--- loncom/interface/domainprefs.pm	2017/10/13 20:37:34	1.315
+++ loncom/interface/domainprefs.pm	2018/07/06 04:03:31	1.328
@@ -1,7 +1,7 @@
 # The LearningOnline Network with CAPA
 # Handler to set domain-wide configuration settings
 #
-# $Id: domainprefs.pm,v 1.315 2017/10/13 20:37:34 raeburn Exp $
+# $Id: domainprefs.pm,v 1.328 2018/07/06 04:03:31 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -104,7 +104,7 @@ $datatable  - HTML containing form eleme
 
 In the case of course requests, radio buttons are displayed for each institutional
 affiliate type (and also default, and _LC_adv) for each of the course types 
-(official, unofficial, community, textbook, and placement).  
+(official, unofficial, community, textbook, placement, and lti).  
 In each case the radio buttons allow the selection of one of four values:  
 
 0, approval, validate, autolimit=N (where N is blank, or a positive integer).
@@ -219,13 +219,14 @@ sub handler {
                 'serverstatuses','requestcourses','helpsettings',
                 'coursedefaults','usersessions','loadbalancing',
                 'requestauthor','selfenrollment','inststatus',
-                'ltitools','ssl','trust'],$dom);
+                'ltitools','ssl','trust','lti'],$dom);
+    my %encconfig =
+        &Apache::lonnet::get_dom('encconfig',['ltitools','lti'],$dom);
     if (ref($domconfig{'ltitools'}) eq 'HASH') {
-        my %encconfig =
-            &Apache::lonnet::get_dom('encconfig',['ltitools'],$dom);
         if (ref($encconfig{'ltitools'}) eq 'HASH') {
             foreach my $id (keys(%{$domconfig{'ltitools'}})) {
-                if (ref($domconfig{'ltitools'}{$id}) eq 'HASH') {
+                if ((ref($domconfig{'ltitools'}{$id}) eq 'HASH') &&
+                    (ref($encconfig{'ltitools'}{$id}) eq 'HASH')) {
                     foreach my $item ('key','secret') {
                         $domconfig{'ltitools'}{$id}{$item} = $encconfig{'ltitools'}{$id}{$item};
                     }
@@ -233,12 +234,24 @@ sub handler {
             }
         }
     }
+    if (ref($domconfig{'lti'}) eq 'HASH') {
+        if (ref($encconfig{'lti'}) eq 'HASH') {
+            foreach my $id (keys(%{$domconfig{'lti'}})) {
+                if ((ref($domconfig{'lti'}{$id}) eq 'HASH') &&
+                    (ref($encconfig{'lti'}{$id}) eq 'HASH')) {
+                    foreach my $item ('key','secret') {
+                        $domconfig{'lti'}{$id}{$item} = $encconfig{'lti'}{$id}{$item};
+                    }
+                }
+            }
+        }
+    }
     my @prefs_order = ('rolecolors','login','defaults','quotas','autoenroll',
                        'autoupdate','autocreate','directorysrch','contacts',
                        'usercreation','selfcreation','usermodification','scantron',
                        'requestcourses','requestauthor','coursecategories',
                        'serverstatuses','helpsettings','coursedefaults',
-                       'ltitools','selfenrollment','usersessions','ssl','trust');
+                       'ltitools','selfenrollment','usersessions','ssl','trust','lti');
     my %existing;
     if (ref($domconfig{'loadbalancing'}) eq 'HASH') {
         %existing = %{$domconfig{'loadbalancing'}};
@@ -545,6 +558,14 @@ sub handler {
                   print => \&print_trust,
                   modify => \&modify_trust,
                  },
+          'lti' =>
+                 {text => 'LTI Provider',
+                  help => 'Domain_Configuration_LTI_Provider',
+                  header => [{col1 => 'Setting',
+                              col2 => 'Value',}],
+                  print => \&print_lti,
+                  modify => \&modify_lti,
+                 },
     );
     if (keys(%servers) > 1) {
         $prefs{'login'}  = { text   => 'Log-in page options',
@@ -730,6 +751,8 @@ sub process_changes {
         $output = &modify_ssl($dom,$lastactref,%domconfig);
     } elsif ($action eq 'trust') {
         $output = &modify_trust($dom,$lastactref,%domconfig);
+    } elsif ($action eq 'lti') {
+        $output = &modify_lti($r,$dom,$action,$lastactref,%domconfig);
     }
     return $output;
 }
@@ -1065,7 +1088,7 @@ sub print_config_box {
             $output .= &print_quotas($dom,$settings,\$rowtotal,$action);
         } elsif (($action eq 'autoenroll') || ($action eq 'autocreate') || 
                  ($action eq 'serverstatuses') || ($action eq 'loadbalancing') || 
-                 ($action eq 'ltitools')) {
+                 ($action eq 'ltitools') || ($action eq 'lti')) {
             $output .= $item->{'print'}->($dom,$settings,\$rowtotal);
         } elsif ($action eq 'scantron') {
             $output .= &print_scantronformat($r,$dom,$confname,$settings,\$rowtotal);
@@ -1656,7 +1679,8 @@ sub display_color_options {
                         if ($fullwidth ne '' && $fullheight ne '') {
                             if ($fullwidth > $width && $fullheight > $height) { 
                                 my $size = $width.'x'.$height;
-                                system("convert -sample $size $input $output");
+                                my @args = ('convert','-sample',$size,$input,$output);
+                                system({$args[0]} @args);
                                 $showfile = "/$imgdir/tn-".$filename;
                             }
                         }
@@ -1869,7 +1893,7 @@ sub print_quotas {
     my $typecount = 0;
     my ($css_class,%titles);
     if ($context eq 'requestcourses') {
-        @usertools = ('official','unofficial','community','textbook','placement');
+        @usertools = ('official','unofficial','community','textbook','placement','lti');
         @options =('norequest','approval','validate','autolimit');
         %validations = &Apache::lonnet::auto_courserequest_checks($dom);
         %titles = &courserequest_titles();
@@ -2333,7 +2357,7 @@ sub print_studentcode {
     my ($settings,$rowtotal) = @_;
     my $rownum = 0; 
     my ($output,%current);
-    my @crstypes = ('official','unofficial','community','textbook','placement');
+    my @crstypes = ('official','unofficial','community','textbook','placement','lti');
     if (ref($settings) eq 'HASH') {
         if (ref($settings->{'uniquecode'}) eq 'HASH') {
             foreach my $type (@crstypes) {
@@ -2585,7 +2609,10 @@ ENDSCRIPT
 
 sub ltitools_javascript {
     my ($settings) = @_;
-    return unless(ref($settings) eq 'HASH');
+    my $togglejs = &ltitools_toggle_js();
+    unless (ref($settings) eq 'HASH') {
+        return $togglejs;
+    }
     my (%ordered,$total,%jstext);
     $total = 0;
     foreach my $item (keys(%{$settings})) {
@@ -2603,7 +2630,7 @@ sub ltitools_javascript {
     return <<"ENDSCRIPT";
 <script type="text/javascript">
 // <![CDATA[
-function reorderLTI(form,item) {
+function reorderLTITools(form,item) {
     var changedVal;
 $jstext
     var newpos = 'ltitools_add_pos';
@@ -2648,6 +2675,275 @@ $jstext
 // ]]>
 </script>
 
+$togglejs
+
+ENDSCRIPT
+}
+
+sub ltitools_toggle_js {
+    return <<"ENDSCRIPT";
+<script type="text/javascript">
+// <![CDATA[
+
+function toggleLTITools(form,setting,item) {
+    var radioname = '';
+    var divid = '';
+    if ((setting == 'passback') || (setting == 'roster')) {
+        radioname = 'ltitools_'+setting+'_'+item;
+        divid = 'ltitools_'+setting+'time_'+item;
+        var num = form.elements[radioname].length;
+        if (num) {
+            var setvis = '';
+            for (var i=0; i<num; i++) {
+                if (form.elements[radioname][i].checked) {
+                    if (form.elements[radioname][i].value == '1') {
+                        if (document.getElementById(divid)) {
+                            document.getElementById(divid).style.display = 'inline-block';
+                        }
+                        setvis = 1;
+                    }
+                    break;
+                }
+            }
+        }
+        if (!setvis) {
+            if (document.getElementById(divid)) {
+                document.getElementById(divid).style.display = 'none';
+            }
+        }
+    }
+    if (setting == 'user') {
+        divid = 'ltitools_'+setting+'_div_'+item;
+        var checkid = 'ltitools_'+setting+'_field_'+item;
+        if (document.getElementById(divid)) {
+            if (document.getElementById(checkid)) {
+                if (document.getElementById(checkid).checked) {
+                    document.getElementById(divid).style.display = 'inline-block';
+                } else {
+                    document.getElementById(divid).style.display = 'none';
+                }
+            }
+        }
+    }
+    return;
+}
+// ]]>
+</script>
+
+ENDSCRIPT
+}
+
+sub lti_javascript {
+    my ($settings) = @_;
+    my $togglejs = &lti_toggle_js();
+    unless (ref($settings) eq 'HASH') {
+        return $togglejs;
+    }
+    my (%ordered,$total,%jstext);
+    $total = 0;
+    foreach my $item (keys(%{$settings})) {
+        if (ref($settings->{$item}) eq 'HASH') {
+            my $num = $settings->{$item}{'order'};
+            $ordered{$num} = $item;
+        }
+    }
+    $total = scalar(keys(%{$settings}));
+    my @jsarray = ();
+    foreach my $item (sort {$a <=> $b } (keys(%ordered))) {
+        push(@jsarray,$ordered{$item});
+    }
+    my $jstext = '    var lti = Array('."'".join("','",@jsarray)."'".');'."\n";
+    return <<"ENDSCRIPT";
+<script type="text/javascript">
+// <![CDATA[
+function reorderLTI(form,item) {
+    var changedVal;
+$jstext
+    var newpos = 'lti_pos_add';
+    var maxh = 1 + $total;
+    var current = new Array;
+    var newitemVal = form.elements[newpos].options[form.elements[newpos].selectedIndex].value;
+    if (item == newpos) {
+        changedVal = newitemVal;
+    } else {
+        changedVal = form.elements[item].options[form.elements[item].selectedIndex].value;
+        current[newitemVal] = newpos;
+    }
+    for (var i=0; i<lti.length; i++) {
+        var elementName = 'lti_pos_'+lti[i];
+        if (elementName != item) {
+            if (form.elements[elementName]) {
+                var currVal = form.elements[elementName].options[form.elements[elementName].selectedIndex].value;
+                current[currVal] = elementName;
+            }
+        }
+    }
+    var oldVal;
+    for (var j=0; j<maxh; j++) {
+        if (current[j] == undefined) {
+            oldVal = j;
+        }
+    }
+    if (oldVal < changedVal) {
+        for (var k=oldVal+1; k<=changedVal ; k++) {
+           var elementName = current[k];
+           form.elements[elementName].selectedIndex = form.elements[elementName].selectedIndex - 1;
+        }
+    } else {
+        for (var k=changedVal; k<oldVal; k++) {
+            var elementName = current[k];
+            form.elements[elementName].selectedIndex = form.elements[elementName].selectedIndex + 1;
+        }
+    }
+    return;
+}
+// ]]>
+</script>
+
+$togglejs
+
+ENDSCRIPT
+}
+
+sub lti_toggle_js {
+    my %lcauthparmtext = &Apache::lonlocal::texthash (
+                            localauth => 'Local auth argument',
+                            krb       => 'Kerberos domain',
+                         );
+    return <<"ENDSCRIPT";
+<script type="text/javascript">
+// <![CDATA[
+
+function toggleLTI(form,setting,item) {
+    if ((setting == 'user') || (setting == 'crs')) {
+        var radioname = '';
+        var divid = '';
+        if (setting == 'user') {
+            radioname = 'lti_mapuser_'+item;
+            divid = 'lti_userfield_'+item;
+        } else {
+            radioname = 'lti_mapcrs_'+item;
+            divid = 'lti_crsfield_'+item;
+        }
+        var num = form.elements[radioname].length;
+        if (num) {
+            var setvis = '';
+            for (var i=0; i<num; i++) {
+               if (form.elements[radioname][i].checked) {
+                   if (form.elements[radioname][i].value == 'other') {
+                       if (document.getElementById(divid)) {
+                           document.getElementById(divid).style.display = 'inline-block';
+                       }
+                       setvis = 1;
+                       break;
+                   }
+               } 
+            }
+            if (!setvis) {
+                if (document.getElementById(divid)) {
+                    document.getElementById(divid).style.display = 'none';
+                }
+            }
+        }
+    } else if ((setting == 'sec') || (setting == 'secsrc')) {
+        var numsec = form.elements['lti_crssec_'+item].length;
+        if (numsec) {
+            var setvis = '';
+            for (var i=0; i<numsec; i++) {
+                if (form.elements['lti_crssec_'+item][i].checked) {
+                    if (form.elements['lti_crssec_'+item][i].value == '1') {
+                        if (document.getElementById('lti_crssecfield_'+item)) {
+                            document.getElementById('lti_crssecfield_'+item).style.display = 'inline-block';
+                            setvis = 1;
+                            var numsrcsec = form.elements['lti_crssecsrc_'+item].length;
+                            if (numsrcsec) {
+                                var setsrcvis = '';
+                                for (var j=0; j<numsrcsec; j++) {
+                                    if (form.elements['lti_crssecsrc_'+item][j].checked) {
+                                        if (form.elements['lti_crssecsrc_'+item][j].value == 'other') {
+                                            if (document.getElementById('lti_secsrcfield_'+item)) {
+                                                document.getElementById('lti_secsrcfield_'+item).style.display = 'inline-block';
+                                                setsrcvis = 1;
+                                            }
+                                        }
+                                    }
+                                }
+                                if (!setsrcvis) {
+                                    if (document.getElementById('lti_secsrcfield_'+item)) {
+                                        document.getElementById('lti_secsrcfield_'+item).style.display = 'none';
+                                    }
+                                }
+                            }
+                        }
+                    }
+                }
+            }
+            if (!setvis) {
+                if (document.getElementById('lti_crssecfield_'+item)) {
+                    document.getElementById('lti_crssecfield_'+item).style.display = 'none';
+                }
+                if (document.getElementById('lti_secsrcfield_'+item)) {
+                    document.getElementById('lti_secsrcfield_'+item).style.display = 'none';
+                }
+            }
+        }
+    } else if (setting == 'lcauth') {
+        var numauth = form.elements['lti_lcauth_'+item].length;
+        if (numauth) {
+            for (var i=0; i<numauth; i++) {
+                if (form.elements['lti_lcauth_'+item][i].checked) {
+                    if (document.getElementById('lti_'+setting+'_parmrow_'+item)) {
+                        if ((form.elements['lti_'+setting+'_'+item][i].value == 'internal') || (form.elements['lti_'+setting+'_'+item][i].value == 'lti')) {
+                            document.getElementById('lti_'+setting+'_parmrow_'+item).style.display = 'none';
+                        } else {
+                            document.getElementById('lti_'+setting+'_parmrow_'+item).style.display = 'table-row';
+                            if (document.getElementById('lti_'+setting+'_parmtext_'+item)) {
+                                if (form.elements['lti_'+setting+'_'+item][i].value == 'localauth') {
+                                    document.getElementById('lti_'+setting+'_parmtext_'+item).innerHTML = "$lcauthparmtext{'localauth'}";
+                                } else {
+                                    document.getElementById('lti_'+setting+'_parmtext_'+item).innerHTML = "$lcauthparmtext{'krb'}";
+                                }
+                            }
+                        }
+                    }
+                }
+            }
+        }
+    } else if (setting == 'lcmenu') {
+        var menus = new Array('lti_topmenu_'+item,'lti_inlinemenu_'+item);
+        var divid = 'lti_menufield_'+item;
+        var setvis = '';
+        for (var i=0; i<menus.length; i++) {
+            var radioname = menus[i];  
+            var num = form.elements[radioname].length;
+            if (num) {
+                for (var j=0; j<num; j++) {
+                    if (form.elements[radioname][j].checked) {
+                        if (form.elements[radioname][j].value == '1') {
+                            if (document.getElementById(divid)) {
+                                document.getElementById(divid).style.display = 'inline-block';
+                            }
+                            setvis = 1;
+                            break;
+                        }
+                    }
+                }
+            }
+            if (setvis == 1) {
+                break;
+            }
+        }
+        if (!setvis) {
+            if (document.getElementById(divid)) {
+                document.getElementById(divid).style.display = 'none';
+            }
+        }
+    }
+    return;
+}
+// ]]>
+</script>
+
 ENDSCRIPT
 }
 
@@ -3878,24 +4174,30 @@ sub print_ltitools {
     my %lt = &ltitools_names();
     my @courseroles = ('cc','in','ta','ep','st');
     my @ltiroles = qw(Instructor ContentDeveloper TeachingAssistant Learner);
-    my @fields = ('fullname','firstname','lastname','email','user','roles');
+    my @fields = ('fullname','firstname','lastname','email','roles','user');
     if (keys(%ordered)) {
         my @items = sort { $a <=> $b } keys(%ordered);
         for (my $i=0; $i<@items; $i++) {
             $css_class = $itemcount%2?' class="LC_odd_row"':'';
             my $item = $ordered{$items[$i]};
-            my ($title,$key,$secret,$url,$imgsrc,$version);
+            my ($title,$key,$secret,$url,$lifetime,$imgsrc,%sigsel);
             if (ref($settings->{$item}) eq 'HASH') {
                 $title = $settings->{$item}->{'title'};
                 $url = $settings->{$item}->{'url'};
                 $key = $settings->{$item}->{'key'};
                 $secret = $settings->{$item}->{'secret'};
+                $lifetime = $settings->{$item}->{'lifetime'};
                 my $image = $settings->{$item}->{'image'};
                 if ($image ne '') {
                     $imgsrc = '<img src="'.$image.'" alt="'.&mt('Tool Provider icon').'" />';
                 }
+                if ($settings->{$item}->{'sigmethod'} eq 'HMAC-256') {
+                    $sigsel{'HMAC-256'} = ' selected="selected"';
+                } else {
+                    $sigsel{'HMAC-SHA1'} = ' selected="selected"';
+                }
             }
-            my $chgstr = ' onchange="javascript:reorderLTI(this.form,'."'ltitools_".$item."'".');"';
+            my $chgstr = ' onchange="javascript:reorderLTITools(this.form,'."'ltitools_".$item."'".');"';
             $datatable .= '<tr '.$css_class.'><td><span class="LC_nobreak">'
                          .'<select name="ltitools_'.$item.'"'.$chgstr.'>';
             for (my $k=0; $k<=$maxnum; $k++) {
@@ -3911,20 +4213,27 @@ sub print_ltitools {
                 &mt('Delete?').'</label></span></td>'.
                 '<td colspan="2">'.
                 '<fieldset><legend>'.&mt('Required settings').'</legend>'.
-                '<span class="LC_nobreak">'.$lt{'title'}.':<input type="text" size="30" name="ltitools_title_'.$i.'" value="'.$title.'" /></span> '.
+                '<span class="LC_nobreak">'.$lt{'title'}.':<input type="text" size="20" name="ltitools_title_'.$i.'" value="'.$title.'" /></span> '.
                 ('&nbsp;'x2).
                 '<span class="LC_nobreak">'.$lt{'version'}.':<select name="ltitools_version_'.$i.'">'.
                 '<option value="LTI-1p0" selected="selected">1.1</option></select></span> '.
                 ('&nbsp;'x2).
                 '<span class="LC_nobreak">'.$lt{'msgtype'}.':<select name="ltitools_msgtype_'.$i.'">'.
                 '<option value="basic-lti-launch-request" selected="selected">Launch</option></select></span> '.
+                ('&nbsp;'x2).
+                '<span class="LC_nobreak">'.$lt{'sigmethod'}.':<select name="ltitools_sigmethod_'.$i.'">'.
+                '<option value="HMAC-SHA1"'.$sigsel{'HMAC-SHA1'}.'>HMAC-SHA1</option>'.
+                '<option value="HMAC-SHA256"'.$sigsel{'HMAC-SHA256'}.'>HMAC-SHA256</option></select></span>'.
                 '<br /><br />'.
-                '<span class="LC_nobreak">'.$lt{'url'}.':<input type="text" size="30" name="ltitools_url_'.$i.'"'.
+                '<span class="LC_nobreak">'.$lt{'url'}.':<input type="text" size="40" name="ltitools_url_'.$i.'"'.
                 ' value="'.$url.'" /></span>'.
                 ('&nbsp;'x2).
-                '<span class="LC_nobreak">'.$lt{'key'}.
+                '<span class="LC_nobreak">'.$lt{'key'}.':'.
                 '<input type="text" size="25" name="ltitools_key_'.$i.'" value="'.$key.'" /></span> '.
                 ('&nbsp;'x2).
+                '<span class="LC_nobreak">'.$lt{'lifetime'}.':'.
+                '<input type="text" size="5" name="ltitools_lifetime_'.$i.'" value="'.$lifetime.'" /></span> '.
+                ('&nbsp;'x2).
                 '<span class="LC_nobreak">'.$lt{'secret'}.':'.
                 '<input type="password" size="20" name="ltitools_secret_'.$i.'" value="'.$secret.'" />'.
                 '<label><input type="checkbox" name="visible" onclick="if (this.checked) { this.form.ltitools_secret_'.$i.'.type='."'text'".' } else { this.form.ltitools_secret_'.$i.'.type='."'password'".' }" />'.&mt('Visible input').'</label>'.
@@ -3968,21 +4277,36 @@ sub print_ltitools {
                           '<div class="LC_left_float">'.$lt{'explanation'}.'<br />'.
                           '<textarea name="ltitools_explanation_'.$i.'" rows="5" cols="40">'.$currdisp{'explanation'}.
                           '</textarea></div><div style=""></div><br />';
-            $datatable .= '<br />';
+            my %units = (
+                          'passback' => 'days',
+                          'roster'   => 'seconds',
+                        );
             foreach my $extra ('passback','roster') {
+                my $validsty = 'none';
+                my $currvalid;
                 my $checkedon = '';
                 my $checkedoff = ' checked="checked"';
                 if ($settings->{$item}->{$extra}) {
                     $checkedon = $checkedoff;
                     $checkedoff = '';
-                }
-                $datatable .= $lt{$extra}.'&nbsp;'.
-                              '<label><input type="radio" name="ltitools_'.$extra.'_'.$i.'" value="1"'.$checkedon.' />'.
-                              &mt('Yes').'</label>'.('&nbsp;'x2).
-                              '<label><input type="radio" name="ltitools_'.$extra.'_'.$i.'" value="0"'.$checkedoff.' />'.
-                              &mt('No').'</label>'.('&nbsp;'x4);
+                    $validsty = 'inline-block';
+                    if ($settings->{$item}->{$extra.'valid'} =~ /^\d+\.?\d*$/) {
+                        $currvalid = $settings->{$item}->{$extra.'valid'};
+                    }
+                }
+                my $onclick = ' onclick="toggleLTITools(this.form,'."'$extra','$i'".');"';
+                $datatable .= '<div class="LC_floatleft"><span class="LC_nobreak">'.$lt{$extra}.'&nbsp;'.
+                              '<label><input type="radio" name="ltitools_'.$extra.'_'.$i.'" value="0"'.$checkedoff.$onclick.' />'.
+                              &mt('No').'</label>'.('&nbsp;'x2).
+                              '<label><input type="radio" name="ltitools_'.$extra.'_'.$i.'" value="1"'.$checkedon.$onclick.' />'.
+                              &mt('Yes').'</label></span></div>'.
+                              '<div class="LC_floatleft" style="display:'.$validsty.';" id="ltitools_'.$extra.'time_'.$i.'">'.
+                              '<span class="LC_nobreak">'.
+                              &mt("at least [_1] $units{$extra} after launch",
+                                  '<input type="text" name="ltitools_'.$extra.'valid_'.$i.'" value="'.$currvalid.'" />').
+                              '</span></div><div style="padding:0;clear:both;margin:0;border:0"></div>';
             }
-            $datatable .= '<br /><br /><span class="LC_nobreak">'.$lt{'icon'}.':&nbsp;';
+            $datatable .= '<span class="LC_nobreak">'.$lt{'icon'}.':&nbsp;';
             if ($imgsrc) {
                 $datatable .= $imgsrc.
                               '<label><input type="checkbox" name="ltitools_image_del"'.
@@ -3997,11 +4321,12 @@ sub print_ltitools {
                 $datatable .= '<input type="file" name="ltitools_image_'.$i.'" value="" />';
             }
             $datatable .= '</span></fieldset>';
-            my (%checkedfields,%rolemaps);
+            my (%checkedfields,%rolemaps,$userincdom);
             if (ref($settings->{$item}) eq 'HASH') {
                 if (ref($settings->{$item}->{'fields'}) eq 'HASH') {
                     %checkedfields = %{$settings->{$item}->{'fields'}};
                 }
+                $userincdom = $settings->{$item}->{'incdom'};
                 if (ref($settings->{$item}->{'roles'}) eq 'HASH') {
                     %rolemaps = %{$settings->{$item}->{'roles'}};
                     $checkedfields{'roles'} = 1;
@@ -4009,16 +4334,40 @@ sub print_ltitools {
             }
             $datatable .= '<fieldset><legend>'.&mt('User data sent on launch').'</legend>'.
                           '<span class="LC_nobreak">';
+            my $userfieldstyle = 'display:none;';
+            my $seluserdom = '';
+            my $unseluserdom = ' selected="selected"';
             foreach my $field (@fields) {
-                my $checked;
+                my ($checked,$onclick,$id,$spacer);
                 if ($checkedfields{$field}) {
                     $checked = ' checked="checked"';
                 }
+                if ($field eq 'user') {
+                    $id = ' id="ltitools_user_field_'.$i.'"';
+                    $onclick = ' onclick="toggleLTITools(this.form,'."'$field','$i'".')"';
+                    if ($checked) {
+                        $userfieldstyle = 'display:inline-block';
+                        if ($userincdom) {
+                            $seluserdom = $unseluserdom;
+                            $unseluserdom = '';
+                        }
+                    }
+                } else {
+                    $spacer = ('&nbsp;' x2);
+                }
                 $datatable .= '<label>'.
-                              '<input type="checkbox" name="ltitools_fields_'.$i.'" value="'.$field.'"'.$checked.' />'.
-                              $lt{$field}.'</label>'.('&nbsp;' x2);
+                              '<input type="checkbox" name="ltitools_fields_'.$i.'" value="'.$field.'"'.$id.$checked.$onclick.' />'.
+                              $lt{$field}.'</label>'.$spacer;
             }
-            $datatable .= '</span></fieldset>'.
+            $datatable .= '</span>';
+            $datatable .= '<div style="'.$userfieldstyle.'" id="ltitools_user_div_'.$i.'">'.
+                          '<span class="LC_nobreak"> : '.
+                          '<select name="ltitools_userincdom_'.$i.'">'.
+                          '<option value="">'.&mt('Select').'</option>'.
+                          '<option value="0"'.$unseluserdom.'>'.&mt('username').'</option>'.
+                          '<option value="1"'.$seluserdom.'>'.&mt('username:domain').'</option>'.
+                          '</select></span></div>';
+            $datatable .= '</fieldset>'.
                           '<fieldset><legend>'.&mt('Role mapping').'</legend><table><tr>';
             foreach my $role (@courseroles) {
                 my ($selected,$selectnone);
@@ -4049,7 +4398,7 @@ sub print_ltitools {
                 }
             }
             $datatable .= '<fieldset><legend>'.&mt('Configurable in course').'</legend><span class="LC_nobreak">';
-            foreach my $item ('label','title','target','linktext','explanation') {
+            foreach my $item ('label','title','target','linktext','explanation','append') {
                 my $checked;
                 if ($courseconfig{$item}) {
                     $checked = ' checked="checked"';
@@ -4082,7 +4431,7 @@ sub print_ltitools {
         }
     }
     $css_class = $itemcount%2?' class="LC_odd_row"':'';
-    my $chgstr = ' onchange="javascript:reorderLTI(this.form,'."'ltitools_add_pos'".');"';
+    my $chgstr = ' onchange="javascript:reorderLTITools(this.form,'."'ltitools_add_pos'".');"';
     $datatable .= '<tr '.$css_class.'><td><span class="LC_nobreak">'."\n".
                   '<input type="hidden" name="ltitools_maxnum" value="'.$maxnum.'" />'."\n".
                   '<select name="ltitools_add_pos"'.$chgstr.'>';
@@ -4098,18 +4447,23 @@ sub print_ltitools {
                   '<input type="checkbox" name="ltitools_add" value="1" />'.&mt('Add').'</td>'."\n".
                   '<td colspan="2">'.
                   '<fieldset><legend>'.&mt('Required settings').'</legend>'.
-                  '<span class="LC_nobreak">'.$lt{'title'}.':<input type="text" size="30" name="ltitools_add_title" value="" /></span> '."\n".
+                  '<span class="LC_nobreak">'.$lt{'title'}.':<input type="text" size="20" name="ltitools_add_title" value="" /></span> '."\n".
                   ('&nbsp;'x2).
                   '<span class="LC_nobreak">'.$lt{'version'}.':<select name="ltitools_add_version">'.
                   '<option value="LTI-1p0" selected="selected">1.1</option></select></span> '."\n".
                   ('&nbsp;'x2).
                   '<span class="LC_nobreak">'.$lt{'msgtype'}.':<select name="ltitools_add_msgtype">'.
                   '<option value="basic-lti-launch-request" selected="selected">Launch</option></select></span> '.
+                  '<span class="LC_nobreak">'.$lt{'sigmethod'}.':<select name="ltitools_add_sigmethod">'.
+                  '<option value="HMAC-SHA1" selected="selected">HMAC-SHA1</option>'.
+                  '<option value="HMAC-SHA256">HMAC-SHA256</option></select></span>'.
                   '<br />'.
-                  '<span class="LC_nobreak">'.$lt{'url'}.':<input type="text" size="30" name="ltitools_add_url" value="" /></span> '."\n".
+                  '<span class="LC_nobreak">'.$lt{'url'}.':<input type="text" size="40" name="ltitools_add_url" value="" /></span> '."\n".
                   ('&nbsp;'x2).
                   '<span class="LC_nobreak">'.$lt{'key'}.':<input type="text" size="25" name="ltitools_add_key" value="" /></span> '."\n".
                   ('&nbsp;'x2).
+                  '<span class="LC_nobreak">'.$lt{'lifetime'}.':<input type="text" size="5" name="ltitools_add_lifetime" value="300" /></span> '."\n".
+                  ('&nbsp;'x2).
                   '<span class="LC_nobreak">'.$lt{'secret'}.':<input type="password" size="20" name="ltitools_add_secret" value="" />'.
                   '<label><input type="checkbox" name="visible" onclick="if (this.checked) { this.form.ltitools_add_secret.type='."'text'".' } else { this.form.ltitools_add_secret.type='."'password'".' }" />'.&mt('Visible input').'</label></span> '."\n".
                   '</fieldset>'.
@@ -4133,14 +4487,28 @@ sub print_ltitools {
                   '<div class="LC_left_float">'.$lt{'explanation'}.'<br />'.
                   '<textarea name=ltitools_add_explanation" rows="5" cols="40"></textarea>'.
                   '</div><div style=""></div><br />';
+    my %units = (
+                  'passback' => 'days',
+                  'roster'   => 'seconds',
+                );
+    my %defaulttimes = (
+                     'passback' => '7',
+                     'roster'   => '300',
+                   );
     foreach my $extra ('passback','roster') {
-        $datatable .= $lt{$extra}.'&nbsp;'.
-                      '<label><input type="radio" name="ltitools_add_'.$extra.'" value="1" />'.
-                      &mt('Yes').'</label>'.('&nbsp;'x2).
-                      '<label><input type="radio" name="ltitools_add_'.$extra.'" value="0" checked="checked" />'.
-                      &mt('No').'</label>'.('&nbsp;'x4);
+        my $onclick = ' onclick="toggleLTITools(this.form,'."'$extra','add'".');"';
+        $datatable .= '<div class="LC_floatleft"><span class="LC_nobreak">'.$lt{$extra}.'&nbsp;'.
+                      '<label><input type="radio" name="ltitools_'.$extra.'_add" value="0" checked="checked"'.$onclick.' />'.
+                      &mt('No').'</label></span>'.('&nbsp;'x2).'<span class="LC_nobreak">'.
+                      '<label><input type="radio" name="ltitools_'.$extra.'_add" value="1"'.$onclick.' />'.
+                      &mt('Yes').'</label></span></div>'.
+                      '<div class="LC_floatleft" style="display:none;" id="ltitools_'.$extra.'time_add">'.
+                      '<span class="LC_nobreak">'.
+                      &mt("at least [_1] $units{$extra} after launch",
+                          '<input type="text" name="ltitools_'.$extra.'valid_add" value="'.$defaulttimes{$extra}.'" />').
+                      '</span></div><div style="padding:0;clear:both;margin:0;border:0"></div>';
     }
-    $datatable .= '<br /><br /><span class="LC_nobreak">'.$lt{'icon'}.':&nbsp;'.
+    $datatable .= '<span class="LC_nobreak">'.$lt{'icon'}.':&nbsp;'.
                   '('.&mt('if larger than 21x21 pixels, image will be scaled').')&nbsp;';
     if ($switchserver) {
         $datatable .= &mt('Upload to library server: [_1]',$switchserver);
@@ -4151,12 +4519,26 @@ sub print_ltitools {
                   '<fieldset><legend>'.&mt('User data sent on launch').'</legend>'.
                   '<span class="LC_nobreak">';
     foreach my $field (@fields) {
+        my ($id,$onclick,$spacer);
+        if ($field eq 'user') {
+            $id = ' id="ltitools_user_field_add"';
+            $onclick = ' onclick="toggleLTITools(this.form,'."'$field','add'".')"';
+        } else {
+            $spacer = ('&nbsp;' x2);
+        }
         $datatable .= '<label>'.
-                      '<input type="checkbox" name="ltitools_add_fields" value="'.$field.'" />'.
-                      $lt{$field}.'</label>'.('&nbsp;' x2);
+                      '<input type="checkbox" name="ltitools_add_fields" value="'.$field.'"'.$id.$onclick.' />'.
+                      $lt{$field}.'</label>'.$spacer;
     }
-    $datatable .= '</span></fieldset>'.
-                  '<fieldset><legend>'.&mt('Role mapping').'</legend><table><tr>';
+    $datatable .= '</span>'.
+                  '<div style="display:none;" id="ltitools_user_div_add">'.
+                  '<span class="LC_nobreak"> : '.
+                  '<select name="ltitools_userincdom_add">'.
+                  '<option value="" selected="selected">'.&mt('Select').'</option>'.
+                  '<option value="0">'.&mt('username').'</option>'.
+                  '<option value="1">'.&mt('username:domain').'</option>'.
+                  '</select></span></div></fieldset>';
+    $datatable .= '<fieldset><legend>'.&mt('Role mapping').'</legend><table><tr>';
     foreach my $role (@courseroles) {
         my ($checked,$checkednone);
         $datatable .= '<td style="text-align: center">'.
@@ -4170,7 +4552,7 @@ sub print_ltitools {
     }
     $datatable .= '</tr></table></fieldset>'.
                   '<fieldset><legend>'.&mt('Configurable in course').'</legend><span class="LC_nobreak">';
-    foreach my $item ('label','title','target','linktext','explanation') {
+    foreach my $item ('label','title','target','linktext','explanation','append') {
         $datatable .= '<label>'.
                       '<input type="checkbox" name="ltitools_courseconfig" value="'.$item.'" checked="checked" />'.
                       $lt{'crs'.$item}.'</label>'.('&nbsp;' x2)."\n";
@@ -4194,11 +4576,13 @@ sub ltitools_names {
                                           'title'          => 'Title',
                                           'version'        => 'Version',
                                           'msgtype'        => 'Message Type',
+                                          'sigmethod'      => 'Signature Method',
                                           'url'            => 'URL',
                                           'key'            => 'Key',
+                                          'lifetime'       => 'Nonce lifetime (s)',
                                           'secret'         => 'Secret',
                                           'icon'           => 'Icon',   
-                                          'user'           => 'Username:domain',
+                                          'user'           => 'User',
                                           'fullname'       => 'Full Name',
                                           'firstname'      => 'First Name',
                                           'lastname'       => 'Last Name',
@@ -4218,10 +4602,447 @@ sub ltitools_names {
                                           'crstitle'       => 'Course title', 
                                           'crslinktext'    => 'Link Text',
                                           'crsexplanation' => 'Explanation',
+                                          'crsappend'      => 'Provider URL',
+                                        );
+    return %lt;
+}
+
+sub print_lti {
+    my ($dom,$settings,$rowtotal) = @_;
+    my $itemcount = 1;
+    my $maxnum = 0;
+    my $css_class;
+    my %ordered;
+    if (ref($settings) eq 'HASH') {
+        foreach my $item (keys(%{$settings})) {
+            if (ref($settings->{$item}) eq 'HASH') {
+                my $num = $settings->{$item}{'order'};
+                $ordered{$num} = $item;
+            }
+        }
+    }
+    my $maxnum = scalar(keys(%ordered));
+    my $datatable = &lti_javascript($settings);
+    my %lt = &lti_names();
+    if (keys(%ordered)) {
+        my @items = sort { $a <=> $b } keys(%ordered);
+        for (my $i=0; $i<@items; $i++) {
+            $css_class = $itemcount%2?' class="LC_odd_row"':'';
+            my $item = $ordered{$items[$i]};
+            my ($key,$secret,$lifetime,$consumer,$current);
+            if (ref($settings->{$item}) eq 'HASH') {
+                $key = $settings->{$item}->{'key'};
+                $secret = $settings->{$item}->{'secret'};
+                $lifetime = $settings->{$item}->{'lifetime'};
+                $consumer = $settings->{$item}->{'consumer'};
+                $current = $settings->{$item};
+            }
+            my $chgstr = ' onchange="javascript:reorderLTI(this.form,'."'lti_pos_".$item."'".');"';
+            $datatable .= '<tr '.$css_class.'><td><span class="LC_nobreak">'
+                         .'<select name="lti_pos_'.$item.'"'.$chgstr.'>';
+            for (my $k=0; $k<=$maxnum; $k++) {
+                my $vpos = $k+1;
+                my $selstr;
+                if ($k == $i) {
+                    $selstr = ' selected="selected" ';
+                }
+                $datatable .= '<option value="'.$k.'"'.$selstr.'>'.$vpos.'</option>';
+            }
+            $datatable .= '</select>'.('&nbsp;'x2).
+                '<label><input type="checkbox" name="lti_del" value="'.$item.'" />'.
+                &mt('Delete?').'</label></span></td>'.
+                '<td colspan="2">'.
+                '<fieldset><legend>'.&mt('Required settings').'</legend>'.
+                '<span class="LC_nobreak">'.$lt{'consumer'}.
+                ':<input type="text" size="20" name="lti_consumer_'.$i.'" value="'.$consumer.'" /></span> '.
+                ('&nbsp;'x2).
+                '<span class="LC_nobreak">'.$lt{'version'}.':<select name="lti_version_'.$i.'">'.
+                '<option value="LTI-1p0" selected="selected">1.1</option></select></span> '.
+                ('&nbsp;'x2).
+                '<span class="LC_nobreak">'.$lt{'lifetime'}.':<input type="text" name="lti_lifetime_'.$i.'"'.
+                'value="'.$lifetime.'" size="5" /></span>'.
+                '<br /><br />'.
+                '<span class="LC_nobreak">'.$lt{'key'}.
+                ':<input type="text" size="25" name="lti_key_'.$i.'" value="'.$key.'" /></span> '.
+                ('&nbsp;'x2).
+                '<span class="LC_nobreak">'.$lt{'secret'}.':'.
+                '<input type="password" size="20" name="lti_secret_'.$i.'" value="'.$secret.'" />'.
+                '<label><input type="checkbox" name="visible" onclick="if (this.checked) { this.form.lti_secret_'.$i.'.type='."'text'".' } else { this.form.lti_secret_'.$i.'.type='."'password'".' }" />'.&mt('Visible input').'</label>'.
+                '<input type="hidden" name="lti_id_'.$i.'" value="'.$item.'" /></span>'.
+                '</fieldset>'.&lti_options($i,$current,$itemcount,%lt).'</td></tr>';
+            $itemcount ++;
+        }
+    }
+    $css_class = $itemcount%2?' class="LC_odd_row"':'';
+    my $chgstr = ' onchange="javascript:reorderLTI(this.form,'."'lti_pos_add'".');"';
+    $datatable .= '<tr '.$css_class.'><td><span class="LC_nobreak">'."\n".
+                  '<input type="hidden" name="lti_maxnum" value="'.$maxnum.'" />'."\n".
+                  '<select name="lti_pos_add"'.$chgstr.'>';
+    for (my $k=0; $k<$maxnum+1; $k++) {
+        my $vpos = $k+1;
+        my $selstr;
+        if ($k == $maxnum) {
+            $selstr = ' selected="selected" ';
+        }
+        $datatable .= '<option value="'.$k.'"'.$selstr.'>'.$vpos.'</option>';
+    }
+    $datatable .= '</select>&nbsp;'."\n".
+                  '<input type="checkbox" name="lti_add" value="1" />'.&mt('Add').'</td>'."\n".
+                  '<td colspan="2">'.
+                  '<fieldset><legend>'.&mt('Required settings').'</legend>'.
+                  '<span class="LC_nobreak">'.$lt{'consumer'}.
+                  ':<input type="text" size="20" name="lti_consumer_add" value="" /></span> '."\n".
+                  ('&nbsp;'x2).
+                  '<span class="LC_nobreak">'.$lt{'version'}.':<select name="lti_version_add">'.
+                  '<option value="LTI-1p0" selected="selected">1.1</option></select></span> '."\n".
+                  ('&nbsp;'x2).
+                  '<span class="LC_nobreak">'.$lt{'lifetime'}.':<input type="text" size="5" name="lti_lifetime_add" value="300" /></span> '."\n".
+                  '<br /><br />'.
+                  '<span class="LC_nobreak">'.$lt{'key'}.':<input type="text" size="25" name="lti_key_add" value="" /></span> '."\n".
+                  ('&nbsp;'x2).
+                  '<span class="LC_nobreak">'.$lt{'secret'}.':<input type="password" size="20" name="lti_secret_add" value="" />'.
+                  '<label><input type="checkbox" name="visible" onclick="if (this.checked) { this.form.lti_secret_add.type='."'text'".' } else { this.form.lti_secret_add.type='."'password'".' }" />'.&mt('Visible input').'</label></span> '."\n".
+                  '</fieldset>'.&lti_options('add',undef,$itemcount,%lt).
+                  '</td>'."\n".
+                  '</tr>'."\n";
+    $$rowtotal ++;
+    return $datatable;;
+}
+
+sub lti_names {
+    my %lt = &Apache::lonlocal::texthash(
+                                          'version'   => 'LTI Version',
+                                          'url'       => 'URL',
+                                          'key'       => 'Key',
+                                          'lifetime'  => 'Nonce lifetime (s)',
+                                          'consumer'  => 'LTI Consumer', 
+                                          'secret'    => 'Secret',
+                                          'email'     => 'Email address',
+                                          'sourcedid' => 'User ID',
+                                          'other'     => 'Other',
+                                          'passback'  => 'Can return grades to Consumer:',
+                                          'roster'    => 'Can retrieve roster from Consumer:',
+                                          'topmenu'   => 'Display LON-CAPA page header',
+                                          'inlinemenu'=> 'Display LON-CAPA inline menu', 
                                         );
     return %lt;
 }
 
+sub lti_options {
+    my ($num,$current,$itemcount,%lt) = @_;
+    my (%checked,%rolemaps,$crssecsrc,$userfield,$cidfield);
+    $checked{'mapuser'}{'sourcedid'} = ' checked="checked"';
+    $checked{'mapcrs'}{'course_offering_sourcedid'} = ' checked="checked"';
+    $checked{'makecrs'}{'N'} = '  checked="checked"';
+    $checked{'mapcrstype'} = {};
+    $checked{'makeuser'} = {};
+    $checked{'selfenroll'} = {};
+    $checked{'crssec'} = {};
+    $checked{'crssecsrc'} = {};
+    $checked{'lcauth'} = {};
+    $checked{'menuitem'} = {};
+    if ($num eq 'add') {
+        $checked{'lcauth'}{'lti'} = ' checked="checked"';
+    }
+    my $userfieldsty = 'none';
+    my $crsfieldsty = 'none';
+    my $crssecfieldsty = 'none';
+    my $secsrcfieldsty = 'none';
+    my $lcauthparm;
+    my $lcauthparmstyle = 'display:none';
+    my $lcauthparmtext;
+    my $menusty;
+    my $numinrow = 4;
+    my %menutitles = &ltimenu_titles();
+
+    if (ref($current) eq 'HASH') {
+        if (($current->{'mapuser'} ne '') && ($current->{'mapuser'} ne 'lis_person_sourcedid')) {
+            $checked{'mapuser'}{'sourcedid'} = '';
+            if ($current->{'mapuser'} eq 'lis_person_contact_email_primary') {
+                $checked{'mapuser'}{'email'} = ' checked="checked"'; 
+            } else {
+                $checked{'mapuser'}{'other'} = ' checked="checked"';
+                $userfield = $current->{'mapuser'};
+                $userfieldsty = 'inline-block';
+            }
+        }
+        if (($current->{'mapcrs'} ne '') && ($current->{'mapcrs'} ne 'course_offering_sourcedid')) {
+            $checked{'mapcrs'}{'course_offering_sourcedid'} = '';
+            if ($current->{'mapcrs'} eq 'context_id') {
+                $checked{'mapcrs'}{'context_id'} = ' checked="checked"'; 
+            } else {
+                $checked{'mapcrs'}{'other'} = ' checked="checked"';
+                $cidfield = $current->{'mapcrs'};
+                $crsfieldsty = 'inline-block';
+            }
+        }
+        if (ref($current->{'mapcrstype'}) eq 'ARRAY') {
+            foreach my $type (@{$current->{'mapcrstype'}}) {
+                $checked{'mapcrstype'}{$type} = ' checked="checked"';
+            }
+        }
+        if ($current->{'makecrs'}) { 
+            $checked{'makecrs'}{'Y'} = '  checked="checked"';
+        }
+        if (ref($current->{'makeuser'}) eq 'ARRAY') {
+            foreach my $role (@{$current->{'makeuser'}}) {
+                $checked{'makeuser'}{$role} = ' checked="checked"';
+            }
+        }
+        if ($current->{'lcauth'} =~ /^(internal|localauth|krb4|krb5|lti)$/) {
+            $checked{'lcauth'}{$1} = ' checked="checked"';
+            unless (($current->{'lcauth'} eq 'lti') || ($current->{'lcauth'} eq 'internal')) {
+                $lcauthparm = $current->{'lcauthparm'};
+                $lcauthparmstyle = 'display:table-row'; 
+                if ($current->{'lcauth'} eq 'localauth') {
+                    $lcauthparmtext = &mt('Local auth argument');
+                } else {
+                    $lcauthparmtext = &mt('Kerberos domain');
+                }
+            }
+        }
+        if (ref($current->{'selfenroll'}) eq 'ARRAY') {
+            foreach my $role (@{$current->{'selfenroll'}}) {
+                $checked{'selfenroll'}{$role} = ' checked="checked"';
+            }
+        }
+        if (ref($current->{'maproles'}) eq 'HASH') {
+            %rolemaps = %{$current->{'maproles'}};
+        }
+        if ($current->{'section'} ne '') {
+            $checked{'crssec'}{'Y'} = '  checked="checked"'; 
+            $crssecfieldsty = 'inline-block';
+            if ($current->{'section'} eq 'course_section_sourcedid') {
+                $checked{'crssecsrc'}{'sourcedid'} = ' checked="checked"';
+            } else {
+                $checked{'crssecsrc'}{'other'} = ' checked="checked"';
+                $crssecsrc = $current->{'section'};
+                $secsrcfieldsty = 'inline-block';
+            }
+        } else {
+            $checked{'crssec'}{'N'} = ' checked="checked"';
+        }
+        if ($current->{'topmenu'}) {
+            $checked{'topmenu'}{'Y'} = ' checked="checked"';
+        } else {
+            $checked{'topmenu'}{'N'} = ' checked="checked"';
+        }
+        if ($current->{'inlinemenu'}) {
+            $checked{'inlinemenu'}{'Y'} = ' checked="checked"';
+        } else {
+            $checked{'inlinemenu'}{'N'} = ' checked="checked"';
+        }
+        if (($current->{'topmenu'}) || ($current->{'inlinemenu'})) {
+            $menusty = 'inline-block';
+            if (ref($current->{'lcmenu'}) eq 'ARRAY') {
+                foreach my $item (@{$current->{'lcmenu'}}) {
+                    if (exists($menutitles{$item})) {
+                        $checked{'menuitem'}{$item} = ' checked="checked"';
+                    }
+                }
+            }
+        } else {
+            $menusty = 'none';
+        }
+    } else {
+        $checked{'makecrs'}{'N'} = ' checked="checked"';
+        $checked{'crssec'}{'N'} = ' checked="checked"';
+        $checked{'topmenu'}{'N'} = ' checked="checked"';
+        $checked{'inlinemenu'}{'Y'} = ' checked="checked"'; 
+        $checked{'menuitem'}{'grades'} = ' checked="checked"';
+        $menusty = 'inline-block'; 
+    }
+    my @coursetypes = ('official','unofficial','community','textbook','placement','lti');
+    my %coursetypetitles = &Apache::lonlocal::texthash (
+                               official   => 'Official',
+                               unofficial => 'Unofficial',
+                               community  => 'Community',
+                               textbook   => 'Textbook',
+                               placement  => 'Placement Test',
+                               lti        => 'LTI Provider',
+    );
+    my @authtypes = ('internal','krb4','krb5','localauth');
+    my %shortauth = (
+                     internal => 'int',
+                     krb4 => 'krb4',
+                     krb5 => 'krb5',
+                     localauth  => 'loc'
+                    );
+    my %authnames = &authtype_names();
+    my @ltiroles = qw(Learner Instructor ContentDeveloper TeachingAssistant Mentor Member Manager Administrator);
+    my @lticourseroles = qw(Learner Instructor TeachingAssistant Mentor);
+    my @courseroles = ('cc','in','ta','ep','st');
+    my $onclickuser = ' onclick="toggleLTI(this.form,'."'user','$num'".');"';
+    my $onclickcrs = ' onclick="toggleLTI(this.form,'."'crs','$num'".');"';
+    my $onclicksec = ' onclick="toggleLTI(this.form,'."'sec','$num'".');"';
+    my $onclicksecsrc = ' onclick="toggleLTI(this.form,'."'secsrc','$num'".')"';
+    my $onclicklcauth = ' onclick="toggleLTI(this.form,'."'lcauth','$num'".')"';
+    my $onclickmenu = ' onclick="toggleLTI(this.form,'."'lcmenu','$num'".');"';
+    my $output = '<fieldset><legend>'.&mt('Mapping users').'</legend>'.
+                 '<div class="LC_floatleft"><span class="LC_nobreak">'.&mt('LON-CAPA username').':&nbsp;';
+    foreach my $option ('sourcedid','email','other') {
+        $output .= '<label><input type="radio" name="lti_mapuser_'.$num.'" value="'.$option.'"'.
+                   $checked{'mapuser'}{$option}.$onclickuser.' />'.$lt{$option}.'</label>'.
+                   ($option eq 'other' ? '' : ('&nbsp;'x2) );
+    }
+    $output .= '</span></div>'.
+               '<div class="LC_floatleft" style="display:'.$userfieldsty.';" id="lti_userfield_'.$num.'">'.
+               '<input type="text" name="lti_customuser_'.$num.'" '.
+               'value="'.$userfield.'" /></div></fieldset>'. 
+               '<fieldset><legend>'.&mt('Mapping course roles').'</legend><table><tr>';
+    foreach my $ltirole (@lticourseroles) {
+        my ($selected,$selectnone);
+        if ($rolemaps{$ltirole} eq '') {
+            $selectnone = ' selected="selected"';
+        }
+        $output .= '<td style="text-align: center">'.$ltirole.'<br />'.
+                   '<select name="lti_maprole_'.$ltirole.'_'.$num.'">'.
+                   '<option value=""'.$selectnone.'>'.&mt('Select').'</option>';
+        foreach my $role (@courseroles) {
+            unless ($selectnone) {
+                if ($rolemaps{$ltirole} eq $role) {
+                    $selected = ' selected="selected"';
+                } else {
+                    $selected = '';
+                }
+            }
+            $output .= '<option value="'.$role.'"'.$selected.'>'.
+                       &Apache::lonnet::plaintext($role,'Course').
+                       '</option>';
+        }
+        $output .= '</select></td>';
+    }
+    $output .= '</tr></table></fieldset>'.
+               '<fieldset><legend>'.&mt('Roles which may create user accounts').'</legend>';
+    foreach my $ltirole (@ltiroles) {
+        $output .= '<span class="LC_nobreak"><label><input type="checkbox" name="lti_makeuser_'.$num.'" value="'.$ltirole.'"'.
+                   $checked{'makeuser'}{$ltirole}.' />'.$ltirole.'</label>&nbsp;</span> ';     
+    }
+    $output .= '</fieldset>'.
+               '<fieldset><legend>'.&mt('New user accounts created for LTI users').'</legend>'.
+               '<table>'.
+               &modifiable_userdata_row('lti','instdata_'.$num,$current,$numinrow,$itemcount).
+               '</table>'.
+               '<table class="LC_nested"><tr><td class="LC_left_item">LON-CAPA Authentication</td>'.
+               '<td class="LC_left_item">';
+    foreach my $auth ('lti',@authtypes) {
+        my $authtext;
+        if ($auth eq 'lti') {
+            $authtext = &mt('None');
+        } else {
+            $authtext = $authnames{$shortauth{$auth}};
+        }
+        $output .= '<span class="LC_nobreak"><label><input type="radio" name="lti_lcauth_'.$num.
+                   '" value="'.$auth.'"'.$checked{'lcauth'}{$auth}.$onclicklcauth.' />'.
+                   $authtext.'</label></span> &nbsp;';
+    }
+    $output .= '</td></tr>'.
+               '<tr id="lti_lcauth_parmrow_'.$num.'" style="'.$lcauthparmstyle.'">'.
+               '<td class="LC_right_item" colspan="2"><span class="LC_nobreak">'.
+               '<span id="lti_lcauth_parmtext_'.$num.'">'.$lcauthparmtext.'</span>'.
+               '<input type="text" name="lti_lcauthparm_'.$num.'" value="" /></span></td></tr>'.
+               '</table></fieldset>'.
+               '<fieldset><legend>'.&mt('Mapping courses').'</legend>'.
+               '<div class="LC_floatleft"><span class="LC_nobreak">'.
+               &mt('Unique course identifier').':&nbsp;';
+    foreach my $option ('course_offering_sourcedid','context_id','other') {
+        $output .= '<label><input type="radio" name="lti_mapcrs_'.$num.'" value="'.$option.'"'.
+                   $checked{'mapcrs'}{$option}.$onclickcrs.' />'.$option.'</label>'.
+                   ($option eq 'other' ? '' : ('&nbsp;'x2) );
+    }
+    $output .= '</div><div class="LC_floatleft" style="display:'.$crsfieldsty.';" id="lti_crsfield_'.$num.'".>'.
+               '<input type="text" name="lti_mapcrsfield_'.$num.'" value="'.$cidfield.'" />'.
+               '</div><div style="padding:0;clear:both;margin:0;border:0"></div>'.
+               '<span class="LC_nobreak">'.&mt('LON-CAPA course type(s)').':&nbsp;';
+    foreach my $type (@coursetypes) {
+        $output .= '<label><input type="checkbox" name="lti_mapcrstype_'.$num.'" value="'.$type.'"'.
+                   $checked{'mapcrstype'}{$type}.' />'.$coursetypetitles{$type}.'</label>'.
+                   ('&nbsp;'x2);
+    }
+    $output .= '</span></fieldset>'.
+               '<fieldset><legend>'.&mt('Creating courses').'</legend>'.
+               '<span class="LC_nobreak">'.&mt('Course created (if absent) on Instructor access').':&nbsp;'.
+               '<label><input type="radio" name="lti_makecrs_'.$num.'" value="0"'.
+               $checked{'makecrs'}{'N'}.' />'.&mt('No').'</label>'.('&nbsp;'x2).
+               '<label><input type="radio" name="lti_makecrs_'.$num.'" value="1"'.
+               $checked{'makecrs'}{'Y'}.' />'.&mt('Yes').'</label></span>'.
+               '</fieldset>'.
+               '<fieldset><legend>'.&mt('Roles which may self-enroll').'</legend>';
+    foreach my $lticrsrole (@lticourseroles) {
+        $output .= '<span class="LC_nobreak"><label><input type="checkbox" name="lti_selfenroll_'.$num.'" value="'.$lticrsrole.'"'.
+                   $checked{'selfenroll'}{$lticrsrole}.' />'.$lticrsrole.'</label>&nbsp;</span> ';
+    }
+    $output .= '</fieldset>'.
+               '<fieldset><legend>'.&mt('Course options').'</legend>'.
+               '<div class="LC_floatleft"><span class="LC_nobreak">'.&mt('Assign users to sections').':&nbsp;'.
+               '<label><input type="radio" name="lti_crssec_'.$num.'" value="0"'.
+               $checked{'crssec'}{'N'}.$onclicksec.' />'.&mt('No').'</label>'.('&nbsp;'x2).
+               '<label><input type="radio" name="lti_crssec_'.$num.'" value="1"'.
+               $checked{'crssec'}{'Y'}.$onclicksec.' />'.&mt('Yes').'</label><span></div>'.
+               '<div class="LC_floatleft" style="display:'.$crssecfieldsty.';" id="lti_crssecfield_'.$num.'">'.
+               '<span class="LC_nobreak">'.&mt('From').':<label>'.
+               '<input type="radio" name="lti_crssecsrc_'.$num.'" value="course_section_sourcedid"'.
+               $checked{'crssecsrc'}{'sourcedid'}.$onclicksecsrc.' />'.
+               &mt('Standard field').'</label>'.('&nbsp;'x2).
+               '<label><input type="radio" name="lti_crssecsrc_'.$num.'" value="other"'.
+               $checked{'crssecsrc'}{'other'}.$onclicksecsrc.' />'.&mt('Other').
+               '</label></div><div class="LC_floatleft" style="display:'.$secsrcfieldsty.';" id="lti_secsrcfield_'.$num.'">'.
+               '<input type="text" name="lti_customsection_'.$num.'" value="'.$crssecsrc.'" />'.
+               '</div><div style="padding:0;clear:both;margin:0;border:0"></div>'; 
+    foreach my $extra ('passback','roster') {
+        my $checkedon = '';
+        my $checkedoff = ' checked="checked"';
+        if (ref($current) eq 'HASH') {
+            if (($current->{$extra})) {
+                $checkedon = $checkedoff;
+                $checkedoff = '';
+            }
+        }
+        $output .= $lt{$extra}.'&nbsp;'.
+                   '<label><input type="radio" name="lti_'.$extra.'_'.$num.'" value="0"'.$checkedoff.' />'.
+                   &mt('No').'</label>'.('&nbsp;'x2).
+                   '<label><input type="radio" name="lti_'.$extra.'_'.$num.'" value="1"'.$checkedon.' />'.
+                   &mt('Yes').'</label><br />';
+    }
+    $output .= '</span></fieldset>'.
+               '<fieldset><legend>'.&mt('Course defaults (Course Coordinator can override)').'</legend>'.
+               '<div class="LC_floatleft"><span class="LC_nobreak">'.$lt{'topmenu'}.':&nbsp;'.
+               '<label><input type="radio" name="lti_topmenu_'.$num.'" value="0"'.
+               $checked{'topmenu'}{'N'}.$onclickmenu.' />'.&mt('No').'</label>'.('&nbsp;'x2).
+               '<label><input type="radio" name="lti_topmenu_'.$num.'" value="1"'.
+               $checked{'topmenu'}{'Y'}.$onclickmenu.' />'.&mt('Yes').'</label><span></div>'.
+               '<div style="padding:0;clear:both;margin:0;border:0"></div>'.
+               '<div class="LC_floatleft"><span class="LC_nobreak">'.$lt{'inlinemenu'}.':&nbsp;'.
+               '<label><input type="radio" name="lti_inlinemenu_'.$num.'" value="0"'.
+               $checked{'inlinemenu'}{'N'}.$onclickmenu.' />'.&mt('No').'</label>'.('&nbsp;'x2).
+               '<label><input type="radio" name="lti_inlinemenu_'.$num.'" value="1"'.
+               $checked{'inlinemenu'}{'Y'}.$onclickmenu.' />'.&mt('Yes').'</label><span></div>';
+     $output .='<div style="padding:0;clear:both;margin:0;border:0"></div>'. 
+               '<div class="LC_floatleft" style="display:'.$menusty.';" id="lti_menufield_'.$num.'">'.
+               '<span class="LC_nobreak">'.&mt('Menu items').':&nbsp;';
+    foreach my $type ('fullname','coursetitle','role','logout','grades') {
+        $output .= '<label><input type="checkbox" name="lti_menuitem_'.$num.'" value="'.$type.'"'.
+                   $checked{'menuitem'}{$type}.' />'.$menutitles{$type}.'</label>'.
+                   ('&nbsp;'x2);
+    }
+    $output .= '</span></fieldset>';
+#        '<fieldset><legend>'.&mt('Assigning author roles').'</legend>';
+#
+#    $output .= '</fieldset>'.
+#        '<fieldset><legend>'.&mt('Assigning domain roles').'</legend>';
+    return $output;
+}
+
+sub ltimenu_titles {
+    return &Apache::lonlocal::texthash(
+                                        fullname    => 'Full name',
+                                        coursetitle => 'Course title',
+                                        role        => 'Role',
+                                        logout      => 'Logout',
+                                        grades      => 'Grades',
+    );
+}
+
 sub print_coursedefaults {
     my ($position,$dom,$settings,$rowtotal) = @_;
     my ($css_class,$datatable,%checkedon,%checkedoff,%defaultchecked,@toggles);
@@ -4329,7 +5150,7 @@ sub print_coursedefaults {
                     if ($checked) {
                         $show = 'block';
                     }
-                    $additional = '<div id="cloneinstcode" style="display:'.$show.'" />'.
+                    $additional = '<div id="cloneinstcode" style="display:'.$show.';" />'.
                                   &mt('Institutional codes for new and cloned course have identical:').
                                   '<br />';
                     foreach my $item (@code_order) {
@@ -5644,7 +6465,7 @@ sub loadbalance_rule_row {
     }
     my $space;
     if ($islast && $num == 1) {
-        $space = '<div display="inline-block">&nbsp;</div>';
+        $space = '<div style="display:inline-block;">&nbsp;</div>';
     }
     my $output =
         '<tr class="'.$css_class.'" id="balanceruletr_'.$balnum.'_'.$num.'"><td style="vertical-align: top">'.$space.
@@ -5794,8 +6615,9 @@ sub courserequest_titles {
                                    community  => 'Communities',
                                    textbook   => 'Textbook',
                                    placement  => 'Placement tests',
+                                   lti        => 'LTI Provider',
                                    norequest  => 'Not allowed',
-                                   approval   => 'Approval by Dom. Coord.',
+                                   approval   => 'Approval by DC',
                                    validate   => 'With validation',
                                    autolimit  => 'Numerical limit',
                                    unlimited  => '(blank for unlimited)',
@@ -5907,7 +6729,7 @@ sub print_usercreation {
         }
     } else {
         my @contexts = ('author','course','domain');
-        my @authtypes = ('int','krb4','krb5','loc');
+        my @authtypes = ('int','krb4','krb5','loc','lti');
         my %checked;
         if (ref($settings) eq 'HASH') {
             if (ref($settings->{'authtypes'}) eq 'HASH') {
@@ -6647,6 +7469,7 @@ sub authtype_names {
                       krb4   => 'Kerberos 4',
                       krb5   => 'Kerberos 5',
                       loc    => 'Local',
+                      lti    => 'LTI',
                   );
     return %lt;
 }
@@ -6715,12 +7538,13 @@ sub print_defaults {
                           '<td><span class="LC_nobreak">'.$titles->{$item}.
                           '</span></td><td class="LC_right_item" colspan="3">';
             if ($item eq 'auth_def') {
-                my @authtypes = ('internal','krb4','krb5','localauth');
+                my @authtypes = ('internal','krb4','krb5','localauth','lti');
                 my %shortauth = (
                                  internal => 'int',
                                  krb4 => 'krb4',
                                  krb5 => 'krb5',
-                                 localauth  => 'loc'
+                                 localauth  => 'loc',
+                                 lti => 'lti',
                                 );
                 my %authnames = &authtype_names();
                 foreach my $auth (@authtypes) {
@@ -7138,7 +7962,7 @@ sub print_coursecategories {
                              '<input type="radio" name="coursecat_'.$item.'" value="'.$type.'"'.$ischecked.
                              ' />'.$lt{$type}.'</label>&nbsp;';
            }
-           $datatable .= '</td></tr>';
+           $datatable .= '</span></td></tr>';
            $itemcount ++;
         }
         $$rowtotal += $itemcount;
@@ -7224,7 +8048,7 @@ sub print_coursecategories {
                   $can_catcomm_dom.' value="dom" />'.$level{'dom'}.'</label>&nbsp;'.
                   '<label><input type="radio" name="categorizecomm"'.
                   $can_catcomm_comm.'value="comm" />'.$level{'comm'}.'</label></span></td>'.
-                  '</tr><tr>'.
+                  '</tr><tr class="LC_odd_row">'.
                   '<td>'.$title{'togglecatsplace'}.'</td>'.
                   '<td class="LC_right_item"><span class="LC_nobreak"><label>'.
                   '<input type="radio" name="togglecatsplace"'.
@@ -7381,7 +8205,7 @@ sub print_coursecategories {
                 $datatable .= &initialize_categories($itemcount);
             }
         } else {
-            $datatable .= '<td class="LC_right_item">'.$hdritem->{'header'}->[1]->{'col2'}.'</td>'
+            $datatable .= '<tr><td class="LC_right_item">'.$hdritem->{'header'}->[1]->{'col2'}.'</td></tr>'
                           .&initialize_categories($itemcount);
         }
         $$rowtotal += $itemcount;
@@ -7657,20 +8481,23 @@ sub initialize_categories {
                       communities => 'Communities',
                       placement   => 'Placement Tests',
                         );
-    my $select0 = ' selected="selected"';
-    my $select1 = '';
+    my %selnum = (
+                   instcode    => '0',
+                   communities => '1',
+                   placement   => '2',
+                 );
+    my %selected;
     foreach my $default ('instcode','communities','placement') {
         $css_class = $itemcount%2?' class="LC_odd_row"':'';
-        $chgstr = ' onchange="javascript:reorderCats(this.form,'."'',$default"."_pos','0'".');"';
-        if (($default eq 'communities') || ($default eq 'placement')) {
-            $select1 = $select0;
-            $select0 = '';
-        }
+        $chgstr = ' onchange="javascript:reorderCats(this.form,'."'','$default"."_pos','0'".');"';
+        map { $selected{$selnum{$_}} = '' } keys(%selnum);
+        $selected{$selnum{$default}} = ' selected="selected"';
         $datatable .= '<tr '.$css_class.'><td><span class="LC_nobreak">'
-                     .'<select name="'.$default.'_pos">'
-                     .'<option value="0"'.$select0.'>1</option>'
-                     .'<option value="1"'.$select1.'>2</option>'
-                     .'<option value="2">3</option></select>&nbsp;'
+                     .'<select name="'.$default.'_pos"'.$chgstr.'>'
+                     .'<option value="0"'.$selected{'0'}.'>1</option>'
+                     .'<option value="1"'.$selected{'1'}.'>2</option>'
+                     .'<option value="2"'.$selected{'2'}.'>3</option>'
+                     .'<option value="3">4</option></select>&nbsp;'
                      .$default_names{$default}
                      .'</span></td><td><span class="LC_nobreak">'
                      .'<label><input type="radio" name="'.$default.'" value="1" checked="checked" />'
@@ -7685,9 +8512,11 @@ sub initialize_categories {
                   .'<select name="addcategory_pos"'.$chgstr.'>'
                   .'<option value="0">1</option>'
                   .'<option value="1">2</option>'
-                  .'<option value="2" selected="selected">3</option></select>&nbsp;'
-                  .&mt('Add category').'</td><td>'.&mt('Name:')
-                  .'&nbsp;<input type="text" size="20" name="addcategory_name" value="" /></td></tr>';
+                  .'<option value="2">3</option>'
+                  .'<option value="3" selected="selected">4</option></select>&nbsp;'
+                  .&mt('Add category').'</span></td><td><span class="LC_nobreak">'.&mt('Name:')
+                  .'&nbsp;<input type="text" size="20" name="addcategory_name" value="" /></span>'
+                  .'</td></tr>';
     return $datatable;
 }
 
@@ -7796,6 +8625,8 @@ sub modifiable_userdata_row {
         } else {
             $rolename = $role;
         }
+    } elsif ($context eq 'lti') {
+        $rolename = &mt('Institutional data used (if available)');
     } else {
         if ($role eq 'cr') {
             $rolename = &mt('Custom role');
@@ -7838,30 +8669,32 @@ sub modifiable_userdata_row {
               '<td class="LC_left_item" colspan="2"><table>';
     my $rem;
     my %checks;
+    my %current;
     if (ref($settings) eq 'HASH') {
-        if (ref($settings->{$context}) eq 'HASH') {
+        my $hashref;
+        if ($context eq 'lti') {
+            if (ref($settings) eq 'HASH') {
+                $hashref = $settings->{'instdata'};
+            }
+        } elsif (ref($settings->{$context}) eq 'HASH') {
             if (ref($settings->{$context}->{$role}) eq 'HASH') {
-                my $hashref = $settings->{$context}->{$role};
-                if ($role eq 'emailusername') {
-                    if ($statustype) {
-                        if (ref($settings->{$context}->{$role}->{$statustype}) eq 'HASH') {
-                            $hashref = $settings->{$context}->{$role}->{$statustype};
-                            if (ref($hashref) eq 'HASH') { 
-                                foreach my $field (@fields) {
-                                    if ($hashref->{$field}) {
-                                        $checks{$field} = $hashref->{$field};
-                                    }
-                                }
-                            }
-                        }
+                $hashref = $settings->{'lti_instdata'};
+            }
+            if ($role eq 'emailusername') {
+                if ($statustype) {
+                    if (ref($settings->{$context}->{$role}->{$statustype}) eq 'HASH') {
+                        $hashref = $settings->{$context}->{$role}->{$statustype};
                     }
-                } else {
-                    if (ref($hashref) eq 'HASH') {
-                        foreach my $field (@fields) {
-                            if ($hashref->{$field}) {
-                                $checks{$field} = ' checked="checked" ';
-                            }
-                        }
+                }
+            }
+        }
+        if (ref($hashref) eq 'HASH') { 
+            foreach my $field (@fields) {
+                if ($hashref->{$field}) {
+                    if ($role eq 'emailusername') {
+                        $checks{$field} = $hashref->{$field};
+                    } else {
+                        $checks{$field} = ' checked="checked" ';
                     }
                 }
             }
@@ -7881,7 +8714,7 @@ sub modifiable_userdata_row {
         unless ($role eq 'emailusername') {
             if (exists($checks{$fields[$i]})) {
                 $check = $checks{$fields[$i]}
-            } else {
+            } elsif ($context ne 'lti') {
                 if ($role eq 'st') {
                     if (ref($settings) ne 'HASH') {
                         $check = ' checked="checked" '; 
@@ -7891,6 +8724,7 @@ sub modifiable_userdata_row {
         }
         $output .= '<td class="LC_left_item">'.
                    '<span class="LC_nobreak">';
+        my $prefix = 'canmodify';
         if ($role eq 'emailusername') {
             unless ($checks{$fields[$i]} =~ /^(required|optional)$/) {
                 $checks{$fields[$i]} = 'omit';
@@ -7901,13 +8735,16 @@ sub modifiable_userdata_row {
                     $checked='checked="checked" ';
                 }
                 $output .= '<label>'.
-                           '<input type="radio" name="canmodify_'.$item.'_'.$fields[$i].'" value="'.$option.'" '.$checked.'/>'.
+                           '<input type="radio" name="'.$prefix.'_'.$item.'_'.$fields[$i].'" value="'.$option.'" '.$checked.'/>'.
                            &mt($option).'</label>'.('&nbsp;' x2);
             }
             $output .= '<i>'.$fieldtitles{$fields[$i]}.'</i>';
         } else {
+            if ($context eq 'lti') {
+                $prefix = 'lti';
+            }
             $output .= '<label>'.
-                       '<input type="checkbox" name="canmodify_'.$role.'" '.
+                       '<input type="checkbox" name="'.$prefix.'_'.$role.'" '.
                        'value="'.$fields[$i].'"'.$check.'/>'.$fieldtitles{$fields[$i]}.
                        '</label>';
         }
@@ -9066,14 +9903,14 @@ sub publishlogo {
     } else {
         my $source = $filepath.'/'.$file;
         my $logfile;
-        if (!open($logfile,">>$source".'.log')) {
+        if (!open($logfile,">>",$source.'.log')) {
             return (&mt('No write permission to Authoring Space'));
         }
         print $logfile
 "\n================= Publish ".localtime()." ================\n".
 $env{'user.name'}.':'.$env{'user.domain'}."\n";
 # Save the file
-        if (!open(FH,'>'.$source)) {
+        if (!open(FH,">",$source)) {
             &Apache::lonnet::logthis('Failed to create '.$source);
             return (&mt('Failed to create file'));
         }
@@ -9134,7 +9971,8 @@ $env{'user.name'}.':'.$env{'user.domain'
                 if ($fullwidth ne '' && $fullheight ne '') { 
                     if ($fullwidth > $thumbwidth && $fullheight > $thumbheight) {
                         my $thumbsize = $thumbwidth.'x'.$thumbheight;
-                        system("convert -sample $thumbsize $inputfile $outfile");
+                        my @args = ('convert','-sample',$thumbsize,$inputfile,$outfile);
+                        system({$args[0]} @args);
                         chmod(0660, $filepath.'/tn-'.$file);
                         if (-e $outfile) {
                             my $copyfile=$targetdir.'/tn-'.$file;
@@ -9214,7 +10052,7 @@ sub write_metadata {
     {
         print $logfile "\nWrite metadata file for ".$targetdir.'/'.$file;
         my $mfh;
-        if (open($mfh,'>'.$targetdir.'/'.$file.'.meta')) {
+        if (open($mfh,">",$targetdir.'/'.$file.'.meta')) {
             foreach (sort(keys(%metadatafields))) {
                 unless ($_=~/\./) {
                     my $unikey=$_;
@@ -9248,7 +10086,7 @@ sub notifysubscribed {
         next unless (ref($targetsource) eq 'ARRAY');
         my ($target,$source)=@{$targetsource};
         if ($source ne '') {
-            if (open(my $logfh,'>>'.$source.'.log')) {
+            if (open(my $logfh,">>",$source.'.log')) {
                 print $logfh "\nCleanup phase: Notifications\n";
                 my @subscribed=&subscribed_hosts($target);
                 foreach my $subhost (@subscribed) {
@@ -9274,7 +10112,7 @@ sub notifysubscribed {
 sub subscribed_hosts {
     my ($target) = @_;
     my @subscribed;
-    if (open(my $fh,"<$target.subscription")) {
+    if (open(my $fh,"<","$target.subscription")) {
         while (my $subline=<$fh>) {
             if ($subline =~ /^($match_lonid):/) {
                 my $host = $1;
@@ -9316,7 +10154,7 @@ sub modify_quotas {
         $context = $action;
     }
     if ($context eq 'requestcourses') {
-        @usertools = ('official','unofficial','community','textbook','placement');
+        @usertools = ('official','unofficial','community','textbook','placement','lti');
         @options =('norequest','approval','validate','autolimit');
         %validations = &Apache::lonnet::auto_courserequest_checks($dom);
         %titles = &courserequest_titles();
@@ -9365,7 +10203,7 @@ sub modify_quotas {
         my @approvalnotify = &Apache::loncommon::get_env_multiple('form.'.$context.'notifyapproval');
         @approvalnotify = sort(@approvalnotify);
         $confhash{'notify'}{'approval'} = join(',',@approvalnotify);
-        my @crstypes = ('official','unofficial','community','textbook','placement');
+        my @crstypes = ('official','unofficial','community','textbook','placement','lti');
         my @hasuniquecode = &Apache::loncommon::get_env_multiple('form.uniquecode');
         foreach my $type (@hasuniquecode) {
             if (grep(/^\Q$type\E$/,@crstypes)) {
@@ -10064,8 +10902,11 @@ sub modify_ltitools {
                 $allpos[$position] = $newid;
             }
             $changes{$newid} = 1;
-            foreach my $item ('title','url','key','secret') {
+            foreach my $item ('title','url','key','secret','lifetime') {
                 $env{'form.ltitools_add_'.$item} =~ s/(`)/'/g;
+                if ($item eq 'lifetime') {
+                    $env{'form.ltitools_add_'.$item} =~ s/[^\d.]//g;
+                }
                 if ($env{'form.ltitools_add_'.$item}) {
                     if (($item eq 'key') || ($item eq 'secret')) {
                         $encconfig{$newid}{$item} = $env{'form.ltitools_add_'.$item};
@@ -10080,6 +10921,11 @@ sub modify_ltitools {
             if ($env{'form.ltitools_add_msgtype'} eq 'basic-lti-launch-request') {
                 $confhash{$newid}{'msgtype'} = $env{'form.ltitools_add_msgtype'};
             }
+            if ($env{'form.ltitools_add_sigmethod'} eq 'HMAC-SHA256') {
+                $confhash{$newid}{'sigmethod'} = $env{'form.ltitools_add_sigmethod'};
+            } else {
+                $confhash{$newid}{'sigmethod'} = 'HMAC-SHA1';
+            }
             foreach my $item ('width','height','linktext','explanation') {
                 $env{'form.ltitools_add_'.$item} =~ s/^\s+//;
                 $env{'form.ltitools_add_'.$item} =~ s/\s+$//;
@@ -10101,8 +10947,15 @@ sub modify_ltitools {
                 $confhash{$newid}{'display'}{'target'} = 'iframe';
             }
             foreach my $item ('passback','roster') {
-                if ($env{'form.ltitools_add_'.$item}) {
+                if ($env{'form.ltitools_'.$item.'_add'}) {
                     $confhash{$newid}{$item} = 1;
+                    if ($env{'form.ltitools_'.$item.'valid_add'} ne '') {
+                        my $lifetime = $env{'form.ltitools_'.$item.'valid_add'};
+                        $lifetime =~ s/^\s+|\s+$//g;
+                        if ($lifetime =~ /^\d+\.?\d*$/) {
+                            $confhash{$newid}{$item.'valid'} = $lifetime;
+                        }
+                    }
                 }
             }
             if ($env{'form.ltitools_add_image.filename'} ne '') {
@@ -10135,6 +10988,13 @@ sub modify_ltitools {
                     }
                 }
             }
+            if (ref($confhash{$newid}{'fields'}) eq 'HASH') {
+                if ($confhash{$newid}{'fields'}{'user'}) {
+                    if ($env{'form.ltitools_userincdom_add'}) {
+                        $confhash{$newid}{'incdom'} = 1;
+                    }
+                }
+            }
             my @courseconfig = &Apache::loncommon::get_env_multiple('form.ltitools_courseconfig');
             foreach my $item (@courseconfig) {
                 $confhash{$newid}{'crsconf'}{$item} = 1;
@@ -10181,7 +11041,7 @@ sub modify_ltitools {
                 } else {
                     my $newpos = $env{'form.ltitools_'.$itemid};
                     $newpos =~ s/\D+//g;
-                    foreach my $item ('title','url') {
+                    foreach my $item ('title','url','lifetime') {
                         $confhash{$itemid}{$item} = $env{'form.ltitools_'.$item.'_'.$i};
                         if ($domconfig{$action}{$itemid}{$item} ne $confhash{$itemid}{$item}) {
                             $changes{$itemid} = 1;
@@ -10199,6 +11059,18 @@ sub modify_ltitools {
                     if ($env{'form.ltitools_msgtype_'.$i} eq 'basic-lti-launch-request') {
                         $confhash{$itemid}{'msgtype'} = $env{'form.ltitools_msgtype_'.$i};
                     }
+                    if ($env{'form.ltitools_sigmethod_'.$i} eq 'HMAC-SHA256') {
+                        $confhash{$itemid}{'sigmethod'} = $env{'form.ltitools_sigmethod_'.$i};
+                    } else {
+                        $confhash{$itemid}{'sigmethod'} = 'HMAC-SHA1'; 
+                    }
+                    if ($domconfig{$action}{$itemid}{'sigmethod'} eq '') {
+                        if ($confhash{$itemid}{'sigmethod'} ne 'HMAC-SHA1') {
+                            $changes{$itemid} = 1;
+                        }
+                    } elsif ($domconfig{$action}{$itemid}{'sigmethod'} ne $confhash{$itemid}{'sigmethod'}) {
+                        $changes{$itemid} = 1;
+                    }
                     foreach my $size ('width','height') {
                         $env{'form.ltitools_'.$size.'_'.$i} =~ s/^\s+//;
                         $env{'form.ltitools_'.$size.'_'.$i} =~ s/\s+$//;
@@ -10252,13 +11124,23 @@ sub modify_ltitools {
                     foreach my $extra ('passback','roster') {
                         if ($env{'form.ltitools_'.$extra.'_'.$i}) {
                             $confhash{$itemid}{$extra} = 1;
+                            if ($env{'form.ltitools_'.$extra.'valid_'.$i} ne '') {
+                                my $lifetime = $env{'form.ltitools_'.$extra.'valid_add'};
+                                $lifetime =~ s/^\s+|\s+$//g;
+                                if ($lifetime =~ /^\d+\.?\d*$/) {
+                                    $confhash{$itemid}{$extra.'valid'} = $lifetime;
+                                }
+                            }
                         }
                         if ($domconfig{$action}{$itemid}{$extra} ne $confhash{$itemid}{$extra}) {
                             $changes{$itemid} = 1;
                         }
+                        if ($domconfig{$action}{$itemid}{$extra.'valid'} ne $confhash{$itemid}{$extra.'valid'}) {
+                            $changes{$itemid} = 1;
+                        }
                     }
                     my @courseconfig = &Apache::loncommon::get_env_multiple('form.ltitools_courseconfig_'.$i);
-                    foreach my $item ('label','title','target','linktext','explanation') {
+                    foreach my $item ('label','title','target','linktext','explanation','append') {
                         if (grep(/^\Q$item\E$/,@courseconfig)) {
                             $confhash{$itemid}{'crsconf'}{$item} = 1;
                             if (ref($domconfig{$action}{$itemid}{'crsconf'}) eq 'HASH') {
@@ -10302,6 +11184,16 @@ sub modify_ltitools {
                             }
                         }
                     }
+                    if (ref($confhash{$itemid}{'fields'}) eq 'HASH') {
+                        if ($confhash{$itemid}{'fields'}{'user'}) {
+                            if ($env{'form.ltitools_userincdom_'.$i}) {
+                                $confhash{$itemid}{'incdom'} = 1;
+                            }
+                            if ($domconfig{$action}{$itemid}{'incdom'} ne $confhash{$itemid}{'incdom'}) {
+                                $changes{$itemid} = 1;
+                            }
+                        }
+                    }
                     $allpos[$newpos] = $itemid;
                 }
                 if ($imgdeletions{$itemid}) {
@@ -10435,7 +11327,7 @@ sub modify_ltitools {
                     $resulttext .= '</li><ul>';
                     my $position = $pos + 1;
                     $resulttext .= '<li>'.&mt('Order: [_1]',$position).'</li>';
-                    foreach my $item ('version','msgtype','url') {
+                    foreach my $item ('version','msgtype','sigmethod','url','lifetime') {
                         if ($confhash{$itemid}{$item} ne '') {
                             $resulttext .= '<li>'.$lt{$item}.':&nbsp;'.$confhash{$itemid}{$item}.'</li>';
                         }
@@ -10449,7 +11341,7 @@ sub modify_ltitools {
                         $resulttext .= ('*'x$num).'</li>';
                     }
                     $resulttext .= '<li>'.&mt('Configurable in course:');
-                    my @possconfig = ('label','title','target','linktext','explanation');
+                    my @possconfig = ('label','title','target','linktext','explanation','append');
                     my $numconfig = 0; 
                     if (ref($confhash{$itemid}{'crsconf'}) eq 'HASH') { 
                         foreach my $item (@possconfig) {
@@ -10467,6 +11359,15 @@ sub modify_ltitools {
                         $resulttext .= '<li>'.$lt{$item}.'&nbsp;';
                         if ($confhash{$itemid}{$item}) {
                             $resulttext .= &mt('Yes');
+                            if ($confhash{$itemid}{$item.'valid'}) {
+                                if ($item eq 'passback') {
+                                    $resulttext .= ' '.&mt('valid for at least [quant,_1,day] after launch',
+                                                           $confhash{$itemid}{$item.'valid'});
+                                } else {
+                                    $resulttext .= ' '.&mt('valid for at least [quant,_1,second] after launch',
+                                                           $confhash{$itemid}{$item.'valid'});
+                                }
+                            }
                         } else {
                             $resulttext .= &mt('No');
                         }
@@ -10503,6 +11404,13 @@ sub modify_ltitools {
                         }
                         if ($fieldlist) {
                             $fieldlist =~ s/,$//;
+                            if ($confhash{$itemid}{'fields'}{'user'}) {
+                                if ($confhash{$itemid}{'incdom'}) {
+                                    $fieldlist .= ' ('.&mt('username:domain').')';
+                                } else {
+                                    $fieldlist .= ' ('.&mt('username').')';
+                                }
+                            }
                             $resulttext .= '<li>'.&mt('Data sent').':'.$fieldlist.'</li>';
                         }
                     }
@@ -10527,7 +11435,7 @@ sub modify_ltitools {
                             } 
                         }
                         if ($customlist) {
-                            $resulttext .= '<li>'.&mt('Custom items').':'.$customlist.'</li>';
+                            $resulttext .= '<li>'.&mt('Custom items').': '.$customlist.'</li>';
                         }
                     } 
                     $resulttext .= '</ul></li>';
@@ -10623,6 +11531,494 @@ sub get_ltitools_id {
     return ($id,$error);
 }
 
+sub modify_lti {
+    my ($r,$dom,$action,$lastactref,%domconfig) = @_;
+    my %domdefaults = &Apache::lonnet::get_domain_defaults($dom,1);
+    my ($newid,@allpos,%changes,%confhash,%encconfig,$errors,$resulttext);
+    my (%posslti,%posslticrs,%posscrstype);
+    my @courseroles = ('cc','in','ta','ep','st');
+    my @ltiroles = qw(Learner Instructor ContentDeveloper TeachingAssistant Mentor Member Manager Administrator);
+    my @lticourseroles = qw(Instructor TeachingAssistant Mentor Learner);
+    my @coursetypes = ('official','unofficial','community','textbook','placement');
+    my %coursetypetitles = &Apache::lonlocal::texthash (
+                               official   => 'Official',
+                               unofficial => 'Unofficial',
+                               community  => 'Community',
+                               textbook   => 'Textbook',
+                               placement  => 'Placement Test',
+    );
+    my %fieldtitles = &Apache::loncommon::personal_data_fieldtitles();
+    my %lt = &lti_names();
+    map { $posslti{$_} = 1; } @ltiroles;
+    map { $posslticrs{$_} = 1; } @lticourseroles;
+    map { $posscrstype{$_} = 1; } @coursetypes;
+
+    my %menutitles = &ltimenu_titles();
+
+    my (@items,%deletions,%itemids);
+    if ($env{'form.lti_add'}) {
+        my $consumer = $env{'form.lti_consumer_add'};
+        $consumer =~ s/(`)/'/g;
+        ($newid,my $error) = &get_lti_id($dom,$consumer);
+        if ($newid) {
+            $itemids{'add'} = $newid;
+            push(@items,'add');
+            $changes{$newid} = 1;
+        } else {
+            my $error = &mt('Failed to acquire unique ID for new LTI configuration');
+            $errors .= '<li><span class="LC_error">'.$error.'</span></li>';
+        }
+    }
+    if (ref($domconfig{$action}) eq 'HASH') {
+        my @todelete = &Apache::loncommon::get_env_multiple('form.lti_del');
+        if (@todelete) {
+            map { $deletions{$_} = 1; } @todelete;
+        }
+        my $maxnum = $env{'form.lti_maxnum'};
+        for (my $i=0; $i<=$maxnum; $i++) {
+            my $itemid = $env{'form.lti_id_'.$i};
+            $itemid =~ s/\D+//g;
+            if (ref($domconfig{$action}{$itemid}) eq 'HASH') {
+                if ($deletions{$itemid}) {
+                    $changes{$itemid} = $domconfig{$action}{$itemid}{'consumer'};
+                } else {
+                   push(@items,$i);
+                   $itemids{$i} = $itemid;
+                }
+            }
+        }
+    }
+    foreach my $idx (@items) {
+        my $itemid = $itemids{$idx};
+        next unless ($itemid);
+        my $position = $env{'form.lti_pos_'.$idx};
+        $position =~ s/\D+//g;
+        if ($position ne '') {
+            $allpos[$position] = $itemid;
+        }
+        foreach my $item ('consumer','key','secret','lifetime') {
+            my $formitem = 'form.lti_'.$item.'_'.$idx;
+            $env{$formitem} =~ s/(`)/'/g;
+            if ($item eq 'lifetime') {
+                $env{$formitem} =~ s/[^\d.]//g;
+            }
+            if ($env{$formitem} ne '') {
+                if (($item eq 'key') || ($item eq 'secret')) {
+                    $encconfig{$itemid}{$item} = $env{$formitem};
+                } else {
+                    $confhash{$itemid}{$item} = $env{$formitem};
+                    unless (($idx eq 'add') || ($changes{$itemid})) {
+                        if ($domconfig{$action}{$itemid}{$item} ne $confhash{$itemid}{$item}) {
+                            $changes{$itemid} = 1;
+                        }
+                    }
+                }
+            }
+        }
+        if ($env{'form.lti_version_'.$idx} eq 'LTI-1p0') {
+            $confhash{$itemid}{'version'} = $env{'form.lti_version_'.$idx};
+        }
+        if ($env{'form.lti_mapuser_'.$idx} eq 'sourcedid') {
+            $confhash{$itemid}{'mapuser'} = 'lis_person_sourcedid'; 
+        } elsif ($env{'form.lti_mapuser_'.$idx} eq 'email') {
+            $confhash{$itemid}{'mapuser'} = 'lis_person_contact_email_primary';
+        } elsif ($env{'form.lti_mapuser_'.$idx} eq 'other') {
+            my $mapuser = $env{'form.lti_customuser_'.$idx};
+            $mapuser =~ s/(`)/'/g;
+            $mapuser =~ s/^\s+|\s+$//g; 
+            $confhash{$itemid}{'mapuser'} = $mapuser; 
+        }
+        foreach my $ltirole (@lticourseroles) {
+            my $possrole = $env{'form.lti_maprole_'.$ltirole.'_'.$idx};
+            if (grep(/^\Q$possrole\E$/,@courseroles)) {
+                $confhash{$itemid}{'maproles'}{$ltirole} = $possrole;
+            }
+        }
+        my @possmakeuser = &Apache::loncommon::get_env_multiple('form.lti_makeuser_'.$idx);
+        my @makeuser;
+        foreach my $ltirole (sort(@possmakeuser)) {
+            if ($posslti{$ltirole}) {
+                push(@makeuser,$ltirole);
+            }
+        }
+        $confhash{$itemid}{'makeuser'} = \@makeuser;
+        if (@makeuser) {
+            my $lcauth = $env{'form.lti_lcauth_'.$idx};
+            if ($lcauth =~ /^(internal|krb4|krb5|localauth)$/) {
+                $confhash{$itemid}{'lcauth'} = $lcauth;
+                if ($lcauth ne 'internal') {
+                    my $lcauthparm = $env{'form.lti_lcauthparm_'.$idx};
+                    $lcauthparm =~ s/^(\s+|\s+)$//g;
+                    $lcauthparm =~ s/`//g;
+                    if ($lcauthparm ne '') {
+                        $confhash{$itemid}{'lcauthparm'} = $lcauthparm;
+                    }
+                }
+            } else {
+                $confhash{$itemid}{'lcauth'} = 'lti';
+            }
+        }
+        my @possinstdata =  &Apache::loncommon::get_env_multiple('form.lti_instdata_'.$idx);
+        if (@possinstdata) {
+            foreach my $field (@possinstdata) {
+                if (exists($fieldtitles{$field})) {
+                    push(@{$confhash{$itemid}{'instdata'}});
+                }
+            }
+        }
+        if (($env{'form.lti_mapcrs_'.$idx} eq 'course_offering_sourcedid') ||
+            ($env{'form.lti_mapcrs_'.$idx} eq 'context_id'))  {
+            $confhash{$itemid}{'mapcrs'} = $env{'form.lti_mapcrs_'.$idx};
+        } elsif ($env{'form.lti_mapcrs_'.$idx} eq 'other') {
+            my $mapcrs = $env{'form.lti_mapcrsfield_'.$idx}; 
+            $mapcrs =~ s/(`)/'/g;
+            $mapcrs =~ s/^\s+|\s+$//g;
+            $confhash{$itemid}{'mapcrs'} = $mapcrs;
+        }
+        my @posstypes = &Apache::loncommon::get_env_multiple('form.lti_mapcrstype_'.$idx);
+        my @crstypes;
+        foreach my $type (sort(@posstypes)) {
+            if ($posscrstype{$type}) {
+                push(@crstypes,$type);
+            }
+        }
+        $confhash{$itemid}{'mapcrstype'} = \@crstypes;
+        if ($env{'form.lti_makecrs_'.$idx}) {
+            $confhash{$itemid}{'makecrs'} = 1;
+        }
+        my @possenroll = &Apache::loncommon::get_env_multiple('form.lti_selfenroll_'.$idx);
+        my @selfenroll;
+        foreach my $type (sort(@possenroll)) {
+            if ($posslticrs{$type}) {
+                push(@selfenroll,$type);
+            }
+        }
+        $confhash{$itemid}{'selfenroll'} = \@selfenroll;
+        if ($env{'form.lti_crssec_'.$idx}) {
+            if ($env{'form.lti_crssecsrc_'.$idx} eq 'course_section_sourcedid') {
+                $confhash{$itemid}{'section'} = $env{'form.lti_crssecsrc_'.$idx};
+            } elsif ($env{'form.lti_crssecsrc_'.$idx} eq 'other') {
+                my $section = $env{'form.lti_customsection_'.$idx};
+                $section =~ s/(`)/'/g;
+                $section =~ s/^\s+|\s+$//g;
+                if ($section ne '') {
+                    $confhash{$itemid}{'section'} = $section;
+                }
+            }
+        }
+        foreach my $field ('passback','roster','topmenu','inlinemenu') {
+            if ($env{'form.lti_'.$field.'_'.$idx}) {
+                $confhash{$itemid}{$field} = 1;
+            }
+        }
+
+        if ($env{'form.lti_topmenu_'.$idx} || $env{'form.lti_inlinemenu_'.$idx}) {
+            $confhash{$itemid}{lcmenu} = [];
+            my @possmenu = &Apache::loncommon::get_env_multiple('form.lti_menuitem_'.$idx);
+            foreach my $field (@possmenu) {
+                if (exists($menutitles{$field})) {
+                    if ($field eq 'grades') {
+                        next unless ($env{'form.lti_inlinemenu_'.$idx});
+                    }
+                    push(@{$confhash{$itemid}{lcmenu}},$field);
+                }
+            }
+        }
+        unless (($idx eq 'add') || ($changes{$itemid})) {
+            foreach my $field ('mapuser','mapcrs','makecrs','section','passback','roster','lcauth','lcauthparm','topmenu','inlinemenu') {
+                if ($domconfig{$action}{$itemid}{$field} ne $confhash{$itemid}{$field}) {
+                    $changes{$itemid} = 1;
+                }
+            }
+            foreach my $field ('makeuser','mapcrstype','selfenroll','instdata','lcmenu') {
+                unless ($changes{$itemid}) {
+                    if (ref($domconfig{$action}{$itemid}{$field}) eq 'ARRAY') {
+                        if (ref($confhash{$itemid}{$field}) eq 'ARRAY') {
+                            my @diffs = &Apache::loncommon::compare_arrays($domconfig{$action}{$itemid}{$field},
+                                                                           $confhash{$itemid}{$field});
+                            if (@diffs) {
+                                $changes{$itemid} = 1;
+                            }
+                        } elsif (@{$domconfig{$action}{$itemid}{$field}} > 0) {
+                            $changes{$itemid} = 1;
+                        }
+                    } elsif (ref($confhash{$itemid}{$field}) eq 'ARRAY') {
+                        if (@{$confhash{$itemid}{$field}} > 0) {
+                            $changes{$itemid} = 1;
+                        }
+                    } 
+                }
+            }
+            unless ($changes{$itemid}) {
+                if (ref($domconfig{$action}{$itemid}{'maproles'}) eq 'HASH') {
+                    if (ref($confhash{$itemid}{'maproles'}) eq 'HASH') {
+                        foreach my $ltirole (keys(%{$domconfig{$action}{$itemid}{'maproles'}})) {
+                            if ($domconfig{$action}{$itemid}{'maproles'}{$ltirole} ne 
+                                $confhash{$itemid}{'maproles'}{$ltirole}) {
+                                $changes{$itemid} = 1;
+                                last;
+                            }
+                        }
+                        unless ($changes{$itemid}) {
+                            foreach my $ltirole (keys(%{$confhash{$itemid}{'maproles'}})) {
+                                if ($confhash{$itemid}{'maproles'}{$ltirole} ne 
+                                    $domconfig{$action}{$itemid}{'maproles'}{$ltirole}) {
+                                    $changes{$itemid} = 1;
+                                    last;
+                                }
+                            }
+                        }
+                    } elsif (keys(%{$domconfig{$action}{$itemid}{'maproles'}}) > 0) {
+                        $changes{$itemid} = 1;
+                    }
+                } elsif (ref($confhash{$itemid}{'maproles'}) eq 'HASH') {
+                    unless ($changes{$itemid}) {
+                        if (keys(%{$confhash{$itemid}{'maproles'}}) > 0) {
+                            $changes{$itemid} = 1;
+                        }
+                    }
+                }
+            }
+        }
+    }
+    if (@allpos > 0) {
+        my $idx = 0;
+        foreach my $itemid (@allpos) {
+            if ($itemid ne '') {
+                $confhash{$itemid}{'order'} = $idx;
+                if (ref($domconfig{$action}) eq 'HASH') {
+                    if (ref($domconfig{$action}{$itemid}) eq 'HASH') {
+                        if ($domconfig{$action}{$itemid}{'order'} ne $idx) {
+                            $changes{$itemid} = 1;
+                        }
+                    }
+                }
+                $idx ++;
+            }
+        }
+    }
+    my %ltihash = (
+                          $action => { %confhash }
+                       );
+    my $putresult = &Apache::lonnet::put_dom('configuration',\%ltihash,
+                                             $dom);
+    if ($putresult eq 'ok') {
+        my %ltienchash = (
+                             $action => { %encconfig }
+                         );
+        &Apache::lonnet::put_dom('encconfig',\%ltienchash,$dom);
+        if (keys(%changes) > 0) {
+            my $cachetime = 24*60*60;
+            my %ltiall = %confhash;
+            foreach my $id (keys(%ltiall)) {
+                if (ref($encconfig{$id}) eq 'HASH') {
+                    foreach my $item ('key','secret') {
+                        $ltiall{$id}{$item} = $encconfig{$id}{$item};
+                    }
+                }
+            }
+            &Apache::lonnet::do_cache_new('lti',$dom,\%ltiall,$cachetime);
+            if (ref($lastactref) eq 'HASH') {
+                $lastactref->{'lti'} = 1;
+            }
+            $resulttext = &mt('Changes made:').'<ul>';
+            my %bynum;
+            foreach my $itemid (sort(keys(%changes))) {
+                my $position = $confhash{$itemid}{'order'};
+                $bynum{$position} = $itemid;
+            }
+            foreach my $pos (sort { $a <=> $b } keys(%bynum)) {
+                my $itemid = $bynum{$pos};
+                if (ref($confhash{$itemid}) ne 'HASH') {
+                    $resulttext .= '<li>'.&mt('Deleted: [_1]',$changes{$itemid}).'</li>';
+                } else {
+                    $resulttext .= '<li><b>'.$confhash{$itemid}{'consumer'}.'</b></li><ul>';
+                    my $position = $pos + 1;
+                    $resulttext .= '<li>'.&mt('Order: [_1]',$position).'</li>';
+                    foreach my $item ('version','lifetime') {
+                        if ($confhash{$itemid}{$item} ne '') {
+                            $resulttext .= '<li>'.$lt{$item}.':&nbsp;'.$confhash{$itemid}{$item}.'</li>';
+                        }
+                    }
+                    if ($encconfig{$itemid}{'key'} ne '') {
+                        $resulttext .= '<li>'.$lt{'key'}.':&nbsp;'.$encconfig{$itemid}{'key'}.'</li>';
+                    }
+                    if ($encconfig{$itemid}{'secret'} ne '') {
+                        $resulttext .= '<li>'.$lt{'secret'}.':&nbsp;';
+                        my $num = length($encconfig{$itemid}{'secret'});
+                        $resulttext .= ('*'x$num).'</li>';
+                    }
+                    if ($confhash{$itemid}{'mapuser'}) {
+                        my $shownmapuser;
+                        if ($confhash{$itemid}{'mapuser'} eq 'lis_person_sourcedid') {
+                            $shownmapuser = $lt{'sourcedid'}.' (lis_person_sourcedid)';
+                        } elsif ($confhash{$itemid}{'mapuser'} eq 'lis_person_contact_email_primary') {
+                            $shownmapuser = $lt{'email'}.' (lis_person_contact_email_primary)';
+                        } else {
+                            $shownmapuser = &mt('Other').' ('.$confhash{$itemid}{'mapuser'}.')';
+                        } 
+                        $resulttext .= '<li>'.&mt('LON-CAPA username').': '.$shownmapuser.'</li>';
+                    }
+                    if (ref($confhash{$itemid}{'maproles'}) eq 'HASH') {
+                        my $rolemaps;
+                        foreach my $role (@ltiroles) {
+                            if ($confhash{$itemid}{'maproles'}{$role}) {
+                                $rolemaps .= ('&nbsp;'x2).$role.'='.
+                                             &Apache::lonnet::plaintext($confhash{$itemid}{'maproles'}{$role},
+                                                                        'Course').',';
+                            }
+                        }
+                        if ($rolemaps) {
+                            $rolemaps =~ s/,$//;
+                            $resulttext .= '<li>'.&mt('Role mapping:').$rolemaps.'</li>';
+                        }
+                    }
+                    if (ref($confhash{$itemid}{'makeuser'}) eq 'ARRAY') {
+                        if (@{$confhash{$itemid}{'makeuser'}} > 0) { 
+                            $resulttext .= '<li>'.&mt('Following roles may create user accounts: [_1]',
+                                                      join(', ',@{$confhash{$itemid}{'makeuser'}})).'<br />';
+                            if ($confhash{$itemid}{'lcauth'} eq 'lti') {
+                                $resulttext .= &mt('New users will only be able to authenticate via LTI').'</li>';
+                            } else {
+                                $resulttext .= &mt('New users will be assigned LON-CAPA authentication: [_1]',
+                                                   $confhash{$itemid}{'lcauth'});
+                                if ($confhash{$itemid}{'lcauth'} eq 'internal') {
+                                    $resulttext .= '; '.&mt('a randomly generated password will be created');
+                                } elsif ($confhash{$itemid}{'lcauth'} eq 'localauth') {
+                                    if ($confhash{$itemid}{'lcauthparm'} ne '') {
+                                        $resulttext .= ' '.&mt('with argument: [_1]',$confhash{$itemid}{'lcauthparm'});
+                                    }
+                                } else {
+                                    $resulttext .= '; '.&mt('Kerberos domain: [_1]',$confhash{$itemid}{'lcauthparm'});
+                                }
+                            }
+                            $resulttext .= '</li>';
+                        } else {
+                            $resulttext .= '<li>'.&mt('User account creation not permitted.').'</li>';
+                        }
+                    }
+                    if (ref($confhash{$itemid}{'instdata'}) eq 'ARRAY') {
+                        if (@{$confhash{$itemid}{'instdata'}} > 0) {
+                            $resulttext .= '<li>'.&mt('Institutional data will be used when creating a new user for: [_1]',
+                                                      join(', ',map { $fieldtitles{$_}; } @{$confhash{$itemid}{'instdata'}})).'</li>';
+                        } else {
+                            $resulttext .= '<li>'.&mt('No institutional data used when creating a new user.').'</li>';
+                        }
+                    }
+                    if ($confhash{$itemid}{'mapcrs'}) {
+                        $resulttext .= '<li>'.&mt('Unique course identifier').': '.$confhash{$itemid}{'mapcrs'}.'</li>';
+                    }
+                    if (ref($confhash{$itemid}{'mapcrstype'}) eq 'ARRAY') {
+                        if (@{$confhash{$itemid}{'mapcrstype'}} > 0) {
+                            $resulttext .= '<li>'.&mt('Mapping for the following LON-CAPA course types: [_1]',
+                                           join(', ',map { $coursetypetitles{$_}; } @coursetypes)).
+                                           '</li>';
+                        } else {
+                            $resulttext .= '<li>'.&mt('No mapping to LON-CAPA courses').'</li>';
+                        }
+                    }
+                    if ($confhash{$itemid}{'makecrs'}) {
+                        $resulttext .= '<li>'.&mt('Instructor may create course (if absent).').'</li>';
+                    } else {
+                        $resulttext .= '<li>'.&mt('Instructor may not create course (if absent).').'</li>';
+                    }
+                    if (ref($confhash{$itemid}{'selfenroll'}) eq 'ARRAY') {
+                        if (@{$confhash{$itemid}{'selfenroll'}} > 0) {
+                            $resulttext .= '<li>'.&mt('Self-enrollment for following roles: [_1]',
+                                                      join(', ',@{$confhash{$itemid}{'selfenroll'}})).
+                                           '</li>';
+                        } else {
+                            $resulttext .= '<li>'.&mt('Self-enrollment not permitted').'</li>';
+                        }
+                    }
+                    if ($confhash{$itemid}{'section'}) {
+                        if ($confhash{$itemid}{'section'} eq 'course_section_sourcedid') {
+                            $resulttext .= '<li>'.&mt('User section from standard field:').
+                                                 ' (course_section_sourcedid)'.'</li>';  
+                        } else {
+                            $resulttext .= '<li>'.&mt('User section from:').' '.
+                                                  $confhash{$itemid}{'section'}.'</li>';
+                        }
+                    } else {
+                        $resulttext .= '<li>'.&mt('No section assignment').'</li>';
+                    }
+                    foreach my $item ('passback','roster','topmenu','inlinemenu') {
+                        $resulttext .= '<li>'.$lt{$item}.':&nbsp;';
+                        if ($confhash{$itemid}{$item}) {
+                            $resulttext .= &mt('Yes');
+                        } else {
+                            $resulttext .= &mt('No');
+                        }
+                        $resulttext .= '</li>';
+                    }
+                    if (ref($confhash{$itemid}{'lcmenu'}) eq 'ARRAY') {
+                        if (@{$confhash{$itemid}{'lcmenu'}} > 0) {
+                            $resulttext .= '<li>'.&mt('Menu items:').' '.
+                                           join(', ', map { $menutitles{$_}; } (@{$confhash{$itemid}{'lcmenu'}})).'</li>'; 
+                        } else {
+                            $resulttext .= '<li>'.&mt('No menu items displayed in header or online menu').'</li>'; 
+                        }
+                    }
+                    $resulttext .= '</ul></li>';
+                }
+            }
+            $resulttext .= '</ul>';
+        } else {
+            $resulttext = &mt('No changes made.');
+        }
+    } else {
+        $errors .= '<li><span class="LC_error">'.&mt('Failed to save changes').'</span></li>';
+    }
+    if ($errors) {
+        $resulttext .= &mt('The following errors occurred: ').'<ul>'.
+                       $errors.'</ul>';
+    }
+    return $resulttext;
+}
+
+sub get_lti_id {
+    my ($domain,$consumer) = @_;
+    # get lock on lti db
+    my $lockhash = {
+                      lock => $env{'user.name'}.
+                              ':'.$env{'user.domain'},
+                   };
+    my $tries = 0;
+    my $gotlock = &Apache::lonnet::newput_dom('lti',$lockhash,$domain);
+    my ($id,$error);
+
+    while (($gotlock ne 'ok') && ($tries<10)) {
+        $tries ++;
+        sleep (0.1);
+        $gotlock = &Apache::lonnet::newput_dom('lti',$lockhash,$domain);
+    }
+    if ($gotlock eq 'ok') {
+        my %currids = &Apache::lonnet::dump_dom('lti',$domain);
+        if ($currids{'lock'}) {
+            delete($currids{'lock'});
+            if (keys(%currids)) {
+                my @curr = sort { $a <=> $b } keys(%currids);
+                if ($curr[-1] =~ /^\d+$/) {
+                    $id = 1 + $curr[-1];
+                }
+            } else {
+                $id = 1;
+            }
+            if ($id) {
+                unless (&Apache::lonnet::newput_dom('lti',{ $id => $consumer },$domain) eq 'ok') {
+                    $error = 'nostore';
+                }
+            } else {
+                $error = 'nonumber';
+            }
+        }
+        my $dellockoutcome = &Apache::lonnet::del_dom('lti',['lock'],$domain);
+    } else {
+        $error = 'nolock';
+    }
+    return ($id,$error);
+}
+
 sub modify_autoenroll {
     my ($dom,$lastactref,%domconfig) = @_;
     my ($resulttext,%changes);
@@ -11700,7 +13096,7 @@ sub modify_usercreation {
     }
 
     my @authen_contexts = ('author','course','domain');
-    my @authtypes = ('int','krb4','krb5','loc');
+    my @authtypes = ('int','krb4','krb5','loc','lti');
     my %authhash;
     foreach my $item (@authen_contexts) {
         my @authallowed =  &Apache::loncommon::get_env_multiple('form.'.$item.'_auth');
@@ -12882,7 +14278,7 @@ sub modify_defaults {
     my %domdefaults = &Apache::lonnet::get_domain_defaults($dom,1);
     my @items = ('auth_def','auth_arg_def','lang_def','timezone_def','datelocale_def',
                  'portal_def','intauth_cost','intauth_check','intauth_switch');
-    my @authtypes = ('internal','krb4','krb5','localauth');
+    my @authtypes = ('internal','krb4','krb5','localauth','lti');
     foreach my $item (@items) {
         $newvalues{$item} = $env{'form.'.$item};
         if ($item eq 'auth_def') {
@@ -13074,6 +14470,7 @@ sub modify_defaults {
                                           krb4       => 'krb4',
                                           krb5       => 'krb5',
                                           localauth  => 'loc',
+                                          lti        => 'lti',
                         );
                         $value = $authnames{$shortauth{$value}};
                     } elsif ($item eq 'intauth_switch') {