version 1.4, 2016/06/06 17:40:48
|
version 1.7, 2017/11/30 14:41:20
|
Line 46 use Apache::Constants qw(:common :http);
|
Line 46 use Apache::Constants qw(:common :http);
|
use Net::OAuth; |
use Net::OAuth; |
use Encode; |
use Encode; |
use Digest::SHA; |
use Digest::SHA; |
|
use UUID::Tiny ':std'; |
use HTML::Entities; |
use HTML::Entities; |
use Apache::lonlocal; |
use Apache::lonlocal; |
use Apache::lonnet; |
use Apache::lonnet; |
Line 94 sub handler {
|
Line 95 sub handler {
|
if ($r->uri eq "/adm/$cdom/$cnum/$marker/$exttool") { |
if ($r->uri eq "/adm/$cdom/$cnum/$marker/$exttool") { |
my %toolsettings=&Apache::lonnet::dump('exttool_'.$marker,$cdom,$cnum); |
my %toolsettings=&Apache::lonnet::dump('exttool_'.$marker,$cdom,$cnum); |
if ($toolsettings{'id'}) { |
if ($toolsettings{'id'}) { |
my %ltitools = &Apache::lonnet::get_domain_ltitools($cdom); |
my $idx = $toolsettings{'id'}; |
if (ref($ltitools{$toolsettings{'id'}}) eq 'HASH') { |
my %ltitools = &Apache::lonnet::get_domain_lti($cdom,'consumer'); |
my %toolhash = %{$ltitools{$toolsettings{'id'}}}; |
if (ref($ltitools{$idx}) eq 'HASH') { |
|
my %toolhash = %{$ltitools{$idx}}; |
$toolhash{'display'} = { |
$toolhash{'display'} = { |
target => $toolsettings{'target'}, |
target => $toolsettings{'target'}, |
width => $toolsettings{'width'}, |
width => $toolsettings{'width'}, |
Line 104 sub handler {
|
Line 106 sub handler {
|
}; |
}; |
$toolhash{'crslabel'} = $toolsettings{'crslabel'}; |
$toolhash{'crslabel'} = $toolsettings{'crslabel'}; |
$toolhash{'crstitle'} = $toolsettings{'crstitle'}; |
$toolhash{'crstitle'} = $toolsettings{'crstitle'}; |
|
$toolhash{'crsappend'} = $toolsettings{'crsappend'}; |
$is_tool = 1; |
$is_tool = 1; |
|
my $launchok = 1; |
if ($target eq 'tex') { |
if ($target eq 'tex') { |
$r->print(&mt('External Tool')); |
$r->print(&mt('External Tool')); |
} else { |
} else { |
|
my $now = time; |
|
if ($toolhash{'passback'}) { |
|
unless (&set_callback_secret($cdom,$cnum,$marker,'grade',$now, |
|
\%toolsettings,\%toolhash) eq 'ok') { |
|
undef($launchok); |
|
} |
|
} |
|
if ($toolhash{'roster'}) { |
|
&set_callback_secret($cdom,$cnum,$marker,'roster',$now, |
|
\%toolsettings,\%toolhash); |
|
} |
my $submittext = &mt('Launch [_1]',$toolhash{'title'}); |
my $submittext = &mt('Launch [_1]',$toolhash{'title'}); |
if (($toolhash{'key'} ne '') && ($toolhash{'secret'} ne '') && ($toolhash{'url'} ne '')) { |
if (($toolhash{'key'} ne '') && ($toolhash{'secret'} ne '') && |
my %lti = <i_params($r,$cnum,$cdom,$submittext,\%toolhash); |
($toolhash{'url'} ne '') && ($launchok)) { |
$r->print(&launch_html($toolhash{'url'},$toolhash{'key'}, |
my %lti = <i_params($r,$cnum,$cdom,$idx,$submittext,\%toolhash); |
$toolhash{'secret'},$submittext,\%lti)); |
my $url = $toolhash{'url'}; |
|
if ($toolhash{'crsappend'} ne '') { |
|
$url .= $toolhash{'crsappend'}; |
|
} |
|
$r->print(&launch_html($url,$toolhash{'key'},$toolhash{'secret'}, |
|
$submittext,\%lti)); |
} else { |
} else { |
$r->print('<div>'.&mt('External Tool Unavailable').'</div>'); |
$r->print('<div>'.&mt('External Tool Unavailable').'</div>'); |
} |
} |
Line 130 sub handler {
|
Line 150 sub handler {
|
return OK; |
return OK; |
} |
} |
|
|
|
sub set_callback_secret { |
|
my ($cdom,$cnum,$marker,$name,$now,$toolsettings,$toolhash) = @_; |
|
return unless ((ref($toolsettings) eq 'HASH') && (ref($toolhash) eq 'HASH')); |
|
my $warning; |
|
my ($needsnew,$oldsecret,$lifetime); |
|
if ($name eq 'grade') { |
|
$lifetime = $toolhash->{'passbackvalid'} |
|
} elsif ($name eq 'roster') { |
|
$lifetime = $toolhash->{'rostervalid'}; |
|
} |
|
if ($toolsettings->{$name} eq '') { |
|
$needsnew = 1; |
|
} elsif (($toolsettings->{$name.'date'} + $lifetime) < $now) { |
|
$oldsecret = $toolsettings->{$name.'secret'}; |
|
$needsnew = 1; |
|
} |
|
if ($needsnew) { |
|
if (&get_tool_lock($cdom,$cnum,$marker,$now) eq 'ok') { |
|
my $secret = UUID::Tiny::create_uuid_as_string(UUID_V4); |
|
$toolhash->{$name.'secret'} = $secret; |
|
my %secrethash = ( |
|
$name.'secret' => $secret, |
|
$name.'secretdate' => $now, |
|
); |
|
if ($oldsecret ne '') { |
|
$secrethash{'old'.$name.'secret'} = $oldsecret; |
|
} |
|
my $putres = &Apache::lonnet::put('exttool_'.$marker, |
|
\%secrethash,$cdom,$cnum); |
|
my $delresult = &release_tool_lock($cdom,$cnum,$marker); |
|
if ($delresult ne 'ok') { |
|
$warning = $delresult ; |
|
} |
|
if ($putres eq 'ok') { |
|
return 'ok'; |
|
} |
|
} else { |
|
$warning = '<span class="LC_error">'. |
|
&mt('Could not obtain exclusive lock'). |
|
'</span>'; |
|
} |
|
} else { |
|
$toolhash->{$name.'secret'} = $toolsettings->{$name.'secret'}; |
|
return 'ok'; |
|
} |
|
return; |
|
} |
|
|
sub lti_params { |
sub lti_params { |
my ($r,$cnum,$cdom,$submittext,$toolsref) = @_; |
my ($r,$cnum,$cdom,$idx,$submittext,$toolsref) = @_; |
my ($version,$context_type,$msgtype,$toolname,$passback,$roster,$locale, |
my ($version,$context_type,$msgtype,$toolname,$passback,$roster,$locale, |
$crslabel,$crstitle,%fields,%rolesmap,%display,%custom,@userlangs); |
$crslabel,$crstitle,$gradesecret,$rostersecret,%fields,%rolesmap, |
|
%display,%custom,@userlangs); |
if (ref($toolsref) eq 'HASH') { |
if (ref($toolsref) eq 'HASH') { |
$version = $toolsref->{'version'}; |
$version = $toolsref->{'version'}; |
$toolname = $toolsref->{'title'}; |
$toolname = $toolsref->{'title'}; |
$passback = $toolsref->{'passback'}; |
$passback = $toolsref->{'passback'}; |
|
$gradesecret = $toolsref->{'gradesecret'}; |
$roster = $toolsref->{'roster'}; |
$roster = $toolsref->{'roster'}; |
|
$rostersecret = $toolsref->{'rostersecret'}; |
$msgtype = $toolsref->{'messagetype'}; |
$msgtype = $toolsref->{'messagetype'}; |
if (ref($toolsref->{'fields'}) eq 'HASH') { |
if (ref($toolsref->{'fields'}) eq 'HASH') { |
%fields = %{$toolsref->{'fields'}}; |
%fields = %{$toolsref->{'fields'}}; |
Line 242 sub lti_params {
|
Line 313 sub lti_params {
|
my $crsprotocol = $Apache::lonnet::protocol{$crshome}; |
my $crsprotocol = $Apache::lonnet::protocol{$crshome}; |
unless ($crsprotocol eq 'https') { |
unless ($crsprotocol eq 'https') { |
$crsprotocol = 'http'; |
$crsprotocol = 'http'; |
} |
} |
if ($passback) { |
if (($passback) || ($roster)) { |
if ($ltirole eq 'Learner') { |
if ($passback) { |
$ltiparams{'lis_outcome_service_url'} = $crsprotocol.'//'.$crshostname.'/adm/ltipassback'; |
$ltiparams{'lis_outcome_service_url'} = $crsprotocol.'//'.$crshostname.'/adm/service/passback'; |
$ltiparams{'ext_ims_lis_basic_outcome_url'} = $ltiparams{'lis_outcome_service_url'}; |
$ltiparams{'ext_ims_lis_basic_outcome_url'} = $ltiparams{'lis_outcome_service_url'}; |
$ltiparams{'lis_result_sourcedid'} = ''; #FIXME |
if ($gradesecret) { |
|
my $result_sig = |
|
Digest::SHA::sha1_hex($gradesecret.':::'.$digest_symb.':::'.$digest_user.':::'.$env{'request.course.id'}); |
|
$ltiparams{'lis_result_sourcedid'} = |
|
$result_sig.':::'.$digest_symb.':::'.$digest_user.':::'.$env{'request.course.id'}; |
|
} |
} |
} |
} |
if ($roster) { |
if ($roster) { |
if (&Apache::lonnet::allowed('opa',$env{'request.course.id'})) { |
if (&Apache::lonnet::allowed('opa',$env{'request.course.id'})) { |
$ltiparams{'ext_ims_lis_memberships_url'} = $crsprotocol.'//'.$crshostname.'/adm/service/roster'; |
$ltiparams{'ext_ims_lis_memberships_url'} = $crsprotocol.'//'.$crshostname.'/adm/ltiroster'; |
if ($rostersecret) { |
$ltiparams{'ext_ims_lis_memberships_id'} = ''; #FIXME |
my $roster_sig = Digest::SHA::sha1_hex($gradesecret.':::'.$digest_symb.':::'.$env{'request.course.id'}); |
|
$ltiparams{'ext_ims_lis_memberships_id'} = $roster_sig.':::'.$digest_symb.':::'.$env{'request.course.id'}; |
|
} |
|
} |
|
} |
|
my %digesthash; |
|
if ($ltiparams{'lis_result_sourcedid'}) { |
|
$digesthash{$ltiparams{'lis_result_sourcedid'}} = "$idx\0".time; |
|
} |
|
if ($ltiparams{'ext_ims_lis_memberships_id'}) { |
|
$digesthash{$ltiparams{'ext_ims_lis_memberships_id'}} = "$idx\0".time; |
|
} |
|
if (($digest_symb) && ($gradesecret || $rostersecret)) { |
|
$digesthash{$digest_symb} = $symb; |
|
} |
|
if (($passback) && ($gradesecret)) { |
|
$digesthash{$digest_user} = $uname.':'.$udom; |
|
} |
|
if (keys(%digesthash)) { |
|
&Apache::lonnet::put('exttools',\%digesthash,$cdom,$cnum); |
} |
} |
} |
} |
} |
} |
Line 287 sub lti_params {
|
Line 382 sub lti_params {
|
$ltiparams{'lis_person_contact_email_primary'} = $contact_email; |
$ltiparams{'lis_person_contact_email_primary'} = $contact_email; |
} |
} |
if ($fields{'user'}) { |
if ($fields{'user'}) { |
$ltiparams{'lis_person_sourcedid'} = $uname.':'.$udom; |
$ltiparams{'lis_person_sourcedid'} = $uname.':'.$udom; |
} |
} |
if (keys(%custom)) { |
if (keys(%custom)) { |
foreach my $key (keys(%custom)) { |
foreach my $key (keys(%custom)) { |
$ltiparams{'custom_'.$key} = $custom{$key}; |
my $value = $custom{$key}; |
|
$value =~ s/^\s+|\s+\$//g; |
|
if ($value =~ /^\QLONCAPA::env{\E([^\}]+)\}$/) { |
|
if (exists($env{$1})) { |
|
$value = $env{$1}; |
|
} |
|
} |
|
$ltiparams{'custom_'.$key} = $value; |
} |
} |
} |
} |
foreach my $key (keys(%ltiparams)) { |
foreach my $key (keys(%ltiparams)) { |
Line 304 sub lti_params {
|
Line 406 sub lti_params {
|
sub launch_html { |
sub launch_html { |
my ($url,$key,$secret,$submittext,$paramsref) = @_; |
my ($url,$key,$secret,$submittext,$paramsref) = @_; |
my $hashref = &sign_params($url,$key,$secret,$paramsref); |
my $hashref = &sign_params($url,$key,$secret,$paramsref); |
|
my $action = &HTML::Entities::encode($url,'<>&"'); |
my $form = <<"END"; |
my $form = <<"END"; |
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> |
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> |
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"> |
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"> |
<body> |
<body> |
<div id="LCltiLaunch"> |
<div id="LCltiLaunch"> |
<form name="LCltiLaunchForm" id="LCltiLaunchFormId" action="$url" method="post" encType="application/x-www-form-urlencoded"> |
<form name="LCltiLaunchForm" id="LCltiLaunchFormId" action="$action" method="post" encType="application/x-www-form-urlencoded"> |
END |
END |
if (ref($hashref) eq 'HASH') { |
if (ref($hashref) eq 'HASH') { |
foreach my $item (keys(%{$hashref})) { |
foreach my $item (keys(%{$hashref})) { |
Line 339 ENDJS
|
Line 442 ENDJS
|
sub sign_params { |
sub sign_params { |
my ($url,$key,$secret,$paramsref) = @_; |
my ($url,$key,$secret,$paramsref) = @_; |
my $nonce = Digest::SHA::sha1_hex(sprintf("%06x%06x",rand(0xfffff0),rand(0xfffff0))); |
my $nonce = Digest::SHA::sha1_hex(sprintf("%06x%06x",rand(0xfffff0),rand(0xfffff0))); |
|
|
my $request = Net::OAuth->request("request token")->new( |
my $request = Net::OAuth->request("request token")->new( |
consumer_key => $key, |
consumer_key => $key, |
consumer_secret => $secret, |
consumer_secret => $secret, |
Line 355 sub sign_params {
|
Line 459 sub sign_params {
|
return $request->to_hash(); |
return $request->to_hash(); |
} |
} |
|
|
|
sub get_tool_lock { |
|
my ($cdom,$cnum,$marker,$now) = @_; |
|
# get lock for tool for which gradesecret is being set |
|
my $lockhash = { |
|
$marker."\0".'lock' => $now.':'.$env{'user.name'}. |
|
':'.$env{'user.domain'}, |
|
}; |
|
my $tries = 0; |
|
my $gotlock = &Apache::lonnet::newput('exttools',$lockhash,$cdom,$cnum); |
|
|
|
while (($gotlock ne 'ok') && $tries <3) { |
|
$tries ++; |
|
sleep(1); |
|
$gotlock = &Apache::lonnet::newput('exttools',$lockhash,$cdom,$cnum); |
|
} |
|
return $gotlock; |
|
} |
|
|
|
sub release_tool_lock { |
|
my ($cdom,$cnum,$marker) = @_; |
|
# remove lock |
|
my @del_lock = ($marker."\0".'lock'); |
|
my $dellockoutcome=&Apache::lonnet::del('exttools',\@del_lock,$cdom,$cnum); |
|
if ($dellockoutcome ne 'ok') { |
|
return ('<div class="LC_error">' |
|
.&mt('Warning: failed to release lock for exttool: [_1].','<tt>'.$marker.'</tt>') |
|
.'</div>' |
|
); |
|
} else { |
|
return 'ok'; |
|
} |
|
} |
|
|
1; |
1; |