--- loncom/lond	2021/12/21 13:57:47	1.571
+++ loncom/lond	2022/02/01 23:13:21	1.572
@@ -2,7 +2,7 @@
 # The LearningOnline Network
 # lond "LON Daemon" Server (port "LOND" 5663)
 #
-# $Id: lond,v 1.571 2021/12/21 13:57:47 raeburn Exp $
+# $Id: lond,v 1.572 2022/02/01 23:13:21 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -65,7 +65,7 @@ my $DEBUG = 0;		       # Non zero to ena
 my $status='';
 my $lastlog='';
 
-my $VERSION='$Revision: 1.571 $'; #' stupid emacs
+my $VERSION='$Revision: 1.572 $'; #' stupid emacs
 my $remoteVERSION;
 my $currenthostid="default";
 my $currentdomainid;
@@ -266,6 +266,7 @@ my %trust = (
                ls => {remote => 1, enroll => 1, content => 1,},
                ls2 => {remote => 1, enroll => 1, content => 1,},
                ls3 => {remote => 1, enroll => 1, content => 1,},
+               lti => {institutiononly => 1},
                makeuser => {remote => 1, enroll => 1, domroles => 1,},
                mkdiruserfile => {remote => 1, enroll => 1,},
                newput => {remote => 1, enroll => 1, reqcrs => 1, domroles => 1,},
@@ -5156,6 +5157,25 @@ sub get_domain_handler {
 }
 &register_handler("getdom", \&get_domain_handler, 0, 1, 0);
 
+#
+# Encrypted get from the namespace database file at the domain level.
+# This function retrieves a keyed item from a specific named database in the
+# domain directory.
+#
+# Parameters:
+#   $cmd             - Command request keyword (egetdom).
+#   $tail            - Tail of the command.  This is a colon separated list
+#                      consisting of the domain and the 'namespace'
+#                      which selects the gdbm file to do the lookup in,
+#                      & separated list of keys to lookup.  Note that
+#                      the values are returned as an & separated list too.
+#   $client          - File descriptor open on the client.
+# Returns:
+#   1       - Continue processing.
+#   0       - Exit.
+#  Side effects:
+#     reply is encrypted before being written to $client.
+#
 sub encrypted_get_domain_handler {
     my ($cmd, $tail, $client) = @_;
 
@@ -5185,6 +5205,71 @@ sub encrypted_get_domain_handler {
 &register_handler("egetdom", \&encrypted_get_domain_handler, 1, 1, 0);
 
 #
+# Encrypted get from the namespace database file at the domain level.
+# This function retrieves a keyed item from a specific named database in the
+# domain directory.
+#
+# Parameters:
+#   $cmd             - Command request keyword (lti).
+#   $tail            - Tail of the command.  This is a colon-separated list
+#                      consisting of the domain, coursenum, if for LTI-
+#                      enabled deep-linking to course content using
+#                      link protection configured within a course,
+#                      context (=deeplink) if for LTI-enabled deep-linking
+#                      to course content using LTI Provider settings
+#                      configured within a course's domain, the (escaped)
+#                      launch URL, the (escaped) method (typically POST),
+#                      and a frozen hash of the LTI launch parameters
+#                      from the LTI payload.
+#   $client          - File descriptor open on the client.
+# Returns:
+#   1       - Continue processing.
+#   0       - Exit.
+#  Side effects:
+#     The reply will contain an LTI itemID, if the signed LTI payload
+#     could be verified using the consumer key and the shared secret 
+#     available for that key (for the itemID) for either the course or domain, 
+#     depending on values for cnum and context. The reply is encrypted before 
+#     being written to $client.
+#
+sub lti_handler {
+    my ($cmd, $tail, $client) = @_;
+
+    my $userinput = "$cmd:$tail";
+
+    my ($cdom,$cnum,$context,$escurl,$escmethod,$items) = split(/:/,$tail);
+    my $url = &unescape($escurl);
+    my $method = &unescape($escmethod);
+    my $params = &Apache::lonnet::thaw_unescape($items);
+    my $res;
+    if ($cnum ne '') {
+        $res = &LONCAPA::Lond::crslti_itemid($cdom,$cnum,$url,$method,$params,$perlvar{'lonVersion'});
+    } else {
+        $res = &LONCAPA::Lond::domlti_itemid($cdom,$context,$url,$method,$params,$perlvar{'lonVersion'});
+    }
+    if ($res =~ /^error:/) {
+        &Failure($client, \$res, $userinput);
+    } else {
+        if ($cipher) {
+            my $cmdlength=length($res);
+            $res.="         ";
+            my $encres='';
+            for (my $encidx=0;$encidx<=$cmdlength;$encidx+=8) {
+                $encres.= unpack("H16",
+                                 $cipher->encrypt(substr($res,
+                                                         $encidx,
+                                                         8)));
+            }
+            &Reply( $client,"enc:$cmdlength:$encres\n",$userinput);
+        } else {
+            &Failure( $client, "error:no_key\n",$userinput);
+        }
+    }
+    return 1;
+}
+&register_handler("lti", \&lti_handler, 1, 1, 0);
+
+#
 #  Puts an id to a domains id database. 
 #
 #  Parameters: