loncom/lti/ltiauth.pm - diff

Return to ltiauth.pm CVS log

Up to [LON-CAPA] / loncom / lti

Diff for /loncom/lti/ltiauth.pm between versions 1.6 and 1.19

version 1.6, 2018/03/23 01:01:47	version 1.19, 2019/07/18 18:28:46
Line 43 sub handler {	Line 43 sub handler {
my $r = shift;	my $r = shift;
my $requri = $r->uri;	my $requri = $r->uri;
#	#
# Retrieve data POSTed by LTI Consumer on launch	# Check for existing session, and temporarily delete any form items
	# in %env, if session exists
	#
	my %savedform;
	my $handle = &Apache::lonnet::check_for_valid_session($r);
	if ($handle ne '') {
	foreach my $key (sort(keys(%env))) {
	if ($key =~ /^form\.(.+)$/) {
	$savedform{$1} = $env{$key};
	delete($env{$key});
	}
	}
	}
	#
	# Retrieve data POSTed by LTI Consumer on launch
#	#
&Apache::lonacc::get_posted_cgi($r);	&Apache::lonacc::get_posted_cgi($r);
my $params = {};	my $params = {};
Line 52 sub handler {	Line 66 sub handler {
$params->{$1} = $env{$key};	$params->{$1} = $env{$key};
}	}
}	}
	#
	# Check for existing session, and restored temporarily
	# deleted form items to %env, if session exists.
	#
	if ($handle ne '') {
	if (keys(%savedform)) {
	foreach my $key (sort(keys(%savedform))) {
	$env{'form.'.$key} = $savedform{$key};
	}
	}
	}

unless (keys(%{$params})) {	unless (keys(%{$params})) {
&invalid_request($r,1);	&invalid_request($r,1);
Line 140 sub handler {	Line 165 sub handler {
# Order is:	# Order is:
#	#
# (a) from custom_coursedomain item in POSTed data	# (a) from custom_coursedomain item in POSTed data
# (b) from tail of requested URL (after /adm/lti) if it has format of a symb	# (b) from tail of requested URL (after /adm/lti/) if it has format of a symb
# (c) from tail of requested URL (after /adm/lti) if it has format of a map	# (c) from tail of requested URL (after /adm/lti) if it has format of a map
# (d) from tail of requested URL (after /adm/lti) if it has format /domain/courseID	# (d) from tail of requested URL (after /adm/lti) if it has format /domain/courseID
# (e) from tail of requested URL (after /adm/lti) if it has format /tiny/domain/\w+	# (e) from tail of requested URL (after /adm/lti) if it has format /tiny/domain/\w+
Line 180 sub handler {	Line 205 sub handler {
$mapurl = $tail;	$mapurl = $tail;
} else {	} else {
$symb = $tail;	$symb = $tail;
$symb =~ s{^/+}{};	$symb =~ s{^/}{};
	}
	} elsif ($tail =~ m{^/res/(?:$match_domain)/(?:$match_username)/.+\.(?:sequence\|page)(\|___\d+___.+)$}) {
	if ($1 eq '') {
	$mapurl = $tail;
	} else {
	$symb = $tail;
	$symb =~ s{^/res/}{};
}	}
} elsif ($tail =~ m{^/($match_domain)/($match_courseid)$}) {	} elsif ($tail =~ m{^/($match_domain)/($match_courseid)$}) {
($urlcdom,$urlcnum) = ($1,$2);	($urlcdom,$urlcnum) = ($1,$2);
Line 262 sub handler {	Line 294 sub handler {
$protocol = 'https';	$protocol = 'https';
}	}

	if (exists($params->{'oauth_callback'})) {
	$Net::OAuth::PROTOCOL_VERSION = Net::OAuth::PROTOCOL_VERSION_1_0A;
	} else {
	$Net::OAuth::PROTOCOL_VERSION = Net::OAuth::PROTOCOL_VERSION_1_0;
	}

my ($itemid,$consumer_key,$secret);	my ($itemid,$consumer_key,$secret);
$consumer_key = $params->{'oauth_consumer_key'};	$consumer_key = $params->{'oauth_consumer_key'};
if (ref($lti_by_key{$consumer_key}) eq 'ARRAY') {	if (ref($lti_by_key{$consumer_key}) eq 'ARRAY') {
Line 301 sub handler {	Line 339 sub handler {
}	}

#	#
	# Determine if a username is required from the domain
	# configuration for the specific LTI Consumer
	#

	if (!$lti{$itemid}{'requser'}) {
	if ($tail =~ m{^/tiny/($match_domain)/(\w+)$}) {
	foreach my $key (%{$params}) {
	delete($env{'form.'.$key});
	}
	my $ltoken = &Apache::lonnet::tmpput({'linkprot' => $itemid.':'.$tail},
	$lonhost);
	if ($ltoken) {
	$r->internal_redirect($tail.'?ltoken='.$ltoken);
	$r->set_handlers('PerlHandler'=> undef);
	} else {
	&invalid_request($r,9);
	}
	} else {
	&invalid_request($r,10);
	}
	return OK;
	}

	#
# Determine if source of username matches requirement from the	# Determine if source of username matches requirement from the
# domain configuration for the specific LTI Consumer.	# domain configuration for the specific LTI Consumer.
#	#
Line 329 sub handler {	Line 391 sub handler {
#	#
# (a) from course mapping (if the link between Consumer "course" and	# (a) from course mapping (if the link between Consumer "course" and
# Provider "course" has been established previously).	# Provider "course" has been established previously).
# (b) from tail of requested URL (after /adm/lti) if it has format of a symb	# (b) from tail of requested URL (after /adm/lti/) if it has format of a symb
# (c) from tail of requested URL (after /adm/lti) if it has format of a map	# (c) from tail of requested URL (after /adm/lti) if it has format of a map
# (d) from tail of requested URL (after /adm/lti) if it has format /domain/courseID	# (d) from tail of requested URL (after /adm/lti) if it has format /domain/courseID
# (e) from tail of requested URL (after /adm/lti) if it has format /tiny/domain/\w+	# (e) from tail of requested URL (after /adm/lti) if it has format /tiny/domain/\w+
Line 356 sub handler {	Line 418 sub handler {
if ($consumers{$sourcecrs} =~ /^$match_courseid$/) {	if ($consumers{$sourcecrs} =~ /^$match_courseid$/) {
my $crshome = &Apache::lonnet::homeserver($consumers{$sourcecrs},$cdom);	my $crshome = &Apache::lonnet::homeserver($consumers{$sourcecrs},$cdom);
if ($crshome =~ /(con_lost\|no_host\|no_such_host)/) {	if ($crshome =~ /(con_lost\|no_host\|no_such_host)/) {
&invalid_request($r,9);	&invalid_request($r,11);
return OK;	return OK;
} else {	} else {
$posscnum = $consumers{$sourcecrs};	$posscnum = $consumers{$sourcecrs};
Line 368 sub handler {	Line 430 sub handler {
if ($urlcnum ne '') {	if ($urlcnum ne '') {
if ($posscnum ne '') {	if ($posscnum ne '') {
if ($posscnum ne $urlcnum) {	if ($posscnum ne $urlcnum) {
&invalid_request($r,10);	&invalid_request($r,12);
return OK;	return OK;
} else {	} else {
$cnum = $posscnum;	$cnum = $posscnum;
Line 376 sub handler {	Line 438 sub handler {
} else {	} else {
my $crshome = &Apache::lonnet::homeserver($urlcnum,$cdom);	my $crshome = &Apache::lonnet::homeserver($urlcnum,$cdom);
if ($crshome =~ /(con_lost\|no_host\|no_such_host)/) {	if ($crshome =~ /(con_lost\|no_host\|no_such_host)/) {
&invalid_request($r,11);	&invalid_request($r,13);
return OK;	return OK;
} else {	} else {
$cnum = $urlcnum;	$cnum = $urlcnum;
Line 396 sub handler {	Line 458 sub handler {
#	#

my (@ltiroles,@lcroles);	my (@ltiroles,@lcroles);

my @lcroleorder = ('cc','in','ta','ep','st');	my @lcroleorder = ('cc','in','ta','ep','st');
my @ltiroleorder = ('Instructor','TeachingAssistant','Mentor','Learner');	my ($lcrolesref,$ltirolesref) =
if ($params->{'roles'} =~ /,/) {	&LONCAPA::ltiutils::get_lc_roles($params->{'roles'},
my @possltiroles = split(/\s,\s/,$params->{'role'});	\@lcroleorder,
foreach my $ltirole (@ltiroleorder) {	$lti{$itemid}{maproles});
if (grep(/^\Q$ltirole\E$/,@possltiroles)) {	if (ref($lcrolesref) eq 'ARRAY') {
push(@ltiroles,$ltirole);	@lcroles = @{$lcrolesref};
}
}
} else {
my $singlerole = $params->{'roles'};
$singlerole =~ s/^\s\|\s+$//g;
if (grep(/^\Q$singlerole\E$/,@ltiroleorder)) {
@ltiroles = ($singlerole);
}
}	}
if (@ltiroles) {	if (ref($ltirolesref) eq 'ARRAY') {
if (ref($lti{$itemid}{maproles}) eq 'HASH') {	@ltiroles = @{$ltirolesref};
my %possroles;
map { $possroles{$lti{$itemid}{maproles}{$_}} = 1; } @ltiroles;
if (keys(%possroles) > 0) {
foreach my $item (@lcroleorder) {
if ($possroles{$item}) {
push(@lcroles,$item);
}
}
}
}
}	}

#	#
Line 447 sub handler {	Line 490 sub handler {
}	}
}	}
if ($selfcreate) {	if ($selfcreate) {
my (%rulematch,%inst_results,%curr_rules,%got_rules,%alerts,%info);	my (%rulematch,%inst_results,%curr_rules,%got_rules,%alerts);
my $checkhash = { "$uname:$udom" => { 'newuser' => 1, }, };	my $domdesc = &Apache::lonnet::domain($udom,'description');
my $checks = { 'username' => 1, };	my %data = (
&Apache::loncommon::user_rule_check($checkhash,$checks,\%alerts,\%rulematch,	'permanentemail' => $env{'form.lis_person_contact_email_primary'},
\%inst_results,\%curr_rules,\%got_rules);	'firstname' => $env{'form.lis_person_name_given'},
my ($userchkmsg,$lcauth,$lcauthparm);	'lastname' => $env{'form.lis_person_name_family'},
my $allowed = 1;	'fullname' => $env{'form.lis_person_name_full'},
if (ref($alerts{'username'}) eq 'HASH') {	);
if (ref($alerts{'username'}{$udom}) eq 'HASH') {
my $domdesc =
&Apache::lonnet::domain($udom,'description');
if ($alerts{'username'}{$udom}{$uname}) {
if (ref($curr_rules{$udom}) eq 'HASH') {
$userchkmsg =
&Apache::loncommon::instrule_disallow_msg('username',$domdesc,1).
&Apache::loncommon::user_rule_formats($udom,$domdesc,
$curr_rules{$udom}{'username'},
'username');
}
$allowed = 0;
}
}
}
if ($allowed) {
if (ref($rulematch{$uname.':'.$udom}) eq 'HASH') {
my $matchedrule = $rulematch{$uname.':'.$udom}{'username'};
my ($rules,$ruleorder) =
&Apache::lonnet::inst_userrules($udom,'username');
if (ref($rules) eq 'HASH') {
if (ref($rules->{$matchedrule}) eq 'HASH') {
$lcauth = $rules->{$matchedrule}{'authtype'};
$lcauthparm = $rules->{$matchedrule}{'authparm'};
}
}
}
if ($lcauth eq '') {
$lcauth = $lti{$itemid}{'lcauth'};
$lcauthparm = $lti{$itemid}{'lcauthparm'};
}
} else {
&invalid_request($r,12);
}
my @userinfo = ('firstname','middlename','lastname','generation',
'permanentemail','id');
my %useinstdata;
if (ref($lti{$itemid}{'instdata'}) eq 'ARRAY') {
map { $useinstdata{$_} = 1; } @{$lti{$itemid}{'instdata'}};
}
foreach my $item (@userinfo) {
if (($useinstdata{$item}) && (ref($inst_results{$uname.':'.$udom}) eq 'HASH') &&
($inst_results{$uname.':'.$udom}{$item} ne '')) {
$info{$item} = $inst_results{$uname.':'.$udom}{$item};
} else {
if ($item eq 'permanentemail') {
if ($env{'form.lis_person_contact_email_primary'} =~/^[^\@]+\@[^@]+$/) {
$info{$item} = $env{'form.lis_person_contact_email_primary'};
}
} elsif ($item eq 'firstname') {
$info{$item} = $env{'form.lis_person_name_given'};
} elsif ($item eq 'lastname') {
$info{$item} = $env{'form.lis_person_name_family'};
}
}
}
if (($info{'middlename'} eq '') && ($env{'form.lis_person_name_full'} ne '')) {
unless ($useinstdata{'middlename'}) {
my $fullname = $env{'form.lis_person_name_full'};
if ($info{'firstname'}) {
$fullname =~ s/^\s\Q$info{'firstname'}\E\s//i;
}
if ($info{'lastname'}) {
$fullname =~ s/\s\Q$info{'lastname'}\E\s$//i;
}
if ($fullname ne '') {
$fullname =~ s/^\s+\|\s+$//g;
if ($fullname ne '') {
$info{'middlename'} = $fullname;
}
}
}
}
if (ref($inst_results{$uname.':'.$udom}{'inststatus'}) eq 'ARRAY') {
my @inststatuses = @{$inst_results{$uname.':'.$udom}{'inststatus'}};
$info{'inststatus'} = join(':',map { &escape($_); } @inststatuses);
}
my $result =	my $result =
&Apache::lonnet::modifyuser($udom,$uname,$info{'id'},	&LONCAPA::ltiutils::create_user($lti{$itemid},$uname,$udom,
$lcauth,$lcauthparm,$info{'firstname'},	$domdesc,\%data,\%alerts,\%rulematch,
$info{'middlename'},$info{'lastname'},	\%inst_results,\%curr_rules,%got_rules);
$info{'generation'},undef,undef,	if ($result eq 'notallowed') {
$info{'permanentemail'},$info{'inststatus'});	&invalid_request($r,14);
if ($result eq 'ok') {	} elsif ($result eq 'ok') {
if (($ltiroles[0] eq 'Instructor') && ($lcroles[0] eq 'cc') && ($lti{$itemid}{'mapcrs'}) &&	if (($ltiroles[0] eq 'Instructor') && ($lcroles[0] eq 'cc') && ($lti{$itemid}{'mapcrs'}) &&
($lti{$itemid}{'makecrs'})) {	($lti{$itemid}{'makecrs'})) {
unless (&Apache::lonnet::usertools_access($uname,$udom,'lti','reload','requestcourses')) {	unless (&Apache::lonnet::usertools_access($uname,$udom,'lti','reload','requestcourses')) {
&Apache::lonnet::put('environment',{ 'requestcourses.lti' => 1, },$udom,$uname);	&Apache::lonnet::put('environment',{ 'requestcourses.lti' => 'autolimit=', },$udom,$uname);
}	}
}	}
} else {	} else {
&invalid_request($r,13);	&invalid_request($r,15);
return OK;	return OK;
}	}
} else {	} else {
&invalid_request($r,14);	&invalid_request($r,16);
return OK;	return OK;
}	}
}	}
} else {	} else {
&invalid_request($r,15);	&invalid_request($r,17);
return OK;	return OK;
}	}

Line 577 sub handler {	Line 543 sub handler {
$symb,$cdom,$cnum,$params,\@ltiroles,$lti{$itemid},\@lcroles,	$symb,$cdom,$cnum,$params,\@ltiroles,$lti{$itemid},\@lcroles,
$reqcrs,$sourcecrs);	$reqcrs,$sourcecrs);
} else {	} else {
&invalid_request($r,16);	&invalid_request($r,18);
}	}
} else {	} else {
&invalid_request($r,17);	&invalid_request($r,19);
}	}
return OK;	return OK;
}	}
Line 666 sub handler {	Line 632 sub handler {
}	}
}	}
if ($reqrole eq '') {	if ($reqrole eq '') {
&invalid_request($r,18);	&invalid_request($r,20);
return OK;	return OK;
} else {	} else {
unless (%crsenv) {	unless (%crsenv) {
Line 676 sub handler {	Line 642 sub handler {
my $default_enrollment_end_date = $crsenv{'default_enrollment_end_date'};	my $default_enrollment_end_date = $crsenv{'default_enrollment_end_date'};
my $now = time;	my $now = time;
if ($default_enrollment_end_date && $default_enrollment_end_date <= $now) {	if ($default_enrollment_end_date && $default_enrollment_end_date <= $now) {
&invalid_request($r,19);	&invalid_request($r,21);
return OK;	return OK;
} elsif ($default_enrollment_start_date && $default_enrollment_start_date >$now) {	} elsif ($default_enrollment_start_date && $default_enrollment_start_date >$now) {
&invalid_request($r,20);	&invalid_request($r,22);
return OK;	return OK;
} else {	} else {
$selfenrollrole = $reqrole.'./'.$cdom.'/'.$cnum;	$selfenrollrole = $reqrole.'./'.$cdom.'/'.$cnum;
Line 721 sub lti_enroll {	Line 687 sub lti_enroll {
my %coursehash = &Apache::lonnet::coursedescription($cdom.'_'.$cnum);	my %coursehash = &Apache::lonnet::coursedescription($cdom.'_'.$cnum);
my $start = $coursehash{'default_enrollment_start_date'};	my $start = $coursehash{'default_enrollment_start_date'};
my $end = $coursehash{'default_enrollment_end_date'};	my $end = $coursehash{'default_enrollment_end_date'};
my $area = "/$cdom/$cnum";	$enrollresult = &LONCAPA::ltiutils::enrolluser($udom,$uname,$role,$cdom,$cnum,$sec,
if (($role ne 'cc') && ($role ne 'co') && ($sec ne '')) {	$start,$end,1);
$area .= '/'.$sec;
}
my $spec = $role.'.'.$area;
my $instcid;
if ($role eq 'st') {
$enrollresult =
&Apache::lonnet::modify_student_enrollment($udom,$uname,undef,undef,undef,
undef,undef,$sec,$end,$start,
'ltienroll',undef,$cdom.'_'.$cnum,1,
'ltienroll','',$instcid);
} elsif ($role =~ /^(cc\|in\|ta\|ep)$/) {
$enrollresult =
&Apache::lonnet::assignrole($udom,$uname,$area,$role,$end,$start,
undef,1,'ltienroll');
}
if ($enrollresult eq 'ok') {
my (%userroles,%newrole,%newgroups);
&Apache::lonnet::standard_roleprivs(\%newrole,$role,$cdom,$spec,$cnum,
$area);
&Apache::lonnet::set_userprivs(\%userroles,\%newrole,\%newgroups);
$userroles{'user.role.'.$spec} = $start.'.'.$end;
&Apache::lonnet::appenv(\%userroles,[$role,'cm']);
}
}	}
}	}
return $enrollresult;	return $enrollresult;
Line 806 sub lti_session {	Line 749 sub lti_session {
}	}
}	}
}	}
	my $protocol = 'http';
	if ($ENV{'SERVER_PORT'} == 443) {
	$protocol = 'https';
	}
if (($is_balancer) && (!$hosthere)) {	if (($is_balancer) && (!$hosthere)) {
# login but immediately go to switch server.	# login but immediately go to switch server.
&Apache::lonauth::success($r,$uname,$udom,$uhome,'noredirect');	&Apache::lonauth::success($r,$uname,$udom,$uhome,'noredirect');
	if (($ltihash->{'callback'}) && ($params->{$ltihash->{'callback'}})) {
	&LONCAPA::ltiutils::setup_logout_callback($uname,$udom,$otherserver,
	$ltihash->{'key'},
	$ltihash->{'secret'},
	$params->{$ltihash->{'callback'}},
	$r->dir_config('ltiIDsDir'),
	$protocol,$r->hostname);
	}
if ($symb) {	if ($symb) {
$env{'form.symb'} = $symb;	$env{'form.symb'} = $symb;
	$env{'request.lti.uri'} = $tail;
} else {	} else {
if ($mapurl) {	if ($mapurl) {
$env{'form.origurl'} = $mapurl;	$env{'form.origurl'} = $mapurl;
	$env{'request.lti.uri'} = $mapurl;
} elsif ($tail =~ m{^\Q/tiny/$cdom/\E\w+$}) {	} elsif ($tail =~ m{^\Q/tiny/$cdom/\E\w+$}) {
$env{'form.origurl'} = $tail;	$env{'form.origurl'} = $tail;
	$env{'request.lti.uri'} = $tail;
	} elsif ($tail eq "/$cdom/$cnum") {
	$env{'form.origurl'} = '/adm/navmaps';
	$env{'request.lti.uri'} = $tail;
} else {	} else {
unless ($tail eq '/adm/roles') {	unless ($tail eq '/adm/roles') {
$env{'form.origurl'} = '/adm/navmaps';	$env{'form.origurl'} = '/adm/navmaps';
Line 831 sub lti_session {	Line 792 sub lti_session {
$env{'request.lti.sourcecrs'} = $sourcecrs;	$env{'request.lti.sourcecrs'} = $sourcecrs;
}	}
if ($selfenrollrole) {	if ($selfenrollrole) {
$env{'request.lti.selfenroll'} = $selfenrollrole;	$env{'request.lti.selfenrollrole'} = $selfenrollrole;
$env{'request.lti.sourcecrs'} = $sourcecrs;	$env{'request.lti.sourcecrs'} = $sourcecrs;
}	}
if ($ltihash->{'passback'}) {	if ($ltihash->{'passback'}) {
Line 850 sub lti_session {	Line 811 sub lti_session {
$env{'request.lti.rosterurl'} = $params->{'ext_ims_lis_memberships_url'};	$env{'request.lti.rosterurl'} = $params->{'ext_ims_lis_memberships_url'};
}	}
}	}
$env{'request.lti.login'} = 1;	$env{'request.lti.login'} = $itemid;
	if ($params->{'launch_presentation_document_target'}) {
	$env{'request.lti.target'} = $params->{'launch_presentation_document_target'};
	}
foreach my $key (%{$params}) {	foreach my $key (%{$params}) {
delete($env{'form.'.$key});	delete($env{'form.'.$key});
}	}
Line 866 sub lti_session {	Line 830 sub lti_session {
foreach my $key (%{$params}) {	foreach my $key (%{$params}) {
delete($env{'form.'.$key});	delete($env{'form.'.$key});
}	}
	if (($ltihash->{'callback'}) && ($params->{$ltihash->{'callback'}})) {
	&LONCAPA::ltiutils::setup_logout_callback($uname,$udom,$lonhost,
	$ltihash->{'key'},
	$ltihash->{'secret'},
	$params->{$ltihash->{'callback'}},
	$r->dir_config('ltiIDsDir'),
	$protocol,$r->hostname);
	}
my $ip = $r->get_remote_host();	my $ip = $r->get_remote_host();
my %info=('ip' => $ip,	my %info=('ip' => $ip,
'domain' => $udom,	'domain' => $udom,
'username' => $uname,	'username' => $uname,
'server' => $lonhost,	'server' => $lonhost,
'lti.login' => 1,	'lti.login' => $itemid,
	'lti.uri' => $tail,
);	);
if ($role) {	if ($role) {
$info{'role'} = $role;	$info{'role'} = $role;
Line 903 sub lti_session {	Line 876 sub lti_session {
$info{'lti.rosterurl'} = $params->{'ext_ims_lis_memberships_url'};	$info{'lti.rosterurl'} = $params->{'ext_ims_lis_memberships_url'};
}	}
}	}
	if ($params->{'launch_presentation_document_target'}) {
	$info{'lti.target'} = $params->{'launch_presentation_document_target'};
	}

unless ($info{'symb'}) {	unless ($info{'symb'}) {
if ($mapurl) {	if ($mapurl) {
$info{'origurl'} = $mapurl;	$info{'origurl'} = $mapurl;
Line 934 sub invalid_request {	Line 911 sub invalid_request {
}	}
&Apache::lonlocal::get_language_handle($r);	&Apache::lonlocal::get_language_handle($r);
$r->print(	$r->print(
&Apache::loncommon::start_page('Invalid LTI call').	&Apache::loncommon::start_page('Invalid LTI call','',{ 'only_body' => 1,}).
&mt('Invalid LTI call [_1]',$num).	&mt('Invalid LTI call [_1]',$num).
&Apache::loncommon::end_page());	&Apache::loncommon::end_page());
return;	return;

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.6
changed lines
	Added in v.1.19