--- loncom/interface/lonexttool.pm 2016/01/25 20:13:02 1.2 +++ loncom/interface/lonexttool.pm 2017/12/07 15:36:34 1.9 @@ -1,7 +1,7 @@ # The LearningOnline Network with CAPA # Launch External Tool Provider (LTI) # -# $Id: lonexttool.pm,v 1.2 2016/01/25 20:13:02 raeburn Exp $ +# $Id: lonexttool.pm,v 1.9 2017/12/07 15:36:34 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -43,13 +43,13 @@ package Apache::lonexttool; use strict; use Apache::Constants qw(:common :http); -use Net::OAuth; use Encode; use Digest::SHA; use HTML::Entities; use Apache::lonlocal; use Apache::lonnet; use Apache::loncommon; +use LONCAPA::ltiutils; sub handler { my $r=shift; @@ -74,15 +74,14 @@ sub handler { return OK; } - my $marker = (split(m{/},$r->uri))[4]; + my ($marker,$exttool) = (split(m{/},$r->uri))[4,5]; $marker=~s/\D//g; if (!$marker) { if ($target ne 'tex') { - &Apache::loncommon::simple_error_page($r,'Invalid Call', - 'Invalid Call'); + $r->print(&mt('Invalid Call')); } else { - $r->print('\textbf{Invalid call}\end{document}'); + $r->print('\textbf{'&mt('Invalid Call').'}\end{document}'); } return OK; } @@ -90,53 +89,82 @@ sub handler { my $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'}; my $cnum = $env{'course.'.$env{'request.course.id'}.'.num'}; my $chome = $env{'course.'.$env{'request.course.id'}.'.home'}; + my $is_tool; - if ($r->uri eq "/adm/$cdom/$cnum/$marker/exttool") { - my %toolhash=&Apache::lonnet::dump('exttool_'.$marker,$cdom,$cnum); - if ($target eq 'tex') { - $r->print(&mt('External Tool')); - } else { - if (($toolhash{'key'} ne '') && ($toolhash{'secret'} ne '') && ($toolhash{'url'} ne '')) { - my %lti = <i_params($r,\%toolhash); - $r->print(&launch_html($toolhash{'url'},$toolhash{'key'}, - $toolhash{'secret'},$toolhash{'title'},\%lti)); - } else { - &Apache::loncommon::simple_error_page($r,'External Tool Unavailable', - 'External Tool Unavailable'); + if ($r->uri eq "/adm/$cdom/$cnum/$marker/$exttool") { + my %toolsettings=&Apache::lonnet::dump('exttool_'.$marker,$cdom,$cnum); + if ($toolsettings{'id'}) { + my $idx = $toolsettings{'id'}; + my %ltitools = &Apache::lonnet::get_domain_lti($cdom,'consumer'); + if (ref($ltitools{$idx}) eq 'HASH') { + my %toolhash = %{$ltitools{$idx}}; + $toolhash{'display'} = { + target => $toolsettings{'target'}, + width => $toolsettings{'width'}, + height => $toolsettings{'height'}, + }; + $toolhash{'crslabel'} = $toolsettings{'crslabel'}; + $toolhash{'crstitle'} = $toolsettings{'crstitle'}; + $toolhash{'crsappend'} = $toolsettings{'crsappend'}; + $is_tool = 1; + my $launchok = 1; + if ($target eq 'tex') { + $r->print(&mt('External Tool')); + } else { + my $now = time; + if ($toolhash{'passback'}) { + if (&LONCAPA::ltiutils::set_service_secret($cdom,$cnum,$marker,'grade',$now, + \%toolsettings,\%toolhash) eq 'ok') { + $toolhash{'gradesecret'} = $toolsettings{'gradesecret'}; + } else { + undef($launchok); + } + } + if ($toolhash{'roster'}) { + if (&LONCAPA::ltiutils::set_service_secret($cdom,$cnum,$marker,'roster',$now, + \%toolsettings,\%toolhash) eq 'ok') { + $toolhash{'rostersecret'} = $toolsettings{'rostersecret'}; + } + } + my $submittext = &mt('Launch [_1]',$toolhash{'title'}); + if (($toolhash{'key'} ne '') && ($toolhash{'secret'} ne '') && + ($toolhash{'url'} ne '') && ($launchok)) { + my %lti = <i_params($r,$cnum,$cdom,$idx,$submittext,\%toolhash); + my $url = $toolhash{'url'}; + if ($toolhash{'crsappend'} ne '') { + $url .= $toolhash{'crsappend'}; + } + $r->print(&launch_html($url,$toolhash{'key'},$toolhash{'secret'}, + $submittext,\%lti)); + } else { + $r->print('
'.&mt('External Tool Unavailable').'
'); + } + } } } - } else { + } + unless ($is_tool) { if ($target ne 'tex') { - &Apache::loncommon::simple_error_page($r,'Invalid Call', - 'Invalid Call'); + $r->print('
'.&mt('Invalid Call').'
'); } else { - $r->print('\textbf{Invalid call}\end{document}'); + $r->print('\textbf{'.&mt(Invalid Call).'}\end{document}'); } - return OK; } - - &print_end_page($r,$target); return OK; } -sub print_end_page { - my ($r,$target) = @_; - if ($target ne 'tex') { - $r->print(&Apache::loncommon::end_page()); - } else { - $r->print('\end{document}'); - } -} - sub lti_params { - my ($r,$toolsref) = @_; + my ($r,$cnum,$cdom,$idx,$submittext,$toolsref) = @_; my ($version,$context_type,$msgtype,$toolname,$passback,$roster,$locale, - %fields,%rolesmap,%display,%custom,@userlangs); + $crslabel,$crstitle,$gradesecret,$rostersecret,%fields,%rolesmap, + %display,%custom,@userlangs); if (ref($toolsref) eq 'HASH') { $version = $toolsref->{'version'}; $toolname = $toolsref->{'title'}; $passback = $toolsref->{'passback'}; + $gradesecret = $toolsref->{'gradesecret'}; $roster = $toolsref->{'roster'}; + $rostersecret = $toolsref->{'rostersecret'}; $msgtype = $toolsref->{'messagetype'}; if (ref($toolsref->{'fields'}) eq 'HASH') { %fields = %{$toolsref->{'fields'}}; @@ -150,6 +178,8 @@ sub lti_params { if (ref($toolsref->{'custom'}) eq 'HASH') { %custom = %{$toolsref->{'custom'}}; } + $crslabel = $toolsref->{'crslabel'}; + $crstitle = $toolsref->{'crstitle'}; } if ($version eq '') { $version = 'LTI-1p0'; @@ -160,12 +190,19 @@ sub lti_params { if ($msgtype eq '') { $msgtype = 'basic-lti-launch-request'; } + if ($crslabel eq '') { + $crslabel = $env{'course.'.$env{'request.course.id'}.'.internal.coursecode'}, + } + if ($crstitle eq '') { + $crstitle = $env{'course.'.$env{'request.course.id'}.'.description'},; + } my $lonhost = $r->dir_config('lonHostID'); my $loncaparev = $r->dir_config('lonVersion'); my $uname = $env{'user.name'}; my $udom = $env{'user.domain'}; my @possroles = qw(Instructor ContentDeveloper TeachingAssistant Learner); - my $ltirole = $rolesmap{$env{'request.role'}}; + my ($roleprefix) = ($env{'request.role'} =~ /^(\w+)\./); + my $ltirole = $rolesmap{$roleprefix}; unless (grep(/^\Q$ltirole\E$/,@possroles)) { $ltirole = 'Learner'; } @@ -201,41 +238,70 @@ sub lti_params { } } } + my $domdesc = &Apache::lonnet::domain($cdom); + my $primary_id = &Apache::lonnet::domain($cdom,'primary'); + my $int_dom = &Apache::lonnet::internet_dom($primary_id); + my $portal_url = &Apache::lonnet::course_portal_url($cnum,$cdom); + my %ltiparams = ( lti_version => $version, lti_message_type => $msgtype, resource_link_title => $title, resource_link_id => $digest_symb, tool_consumer_instance_guid => $lonhost, + tool_consumer_instance_description => $domdesc, tool_consumer_info_product_family_code => 'loncapa', + tool_consumer_instance_name => $int_dom, + tool_consumer_instance_url => $portal_url, tool_consumer_info_version => $loncaparev, user_id => $digest_user, - lis_person_sourcedid => $uname.':'.$udom, roles => $ltirole, context_id => $env{'request.course.id'}, context_type => $context_type, - context_label => $env{'course.'.$env{'request.course.id'}.'.internal.coursecode'}, - context_title => $env{'course.'.$env{'request.course.id'}.'.description'}, + context_label => $crslabel, + context_title => $crstitle, launch_presentation_locale => $locale, ); - my $crshostname = $env{'course.'.$env{'request.course.id'}.'.home'}; - my $crsprotocol = $Apache::lonnet::protocol{$crshostname}; + my $crshome = $env{'course.'.$env{'request.course.id'}.'.home'}; + my $crshostname = &Apache::lonnet::hostname($crshome); if ($crshostname) { - my $crsprotocol = $Apache::lonnet::protocol{$crshostname}; + my $crsprotocol = $Apache::lonnet::protocol{$crshome}; unless ($crsprotocol eq 'https') { $crsprotocol = 'http'; - } - if ($passback) { - if ($ltirole eq 'Learner') { - $ltiparams{'lis_outcome_service_url'} = $crsprotocol.'//'.$crshostname.'/adm/ltipassback'; + } + if (($passback) || ($roster)) { + if ($passback) { + $ltiparams{'lis_outcome_service_url'} = $crsprotocol.'://'.$crshostname.'/adm/service/passback'; $ltiparams{'ext_ims_lis_basic_outcome_url'} = $ltiparams{'lis_outcome_service_url'}; - $ltiparams{'lis_result_sourcedid'} = ''; #FIXME + if ($gradesecret) { + my $uniqid = $digest_symb.':::'.$digest_user.':::'.$env{'request.course.id'}; + $ltiparams{'lis_result_sourcedid'} = &LONCAPA::ltiutils::get_unique_callback($gradesecret,$uniqid); + } } - } - if ($roster) { - if (&Apache::lonnet::allowed('opa',$env{'request.course.id'})) { - $ltiparams{'ext_ims_lis_memberships_url'} = $crsprotocol.'//'.$crshostname.'/adm/ltiroster'; - $ltiparams{'ext_ims_lis_memberships_id'} = ''; #FIXME + if ($roster) { + if (&Apache::lonnet::allowed('opa',$env{'request.course.id'})) { + $ltiparams{'ext_ims_lis_memberships_url'} = $crsprotocol.'://'.$crshostname.'/adm/service/roster'; + if ($rostersecret) { + my $uniqid = $digest_symb.':::'.$env{'request.course.id'}; + $ltiparams{'ext_ims_lis_memberships_id'} = &LONCAPA::ltiutils::get_unique_callback($rostersecret,$uniqid); + } + } + } + my %digesthash; + if ($ltiparams{'lis_result_sourcedid'}) { + $digesthash{$ltiparams{'lis_result_sourcedid'}} = "$idx\0".time; + } + if ($ltiparams{'ext_ims_lis_memberships_id'}) { + $digesthash{$ltiparams{'ext_ims_lis_memberships_id'}} = "$idx\0".time; + } + if (($digest_symb) && ($gradesecret || $rostersecret)) { + $digesthash{$digest_symb} = $symb; + } + if (($passback) && ($gradesecret)) { + $digesthash{$digest_user} = $uname.':'.$udom; + } + if (keys(%digesthash)) { + &Apache::lonnet::put('exttools',\%digesthash,$cdom,$cnum); } } } @@ -260,40 +326,54 @@ sub lti_params { if ($fields{'email'}) { my %emails = &Apache::loncommon::getemails($uname,$udom); my $contact_email; - foreach my $email ('permanentemail','critnotification','notification') { - if ($email =~ /\@/) { - $contact_email = $email; + foreach my $type ('permanentemail','critnotification','notification') { + if ($emails{$type} =~ /\@/) { + $contact_email = $emails{$type}; last; } } $ltiparams{'lis_person_contact_email_primary'} = $contact_email; } + if ($fields{'user'}) { + $ltiparams{'lis_person_sourcedid'} = $uname.':'.$udom; + } if (keys(%custom)) { foreach my $key (keys(%custom)) { - $ltiparams{'custom_'.$key} = $custom{$key}; + my $value = $custom{$key}; + $value =~ s/^\s+|\s+\$//g; + if ($value =~ /^\QLONCAPA::env{\E([^\}]+)\}$/) { + if (exists($env{$1})) { + $value = $env{$1}; + } + } + $ltiparams{'custom_'.$key} = $value; } } foreach my $key (keys(%ltiparams)) { $ltiparams{$key} = &Encode::decode_utf8($ltiparams{$key}); } + $ltiparams{'basiclti_submit'} = $submittext; return %ltiparams; } sub launch_html { - my ($url,$key,$secret,$toolname,$paramsref) = @_; - my $hashref = &sign_params($url,$key,$secret,$paramsref); - my $submittext = &mt('Launch [_1]',$toolname); + my ($url,$key,$secret,$submittext,$paramsref) = @_; + my $hashref = &LONCAPA::ltiutils::sign_params($url,$key,$secret,$paramsref); + my $action = &HTML::Entities::encode($url,'<>&"'); my $form = <<"END";
-
- + END if (ref($hashref) eq 'HASH') { foreach my $item (keys(%{$hashref})) { - $form .= ''."\n"; + my $type = 'hidden'; + if ($item eq 'basiclti_submit') { + $type = 'submit'; + } + $form .= ''."\n"; } } $form .= "
\n"; @@ -302,9 +382,9 @@ END document.getElementById("LCltiLaunch").style.display = "none"; nei = document.createElement('input'); nei.setAttribute('type','hidden'); - nei.setAttribute('name','LCbasicltiSubmit'); + nei.setAttribute('name','basiclti_submit'); nei.setAttribute('value','$submittext'); - document.getElementById("LCltiLaunchForm").appendChild(nei); + document.getElementById("LCltiLaunchFormId").appendChild(nei); document.LCltiLaunchForm.submit(); ENDJS @@ -312,23 +392,4 @@ ENDJS return $form; } -sub sign_params { - my ($url,$key,$secret,$paramsref) = @_; - my $nonce = Digest::SHA::sha1_hex(sprintf("%06x%06x",rand(0xfffff0),rand(0xfffff0))); - my $request = Net::OAuth->request("request token")->new( - consumer_key => $key, - consumer_secret => $secret, - request_url => $url, - request_method => 'POST', - signature_method => 'HMAC-SHA1', - timestamp => time, - nonce => $nonce, - callback => 'about:blank', - extra_params => $paramsref, - version => '1.0', - ); - $request->sign; - return $request->to_hash(); -} - 1;