--- loncom/lti/ltiauth.pm 2018/05/30 18:06:13 1.14 +++ loncom/lti/ltiauth.pm 2018/12/26 20:10:29 1.17 @@ -1,7 +1,7 @@ # The LearningOnline Network # Basic LTI Authentication Module # -# $Id: ltiauth.pm,v 1.14 2018/05/30 18:06:13 raeburn Exp $ +# $Id: ltiauth.pm,v 1.17 2018/12/26 20:10:29 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -205,14 +205,14 @@ sub handler { $mapurl = $tail; } else { $symb = $tail; - $symb =~ s{^/+}{}; + $symb =~ s{^/}{}; } } elsif ($tail =~ m{^/res/(?:$match_domain)/(?:$match_username)/.+\.(?:sequence|page)(|___\d+___.+)$}) { if ($1 eq '') { $mapurl = $tail; } else { $symb = $tail; - $symb =~ s{^/+}{}; + $symb =~ s{^/res/}{}; } } elsif ($tail =~ m{^/($match_domain)/($match_courseid)$}) { ($urlcdom,$urlcnum) = ($1,$2); @@ -339,6 +339,30 @@ sub handler { } # +# Determine if a username is required from the domain +# configuration for the specific LTI Consumer +# + + if (!$lti{$itemid}{'requser'}) { + if ($tail =~ m{^/tiny/($match_domain)/(\w+)$}) { + foreach my $key (%{$params}) { + delete($env{'form.'.$key}); + } + my $ltoken = &Apache::lonnet::tmpput({'linkprot' => $itemid.':'.$tail}, + $lonhost); + if ($ltoken) { + $r->internal_redirect($tail.'?ltoken='.$ltoken); + $r->set_handlers('PerlHandler'=> undef); + } else { + &invalid_request($r,9); + } + } else { + &invalid_request($r,10); + } + return OK; + } + +# # Determine if source of username matches requirement from the # domain configuration for the specific LTI Consumer. # @@ -394,7 +418,7 @@ sub handler { if ($consumers{$sourcecrs} =~ /^$match_courseid$/) { my $crshome = &Apache::lonnet::homeserver($consumers{$sourcecrs},$cdom); if ($crshome =~ /(con_lost|no_host|no_such_host)/) { - &invalid_request($r,9); + &invalid_request($r,11); return OK; } else { $posscnum = $consumers{$sourcecrs}; @@ -406,7 +430,7 @@ sub handler { if ($urlcnum ne '') { if ($posscnum ne '') { if ($posscnum ne $urlcnum) { - &invalid_request($r,10); + &invalid_request($r,12); return OK; } else { $cnum = $posscnum; @@ -414,7 +438,7 @@ sub handler { } else { my $crshome = &Apache::lonnet::homeserver($urlcnum,$cdom); if ($crshome =~ /(con_lost|no_host|no_such_host)/) { - &invalid_request($r,11); + &invalid_request($r,13); return OK; } else { $cnum = $urlcnum; @@ -435,9 +459,10 @@ sub handler { my (@ltiroles,@lcroles); my @lcroleorder = ('cc','in','ta','ep','st'); - my ($lcrolesref,$ltirolesref) = &LONCAPA::ltiutils::get_lc_roles($params->{'roles'}, - \@lcroleorder, - $lti{$itemid}{maproles}); + my ($lcrolesref,$ltirolesref) = + &LONCAPA::ltiutils::get_lc_roles($params->{'roles'}, + \@lcroleorder, + $lti{$itemid}{maproles}); if (ref($lcrolesref) eq 'ARRAY') { @lcroles = @{$lcrolesref}; } @@ -478,7 +503,7 @@ sub handler { $domdesc,\%data,\%alerts,\%rulematch, \%inst_results,\%curr_rules,%got_rules); if ($result eq 'notallowed') { - &invalid_request($r,12); + &invalid_request($r,14); } elsif ($result eq 'ok') { if (($ltiroles[0] eq 'Instructor') && ($lcroles[0] eq 'cc') && ($lti{$itemid}{'mapcrs'}) && ($lti{$itemid}{'makecrs'})) { @@ -487,16 +512,16 @@ sub handler { } } } else { - &invalid_request($r,13); + &invalid_request($r,15); return OK; } } else { - &invalid_request($r,14); + &invalid_request($r,16); return OK; } } } else { - &invalid_request($r,15); + &invalid_request($r,17); return OK; } @@ -518,10 +543,10 @@ sub handler { $symb,$cdom,$cnum,$params,\@ltiroles,$lti{$itemid},\@lcroles, $reqcrs,$sourcecrs); } else { - &invalid_request($r,16); + &invalid_request($r,18); } } else { - &invalid_request($r,17); + &invalid_request($r,19); } return OK; } @@ -607,7 +632,7 @@ sub handler { } } if ($reqrole eq '') { - &invalid_request($r,18); + &invalid_request($r,20); return OK; } else { unless (%crsenv) { @@ -617,10 +642,10 @@ sub handler { my $default_enrollment_end_date = $crsenv{'default_enrollment_end_date'}; my $now = time; if ($default_enrollment_end_date && $default_enrollment_end_date <= $now) { - &invalid_request($r,19); + &invalid_request($r,21); return OK; } elsif ($default_enrollment_start_date && $default_enrollment_start_date >$now) { - &invalid_request($r,20); + &invalid_request($r,22); return OK; } else { $selfenrollrole = $reqrole.'./'.$cdom.'/'.$cnum; @@ -729,7 +754,7 @@ sub lti_session { &Apache::lonauth::success($r,$uname,$udom,$uhome,'noredirect'); if ($symb) { $env{'form.symb'} = $symb; - $env{'request.lti.uri'} = $symb; + $env{'request.lti.uri'} = $tail; } else { if ($mapurl) { $env{'form.origurl'} = $mapurl;