--- loncom/lti/ltiauth.pm	2021/11/22 03:19:05	1.25
+++ loncom/lti/ltiauth.pm	2022/02/01 19:54:36	1.29
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Basic LTI Authentication Module
 #
-# $Id: ltiauth.pm,v 1.25 2021/11/22 03:19:05 raeburn Exp $
+# $Id: ltiauth.pm,v 1.29 2022/02/01 19:54:36 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -495,13 +495,14 @@ sub handler {
     if ($sourcecrs ne '') {
         %consumers = &Apache::lonnet::get_dom('lticonsumers',[$sourcecrs],$cdom);
         if (exists($consumers{$sourcecrs})) {
-            if ($consumers{$sourcecrs} =~ /^$match_courseid$/) {
-                my $crshome = &Apache::lonnet::homeserver($consumers{$sourcecrs},$cdom);
+            if ($consumers{$sourcecrs} =~ /^\Q$itemid:\E($match_courseid)$/) {
+                my $storedcnum = $1;
+                my $crshome = &Apache::lonnet::homeserver($storedcnum,$cdom);
                 if ($crshome =~ /(con_lost|no_host|no_such_host)/) {
                     &invalid_request($r,20);
                     return OK;
                 } else {
-                    $posscnum = $consumers{$sourcecrs};
+                    $posscnum = $storedcnum;
                 }
             }
         }
@@ -613,20 +614,26 @@ sub handler {
 
     my $reqcrs;
     if ($cnum eq '') {
-        if ((@ltiroles) && ($lti{$itemid}{'mapcrs'}) &&
-            ($ltiroles[0] eq 'Instructor') && ($lcroles[0] eq 'cc') && ($lti{$itemid}{'makecrs'})) {
-            my (%can_request,%request_domains);
-            &Apache::lonnet::check_can_request($cdom,\%can_request,\%request_domains,$uname,$udom);
-            if ($can_request{'lti'}) {
-                $reqcrs = 1;
-                &lti_session($r,$itemid,$uname,$udom,$uhome,$lonhost,undef,$mapurl,$tail,
-                             $symb,$cdom,$cnum,$params,\@ltiroles,$lti{$itemid},\@lcroles,
-                             $reqcrs,$sourcecrs);
+        if ($lti{$itemid}{'crsinc'}) {
+            if ((@ltiroles) && ($lti{$itemid}{'mapcrs'}) &&
+                ($ltiroles[0] eq 'Instructor') && ($lcroles[0] eq 'cc') && ($lti{$itemid}{'makecrs'})) {
+                my (%can_request,%request_domains);
+                &Apache::lonnet::check_can_request($cdom,\%can_request,\%request_domains,$uname,$udom);
+                if ($can_request{'lti'}) {
+                    $reqcrs = 1;
+                    &lti_session($r,$itemid,$uname,$udom,$uhome,$lonhost,undef,$mapurl,$tail,
+                                 $symb,$cdom,$cnum,$params,\@ltiroles,$lti{$itemid},\@lcroles,
+                                 $reqcrs,$sourcecrs);
+                } else {
+                    &invalid_request($r,27);
+                }
             } else {
-                &invalid_request($r,27);
+                &invalid_request($r,28);
             }
         } else {
-            &invalid_request($r,28);
+            &lti_session($r,$itemid,$uname,$udom,$uhome,$lonhost,undef,$mapurl,$tail,
+                         $symb,$cdom,$cnum,$params,\@ltiroles,$lti{$itemid},\@lcroles,
+                         $reqcrs,$sourcecrs);
         }
         return OK;
     }
@@ -634,7 +641,7 @@ sub handler {
 #
 # If LON-CAPA course is a Community, and LON-CAPA role
 # indicated is cc, change role indicated to co.
-# 
+#
 
     my %crsenv;
     if ($lcroles[0] eq 'cc') {
@@ -739,11 +746,41 @@ sub handler {
     }
 
 #
-# Store consumer-to-LON-CAPA course mapping
+# Retrieve course type of LON-CAPA course to check if mapping from a Consumer
+# course identifier permitted for this type of course (one of: official,
+# unofficial, community, textbook, placement or lti.
+#
+
+    unless (%crsenv) {
+        %crsenv = &Apache::lonnet::coursedescription($cdom.'_'.$cnum);
+    }
+    my $crstype = lc($crsenv{'type'});
+    if ($crstype eq '') {
+        $crstype = 'course';
+    }
+    if ($crstype eq 'course') {
+        if ($crsenv{'internal.coursecode'}) {
+            $crstype = 'official';
+        } elsif ($crsenv{'internal.textbook'}) {
+            $crstype = 'textbook';
+        } elsif ($crsenv{'internal.lti'}) {
+            $crstype = 'lti';
+        } else {
+            $crstype = 'unofficial';
+        }
+    }
+
+#
+# Store consumer-to-LON-CAPA course mapping if permitted
 #
 
-    if (($sourcecrs ne '')  && ($consumers{$sourcecrs} eq '') && ($cnum ne '')) {
-        &Apache::lonnet::put_dom('lticonsumers',{ $sourcecrs => $cnum },$cdom);
+    if (($lti{$itemid}{'storecrs'}) && ($sourcecrs ne '') && 
+        ($consumers{$sourcecrs} eq '') && ($cnum ne '')) {
+        if (ref($lti{$itemid}{'mapcrstype'}) eq 'ARRAY') {
+            if (grep(/^$crstype$/,@{$lti{$itemid}{'mapcrstype'}})) {
+                &Apache::lonnet::put_dom('lticonsumers',{ $sourcecrs => $itemid.':'.$cnum },$cdom);
+            }
+        }
     }
 
 #
@@ -894,7 +931,9 @@ sub lti_session {
                 $env{'request.lti.uri'} = $tail;
             } else {
                 unless ($tail eq '/adm/roles') {
-                    $env{'form.origurl'} = '/adm/navmaps';
+                    if ($cnum) {
+                        $env{'form.origurl'} = '/adm/navmaps';
+                    }
                 }
             }
         }
@@ -1002,7 +1041,9 @@ sub lti_session {
                 $info{'origurl'} = $tail;
             } else {
                 unless ($tail eq '/adm/roles') {
-                    $info{'origurl'} = '/adm/navmaps';
+                    if ($cnum) {
+                        $info{'origurl'} = '/adm/navmaps';
+                    }
                 }
             }
         }