--- loncom/lti/ltiauth.pm 2022/03/29 19:37:25 1.35 +++ loncom/lti/ltiauth.pm 2022/06/18 02:10:19 1.37 @@ -1,7 +1,7 @@ # The LearningOnline Network # Basic LTI Authentication Module # -# $Id: ltiauth.pm,v 1.35 2022/03/29 19:37:25 raeburn Exp $ +# $Id: ltiauth.pm,v 1.37 2022/06/18 02:10:19 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -31,7 +31,7 @@ package Apache::ltiauth; use strict; use LONCAPA qw(:DEFAULT :match); use Encode; -use Apache::Constants qw(:common :http); +use Apache::Constants qw(:common :http :remotehost); use Apache::lonlocal; use Apache::lonnet; use Apache::loncommon; @@ -117,7 +117,7 @@ sub handler { # if ($requri =~ m{^/adm/launch(|/.*)$}) { my $tail = $1; - if ($tail =~ m{^/tiny/($match_domain)/(\w+)$}) { + if ($tail =~ m{^/tiny/$match_domain/\w+$}) { my ($urlcdom,$urlcnum) = &course_from_tinyurl($tail); if (($urlcdom ne '') && ($urlcnum ne '')) { $cdom = $urlcdom; @@ -143,7 +143,7 @@ sub handler { # where url was /adm/launch/tiny/$cdom/$uniqueid # - my ($itemid,$ltitype,%crslti,%lti_in_use); + my ($itemid,$ltitype,%crslti,%lti_in_use,$ltiuser); $itemid = &get_lti_itemid($requri,$hostname,$params,$cdom,$cnum,'linkprot'); if ($itemid) { %crslti = &Apache::lonnet::get_course_lti($cnum,$cdom); @@ -229,10 +229,12 @@ sub handler { return OK; } } + $ltiuser = $uname.':'.$cdom; } } if ($lti_in_use{'notstudent'} eq 'reject') { &invalid_request($r,'Information for valid user missing from launch request'); + return OK; } } } @@ -240,13 +242,20 @@ sub handler { foreach my $key (%{$params}) { delete($env{'form.'.$key}); } - my $ltoken = &Apache::lonnet::tmpput({'linkprot' => $itemid.$ltitype.':'.$tail}, - $lonhost,'link'); - if ($ltoken) { + my %info = ( + 'linkprot' => $itemid.$ltitype.':'.$tail, + ); + if ($ltiuser ne '') { + $info{'linkprotuser'} = $ltiuser; + } + my $ltoken = &Apache::lonnet::tmpput(\%info,$lonhost,'link'); + if (($ltoken eq 'con_lost') || ($ltoken eq 'refused') || ($ltoken =~ /^error:/) || + ($ltoken eq 'unknown_cmd') || ($ltoken eq 'no_such_host') || + ($ltoken eq '')) { + &invalid_request($r,'Failed to store information from launch request'); + } else { $r->internal_redirect($tail.'?ltoken='.$ltoken); $r->set_handlers('PerlHandler'=> undef); - } else { - &invalid_request($r,'Failed to store information from launch request'); } } else { &invalid_request($r,'Launch request could not be validated'); @@ -985,7 +994,7 @@ sub lti_session { $r->dir_config('ltiIDsDir'), $protocol,$r->hostname); } - my $ip = $r->get_remote_host(); + my $ip = &Apache::lonnet::get_requestor_ip($r,REMOTE_NOLOOKUP); my %info=('ip' => $ip, 'domain' => $udom, 'username' => $uname, @@ -1074,7 +1083,7 @@ sub linkprot_session { $r->set_handlers('PerlHandler'=> undef); } else { # need to login them in, so generate the data migrate expects to do login - my $ip = $r->get_remote_host(); + my $ip = &Apache::lonnet::get_requestor_ip($r,REMOTE_NOLOOKUP); my %info=('ip' => $ip, 'domain' => $cdom, 'username' => $uname, @@ -1128,7 +1137,7 @@ sub invalid_request { '

'.&mt('Invalid LTI launch request').'

'. '

'. &mt('Launch of LON-CAPA is unavailable from the "external tool" link you had followed in another web application.'). - &mt('Launch failed for the following reason:'). + ' '.&mt('Launch failed for the following reason:'). '

'. '

'.$msg.'

'. &Apache::loncommon::end_page());