version 1.7, 2017/11/30 14:41:20
|
version 1.11, 2017/12/18 16:11:18
|
Line 43 package Apache::lonexttool;
|
Line 43 package Apache::lonexttool;
|
|
|
use strict; |
use strict; |
use Apache::Constants qw(:common :http); |
use Apache::Constants qw(:common :http); |
use Net::OAuth; |
|
use Encode; |
use Encode; |
use Digest::SHA; |
use Digest::SHA; |
use UUID::Tiny ':std'; |
|
use HTML::Entities; |
use HTML::Entities; |
use Apache::lonlocal; |
use Apache::lonlocal; |
use Apache::lonnet; |
use Apache::lonnet; |
use Apache::loncommon; |
use Apache::loncommon; |
|
use LONCAPA::ltiutils; |
|
|
sub handler { |
sub handler { |
my $r=shift; |
my $r=shift; |
Line 68 sub handler {
|
Line 67 sub handler {
|
# Is this even in a course? |
# Is this even in a course? |
unless ($env{'request.course.id'}) { |
unless ($env{'request.course.id'}) { |
if ($target ne 'tex') { |
if ($target ne 'tex') { |
&Apache::loncommon::simple_error_page($r,'','Not in a course'); |
&Apache::loncommon::simple_error_page($r,'','Not in a course', |
|
{'only_body' => 1}); |
} else { |
} else { |
$r->print('\textbf{Not in a course}\end{document}'); |
$r->print('\textbf{Not in a course}\end{document}'); |
} |
} |
Line 114 sub handler {
|
Line 114 sub handler {
|
} else { |
} else { |
my $now = time; |
my $now = time; |
if ($toolhash{'passback'}) { |
if ($toolhash{'passback'}) { |
unless (&set_callback_secret($cdom,$cnum,$marker,'grade',$now, |
if (&LONCAPA::ltiutils::set_service_secret($cdom,$cnum,$marker,'grade',$now, |
\%toolsettings,\%toolhash) eq 'ok') { |
\%toolsettings,\%toolhash) eq 'ok') { |
|
$toolhash{'gradesecret'} = $toolsettings{'gradesecret'}; |
|
} else { |
undef($launchok); |
undef($launchok); |
} |
} |
} |
} |
if ($toolhash{'roster'}) { |
if ($toolhash{'roster'}) { |
&set_callback_secret($cdom,$cnum,$marker,'roster',$now, |
if (&LONCAPA::ltiutils::set_service_secret($cdom,$cnum,$marker,'roster',$now, |
\%toolsettings,\%toolhash); |
\%toolsettings,\%toolhash) eq 'ok') { |
|
$toolhash{'rostersecret'} = $toolsettings{'rostersecret'}; |
|
} |
} |
} |
my $submittext = &mt('Launch [_1]',$toolhash{'title'}); |
my $submittext = &mt('Launch [_1]',$toolhash{'title'}); |
if (($toolhash{'key'} ne '') && ($toolhash{'secret'} ne '') && |
if (($toolhash{'key'} ne '') && ($toolhash{'secret'} ne '') && |
Line 150 sub handler {
|
Line 154 sub handler {
|
return OK; |
return OK; |
} |
} |
|
|
sub set_callback_secret { |
|
my ($cdom,$cnum,$marker,$name,$now,$toolsettings,$toolhash) = @_; |
|
return unless ((ref($toolsettings) eq 'HASH') && (ref($toolhash) eq 'HASH')); |
|
my $warning; |
|
my ($needsnew,$oldsecret,$lifetime); |
|
if ($name eq 'grade') { |
|
$lifetime = $toolhash->{'passbackvalid'} |
|
} elsif ($name eq 'roster') { |
|
$lifetime = $toolhash->{'rostervalid'}; |
|
} |
|
if ($toolsettings->{$name} eq '') { |
|
$needsnew = 1; |
|
} elsif (($toolsettings->{$name.'date'} + $lifetime) < $now) { |
|
$oldsecret = $toolsettings->{$name.'secret'}; |
|
$needsnew = 1; |
|
} |
|
if ($needsnew) { |
|
if (&get_tool_lock($cdom,$cnum,$marker,$now) eq 'ok') { |
|
my $secret = UUID::Tiny::create_uuid_as_string(UUID_V4); |
|
$toolhash->{$name.'secret'} = $secret; |
|
my %secrethash = ( |
|
$name.'secret' => $secret, |
|
$name.'secretdate' => $now, |
|
); |
|
if ($oldsecret ne '') { |
|
$secrethash{'old'.$name.'secret'} = $oldsecret; |
|
} |
|
my $putres = &Apache::lonnet::put('exttool_'.$marker, |
|
\%secrethash,$cdom,$cnum); |
|
my $delresult = &release_tool_lock($cdom,$cnum,$marker); |
|
if ($delresult ne 'ok') { |
|
$warning = $delresult ; |
|
} |
|
if ($putres eq 'ok') { |
|
return 'ok'; |
|
} |
|
} else { |
|
$warning = '<span class="LC_error">'. |
|
&mt('Could not obtain exclusive lock'). |
|
'</span>'; |
|
} |
|
} else { |
|
$toolhash->{$name.'secret'} = $toolsettings->{$name.'secret'}; |
|
return 'ok'; |
|
} |
|
return; |
|
} |
|
|
|
sub lti_params { |
sub lti_params { |
my ($r,$cnum,$cdom,$idx,$submittext,$toolsref) = @_; |
my ($r,$cnum,$cdom,$idx,$submittext,$toolsref) = @_; |
my ($version,$context_type,$msgtype,$toolname,$passback,$roster,$locale, |
my ($version,$context_type,$msgtype,$toolname,$passback,$roster,$locale, |
Line 316 sub lti_params {
|
Line 272 sub lti_params {
|
} |
} |
if (($passback) || ($roster)) { |
if (($passback) || ($roster)) { |
if ($passback) { |
if ($passback) { |
$ltiparams{'lis_outcome_service_url'} = $crsprotocol.'//'.$crshostname.'/adm/service/passback'; |
$ltiparams{'lis_outcome_service_url'} = $crsprotocol.'://'.$crshostname.'/adm/service/passback'; |
$ltiparams{'ext_ims_lis_basic_outcome_url'} = $ltiparams{'lis_outcome_service_url'}; |
$ltiparams{'ext_ims_lis_basic_outcome_url'} = $ltiparams{'lis_outcome_service_url'}; |
if ($gradesecret) { |
if ($gradesecret) { |
my $result_sig = |
my $uniqid = $digest_symb.':::'.$digest_user.':::'.$env{'request.course.id'}; |
Digest::SHA::sha1_hex($gradesecret.':::'.$digest_symb.':::'.$digest_user.':::'.$env{'request.course.id'}); |
$ltiparams{'lis_result_sourcedid'} = &LONCAPA::ltiutils::get_service_id($gradesecret,$uniqid); |
$ltiparams{'lis_result_sourcedid'} = |
|
$result_sig.':::'.$digest_symb.':::'.$digest_user.':::'.$env{'request.course.id'}; |
|
} |
} |
} |
} |
if ($roster) { |
if ($roster) { |
if (&Apache::lonnet::allowed('opa',$env{'request.course.id'})) { |
if (&Apache::lonnet::allowed('opa',$env{'request.course.id'})) { |
$ltiparams{'ext_ims_lis_memberships_url'} = $crsprotocol.'//'.$crshostname.'/adm/service/roster'; |
$ltiparams{'ext_ims_lis_memberships_url'} = $crsprotocol.'://'.$crshostname.'/adm/service/roster'; |
if ($rostersecret) { |
if ($rostersecret) { |
my $roster_sig = Digest::SHA::sha1_hex($gradesecret.':::'.$digest_symb.':::'.$env{'request.course.id'}); |
my $uniqid = $digest_symb.':::'.$env{'request.course.id'}; |
$ltiparams{'ext_ims_lis_memberships_id'} = $roster_sig.':::'.$digest_symb.':::'.$env{'request.course.id'}; |
$ltiparams{'ext_ims_lis_memberships_id'} = &LONCAPA::ltiutils::get_service_id($rostersecret,$uniqid); |
} |
} |
} |
} |
} |
} |
Line 405 sub lti_params {
|
Line 359 sub lti_params {
|
|
|
sub launch_html { |
sub launch_html { |
my ($url,$key,$secret,$submittext,$paramsref) = @_; |
my ($url,$key,$secret,$submittext,$paramsref) = @_; |
my $hashref = &sign_params($url,$key,$secret,$paramsref); |
my $hashref = &LONCAPA::ltiutils::sign_params($url,$key,$secret,$paramsref); |
my $action = &HTML::Entities::encode($url,'<>&"'); |
my $action = &HTML::Entities::encode($url,'<>&"'); |
my $form = <<"END"; |
my $form = <<"END"; |
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> |
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> |
Line 439 ENDJS
|
Line 393 ENDJS
|
return $form; |
return $form; |
} |
} |
|
|
sub sign_params { |
|
my ($url,$key,$secret,$paramsref) = @_; |
|
my $nonce = Digest::SHA::sha1_hex(sprintf("%06x%06x",rand(0xfffff0),rand(0xfffff0))); |
|
|
|
my $request = Net::OAuth->request("request token")->new( |
|
consumer_key => $key, |
|
consumer_secret => $secret, |
|
request_url => $url, |
|
request_method => 'POST', |
|
signature_method => 'HMAC-SHA1', |
|
timestamp => time, |
|
nonce => $nonce, |
|
callback => 'about:blank', |
|
extra_params => $paramsref, |
|
version => '1.0', |
|
); |
|
$request->sign; |
|
return $request->to_hash(); |
|
} |
|
|
|
sub get_tool_lock { |
|
my ($cdom,$cnum,$marker,$now) = @_; |
|
# get lock for tool for which gradesecret is being set |
|
my $lockhash = { |
|
$marker."\0".'lock' => $now.':'.$env{'user.name'}. |
|
':'.$env{'user.domain'}, |
|
}; |
|
my $tries = 0; |
|
my $gotlock = &Apache::lonnet::newput('exttools',$lockhash,$cdom,$cnum); |
|
|
|
while (($gotlock ne 'ok') && $tries <3) { |
|
$tries ++; |
|
sleep(1); |
|
$gotlock = &Apache::lonnet::newput('exttools',$lockhash,$cdom,$cnum); |
|
} |
|
return $gotlock; |
|
} |
|
|
|
sub release_tool_lock { |
|
my ($cdom,$cnum,$marker) = @_; |
|
# remove lock |
|
my @del_lock = ($marker."\0".'lock'); |
|
my $dellockoutcome=&Apache::lonnet::del('exttools',\@del_lock,$cdom,$cnum); |
|
if ($dellockoutcome ne 'ok') { |
|
return ('<div class="LC_error">' |
|
.&mt('Warning: failed to release lock for exttool: [_1].','<tt>'.$marker.'</tt>') |
|
.'</div>' |
|
); |
|
} else { |
|
return 'ok'; |
|
} |
|
} |
|
|
|
1; |
1; |