# The LearningOnline Network with CAPA
# Launch External Tool Provider (LTI)
#
# $Id: lonexttool.pm,v 1.3 2016/01/26 14:30:25 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
# This file is part of the LearningOnline Network with CAPA (LON-CAPA).
#
# LON-CAPA is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# LON-CAPA is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with LON-CAPA; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
#
# /home/httpd/html/adm/gpl.txt
#
# http://www.lon-capa.org/
#

=pod

=head1 NAME

Apache::lonexttool - Tool Provider launcher

=head1 SYNOPSIS


=head1 OVERVIEW

=cut

package Apache::lonexttool;

use strict;
use Apache::Constants qw(:common :http);
use Net::OAuth;
use Encode;
use Digest::SHA;
use HTML::Entities;
use Apache::lonlocal;
use Apache::lonnet;
use Apache::loncommon;

sub handler {
    my $r=shift;
    &Apache::loncommon::content_type($r,'text/html');
    $r->send_http_header;

    return OK if $r->header_only;

    my $target=$env{'form.grade_target'};
# ------------------------------------------------------------ Print the screen
    if ($target eq 'tex') {
        $r->print(&Apache::lonprintout::print_latex_header($env{'form.latex_type'}));
    }

# Is this even in a course?
    unless ($env{'request.course.id'}) {
        if ($target ne 'tex') {
            &Apache::loncommon::simple_error_page($r,'','Not in a course');
        } else {
            $r->print('\textbf{Not in a course}\end{document}');
        }
        return OK;
    }

    my ($marker,$exttool) = (split(m{/},$r->uri))[4,5];
    $marker=~s/\D//g;

    if (!$marker) {
        if ($target ne 'tex') {
            $r->print(&mt('Invalid Call'));
        } else {
            $r->print('\textbf{'&mt('Invalid Call').'}\end{document}');
        }
        return OK;
    }

    my $cdom = $env{'course.'.$env{'request.course.id'}.'.domain'};
    my $cnum = $env{'course.'.$env{'request.course.id'}.'.num'};
    my $chome = $env{'course.'.$env{'request.course.id'}.'.home'};
    my $is_tool;

    if ($r->uri eq "/adm/$cdom/$cnum/$marker/$exttool") {
        my %toolsettings=&Apache::lonnet::dump('exttool_'.$marker,$cdom,$cnum);
        if ($toolsettings{'id'}) {
            my %ltitools = &Apache::lonnet::get_domain_ltitools($cdom);
            if (ref($ltitools{$toolsettings{'id'}}) eq 'HASH') {
                my %toolhash = %{$ltitools{$toolsettings{'id'}}}; 
                $toolhash{'display'} = {
                                           target => $toolsettings{'target'},
                                           width  => $toolsettings{'width'},
                                           height => $toolsettings{'height'},
                                       };
                $is_tool = 1;
                if ($target eq 'tex') {
                    $r->print(&mt('External Tool'));
                } else {
                    my $submittext = &mt('Launch [_1]',$toolhash{'title'});
                    if (($toolhash{'key'} ne '') && ($toolhash{'secret'} ne '') && ($toolhash{'url'} ne '')) {
                        my %lti = &lti_params($r,$submittext,\%toolhash);
                        $r->print(&launch_html($toolhash{'url'},$toolhash{'key'},
                                               $toolhash{'secret'},$submittext,\%lti));
                    } else {
                        $r->print('<div>'.&mt('External Tool Unavailable').'</div>');
                    }
                }
            }
        }
    }
    unless ($is_tool) {
        if ($target ne 'tex') {
            $r->print('<div>'.&mt('Invalid Call').'</div>');
        } else {
            $r->print('\textbf{'.&mt(Invalid Call).'}\end{document}');
        }
    }
    return OK;
}

sub lti_params {
    my ($r,$submittext,$toolsref) = @_;
    my ($version,$context_type,$msgtype,$toolname,$passback,$roster,$locale,
        %fields,%rolesmap,%display,%custom,@userlangs);
    if (ref($toolsref) eq 'HASH') {
        $version = $toolsref->{'version'};
        $toolname = $toolsref->{'title'};
        $passback = $toolsref->{'passback'};
        $roster = $toolsref->{'roster'};
        $msgtype = $toolsref->{'messagetype'};
        if (ref($toolsref->{'fields'}) eq 'HASH') {
            %fields = %{$toolsref->{'fields'}};
        }
        if (ref($toolsref->{'roles'}) eq 'HASH') {
            %rolesmap = %{$toolsref->{'roles'}};
        }
        if (ref($toolsref->{'display'}) eq 'HASH') {
            %display = %{$toolsref->{'display'}};
        }
        if (ref($toolsref->{'custom'}) eq 'HASH') {
            %custom = %{$toolsref->{'custom'}};
        }
    }
    if ($version eq '') {
        $version = 'LTI-1p0';
    }
    if ($context_type eq '') {
        $context_type = 'CourseSection';
    }
    if ($msgtype eq '') {
        $msgtype = 'basic-lti-launch-request';
    }
    my $lonhost = $r->dir_config('lonHostID');
    my $loncaparev = $r->dir_config('lonVersion');
    my $uname = $env{'user.name'};
    my $udom = $env{'user.domain'};
    my @possroles = qw(Instructor ContentDeveloper TeachingAssistant Learner);
    my ($roleprefix) = ($env{'request.role'} =~ /^(\w+)\./);
    my $ltirole = $rolesmap{$roleprefix};
    unless (grep(/^\Q$ltirole\E$/,@possroles)) {
        $ltirole = 'Learner';
    }
    my $digest_user = &Encode::decode_utf8($uname.':'.$udom);
    $digest_user = &Digest::SHA::sha1_hex($digest_user);
    if ($env{'course.'.$env{'request.course.id'}.'.languages'} ne '') {
        @userlangs=(@userlangs,split(/\s*(\,|\;|\:)\s*/,
                    $env{'course.'.$env{'request.course.id'}.'.languages'}));
    } else {
        my %langhash = &Apache::loncommon::getlangs($uname,$udom);
        if ($langhash{'languages'} ne '') {
            @userlangs = split(/\s*(\,|\;|\:)\s*/,$langhash{'languages'});
        } else {
            my %domdefs = &Apache::lonnet::get_domain_defaults($udom);
            if ($domdefs{'lang_def'} ne '') {
                @userlangs = ($domdefs{'lang_def'});
            }
        }
    }
    if (scalar(@userlangs) == 1) {
        $locale = $userlangs[0];
    }
    my ($title,$digest_symb);
    my ($symb) = &Apache::lonnet::whichuser();
    if ($symb) {
        $digest_symb = &Encode::decode_utf8($symb);
        $digest_symb = &Digest::SHA::sha1_hex($digest_symb);
        my $navmap = Apache::lonnavmaps::navmap->new();
        if (ref($navmap)) {
            my $res = $navmap->getBySymb($symb);
            if (ref($res)) {
                $title = $res->compTitle();
            }
        }
    }
    my %ltiparams = (
        lti_version                            => $version,
        lti_message_type                       => $msgtype,
        resource_link_title                    => $title,
        resource_link_id                       => $digest_symb,
        tool_consumer_instance_guid            => $lonhost,
        tool_consumer_info_product_family_code => 'loncapa',
        tool_consumer_info_version             => $loncaparev,
        user_id                                => $digest_user,
        lis_person_sourcedid                   => $uname.':'.$udom,
        roles                                  => $ltirole,
        context_id                             => $env{'request.course.id'},
        context_type                           => $context_type,
        context_label                          => $env{'course.'.$env{'request.course.id'}.'.internal.coursecode'},
        context_title                          => $env{'course.'.$env{'request.course.id'}.'.description'},
        launch_presentation_locale             => $locale,
    );
    my $crshome = $env{'course.'.$env{'request.course.id'}.'.home'};
    my $crshostname = &Apache::lonnet::hostname($crshome);
    if ($crshostname) {
        my $crsprotocol = $Apache::lonnet::protocol{$crshome};
        unless ($crsprotocol eq 'https') {
            $crsprotocol = 'http';
        } 
        if ($passback) {
            if ($ltirole eq 'Learner') {
                $ltiparams{'lis_outcome_service_url'} = $crsprotocol.'//'.$crshostname.'/adm/ltipassback';
                $ltiparams{'ext_ims_lis_basic_outcome_url'} = $ltiparams{'lis_outcome_service_url'};
                $ltiparams{'lis_result_sourcedid'} = ''; #FIXME
            }
        }
        if ($roster) {
            if (&Apache::lonnet::allowed('opa',$env{'request.course.id'})) {
                $ltiparams{'ext_ims_lis_memberships_url'} = $crsprotocol.'//'.$crshostname.'/adm/ltiroster';
                $ltiparams{'ext_ims_lis_memberships_id'} = ''; #FIXME
            }
        }
    }
    if ($display{'target'}) {
        $ltiparams{'launch_presentation_document_target'} = $display{'target'};
    }
    if ($display{'width'}) {
        $ltiparams{'launch_presentation_width'} = $display{'width'};
    }
    if ($display{'height'}) {
        $ltiparams{'launch_presentation_height'} = $display{'height'};
    }
    if ($fields{'firstname'}) {
        $ltiparams{'lis_person_name_given'} = $env{'environment.firstname'};
    }
    if ($fields{'lastname'}) {
        $ltiparams{'lis_person_name_family'} = $env{'environment.lastname'};
    }
    if ($fields{'fullname'}) {
        $ltiparams{'lis_person_name_full'} = &Apache::loncommon::plainname($uname,$udom);
    }
    if ($fields{'email'}) {
        my %emails = &Apache::loncommon::getemails($uname,$udom);
        my $contact_email;
        foreach my $type ('permanentemail','critnotification','notification') {
            if ($emails{$type} =~ /\@/) {
                $contact_email = $emails{$type};
                last;
            }
        }
        $ltiparams{'lis_person_contact_email_primary'} = $contact_email;
    }
    if (keys(%custom)) {
        foreach my $key (keys(%custom)) {
            $ltiparams{'custom_'.$key} = $custom{$key};
        }
    }
    foreach my $key (keys(%ltiparams)) {
        $ltiparams{$key} = &Encode::decode_utf8($ltiparams{$key});
    }
    $ltiparams{'basiclti_submit'} = $submittext;
    return %ltiparams;
}

sub launch_html {
    my ($url,$key,$secret,$submittext,$paramsref) = @_;
    my $hashref = &sign_params($url,$key,$secret,$paramsref);
    my $form = <<"END";
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<body>
<div id="LCltiLaunch">
<form name="LCltiLaunchForm" id="LCltiLaunchFormId" action="$url" method="post" encType="application/x-www-form-urlencoded">
END
    if (ref($hashref) eq 'HASH') {
        foreach my $item (keys(%{$hashref})) {
            my $type = 'hidden';
            if ($item eq 'basiclti_submit') {
                $type = 'submit';
            }
            $form .= '<input type="'.$type.'" name="'.$item.'" value="'.$hashref->{$item}.'" id="id_'.$item.'" />'."\n";
        }
    }
    $form .= "</form></div>\n";
    $form .= <<"ENDJS";
<script type="text/javascript">
    document.getElementById("LCltiLaunch").style.display = "none";
    nei = document.createElement('input');
    nei.setAttribute('type','hidden');
    nei.setAttribute('name','basiclti_submit');
    nei.setAttribute('value','$submittext');
    document.getElementById("LCltiLaunchFormId").appendChild(nei);
    document.LCltiLaunchForm.submit();
 </script>
ENDJS
    $form .= "</body></html>\n";
    return $form;
}

sub sign_params {
    my ($url,$key,$secret,$paramsref) = @_;
    my $nonce = Digest::SHA::sha1_hex(sprintf("%06x%06x",rand(0xfffff0),rand(0xfffff0)));
    my $request = Net::OAuth->request("request token")->new(
            consumer_key => $key,
            consumer_secret => $secret,
            request_url => $url,
            request_method => 'POST',
            signature_method => 'HMAC-SHA1',
            timestamp => time,
            nonce => $nonce,
            callback => 'about:blank',
            extra_params => $paramsref,
            version      => '1.0',
            );
    $request->sign;
    return $request->to_hash();
}

1;