--- loncom/interface/lonexttool.pm 2017/11/30 01:52:14 1.5
+++ loncom/interface/lonexttool.pm 2017/11/30 02:17:50 1.6
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# Launch External Tool Provider (LTI)
#
-# $Id: lonexttool.pm,v 1.5 2017/11/30 01:52:14 raeburn Exp $
+# $Id: lonexttool.pm,v 1.6 2017/11/30 02:17:50 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -46,6 +46,7 @@ use Apache::Constants qw(:common :http);
use Net::OAuth;
use Encode;
use Digest::SHA;
+use UUID::Tiny ':std';
use HTML::Entities;
use Apache::lonlocal;
use Apache::lonnet;
@@ -94,9 +95,10 @@ sub handler {
if ($r->uri eq "/adm/$cdom/$cnum/$marker/$exttool") {
my %toolsettings=&Apache::lonnet::dump('exttool_'.$marker,$cdom,$cnum);
if ($toolsettings{'id'}) {
+ my $idx = $toolsettings{'id'};
my %ltitools = &Apache::lonnet::get_domain_ltitools($cdom);
- if (ref($ltitools{$toolsettings{'id'}}) eq 'HASH') {
- my %toolhash = %{$ltitools{$toolsettings{'id'}}};
+ if (ref($ltitools{$idx}) eq 'HASH') {
+ my %toolhash = %{$ltitools{$idx}};
$toolhash{'display'} = {
target => $toolsettings{'target'},
width => $toolsettings{'width'},
@@ -106,12 +108,25 @@ sub handler {
$toolhash{'crstitle'} = $toolsettings{'crstitle'};
$toolhash{'crsappend'} = $toolsettings{'crsappend'};
$is_tool = 1;
+ my $launchok = 1;
if ($target eq 'tex') {
$r->print(&mt('External Tool'));
} else {
+ my $now = time;
+ if ($toolhash{'passback'}) {
+ unless (&set_callback_secret($cdom,$cnum,$marker,'grade',$now,
+ \%toolsettings,\%toolhash) eq 'ok') {
+ undef($launchok);
+ }
+ }
+ if ($toolhash{'roster'}) {
+ &set_callback_secret($cdom,$cnum,$marker,'roster',$now,
+ \%toolsettings,\%toolhash);
+ }
my $submittext = &mt('Launch [_1]',$toolhash{'title'});
- if (($toolhash{'key'} ne '') && ($toolhash{'secret'} ne '') && ($toolhash{'url'} ne '')) {
- my %lti = <i_params($r,$cnum,$cdom,$submittext,\%toolhash);
+ if (($toolhash{'key'} ne '') && ($toolhash{'secret'} ne '') &&
+ ($toolhash{'url'} ne '') && ($launchok)) {
+ my %lti = <i_params($r,$cnum,$cdom,$idx,$submittext,\%toolhash);
my $url = $toolhash{'url'};
if ($toolhash{'crsappend'} ne '') {
$url .= $toolhash{'crsappend'};
@@ -135,15 +150,66 @@ sub handler {
return OK;
}
+sub set_callback_secret {
+ my ($cdom,$cnum,$marker,$name,$now,$toolsettings,$toolhash) = @_;
+ return unless ((ref($toolsettings) eq 'HASH') && (ref($toolhash) eq 'HASH'));
+ my $warning;
+ my ($needsnew,$oldsecret,$lifetime);
+ if ($name eq 'grade') {
+ $lifetime = $toolhash->{'passbackvalid'}
+ } elsif ($name eq 'roster') {
+ $lifetime = $toolhash->{'rostervalid'};
+ }
+ if ($toolsettings->{$name} eq '') {
+ $needsnew = 1;
+ } elsif (($toolsettings->{$name.'date'} + $lifetime) < $now) {
+ $oldsecret = $toolsettings->{$name.'secret'};
+ $needsnew = 1;
+ }
+ if ($needsnew) {
+ if (&get_tool_lock($cdom,$cnum,$marker,$now) eq 'ok') {
+ my $secret = UUID::Tiny::create_uuid_as_string(UUID_V4);
+ $toolhash->{$name.'secret'} = $secret;
+ my %secrethash = (
+ $name.'secret' => $secret,
+ $name.'secretdate' => $now,
+ );
+ if ($oldsecret ne '') {
+ $secrethash{'old'.$name.'secret'} = $oldsecret;
+ }
+ my $putres = &Apache::lonnet::put('exttool_'.$marker,
+ \%secrethash,$cdom,$cnum);
+ my $delresult = &release_tool_lock($cdom,$cnum,$marker);
+ if ($delresult ne 'ok') {
+ $warning = $delresult ;
+ }
+ if ($putres eq 'ok') {
+ return 'ok';
+ }
+ } else {
+ $warning = ''.
+ &mt('Could not obtain exclusive lock').
+ '';
+ }
+ } else {
+ $toolhash->{$name.'secret'} = $toolsettings->{$name.'secret'};
+ return 'ok';
+ }
+ return;
+}
+
sub lti_params {
- my ($r,$cnum,$cdom,$submittext,$toolsref) = @_;
+ my ($r,$cnum,$cdom,$idx,$submittext,$toolsref) = @_;
my ($version,$context_type,$msgtype,$toolname,$passback,$roster,$locale,
- $crslabel,$crstitle,%fields,%rolesmap,%display,%custom,@userlangs);
+ $crslabel,$crstitle,$gradesecret,$rostersecret,%fields,%rolesmap,
+ %display,%custom,@userlangs);
if (ref($toolsref) eq 'HASH') {
$version = $toolsref->{'version'};
$toolname = $toolsref->{'title'};
$passback = $toolsref->{'passback'};
+ $gradesecret = $toolsref->{'gradesecret'};
$roster = $toolsref->{'roster'};
+ $rostersecret = $toolsref->{'rostersecret'};
$msgtype = $toolsref->{'messagetype'};
if (ref($toolsref->{'fields'}) eq 'HASH') {
%fields = %{$toolsref->{'fields'}};
@@ -247,18 +313,42 @@ sub lti_params {
my $crsprotocol = $Apache::lonnet::protocol{$crshome};
unless ($crsprotocol eq 'https') {
$crsprotocol = 'http';
- }
- if ($passback) {
- if ($ltirole eq 'Learner') {
+ }
+ if (($passback) || ($roster)) {
+ if ($passback) {
$ltiparams{'lis_outcome_service_url'} = $crsprotocol.'//'.$crshostname.'/adm/service/passback';
$ltiparams{'ext_ims_lis_basic_outcome_url'} = $ltiparams{'lis_outcome_service_url'};
- $ltiparams{'lis_result_sourcedid'} = ''; #FIXME
+ if ($gradesecret) {
+ my $result_sig =
+ Digest::SHA::sha1_hex($gradesecret.':::'.$digest_symb.':::'.$digest_user.':::'.$env{'request.course.id'});
+ $ltiparams{'lis_result_sourcedid'} =
+ $result_sig.':::'.$digest_symb.':::'.$digest_user.':::'.$env{'request.course.id'};
+ }
}
- }
- if ($roster) {
- if (&Apache::lonnet::allowed('opa',$env{'request.course.id'})) {
- $ltiparams{'ext_ims_lis_memberships_url'} = $crsprotocol.'//'.$crshostname.'/adm/service/roster';
- $ltiparams{'ext_ims_lis_memberships_id'} = ''; #FIXME
+ if ($roster) {
+ if (&Apache::lonnet::allowed('opa',$env{'request.course.id'})) {
+ $ltiparams{'ext_ims_lis_memberships_url'} = $crsprotocol.'//'.$crshostname.'/adm/service/roster';
+ if ($rostersecret) {
+ my $roster_sig = Digest::SHA::sha1_hex($gradesecret.':::'.$digest_symb.':::'.$env{'request.course.id'});
+ $ltiparams{'ext_ims_lis_memberships_id'} = $roster_sig.':::'.$digest_symb.':::'.$env{'request.course.id'};
+ }
+ }
+ }
+ my %digesthash;
+ if ($ltiparams{'lis_result_sourcedid'}) {
+ $digesthash{$ltiparams{'lis_result_sourcedid'}} = "$idx\0".time;
+ }
+ if ($ltiparams{'ext_ims_lis_memberships_id'}) {
+ $digesthash{$ltiparams{'ext_ims_lis_memberships_id'}} = "$idx\0".time;
+ }
+ if (($digest_symb) && ($gradesecret || $rostersecret)) {
+ $digesthash{$digest_symb} = $symb;
+ }
+ if (($passback) && ($gradesecret)) {
+ $digesthash{$digest_user} = $uname.':'.$udom;
+ }
+ if (keys(%digesthash)) {
+ &Apache::lonnet::put('exttools',\%digesthash,$cdom,$cnum);
}
}
}
@@ -292,7 +382,7 @@ sub lti_params {
$ltiparams{'lis_person_contact_email_primary'} = $contact_email;
}
if ($fields{'user'}) {
- $ltiparams{'lis_person_sourcedid'} = $uname.':'.$udom;
+ $ltiparams{'lis_person_sourcedid'} = $uname.':'.$udom;
}
if (keys(%custom)) {
foreach my $key (keys(%custom)) {
@@ -352,6 +442,7 @@ ENDJS
sub sign_params {
my ($url,$key,$secret,$paramsref) = @_;
my $nonce = Digest::SHA::sha1_hex(sprintf("%06x%06x",rand(0xfffff0),rand(0xfffff0)));
+
my $request = Net::OAuth->request("request token")->new(
consumer_key => $key,
consumer_secret => $secret,
@@ -368,4 +459,37 @@ sub sign_params {
return $request->to_hash();
}
+sub get_tool_lock {
+ my ($cdom,$cnum,$marker,$now) = @_;
+ # get lock for tool for which gradesecret is being set
+ my $lockhash = {
+ $marker."\0".'lock' => $now.':'.$env{'user.name'}.
+ ':'.$env{'user.domain'},
+ };
+ my $tries = 0;
+ my $gotlock = &Apache::lonnet::newput('exttools',$lockhash,$cdom,$cnum);
+
+ while (($gotlock ne 'ok') && $tries <3) {
+ $tries ++;
+ sleep(1);
+ $gotlock = &Apache::lonnet::newput('exttools',$lockhash,$cdom,$cnum);
+ }
+ return $gotlock;
+}
+
+sub release_tool_lock {
+ my ($cdom,$cnum,$marker) = @_;
+ # remove lock
+ my @del_lock = ($marker."\0".'lock');
+ my $dellockoutcome=&Apache::lonnet::del('exttools',\@del_lock,$cdom,$cnum);
+ if ($dellockoutcome ne 'ok') {
+ return (''
+ .&mt('Warning: failed to release lock for exttool: [_1].',''.$marker.'')
+ .'
'
+ );
+ } else {
+ return 'ok';
+ }
+}
+
1;