--- loncom/lti/ltiauth.pm	2018/04/14 02:30:07	1.8
+++ loncom/lti/ltiauth.pm	2018/05/14 19:56:05	1.11
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Basic LTI Authentication Module
 #
-# $Id: ltiauth.pm,v 1.8 2018/04/14 02:30:07 raeburn Exp $
+# $Id: ltiauth.pm,v 1.11 2018/05/14 19:56:05 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -43,6 +43,20 @@ sub handler {
     my $r = shift;
     my $requri = $r->uri;
 #
+# Check for existing session, and temporarily delete any form items
+# in %env, if session exists
+#
+    my %savedform;
+    my $handle = &Apache::lonnet::check_for_valid_session($r);
+    if ($handle ne '') {
+        foreach my $key (sort(keys(%env))) {
+            if ($key =~ /^form\.(.+)$/) {
+                $savedform{$1} = $env{$key};
+                delete($env{$key});
+            }
+        }
+    }
+#
 # Retrieve data POSTed by LTI Consumer on launch  
 #
     &Apache::lonacc::get_posted_cgi($r);
@@ -52,6 +66,17 @@ sub handler {
             $params->{$1} = $env{$key};
         }
     }
+#
+# Check for existing session, and restored temporarily
+# deleted form items to %env, if session exists.
+#
+    if ($handle ne '') {
+        if (keys(%savedform)) {
+            foreach my $key (sort(keys(%savedform))) {
+                $env{'form.'.$key} = $savedform{$key};
+            }
+        }
+    }
 
     unless (keys(%{$params})) {
         &invalid_request($r,1);
@@ -140,7 +165,7 @@ sub handler {
 # Order is:
 #
 # (a) from custom_coursedomain item in POSTed data
-# (b) from tail of requested URL (after /adm/lti) if it has format of a symb  
+# (b) from tail of requested URL (after /adm/lti/) if it has format of a symb  
 # (c) from tail of requested URL (after /adm/lti) if it has format of a map 
 # (d) from tail of requested URL (after /adm/lti) if it has format /domain/courseID
 # (e) from tail of requested URL (after /adm/lti) if it has format /tiny/domain/\w+
@@ -182,6 +207,13 @@ sub handler {
                 $symb = $tail;
                 $symb =~ s{^/+}{};
             }
+        } elsif ($tail =~ m{^/res/(?:$match_domain)/(?:$match_username)/.+\.(?:sequence|page)(|___\d+___.+)$}) {
+            if ($1 eq '') {
+                $mapurl = $tail;
+            } else {
+                $symb = $tail;
+                $symb =~ s{^/+}{};
+            }
         } elsif ($tail =~ m{^/($match_domain)/($match_courseid)$}) {
             ($urlcdom,$urlcnum) = ($1,$2);
             if (($cdom ne '') && ($cdom ne $urlcdom)) {
@@ -329,7 +361,7 @@ sub handler {
 #
 # (a) from course mapping (if the link between Consumer "course" and 
 # Provider "course" has been established previously).
-# (b) from tail of requested URL (after /adm/lti) if it has format of a symb
+# (b) from tail of requested URL (after /adm/lti/) if it has format of a symb
 # (c) from tail of requested URL (after /adm/lti) if it has format of a map
 # (d) from tail of requested URL (after /adm/lti) if it has format /domain/courseID
 # (e) from tail of requested URL (after /adm/lti) if it has format /tiny/domain/\w+
@@ -400,7 +432,7 @@ sub handler {
     my @lcroleorder = ('cc','in','ta','ep','st');
     my @ltiroleorder = ('Instructor','TeachingAssistant','Mentor','Learner');
     if ($params->{'roles'} =~ /,/) {
-        my @possltiroles = split(/\s*,\s*/,$params->{'role'});
+        my @possltiroles = split(/\s*,\s*/,$params->{'roles'});
         foreach my $ltirole (@ltiroleorder) {
             if (grep(/^\Q$ltirole\E$/,@possltiroles)) {
                 push(@ltiroles,$ltirole);
@@ -546,7 +578,7 @@ sub handler {
                     if (($ltiroles[0] eq 'Instructor') && ($lcroles[0] eq 'cc') && ($lti{$itemid}{'mapcrs'}) &&
                         ($lti{$itemid}{'makecrs'})) {
                         unless (&Apache::lonnet::usertools_access($uname,$udom,'lti','reload','requestcourses')) {
-                            &Apache::lonnet::put('environment',{ 'requestcourses.lti' => 1, },$udom,$uname);
+                            &Apache::lonnet::put('environment',{ 'requestcourses.lti' => 'autolimit=', },$udom,$uname);
                         }
                     }
                 } else {
@@ -823,6 +855,9 @@ sub lti_session {
             } elsif ($tail =~ m{^\Q/tiny/$cdom/\E\w+$}) {
                 $env{'form.origurl'} = $tail;
                 $env{'request.lti.uri'} = $tail;
+            } elsif ($tail eq "/$cdom/$cnum") {
+                $env{'form.origurl'} = '/adm/navmaps';
+                $env{'request.lti.uri'} = $tail;
             } else {
                 unless ($tail eq '/adm/roles') {
                     $env{'form.origurl'} = '/adm/navmaps';
@@ -857,7 +892,7 @@ sub lti_session {
                 $env{'request.lti.rosterurl'} = $params->{'ext_ims_lis_memberships_url'};
             }
         }
-        $env{'request.lti.login'} = 1;
+        $env{'request.lti.login'} = $itemid;
         if ($params->{'launch_presentation_document_target'}) {
             $env{'request.lti.target'} = $params->{'launch_presentation_document_target'};
         }
@@ -881,7 +916,7 @@ sub lti_session {
                   'domain'    => $udom,
                   'username'  => $uname,
                   'server'    => $lonhost,
-                  'lti.login' => 1,
+                  'lti.login' => $itemid,
                   'lti.uri'   => $tail,
                  );
         if ($role) {
@@ -949,7 +984,7 @@ sub invalid_request {
     }
     &Apache::lonlocal::get_language_handle($r);
     $r->print(
-        &Apache::loncommon::start_page('Invalid LTI call').
+        &Apache::loncommon::start_page('Invalid LTI call','',{ 'only_body' => 1,}).
         &mt('Invalid LTI call [_1]',$num).
         &Apache::loncommon::end_page());
     return;