version 1.33, 2022/02/08 15:08:53
|
version 1.41, 2023/05/24 14:55:57
|
Line 30 package Apache::ltiauth;
|
Line 30 package Apache::ltiauth;
|
|
|
use strict; |
use strict; |
use LONCAPA qw(:DEFAULT :match); |
use LONCAPA qw(:DEFAULT :match); |
use Apache::Constants qw(:common :http); |
use Encode; |
|
use Apache::Constants qw(:common :http :remotehost); |
use Apache::lonlocal; |
use Apache::lonlocal; |
use Apache::lonnet; |
use Apache::lonnet; |
use Apache::loncommon; |
use Apache::loncommon; |
Line 63 sub handler {
|
Line 64 sub handler {
|
my $params = {}; |
my $params = {}; |
foreach my $key (sort(keys(%env))) { |
foreach my $key (sort(keys(%env))) { |
if ($key =~ /^form\.(.+)$/) { |
if ($key =~ /^form\.(.+)$/) { |
$params->{$1} = $env{$key}; |
$params->{$1} = &Encode::decode('UTF-8',$env{$key}); |
} |
} |
} |
} |
# |
# |
Line 116 sub handler {
|
Line 117 sub handler {
|
# |
# |
if ($requri =~ m{^/adm/launch(|/.*)$}) { |
if ($requri =~ m{^/adm/launch(|/.*)$}) { |
my $tail = $1; |
my $tail = $1; |
if ($tail =~ m{^/tiny/($match_domain)/(\w+)$}) { |
if ($tail =~ m{^/tiny/$match_domain/\w+$}) { |
my ($urlcdom,$urlcnum) = &course_from_tinyurl($tail); |
my ($urlcdom,$urlcnum) = &course_from_tinyurl($tail); |
if (($urlcdom ne '') && ($urlcnum ne '')) { |
if (($urlcdom ne '') && ($urlcnum ne '')) { |
$cdom = $urlcdom; |
$cdom = $urlcdom; |
Line 142 sub handler {
|
Line 143 sub handler {
|
# where url was /adm/launch/tiny/$cdom/$uniqueid |
# where url was /adm/launch/tiny/$cdom/$uniqueid |
# |
# |
|
|
my ($itemid,$ltitype,%crslti,%lti_in_use); |
my ($itemid,$ltitype,%crslti,%lti_in_use,$ltiuser); |
$itemid = &get_lti_itemid($requri,$hostname,$params,$cdom,$cnum,'deeplink'); |
$itemid = &get_lti_itemid($requri,$hostname,$params,$cdom,$cnum,'linkprot'); |
if ($itemid) { |
if ($itemid) { |
%crslti = &Apache::lonnet::get_course_lti($cnum,$cdom,'provider'); |
%crslti = &Apache::lonnet::get_course_lti($cnum,$cdom,'provider'); |
} |
} |
Line 157 sub handler {
|
Line 158 sub handler {
|
return OK; |
return OK; |
} |
} |
} else { |
} else { |
$itemid = &get_lti_itemid($requri,$hostname,$params,$cdom,'','deeplink'); |
$itemid = &get_lti_itemid($requri,$hostname,$params,$cdom,'','linkprot'); |
my %lti; |
my %lti; |
if ($itemid) { |
if ($itemid) { |
%lti = &Apache::lonnet::get_domain_lti($cdom,'provider'); |
%lti = &Apache::lonnet::get_domain_lti($cdom,'linkprot'); |
} |
} |
if (($itemid) && (ref($lti{$itemid}) eq 'HASH')) { |
if (($itemid) && (ref($lti{$itemid}) eq 'HASH')) { |
$ltitype = 'd'; |
$ltitype = 'd'; |
Line 174 sub handler {
|
Line 175 sub handler {
|
} |
} |
} |
} |
} |
} |
|
my $exiturl; |
|
if (($itemid) && ($lti_in_use{'returnurl'} ne '')) { |
|
if (exists($params->{$lti_in_use{'returnurl'}})) { |
|
$exiturl = $params->{$lti_in_use{'returnurl'}}; |
|
} elsif (exists($params->{'custom_'.$lti_in_use{'returnurl'}})) { |
|
$exiturl = $params->{'custom_'.$lti_in_use{'returnurl'}}; |
|
} |
|
} |
if (($itemid) && ($lti_in_use{'requser'})) { |
if (($itemid) && ($lti_in_use{'requser'})) { |
my %courseinfo = &Apache::lonnet::coursedescription($cdom.'_'.$cnum); |
my %courseinfo = &Apache::lonnet::coursedescription($cdom.'_'.$cnum); |
my $ltiauth; |
my $ltiauth; |
Line 185 sub handler {
|
Line 194 sub handler {
|
} |
} |
if ($ltiauth) { |
if ($ltiauth) { |
my $possuname; |
my $possuname; |
my $mapuser = $crslti{$itemid}{'mapuser'}; |
my $mapuser = $lti_in_use{'mapuser'}; |
if ($mapuser eq 'sourcedid') { |
if ($mapuser eq 'sourcedid') { |
if ($params->{'lis_person_sourcedid'} =~ /^$match_username$/) { |
if ($params->{'lis_person_sourcedid'} =~ /^$match_username$/) { |
$possuname = $params->{'lis_person_sourcedid'}; |
$possuname = $params->{'lis_person_sourcedid'}; |
Line 224 sub handler {
|
Line 233 sub handler {
|
foreach my $key (%{$params}) { |
foreach my $key (%{$params}) { |
delete($env{'form.'.$key}); |
delete($env{'form.'.$key}); |
} |
} |
&linkprot_session($r,$uname,$cnum,$cdom,$uhome,$itemid,$ltitype,$tail,$lonhost); |
&linkprot_session($r,$uname,$cnum,$cdom,$uhome,$itemid,$ltitype,$tail,$lonhost,$exiturl); |
return OK; |
return OK; |
} |
} |
} |
} |
|
$ltiuser = $uname.':'.$cdom; |
} |
} |
} |
} |
if ($lti_in_use{'notstudent'} eq 'reject') { |
if ($lti_in_use{'notstudent'} eq 'reject') { |
&invalid_request($r,'Information for valid user missing from launch request'); |
&invalid_request($r,'Information for valid user missing from launch request'); |
|
return OK; |
} |
} |
} |
} |
} |
} |
Line 239 sub handler {
|
Line 250 sub handler {
|
foreach my $key (%{$params}) { |
foreach my $key (%{$params}) { |
delete($env{'form.'.$key}); |
delete($env{'form.'.$key}); |
} |
} |
my $ltoken = &Apache::lonnet::tmpput({'linkprot' => $itemid.$ltitype.':'.$tail}, |
my %info = ( |
$lonhost,'link'); |
'linkprot' => $itemid.$ltitype.':'.$tail, |
if ($ltoken) { |
); |
|
if ($ltiuser ne '') { |
|
$info{'linkprotuser'} = $ltiuser; |
|
} |
|
if ($exiturl ne '') { |
|
$info{'linkprotexit'} = $exiturl; |
|
} |
|
my $ltoken = &Apache::lonnet::tmpput(\%info,$lonhost,'link'); |
|
if (($ltoken eq 'con_lost') || ($ltoken eq 'refused') || ($ltoken =~ /^error:/) || |
|
($ltoken eq 'unknown_cmd') || ($ltoken eq 'no_such_host') || |
|
($ltoken eq '')) { |
|
&invalid_request($r,'Failed to store information from launch request'); |
|
} else { |
$r->internal_redirect($tail.'?ltoken='.$ltoken); |
$r->internal_redirect($tail.'?ltoken='.$ltoken); |
$r->set_handlers('PerlHandler'=> undef); |
$r->set_handlers('PerlHandler'=> undef); |
} else { |
|
&invalid_request($r,'Failed to store information from launch request'); |
|
} |
} |
} else { |
} else { |
&invalid_request($r,'Launch request could not be validated'); |
&invalid_request($r,'Launch request could not be validated'); |
Line 984 sub lti_session {
|
Line 1005 sub lti_session {
|
$r->dir_config('ltiIDsDir'), |
$r->dir_config('ltiIDsDir'), |
$protocol,$r->hostname); |
$protocol,$r->hostname); |
} |
} |
my $ip = $r->get_remote_host(); |
my $ip = &Apache::lonnet::get_requestor_ip($r,REMOTE_NOLOOKUP); |
my %info=('ip' => $ip, |
my %info=('ip' => $ip, |
'domain' => $udom, |
'domain' => $udom, |
'username' => $uname, |
'username' => $uname, |
Line 1051 sub lti_session {
|
Line 1072 sub lti_session {
|
} |
} |
|
|
sub linkprot_session { |
sub linkprot_session { |
my ($r,$uname,$cnum,$cdom,$uhome,$itemid,$ltitype,$dest,$lonhost) = @_; |
my ($r,$uname,$cnum,$cdom,$uhome,$itemid,$ltitype,$dest,$lonhost,$exiturl) = @_; |
$r->user($uname); |
$r->user($uname); |
if ($ltitype eq 'c') { |
if ($ltitype eq 'c') { |
&Apache::lonnet::logthis("Link Protector: $itemid (c) authorized student: $uname:$cdom, course: $cdom\_$cnum"); |
&Apache::lonnet::logthis("Course Link Protector ($itemid) authorized student: $uname:$cdom, course: $cdom\_$cnum"); |
} elsif ($ltitype eq 'd') { |
} elsif ($ltitype eq 'd') { |
&Apache::lonnet::logthis("Link Protector: $itemid (d) authorized student: $uname:$cdom, course: $cdom\_$cnum"); |
&Apache::lonnet::logthis("Domain LTI for link protection ($itemid) authorized student: $uname:$cdom, course: $cdom\_$cnum"); |
} |
} |
my ($is_balancer,$otherserver,$hosthere) = &check_balancer($r,$uname,$cdom); |
my ($is_balancer,$otherserver,$hosthere) = &check_balancer($r,$uname,$cdom); |
if (($is_balancer) && (!$hosthere)) { |
if (($is_balancer) && (!$hosthere)) { |
Line 1064 sub linkprot_session {
|
Line 1085 sub linkprot_session {
|
&Apache::lonauth::success($r,$uname,$cdom,$uhome,'noredirect'); |
&Apache::lonauth::success($r,$uname,$cdom,$uhome,'noredirect'); |
$env{'form.origurl'} = $dest; |
$env{'form.origurl'} = $dest; |
$env{'request.linkprot'} = $itemid.$ltitype.':'.$dest; |
$env{'request.linkprot'} = $itemid.$ltitype.':'.$dest; |
|
$env{'request.linkprotuser'} = $uname.':'.$cdom; |
$env{'request.deeplink.login'} = $dest; |
$env{'request.deeplink.login'} = $dest; |
|
if ($exiturl ne '') { |
|
$env{'request.linkprotexit'} = $exiturl; |
|
} |
my $redirecturl = '/adm/switchserver'; |
my $redirecturl = '/adm/switchserver'; |
if ($otherserver ne '') { |
if ($otherserver ne '') { |
$redirecturl .= '?otherserver='.$otherserver; |
$redirecturl .= '?otherserver='.$otherserver; |
Line 1073 sub linkprot_session {
|
Line 1098 sub linkprot_session {
|
$r->set_handlers('PerlHandler'=> undef); |
$r->set_handlers('PerlHandler'=> undef); |
} else { |
} else { |
# need to login them in, so generate the data migrate expects to do login |
# need to login them in, so generate the data migrate expects to do login |
my $ip = $r->get_remote_host(); |
my $ip = &Apache::lonnet::get_requestor_ip($r,REMOTE_NOLOOKUP); |
my %info=('ip' => $ip, |
my %info=('ip' => $ip, |
'domain' => $cdom, |
'domain' => $cdom, |
'username' => $uname, |
'username' => $uname, |
'server' => $lonhost, |
'server' => $lonhost, |
'linkprot' => $itemid.$ltitype.':'.$dest, |
'linkprot' => $itemid.$ltitype.':'.$dest, |
|
'linkprotuser' => $uname.':'.$cdom, |
'home' => $uhome, |
'home' => $uhome, |
'origurl' => $dest, |
'origurl' => $dest, |
'deeplink.login' => $dest, |
'deeplink.login' => $dest, |
); |
); |
|
if ($exiturl ne '') { |
|
$info{'linkprotexit'} = $exiturl; |
|
} |
my $token = &Apache::lonnet::tmpput(\%info,$lonhost); |
my $token = &Apache::lonnet::tmpput(\%info,$lonhost); |
$env{'form.token'} = $token; |
$env{'form.token'} = $token; |
$r->internal_redirect('/adm/migrateuser'); |
$r->internal_redirect('/adm/migrateuser'); |
Line 1097 sub check_balancer {
|
Line 1126 sub check_balancer {
|
($is_balancer,$otherserver) = |
($is_balancer,$otherserver) = |
&Apache::lonnet::check_loadbalancing($uname,$udom,'login'); |
&Apache::lonnet::check_loadbalancing($uname,$udom,'login'); |
if ($is_balancer) { |
if ($is_balancer) { |
|
# Check if browser sent a LON-CAPA load balancer cookie (and this is a balancer) |
|
my ($found_server,$balancer_cookie) = &Apache::lonnet::check_for_balancer_cookie($r); |
|
if (($found_server) && ($balancer_cookie =~ /^\Q$udom\E_\Q$uname\E_/)) { |
|
$otherserver = $found_server; |
|
} |
if ($otherserver eq '') { |
if ($otherserver eq '') { |
my $lowest_load; |
my $lowest_load; |
($otherserver,undef,undef,undef,$lowest_load) = &Apache::lonnet::choose_server($udom); |
($otherserver,undef,undef,undef,$lowest_load) = &Apache::lonnet::choose_server($udom); |
Line 1127 sub invalid_request {
|
Line 1161 sub invalid_request {
|
'<h3>'.&mt('Invalid LTI launch request').'</h3>'. |
'<h3>'.&mt('Invalid LTI launch request').'</h3>'. |
'<p class="LC_warning">'. |
'<p class="LC_warning">'. |
&mt('Launch of LON-CAPA is unavailable from the "external tool" link you had followed in another web application.'). |
&mt('Launch of LON-CAPA is unavailable from the "external tool" link you had followed in another web application.'). |
&mt('Launch failed for the following reason:'). |
' '.&mt('Launch failed for the following reason:'). |
'</p>'. |
'</p>'. |
'<p class="LC_error">'.$msg.'</p>'. |
'<p class="LC_error">'.$msg.'</p>'. |
&Apache::loncommon::end_page()); |
&Apache::loncommon::end_page()); |