--- loncom/lti/ltiauth.pm 2018/03/23 01:01:47 1.6
+++ loncom/lti/ltiauth.pm 2018/05/30 18:06:13 1.14
@@ -1,7 +1,7 @@
# The LearningOnline Network
# Basic LTI Authentication Module
#
-# $Id: ltiauth.pm,v 1.6 2018/03/23 01:01:47 raeburn Exp $
+# $Id: ltiauth.pm,v 1.14 2018/05/30 18:06:13 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -43,7 +43,21 @@ sub handler {
my $r = shift;
my $requri = $r->uri;
#
-# Retrieve data POSTed by LTI Consumer on launch
+# Check for existing session, and temporarily delete any form items
+# in %env, if session exists
+#
+ my %savedform;
+ my $handle = &Apache::lonnet::check_for_valid_session($r);
+ if ($handle ne '') {
+ foreach my $key (sort(keys(%env))) {
+ if ($key =~ /^form\.(.+)$/) {
+ $savedform{$1} = $env{$key};
+ delete($env{$key});
+ }
+ }
+ }
+#
+# Retrieve data POSTed by LTI Consumer on launch
#
&Apache::lonacc::get_posted_cgi($r);
my $params = {};
@@ -52,6 +66,17 @@ sub handler {
$params->{$1} = $env{$key};
}
}
+#
+# Check for existing session, and restored temporarily
+# deleted form items to %env, if session exists.
+#
+ if ($handle ne '') {
+ if (keys(%savedform)) {
+ foreach my $key (sort(keys(%savedform))) {
+ $env{'form.'.$key} = $savedform{$key};
+ }
+ }
+ }
unless (keys(%{$params})) {
&invalid_request($r,1);
@@ -140,7 +165,7 @@ sub handler {
# Order is:
#
# (a) from custom_coursedomain item in POSTed data
-# (b) from tail of requested URL (after /adm/lti) if it has format of a symb
+# (b) from tail of requested URL (after /adm/lti/) if it has format of a symb
# (c) from tail of requested URL (after /adm/lti) if it has format of a map
# (d) from tail of requested URL (after /adm/lti) if it has format /domain/courseID
# (e) from tail of requested URL (after /adm/lti) if it has format /tiny/domain/\w+
@@ -182,6 +207,13 @@ sub handler {
$symb = $tail;
$symb =~ s{^/+}{};
}
+ } elsif ($tail =~ m{^/res/(?:$match_domain)/(?:$match_username)/.+\.(?:sequence|page)(|___\d+___.+)$}) {
+ if ($1 eq '') {
+ $mapurl = $tail;
+ } else {
+ $symb = $tail;
+ $symb =~ s{^/+}{};
+ }
} elsif ($tail =~ m{^/($match_domain)/($match_courseid)$}) {
($urlcdom,$urlcnum) = ($1,$2);
if (($cdom ne '') && ($cdom ne $urlcdom)) {
@@ -262,6 +294,12 @@ sub handler {
$protocol = 'https';
}
+ if (exists($params->{'oauth_callback'})) {
+ $Net::OAuth::PROTOCOL_VERSION = Net::OAuth::PROTOCOL_VERSION_1_0A;
+ } else {
+ $Net::OAuth::PROTOCOL_VERSION = Net::OAuth::PROTOCOL_VERSION_1_0;
+ }
+
my ($itemid,$consumer_key,$secret);
$consumer_key = $params->{'oauth_consumer_key'};
if (ref($lti_by_key{$consumer_key}) eq 'ARRAY') {
@@ -329,7 +367,7 @@ sub handler {
#
# (a) from course mapping (if the link between Consumer "course" and
# Provider "course" has been established previously).
-# (b) from tail of requested URL (after /adm/lti) if it has format of a symb
+# (b) from tail of requested URL (after /adm/lti/) if it has format of a symb
# (c) from tail of requested URL (after /adm/lti) if it has format of a map
# (d) from tail of requested URL (after /adm/lti) if it has format /domain/courseID
# (e) from tail of requested URL (after /adm/lti) if it has format /tiny/domain/\w+
@@ -396,35 +434,15 @@ sub handler {
#
my (@ltiroles,@lcroles);
-
my @lcroleorder = ('cc','in','ta','ep','st');
- my @ltiroleorder = ('Instructor','TeachingAssistant','Mentor','Learner');
- if ($params->{'roles'} =~ /,/) {
- my @possltiroles = split(/\s*,\s*/,$params->{'role'});
- foreach my $ltirole (@ltiroleorder) {
- if (grep(/^\Q$ltirole\E$/,@possltiroles)) {
- push(@ltiroles,$ltirole);
- }
- }
- } else {
- my $singlerole = $params->{'roles'};
- $singlerole =~ s/^\s|\s+$//g;
- if (grep(/^\Q$singlerole\E$/,@ltiroleorder)) {
- @ltiroles = ($singlerole);
- }
+ my ($lcrolesref,$ltirolesref) = &LONCAPA::ltiutils::get_lc_roles($params->{'roles'},
+ \@lcroleorder,
+ $lti{$itemid}{maproles});
+ if (ref($lcrolesref) eq 'ARRAY') {
+ @lcroles = @{$lcrolesref};
}
- if (@ltiroles) {
- if (ref($lti{$itemid}{maproles}) eq 'HASH') {
- my %possroles;
- map { $possroles{$lti{$itemid}{maproles}{$_}} = 1; } @ltiroles;
- if (keys(%possroles) > 0) {
- foreach my $item (@lcroleorder) {
- if ($possroles{$item}) {
- push(@lcroles,$item);
- }
- }
- }
- }
+ if (ref($ltirolesref) eq 'ARRAY') {
+ @ltiroles = @{$ltirolesref};
}
#
@@ -447,102 +465,25 @@ sub handler {
}
}
if ($selfcreate) {
- my (%rulematch,%inst_results,%curr_rules,%got_rules,%alerts,%info);
- my $checkhash = { "$uname:$udom" => { 'newuser' => 1, }, };
- my $checks = { 'username' => 1, };
- &Apache::loncommon::user_rule_check($checkhash,$checks,\%alerts,\%rulematch,
- \%inst_results,\%curr_rules,\%got_rules);
- my ($userchkmsg,$lcauth,$lcauthparm);
- my $allowed = 1;
- if (ref($alerts{'username'}) eq 'HASH') {
- if (ref($alerts{'username'}{$udom}) eq 'HASH') {
- my $domdesc =
- &Apache::lonnet::domain($udom,'description');
- if ($alerts{'username'}{$udom}{$uname}) {
- if (ref($curr_rules{$udom}) eq 'HASH') {
- $userchkmsg =
- &Apache::loncommon::instrule_disallow_msg('username',$domdesc,1).
- &Apache::loncommon::user_rule_formats($udom,$domdesc,
- $curr_rules{$udom}{'username'},
- 'username');
- }
- $allowed = 0;
- }
- }
- }
- if ($allowed) {
- if (ref($rulematch{$uname.':'.$udom}) eq 'HASH') {
- my $matchedrule = $rulematch{$uname.':'.$udom}{'username'};
- my ($rules,$ruleorder) =
- &Apache::lonnet::inst_userrules($udom,'username');
- if (ref($rules) eq 'HASH') {
- if (ref($rules->{$matchedrule}) eq 'HASH') {
- $lcauth = $rules->{$matchedrule}{'authtype'};
- $lcauthparm = $rules->{$matchedrule}{'authparm'};
- }
- }
- }
- if ($lcauth eq '') {
- $lcauth = $lti{$itemid}{'lcauth'};
- $lcauthparm = $lti{$itemid}{'lcauthparm'};
- }
- } else {
- &invalid_request($r,12);
- }
- my @userinfo = ('firstname','middlename','lastname','generation',
- 'permanentemail','id');
- my %useinstdata;
- if (ref($lti{$itemid}{'instdata'}) eq 'ARRAY') {
- map { $useinstdata{$_} = 1; } @{$lti{$itemid}{'instdata'}};
- }
- foreach my $item (@userinfo) {
- if (($useinstdata{$item}) && (ref($inst_results{$uname.':'.$udom}) eq 'HASH') &&
- ($inst_results{$uname.':'.$udom}{$item} ne '')) {
- $info{$item} = $inst_results{$uname.':'.$udom}{$item};
- } else {
- if ($item eq 'permanentemail') {
- if ($env{'form.lis_person_contact_email_primary'} =~/^[^\@]+\@[^@]+$/) {
- $info{$item} = $env{'form.lis_person_contact_email_primary'};
- }
- } elsif ($item eq 'firstname') {
- $info{$item} = $env{'form.lis_person_name_given'};
- } elsif ($item eq 'lastname') {
- $info{$item} = $env{'form.lis_person_name_family'};
- }
- }
- }
- if (($info{'middlename'} eq '') && ($env{'form.lis_person_name_full'} ne '')) {
- unless ($useinstdata{'middlename'}) {
- my $fullname = $env{'form.lis_person_name_full'};
- if ($info{'firstname'}) {
- $fullname =~ s/^\s*\Q$info{'firstname'}\E\s*//i;
- }
- if ($info{'lastname'}) {
- $fullname =~ s/\s*\Q$info{'lastname'}\E\s*$//i;
- }
- if ($fullname ne '') {
- $fullname =~ s/^\s+|\s+$//g;
- if ($fullname ne '') {
- $info{'middlename'} = $fullname;
- }
- }
- }
- }
- if (ref($inst_results{$uname.':'.$udom}{'inststatus'}) eq 'ARRAY') {
- my @inststatuses = @{$inst_results{$uname.':'.$udom}{'inststatus'}};
- $info{'inststatus'} = join(':',map { &escape($_); } @inststatuses);
- }
+ my (%rulematch,%inst_results,%curr_rules,%got_rules,%alerts);
+ my $domdesc = &Apache::lonnet::domain($udom,'description');
+ my %data = (
+ 'permanentemail' => $env{'form.lis_person_contact_email_primary'},
+ 'firstname' => $env{'form.lis_person_name_given'},
+ 'lastname' => $env{'form.lis_person_name_family'},
+ 'fullname' => $env{'form.lis_person_name_full'},
+ );
my $result =
- &Apache::lonnet::modifyuser($udom,$uname,$info{'id'},
- $lcauth,$lcauthparm,$info{'firstname'},
- $info{'middlename'},$info{'lastname'},
- $info{'generation'},undef,undef,
- $info{'permanentemail'},$info{'inststatus'});
- if ($result eq 'ok') {
+ &LONCAPA::ltiutils::create_user($lti{$itemid},$uname,$udom,
+ $domdesc,\%data,\%alerts,\%rulematch,
+ \%inst_results,\%curr_rules,%got_rules);
+ if ($result eq 'notallowed') {
+ &invalid_request($r,12);
+ } elsif ($result eq 'ok') {
if (($ltiroles[0] eq 'Instructor') && ($lcroles[0] eq 'cc') && ($lti{$itemid}{'mapcrs'}) &&
($lti{$itemid}{'makecrs'})) {
unless (&Apache::lonnet::usertools_access($uname,$udom,'lti','reload','requestcourses')) {
- &Apache::lonnet::put('environment',{ 'requestcourses.lti' => 1, },$udom,$uname);
+ &Apache::lonnet::put('environment',{ 'requestcourses.lti' => 'autolimit=', },$udom,$uname);
}
}
} else {
@@ -721,31 +662,8 @@ sub lti_enroll {
my %coursehash = &Apache::lonnet::coursedescription($cdom.'_'.$cnum);
my $start = $coursehash{'default_enrollment_start_date'};
my $end = $coursehash{'default_enrollment_end_date'};
- my $area = "/$cdom/$cnum";
- if (($role ne 'cc') && ($role ne 'co') && ($sec ne '')) {
- $area .= '/'.$sec;
- }
- my $spec = $role.'.'.$area;
- my $instcid;
- if ($role eq 'st') {
- $enrollresult =
- &Apache::lonnet::modify_student_enrollment($udom,$uname,undef,undef,undef,
- undef,undef,$sec,$end,$start,
- 'ltienroll',undef,$cdom.'_'.$cnum,1,
- 'ltienroll','',$instcid);
- } elsif ($role =~ /^(cc|in|ta|ep)$/) {
- $enrollresult =
- &Apache::lonnet::assignrole($udom,$uname,$area,$role,$end,$start,
- undef,1,'ltienroll');
- }
- if ($enrollresult eq 'ok') {
- my (%userroles,%newrole,%newgroups);
- &Apache::lonnet::standard_roleprivs(\%newrole,$role,$cdom,$spec,$cnum,
- $area);
- &Apache::lonnet::set_userprivs(\%userroles,\%newrole,\%newgroups);
- $userroles{'user.role.'.$spec} = $start.'.'.$end;
- &Apache::lonnet::appenv(\%userroles,[$role,'cm']);
- }
+ $enrollresult = &LONCAPA::ltiutils::enrolluser($udom,$uname,$role,$cdom,$cnum,$sec,
+ $start,$end,1);
}
}
return $enrollresult;
@@ -811,11 +729,17 @@ sub lti_session {
&Apache::lonauth::success($r,$uname,$udom,$uhome,'noredirect');
if ($symb) {
$env{'form.symb'} = $symb;
+ $env{'request.lti.uri'} = $symb;
} else {
if ($mapurl) {
$env{'form.origurl'} = $mapurl;
+ $env{'request.lti.uri'} = $mapurl;
} elsif ($tail =~ m{^\Q/tiny/$cdom/\E\w+$}) {
$env{'form.origurl'} = $tail;
+ $env{'request.lti.uri'} = $tail;
+ } elsif ($tail eq "/$cdom/$cnum") {
+ $env{'form.origurl'} = '/adm/navmaps';
+ $env{'request.lti.uri'} = $tail;
} else {
unless ($tail eq '/adm/roles') {
$env{'form.origurl'} = '/adm/navmaps';
@@ -850,7 +774,10 @@ sub lti_session {
$env{'request.lti.rosterurl'} = $params->{'ext_ims_lis_memberships_url'};
}
}
- $env{'request.lti.login'} = 1;
+ $env{'request.lti.login'} = $itemid;
+ if ($params->{'launch_presentation_document_target'}) {
+ $env{'request.lti.target'} = $params->{'launch_presentation_document_target'};
+ }
foreach my $key (%{$params}) {
delete($env{'form.'.$key});
}
@@ -871,7 +798,8 @@ sub lti_session {
'domain' => $udom,
'username' => $uname,
'server' => $lonhost,
- 'lti.login' => 1,
+ 'lti.login' => $itemid,
+ 'lti.uri' => $tail,
);
if ($role) {
$info{'role'} = $role;
@@ -903,6 +831,10 @@ sub lti_session {
$info{'lti.rosterurl'} = $params->{'ext_ims_lis_memberships_url'};
}
}
+ if ($params->{'launch_presentation_document_target'}) {
+ $info{'lti.target'} = $params->{'launch_presentation_document_target'};
+ }
+
unless ($info{'symb'}) {
if ($mapurl) {
$info{'origurl'} = $mapurl;
@@ -934,7 +866,7 @@ sub invalid_request {
}
&Apache::lonlocal::get_language_handle($r);
$r->print(
- &Apache::loncommon::start_page('Invalid LTI call').
+ &Apache::loncommon::start_page('Invalid LTI call','',{ 'only_body' => 1,}).
&mt('Invalid LTI call [_1]',$num).
&Apache::loncommon::end_page());
return;