CVS log for loncom/lti/ltiauth.pm

[BACK] Up to [LON-CAPA] / loncom / lti

Request diff between arbitrary revisions


Keyword substitution: kv
Default branch: MAIN


Revision 1.43: download - view: text, markup, annotated - select for diffs
Fri Aug 18 22:14:34 2023 UTC (16 months, 1 week ago) by raeburn
Branches: MAIN
CVS tags: version_2_12_X, version_2_11_5_msu, version_2_11_4_msu, HEAD
Diff to previous 1.42: preferred, unified
Changes since revision 1.42: +2 -2 lines
- Fix typo.

Revision 1.42: download - view: text, markup, annotated - select for diffs
Fri Jun 2 01:20:28 2023 UTC (18 months, 3 weeks ago) by raeburn
Branches: MAIN
Diff to previous 1.41: preferred, unified
Changes since revision 1.41: +34 -10 lines
- Bugs 6754 and 6907
  - Return of grades to launcher CMS supported for resources or folders
    accessed via LTI-mediated deep link.
  - Support option: "Encrypt stored consumer secrets defined in domain"
  - Signing of LTI payloads for roster retrieval, passback of grades,
    and callback to logput launcher CMS session all now occur on
    primary library server for course's domain.

Revision 1.41: download - view: text, markup, annotated - select for diffs
Wed May 24 14:55:57 2023 UTC (19 months ago) by raeburn
Branches: MAIN
Diff to previous 1.40: preferred, unified
Changes since revision 1.40: +2 -2 lines
- Additional arg needed in call to get_course_lti() following changes in
  lonnet.pm rev. 1.1510

Revision 1.40: download - view: text, markup, annotated - select for diffs
Tue Jul 12 22:55:46 2022 UTC (2 years, 5 months ago) by raeburn
Branches: MAIN
Diff to previous 1.39: preferred, unified
Changes since revision 1.39: +6 -1 lines
- On a balancer node, if LON-CAPA is an LTI Provider or if deep link access
  with LTI mediated link protection is in use, check for balancer cookie
  after credentials in LTI payload validated.

Revision 1.39: download - view: text, markup, annotated - select for diffs
Thu Jun 30 21:04:14 2022 UTC (2 years, 5 months ago) by raeburn
Branches: MAIN
Diff to previous 1.38: preferred, unified
Changes since revision 1.38: +20 -3 lines
- Bug 6907
  "Exit Tool" button available to logout a session launched via deep link
  and escape iframe and redirect (for LTI-protected link).

Revision 1.38: download - view: text, markup, annotated - select for diffs
Sun Jun 26 04:03:48 2022 UTC (2 years, 6 months ago) by raeburn
Branches: MAIN
Diff to previous 1.37: preferred, unified
Changes since revision 1.37: +3 -1 lines
- Bug 6907
  - Set request.linkprotuser in %env for students accessing deep-linked items
    with LTI link protection which includes username from other LMS.
  - Set "only_body" for intermediate pages shown while session is being set up
    for LTI link-protected access.
  - Provide appropriate feedback when a deep link is followed but the user
    only has a future and/or expired role in the target course.

Revision 1.37: download - view: text, markup, annotated - select for diffs
Sat Jun 18 02:10:19 2022 UTC (2 years, 6 months ago) by raeburn
Branches: MAIN
Diff to previous 1.36: preferred, unified
Changes since revision 1.36: +19 -11 lines
- Bug 6907
  For LTI-protected deep links in which username is included in launch payload
  compare username in payload with username for any existing LON-CAPA session
  in current web browser and expire old session, if different user.

Revision 1.36: download - view: text, markup, annotated - select for diffs
Wed Apr 6 21:44:49 2022 UTC (2 years, 8 months ago) by raeburn
Branches: MAIN
Diff to previous 1.35: preferred, unified
Changes since revision 1.35: +3 -2 lines
- Bug 6907
 - Don't show log-in page if link protection configuration has
   "Action when username is not for an enrolled student" set to:
   "Discontinue launch process", and username was not available.
 - White space added between two sentences in displayed warning.

Revision 1.35: download - view: text, markup, annotated - select for diffs
Tue Mar 29 19:37:25 2022 UTC (2 years, 8 months ago) by raeburn
Branches: MAIN
Diff to previous 1.34: preferred, unified
Changes since revision 1.34: +3 -2 lines
- Net::OAuth expects characters outside the ASCII character set to have been
  decoded to perl's internal character structure, as it will UTF-8 encode them
  itself when making a signature.

Revision 1.34: download - view: text, markup, annotated - select for diffs
Thu Feb 17 22:35:51 2022 UTC (2 years, 10 months ago) by raeburn
Branches: MAIN
Diff to previous 1.33: preferred, unified
Changes since revision 1.33: +8 -8 lines
- Bug 6907
  - Link Protectors for deep-linking from launch from LTI Consumer can be
    configured at both a domain level and a course level.
  - Support encryption of link protection secrets set in a domain.
  - Requires perl-Crypt-CBC

Revision 1.33: download - view: text, markup, annotated - select for diffs
Tue Feb 8 15:08:53 2022 UTC (2 years, 10 months ago) by raeburn
Branches: MAIN
Diff to previous 1.32: preferred, unified
Changes since revision 1.32: +5 -4 lines
- Bug 6907
  - Modify message logged for user session launched from LTI-protected
    deep-link which includes username in signed payload.
  - On a balancer call lonauth::success before redirect to switchserver
  - Fix typo.

Revision 1.32: download - view: text, markup, annotated - select for diffs
Sun Feb 6 21:37:00 2022 UTC (2 years, 10 months ago) by raeburn
Branches: MAIN
Diff to previous 1.31: preferred, unified
Changes since revision 1.31: +172 -57 lines
- Bug 6907
  - Domain default to determine whether LTI launch of deep-linked URL requires
    student to authenticate; can be overridden for specific course(s).
  - If domain config permits it, link protection setting in a course can
    specify whether to accept username included in LTI payload, and action
    to take if username is not for an enrolled student.
  - Second arg passed to ltiauth::invalid_request() is text string stating why
    LTI launch was invalid.

Revision 1.31: download - view: text, markup, annotated - select for diffs
Wed Feb 2 00:31:16 2022 UTC (2 years, 10 months ago) by raeburn
Branches: MAIN
Diff to previous 1.30: preferred, unified
Changes since revision 1.30: +2 -2 lines
- Typo

Revision 1.30: download - view: text, markup, annotated - select for diffs
Tue Feb 1 23:13:20 2022 UTC (2 years, 10 months ago) by raeburn
Branches: MAIN
Diff to previous 1.29: preferred, unified
Changes since revision 1.29: +56 -111 lines
- Bug 6907
  - Extraction of LTI itemID based on consumer key in signed LTI payload, and
    verification with available secret moved from ltiauth.pm to Lond.pm.
  - Verification will now occur on course's home server or domain's primary
    library server, for course-defined LTI ID, and domain-defined LTI ID
    respectively.
  - Setting and modifying link protection key and secret now requires user
    session on course's home server.
  - Display of existing LTI key only available of course's home server.
  - Display of stored LTI secret eliminated so a Course Coordinator will
    need to record it offline or commit it to memory.

Revision 1.29: download - view: text, markup, annotated - select for diffs
Tue Feb 1 19:54:36 2022 UTC (2 years, 10 months ago) by raeburn
Branches: MAIN
Diff to previous 1.28: preferred, unified
Changes since revision 1.28: +2 -2 lines
- Typo

Revision 1.28: download - view: text, markup, annotated - select for diffs
Tue Feb 1 19:47:20 2022 UTC (2 years, 10 months ago) by raeburn
Branches: MAIN
Diff to previous 1.27: preferred, unified
Changes since revision 1.27: +6 -5 lines
- Bug 6754
  When storing mapping of Consumer system's courseID  to LON-CAPA's course
  "number" include LTI item id verified from signed payload.

Revision 1.27: download - view: text, markup, annotated - select for diffs
Wed Nov 24 04:25:03 2021 UTC (3 years, 1 month ago) by raeburn
Branches: MAIN
Diff to previous 1.26: preferred, unified
Changes since revision 1.26: +35 -5 lines
- Bug 6754
  - Storing mapping of Consumer course identifier to LON-CAPA courseID
    honors rules for allowable course types, and also general Y/N option for
    any type.
  - When a course is created due to launch from LTI Consumer, course's
    environment.db contains internal.lti set to 1, and extended course type
    is identified as "lti".

Revision 1.26: download - view: text, markup, annotated - select for diffs
Mon Nov 22 23:41:00 2021 UTC (3 years, 1 month ago) by raeburn
Branches: MAIN
Diff to previous 1.25: preferred, unified
Changes since revision 1.25: +24 -14 lines
- Bug 6754
  Basic LTI authentication option for launch from Consumer for which user
  information but no course information are provided on launch.

Revision 1.25: download - view: text, markup, annotated - select for diffs
Mon Nov 22 03:19:05 2021 UTC (3 years, 1 month ago) by raeburn
Branches: MAIN
Diff to previous 1.24: preferred, unified
Changes since revision 1.24: +3 -3 lines
- Add missing keys() command.

Revision 1.24: download - view: text, markup, annotated - select for diffs
Wed Nov 3 01:04:04 2021 UTC (3 years, 1 month ago) by raeburn
Branches: MAIN
Diff to previous 1.23: preferred, unified
Changes since revision 1.23: +2 -2 lines
- Bug 6907
  - Use of token to store linkprot or linkkey compatible with use of
    btoken and iptoken (for load balancing and IP change respectively).
  - Launching access from a deeplink, with its own ltoken and/or linkkey,
    for a user session originally launched from a different deeplink will
    update required session information.

Revision 1.23: download - view: text, markup, annotated - select for diffs
Thu Aug 12 00:05:27 2021 UTC (3 years, 4 months ago) by raeburn
Branches: MAIN
Diff to previous 1.22: preferred, unified
Changes since revision 1.22: +2 -2 lines
- Args in lonnet::spareserver() consistent with lonnet.pm rev. 1.1451 change.

Revision 1.22: download - view: text, markup, annotated - select for diffs
Sat Aug 7 20:11:53 2021 UTC (3 years, 4 months ago) by raeburn
Branches: MAIN
Diff to previous 1.21: preferred, unified
Changes since revision 1.21: +2 -2 lines
- Fix typo in comment.

Revision 1.21: download - view: text, markup, annotated - select for diffs
Sat Aug 7 01:34:20 2021 UTC (3 years, 4 months ago) by raeburn
Branches: MAIN
Diff to previous 1.20: preferred, unified
Changes since revision 1.20: +2 -2 lines
- scope for $urlcdom in &course_from_tinyurl() routine added in rev. 1.20

Revision 1.20: download - view: text, markup, annotated - select for diffs
Wed Aug 4 19:59:11 2021 UTC (3 years, 4 months ago) by raeburn
Branches: MAIN
Diff to previous 1.19: preferred, unified
Changes since revision 1.19: +210 -71 lines
- Bug 6907 Content in a course can be set to be deep-link only.
  - deeplink parameter has 5 components:
    state, others, listing, scope, protect and menus.
  - deeplink protection for launch from non-LON-CAPA LTI-enabled systems
    uses /adm/launch/tiny/$dom/$uniqueID, and key and secret used by launcher
    can be set in a course (by CC), or for domain (by DC).

Revision 1.19: download - view: text, markup, annotated - select for diffs
Thu Jul 18 18:28:46 2019 UTC (5 years, 5 months ago) by raeburn
Branches: MAIN
Diff to previous 1.18: preferred, unified
Changes since revision 1.18: +21 -1 lines
- Bug 6754. LON-CAPA as LTI Provider.
  Domain configuration to support session expiration in LON-CAPA,
  after user logs out of LTI Consumer which originally launched session,
  (if Consumer supports logoutServiceUrl; e.g. custom_logout_url in Canvas).

Revision 1.18: download - view: text, markup, annotated - select for diffs
Thu Jun 13 17:45:26 2019 UTC (5 years, 6 months ago) by raeburn
Branches: MAIN
Diff to previous 1.17: preferred, unified
Changes since revision 1.17: +2 -2 lines
- Consistent naming for selfenrollrole item in %env when LTI launch requires
  user's self-enrollment.

Revision 1.17: download - view: text, markup, annotated - select for diffs
Wed Dec 26 20:10:29 2018 UTC (6 years ago) by raeburn
Branches: MAIN
Diff to previous 1.16: preferred, unified
Changes since revision 1.16: +37 -13 lines
- Bug 6400 Deep-linking
  - URLs like /adm/lti/tiny/domain/uniqueID can be used to restrict use of
    deep links to access from another LTI-enabled application (no user data
    passed in this context).

Revision 1.16: download - view: text, markup, annotated - select for diffs
Tue Aug 14 21:03:39 2018 UTC (6 years, 4 months ago) by raeburn
Branches: MAIN
Diff to previous 1.15: preferred, unified
Changes since revision 1.15: +4 -4 lines
- Bug 6754 LON-CAPA as LTI Provider
  - Convert tail of launch URL to a real symb, if launch was for a single
    resource.

Revision 1.15: download - view: text, markup, annotated - select for diffs
Sat Jun 30 23:58:14 2018 UTC (6 years, 5 months ago) by raeburn
Branches: MAIN
Diff to previous 1.14: preferred, unified
Changes since revision 1.14: +5 -4 lines
- Formatting (whitespace changes only).

Revision 1.14: download - view: text, markup, annotated - select for diffs
Wed May 30 18:06:13 2018 UTC (6 years, 6 months ago) by raeburn
Branches: MAIN
Diff to previous 1.13: preferred, unified
Changes since revision 1.13: +6 -12 lines
- Bug 6754 LON-CAPA as LTI Provider
  - Include value of 1 for $selfenroll arg when calling ltiutils::enrolluser()
    so user privs will be added to the user's environment for the new role.

Revision 1.13: download - view: text, markup, annotated - select for diffs
Mon May 28 23:26:04 2018 UTC (6 years, 7 months ago) by raeburn
Branches: MAIN
Diff to previous 1.12: preferred, unified
Changes since revision 1.12: +22 -160 lines
- Bug 6754 LON-CAPA as LTI Provider
  - Support LTI Extension: Context Memberships Service, whereby launch of
    Consumer can trigger Provider to request course roster.
  - Code moved from ltiauth.pm to routines in ltiutils.pm:
    &get_lc_roles(), &create_user() and &enrolluser(); &create_passwd() routine
    also moved.
  - Code moved from &parse_roster() to &get_roster() in ltiutils.pm.
  - New routines: &batchaddroster(), &datechange_check(), &store_passbackurl()
    added to support roster updates, (including saving user-specific values
    for: lis_result_sourcedid, used for passback of grades to Consumer.

Revision 1.12: download - view: text, markup, annotated - select for diffs
Mon May 14 20:10:15 2018 UTC (6 years, 7 months ago) by raeburn
Branches: MAIN
Diff to previous 1.11: preferred, unified
Changes since revision 1.11: +7 -1 lines
- Bug 6754 LON-CAPA as LTI Provider
  - Support LTI Consumer using OAuth version 1.0a (sends oauth_callback)

Revision 1.11: download - view: text, markup, annotated - select for diffs
Mon May 14 19:56:05 2018 UTC (6 years, 7 months ago) by raeburn
Branches: MAIN
Diff to previous 1.10: preferred, unified
Changes since revision 1.10: +2 -2 lines
- Fix typo.

Revision 1.10: download - view: text, markup, annotated - select for diffs
Tue May 8 00:44:14 2018 UTC (6 years, 7 months ago) by raeburn
Branches: MAIN
Diff to previous 1.9: preferred, unified
Changes since revision 1.9: +5 -5 lines
- Bug 6754 LON-CAPA as LTI Provider
  - request.lti.login set to consumer's ID for LTI authenticated session.
  - Rights to create LON-CAPA courses (LTI type) assigned, as per domain
    config to new user created for LTI instructor
  - No "Login" shown for "Invalid call" displayed for failed LTI launch.

Revision 1.9: download - view: text, markup, annotated - select for diffs
Sat Apr 21 20:34:50 2018 UTC (6 years, 8 months ago) by raeburn
Branches: MAIN
Diff to previous 1.8: preferred, unified
Changes since revision 1.8: +38 -3 lines
- Bug 6754 LON-CAPA as LTI Provider
  - LTI launch results in call to ltiauth, even if user has existing LON-CAPA
    session (role, course etc. will be updated).
  - LTI launch can be for a published .sequence

Revision 1.8: download - view: text, markup, annotated - select for diffs
Sat Apr 14 02:30:07 2018 UTC (6 years, 8 months ago) by raeburn
Branches: MAIN
Diff to previous 1.7: preferred, unified
Changes since revision 1.7: +12 -1 lines
- Bug 6754 LON-CAPA as LTI Provider
  - Original LTI launch of LON-CAPA is for a resource, a map, or an entire
    course, and display is for iframe, tab or window; retain this in %env.

Revision 1.7: download - view: text, markup, annotated - select for diffs
Fri Mar 23 18:08:45 2018 UTC (6 years, 9 months ago) by raeburn
Branches: MAIN
Diff to previous 1.6: preferred, unified
Changes since revision 1.6: +26 -2 lines
- Bug 6754 LON-CAPA as LTI Provider
  - Assign randomly generated password to user in LON-CAPA if configuration
    for LTI Consumer permits both LTI auth and LON-CAPA log-in (internal) for
    a new user.

Revision 1.6: download - view: text, markup, annotated - select for diffs
Fri Mar 23 01:01:47 2018 UTC (6 years, 9 months ago) by raeburn
Branches: MAIN
Diff to previous 1.5: preferred, unified
Changes since revision 1.5: +354 -61 lines
- Bug 6754 LON-CAPA as LTI Provider
  - Creation of new LON-CAPA user account available from an LTI Consumer.
  - Creation of new LON-CAPA course available from an LTI Consumer.
  - Self-enrollment in a LON-CAPA course available from an LTI Consumer.

Revision 1.5: download - view: text, markup, annotated - select for diffs
Fri Jan 12 20:42:38 2018 UTC (6 years, 11 months ago) by raeburn
Branches: MAIN
Diff to previous 1.4: preferred, unified
Changes since revision 1.4: +37 -16 lines
- Bug 6754 LON-CAPA as LTI Provider
  - Tiny URLs can be part of the launch URL used to access a LON-CAPA
    assignment from another CMS. On launch (in the Consumer), POSTed data
    would be sent to a URL such as: /adm/lti/tiny/<domain>/<key>, where key
    is six characters.

Revision 1.4: download - view: text, markup, annotated - select for diffs
Wed Jan 3 22:04:19 2018 UTC (6 years, 11 months ago) by raeburn
Branches: MAIN
Diff to previous 1.3: preferred, unified
Changes since revision 1.3: +2 -1 lines
- Bug 6754 LON-CAPA as LTI Provider
  - Launch terminated if user has no role in target course, and
    self-enrollment is not permitted.

Revision 1.3: download - view: text, markup, annotated - select for diffs
Sat Dec 9 16:15:47 2017 UTC (7 years ago) by raeburn
Branches: MAIN
Diff to previous 1.2: preferred, unified
Changes since revision 1.2: +6 -6 lines
Bug 6754 LON-CAPA as LTI Provider
 - More descriptive name for Consumer Key scalar.
 - Include LON-CAPA courseID in standard format when logging successful
   authentication via basic LTI.

Revision 1.2: download - view: text, markup, annotated - select for diffs
Thu Dec 7 15:36:25 2017 UTC (7 years ago) by raeburn
Branches: MAIN
Diff to previous 1.1: preferred, unified
Changes since revision 1.1: +7 -35 lines
Bug 6754 LTI Integration
- ltiutils.pm contains common LTI routines (to facilitate re-use).
  - &check_nonce() moved from ltiauth.pm to ltiutils.pm.
  - &set_callback_secret() moved from lonexttool.pm to ltiutils.pm, and
    renamed &set_service_secret().
  - &sign_params(), &get_tool_lock(), and &release_tool_lock() moved from
    lonexttool.pm to ltiutils.pm
- ltiroster.pm will service requests for course membership information
  from an LTI Provider, where domain configuration for Tool permits this
  service, and launch (by Instructor( included ext_ims_lis_memberships_id.

Revision 1.1: download - view: text, markup, annotated - select for diffs
Wed Dec 6 01:53:56 2017 UTC (7 years ago) by raeburn
Branches: MAIN
- Bug 6754 LTI Integration: LON-CAPA as LTI Provider
  - Move auth/lonlti.pm to lti/ltiauth.pm

Diff request

This form allows you to request diffs between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.

Log view options

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>