|
version 1.3, 2017/12/18 23:59:31
|
version 1.6, 2022/03/29 20:12:46
|
|
Line 32 use strict;
|
Line 32 use strict;
|
| use Apache::Constants qw(:common :http); |
use Apache::Constants qw(:common :http); |
| use Encode; |
use Encode; |
| use Digest::SHA; |
use Digest::SHA; |
| |
use URI::Escape; |
| use Apache::lonnet; |
use Apache::lonnet; |
| use Apache::loncommon; |
use Apache::loncommon; |
| use Apache::lonacc; |
use Apache::lonacc; |
|
Line 41 use LONCAPA::ltiutils;
|
Line 42 use LONCAPA::ltiutils;
|
| sub handler { |
sub handler { |
| my $r = shift; |
my $r = shift; |
| my %errors; |
my %errors; |
| |
my $params = {}; |
| |
my ($oauthtype,$authheader); |
| |
# |
| |
# Retrieve content type from headers |
| |
# |
| |
my $content_type = $r->headers_in->get('Content-Type'); |
| |
if ($content_type eq 'application/xml') { |
| |
$oauthtype = 'consumer'; |
| |
# |
| |
# Retrieve OAuth data sent by LTI Provider from Authorization header |
| |
# |
| |
$authheader = $r->headers_in->get('Authorization'); |
| |
my ($authtype,$valuestr) = ($authheader =~ /^(OAuth)\s+(.+)$/i); |
| |
if (lc($authtype) eq 'oauth') { |
| |
foreach my $pair (split(/\s*,\s*/,$valuestr)) { |
| |
my ($key,$value) = split(/=/,$pair); |
| |
$value =~ s /(^"|"$)//g; |
| |
$params->{$key} = URI::Escape::uri_unescape($value); |
| |
} |
| |
} |
| |
} else { |
| |
$oauthtype = 'request token'; |
| # |
# |
| # Retrieve data POSTed by LTI Provider |
# Retrieve data POSTed by LTI Provider |
| # |
# |
| &Apache::lonacc::get_posted_cgi($r); |
&Apache::lonacc::get_posted_cgi($r); |
| my $params = {}; |
foreach my $key (sort(keys(%env))) { |
| foreach my $key (sort(keys(%env))) { |
if ($key =~ /^form\.(.+)$/) { |
| if ($key =~ /^form\.(.+)$/) { |
$params->{$1} = $env{$key}; |
| $params->{$1} = $env{$key}; |
} |
| } |
} |
| } |
} |
| |
|
|
Line 122 sub handler {
|
Line 145 sub handler {
|
| if ($ENV{'SERVER_PORT'} == 443) { |
if ($ENV{'SERVER_PORT'} == 443) { |
| $protocol = 'https'; |
$protocol = 'https'; |
| } |
} |
| unless (LONCAPA::ltiutils::verify_request($params,$protocol,$r->hostname,$r->uri, |
unless (LONCAPA::ltiutils::verify_request($oauthtype,$protocol,$r->hostname,$r->uri, |
| $env{'request.method'},$consumer_secret, |
$env{'request.method'},$consumer_secret, |
| \%errors)) { |
$params,$authheader,\%errors)) { |
| &invalid_request($r,\%errors); |
&invalid_request($r,\%errors); |
| return OK; |
return OK; |
| } |
} |
|
Line 257 END
|
Line 280 END
|
| } |
} |
| $r->print(" <member>\n"); |
$r->print(" <member>\n"); |
| my ($uname,$udom) = split(/:/,$user); |
my ($uname,$udom) = split(/:/,$user); |
| my $digest_user = &Encode::decode_utf8($uname.':'.$udom); |
my $digest_user = &Encode::decode('UTF-8',$uname.':'.$udom); |
| $digest_user = &Digest::SHA::sha1_hex($digest_user); |
$digest_user = &Digest::SHA::sha1_hex($digest_user); |
| $r->print(' <user_id>'.$digest_user.'</user_id>'."\n"); |
$r->print(' <user_id>'.$digest_user.'</user_id>'."\n"); |
| if (exists($students{$user})) { |
if (exists($students{$user})) { |
|
Line 325 END
|
Line 348 END
|
| next unless ($students{$user}[$statusidx] eq 'Active'); |
next unless ($students{$user}[$statusidx] eq 'Active'); |
| $r->print(" <member>\n"); |
$r->print(" <member>\n"); |
| my ($uname,$udom) = split(/:/,$user); |
my ($uname,$udom) = split(/:/,$user); |
| my $digest_user = &Encode::decode_utf8($uname.':'.$udom); |
my $digest_user = &Encode::decode('UTF-8',$uname.':'.$udom); |
| $digest_user = &Digest::SHA::sha1_hex($digest_user); |
$digest_user = &Digest::SHA::sha1_hex($digest_user); |
| $r->print(' <user_id>'.$digest_user.'</user_id>'."\n"); |
$r->print(' <user_id>'.$digest_user.'</user_id>'."\n"); |
| if ($needroles) { |
if ($needroles) { |
![[BACK]](/icons/back.gif){kind=icon}
Return to ltiroster.pm CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom / lti