   #
 #  Puts an id to a domains id database.   #  Puts an id to a domains id database. 
 #  #
 #  Parameters:  #  Parameters:
Removed from v.1.576  
changed lines
  Added in v.1.579

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>