Return to ltiauth.pm CVS log

Up to [LON-CAPA] / loncom / lti

Diff for /loncom/lti/ltiauth.pm between versions 1.14 and 1.29

version 1.14, 2018/05/30 18:06:13	version 1.29, 2022/02/01 19:54:36
Line 42 use LONCAPA::ltiutils;	Line 42 use LONCAPA::ltiutils;
sub handler {	sub handler {
my $r = shift;	my $r = shift;
my $requri = $r->uri;	my $requri = $r->uri;
	my $hostname = $r->hostname;
#	#
# Check for existing session, and temporarily delete any form items	# Check for existing session, and temporarily delete any form items
# in %env, if session exists	# in %env, if session exists
Line 57 sub handler {	Line 58 sub handler {
}	}
}	}
#	#
# Retrieve data POSTed by LTI Consumer on launch	# Retrieve data POSTed by LTI launch
#	#
&Apache::lonacc::get_posted_cgi($r);	&Apache::lonacc::get_posted_cgi($r);
my $params = {};	my $params = {};
Line 67 sub handler {	Line 68 sub handler {
}	}
}	}
#	#
# Check for existing session, and restored temporarily	# Check for existing session, and restore temporarily
# deleted form items to %env, if session exists.	# deleted form items to %env, if session exists.
#	#
if ($handle ne '') {	if ($handle ne '') {
Line 97 sub handler {	Line 98 sub handler {
# Retrieve "internet domains" for all this institution's LON-CAPA	# Retrieve "internet domains" for all this institution's LON-CAPA
# nodes.	# nodes.
#	#
my ($udom,$uname,$uhome,$cdom,$cnum,$symb,$mapurl,@intdoms);	my @intdoms;
my $lonhost = $r->dir_config('lonHostID');	my $lonhost = $r->dir_config('lonHostID');
my $internet_names = &Apache::lonnet::get_internet_names($lonhost);	my $internet_names = &Apache::lonnet::get_internet_names($lonhost);
if (ref($internet_names) eq 'ARRAY') {	if (ref($internet_names) eq 'ARRAY') {
@intdoms = @{$internet_names};	@intdoms = @{$internet_names};
}	}
	#
	# Determine course's domain in LON-CAPA
	# for basic launch using key and secret managed
	# in LON-CAPA course (i.e., uri begins /adm/launch)
	#

	my ($cdom,$cnum);

	# Note: "internet domain" for course's domain must be one of the
	# internet domains for the institution's LON-CAPA servers.
	#
	if ($requri =~ m{^/adm/launch(\|/.*)$}) {
	my $tail = $1;
	if ($tail =~ m{^/tiny/($match_domain)/(\w+)$}) {
	my ($urlcdom,$urlcnum) = &course_from_tinyurl($tail);
	if (($urlcdom ne '') && ($urlcnum ne '')) {
	$cdom = $urlcdom;
	$cnum = $urlcnum;
	my $primary_id = &Apache::lonnet::domain($cdom,'primary');
	if ($primary_id ne '') {
	my $intdom = &Apache::lonnet::internet_dom($primary_id);
	if (($intdom ne '') && (grep(/^\Q$intdom\E$/,@intdoms))) {
	#
	# Retrieve information for LTI link protectors in course
	# where url was /adm/launch/tiny/$cdom/$uniqueid
	#
	my (%crslti,%crslti_by_key,$itemid,$ltitype);
	%crslti = &Apache::lonnet::get_course_lti($cnum,$cdom,'provider');
	if (keys(%crslti)) {
	foreach my $id (keys(%crslti)) {
	if (ref($crslti{$id}) eq 'HASH') {
	my $key = $crslti{$id}{'key'};
	push(@{$crslti_by_key{$key}},$id);
	}
	}
	}
	#
	# Verify the signed request using the secret for LTI link
	# protectors for which the key in the POSTed data matches
	# keys in the course configuration.
	#
	# Request is invalid if the signed request could not be verified
	# for the key and secret from LON-CAPA course configuration for
	# LTI link protectors or from LON-CAPA configuration for the
	# course's domain if there are LTI Providers which may be used.
	#
	# Determine if nonce in POSTed data has expired.
	# If unexpired, confirm it has not already been used.
	#
	if (keys(%crslti)) {
	$itemid = &get_lti_itemid($requri,$hostname,$params,\%crslti,\%crslti_by_key);
	}
	if (($itemid) && (ref($crslti{$itemid}) eq 'HASH')) {
	$ltitype = 'c';
	unless (&LONCAPA::ltiutils::check_nonce($params->{'oauth_nonce'},$params->{'oauth_timestamp'},
	$crslti{$itemid}{'lifetime'},$cdom,$r->dir_config('lonLTIDir'))) {
	&invalid_request($r,3);
	return OK;
	}
	} else {
	my %lti = &Apache::lonnet::get_domain_lti($cdom,'provider');
	unless (keys(%lti) > 0) {
	&invalid_request($r,4);
	return OK;
	}
	my (%domlti_by_key,%domlti);
	foreach my $id (keys(%lti)) {
	if (ref($lti{$id}) eq 'HASH') {
	my $key = $lti{$id}{'key'};
	if (!$lti{$itemid}{'requser'}) {
	push(@{$domlti_by_key{$key}},$id);
	$domlti{$id} = $lti{$id};
	}
	}
	}
	if (keys(%domlti)) {
	$itemid = &get_lti_itemid($requri,$hostname,$params,\%domlti,\%domlti_by_key);
	}
	if (($itemid) && (ref($domlti{$itemid}) eq 'HASH')) {
	$ltitype = 'd';
	unless (&LONCAPA::ltiutils::check_nonce($params->{'oauth_nonce'},$params->{'oauth_timestamp'},
	$domlti{$itemid}{'lifetime'},$cdom,
	$r->dir_config('lonLTIDir'))) {
	&invalid_request($r,5);
	return OK;
	}
	}
	}
	if ($itemid) {
	foreach my $key (%{$params}) {
	delete($env{'form.'.$key});
	}
	my $ltoken = &Apache::lonnet::tmpput({'linkprot' => $itemid.$ltitype.':'.$tail},
	$lonhost,'link');
	if ($ltoken) {
	$r->internal_redirect($tail.'?ltoken='.$ltoken);
	$r->set_handlers('PerlHandler'=> undef);
	} else {
	&invalid_request($r,6);
	}
	} else {
	&invalid_request($r,7);
	}
	} else {
	&invalid_request($r,8);
	}
	} else {
	&invalid_request($r,9);
	}
	} else {
	&invalid_request($r,10);
	}
	} else {
	&invalid_request($r,11);
	}
	return OK;
	}

	my ($udom,$uname,$uhome,$symb,$mapurl);

#	#
# For user who launched LTI in Consumer, determine user's domain in	# For user who launched LTI in Consumer, determine user's domain in
Line 198 sub handler {	Line 318 sub handler {
if ($tail =~ m{^/uploaded/($match_domain)/($match_courseid)/(?:default\|supplemental)(?:\|_\d+)\.(?:sequence\|page)(\|___\d+___.+)$}) {	if ($tail =~ m{^/uploaded/($match_domain)/($match_courseid)/(?:default\|supplemental)(?:\|_\d+)\.(?:sequence\|page)(\|___\d+___.+)$}) {
($urlcdom,$urlcnum,my $rest) = ($1,$2,$3);	($urlcdom,$urlcnum,my $rest) = ($1,$2,$3);
if (($cdom ne '') && ($cdom ne $urlcdom)) {	if (($cdom ne '') && ($cdom ne $urlcdom)) {
&invalid_request($r,3);	&invalid_request($r,12);
return OK;	return OK;
}	}
if ($rest eq '') {	if ($rest eq '') {
$mapurl = $tail;	$mapurl = $tail;
} else {	} else {
$symb = $tail;	$symb = $tail;
$symb =~ s{^/+}{};	$symb =~ s{^/}{};
}	}
} elsif ($tail =~ m{^/res/(?:$match_domain)/(?:$match_username)/.+\.(?:sequence\|page)(\|___\d+___.+)$}) {	} elsif ($tail =~ m{^/res/(?:$match_domain)/(?:$match_username)/.+\.(?:sequence\|page)(\|___\d+___.+)$}) {
if ($1 eq '') {	if ($1 eq '') {
$mapurl = $tail;	$mapurl = $tail;
} else {	} else {
$symb = $tail;	$symb = $tail;
$symb =~ s{^/+}{};	$symb =~ s{^/res/}{};
}	}
} elsif ($tail =~ m{^/($match_domain)/($match_courseid)$}) {	} elsif ($tail =~ m{^/($match_domain)/($match_courseid)$}) {
($urlcdom,$urlcnum) = ($1,$2);	($urlcdom,$urlcnum) = ($1,$2);
if (($cdom ne '') && ($cdom ne $urlcdom)) {	if (($cdom ne '') && ($cdom ne $urlcdom)) {
&invalid_request($r,4);	&invalid_request($r,13);
return OK;	return OK;
}	}
} elsif ($tail =~ m{^/tiny/($match_domain)/(\w+)$}) {	} elsif ($tail =~ m{^/tiny/($match_domain)/(\w+)$}) {
($urlcdom,my $key) = ($1,$2);	($urlcdom,$urlcnum) = &course_from_tinyurl($tail);
if (($cdom ne '') && ($cdom ne $urlcdom)) {	if (($urlcdom eq '') \|\| ($urlcnum eq '')) {
&invalid_request($r,5);	&invalid_request($r,14);
return OK;	return OK;
}	}
my $tinyurl;
my ($result,$cached)=&Apache::lonnet::is_cached_new('tiny',$urlcdom."\0".$key);
if (defined($cached)) {
$tinyurl = $result;
} else {
my $configuname = &Apache::lonnet::get_domainconfiguser($urlcdom);
my %currtiny = &Apache::lonnet::get('tiny',[$key],$urlcdom,$configuname);
if ($currtiny{$key} ne '') {
$tinyurl = $currtiny{$key};
&Apache::lonnet::do_cache_new('tiny',$urlcdom."\0".$key,$currtiny{$key},600);
}
}
if ($tinyurl ne '') {
$urlcnum = (split(/\&/,$tinyurl))[0];
}
}	}
if (($cdom eq '') && ($urlcdom ne '')) {	if (($cdom eq '') && ($urlcdom ne '')) {
my $cprimary_id = &Apache::lonnet::domain($urlcdom,'primary');	my $cprimary_id = &Apache::lonnet::domain($urlcdom,'primary');
Line 263 sub handler {	Line 368 sub handler {
}	}

#	#
# Retrieve information for LTI Consumers in course domain	# Retrieve information for LTI Consumers in course's domain
# and populate hash -- %lti_by_key -- for which keys	# and populate hash -- %lti_by_key -- for which keys
# are those defined in domain configuration for LTI.	# are those defined in domain configuration for LTI.
#	#

my %lti = &Apache::lonnet::get_domain_lti($cdom,'provider');	my %lti = &Apache::lonnet::get_domain_lti($cdom,'provider');
unless (keys(%lti) > 0) {	unless (keys(%lti) > 0) {
&invalid_request($r,6);	&invalid_request($r,15);
return OK;	return OK;
}	}
my %lti_by_key;	my %lti_by_key;
Line 286 sub handler {	Line 391 sub handler {
#	#
# Verify the signed request using the secret for those	# Verify the signed request using the secret for those
# Consumers for which the key in the POSTed data matches	# Consumers for which the key in the POSTed data matches
# keys in the domain configuration for LTI.	# keys in the course configuration or the domain configuration
	# for LTI.
#	#
my $hostname = $r->hostname;
my $protocol = 'http';
if ($ENV{'SERVER_PORT'} == 443) {
$protocol = 'https';
}

if (exists($params->{'oauth_callback'})) {
$Net::OAuth::PROTOCOL_VERSION = Net::OAuth::PROTOCOL_VERSION_1_0A;
} else {
$Net::OAuth::PROTOCOL_VERSION = Net::OAuth::PROTOCOL_VERSION_1_0;
}

my ($itemid,$consumer_key,$secret);	my $itemid = &get_lti_itemid($requri,$hostname,$params,\%lti,\%lti_by_key);
$consumer_key = $params->{'oauth_consumer_key'};
if (ref($lti_by_key{$consumer_key}) eq 'ARRAY') {
foreach my $id (@{$lti_by_key{$consumer_key}}) {
if (ref($lti{$id}) eq 'HASH') {
$secret = $lti{$id}{'secret'};
my $request = Net::OAuth->request('request token')->from_hash($params,
request_url => $protocol.'://'.$hostname.$requri,
request_method => $env{'request.method'},
consumer_secret => $secret,);
if ($request->verify()) {
$itemid = $id;
last;
}
}
}
}

#	#
# Request is invalid if the signed request could not be verified	# Request is invalid if the signed request could not be verified
Line 324 sub handler {	Line 403 sub handler {
# configuration in LON-CAPA for that LTI Consumer.	# configuration in LON-CAPA for that LTI Consumer.
#	#
unless (($itemid) && (ref($lti{$itemid}) eq 'HASH')) {	unless (($itemid) && (ref($lti{$itemid}) eq 'HASH')) {
&invalid_request($r,7);	&invalid_request($r,16);
return OK;	return OK;
}	}

Line 334 sub handler {	Line 413 sub handler {
#	#
unless (&LONCAPA::ltiutils::check_nonce($params->{'oauth_nonce'},$params->{'oauth_timestamp'},	unless (&LONCAPA::ltiutils::check_nonce($params->{'oauth_nonce'},$params->{'oauth_timestamp'},
$lti{$itemid}{'lifetime'},$cdom,$r->dir_config('lonLTIDir'))) {	$lti{$itemid}{'lifetime'},$cdom,$r->dir_config('lonLTIDir'))) {
&invalid_request($r,8);	&invalid_request($r,17);
	return OK;
	}

	#
	# Determine if a username is required from the domain
	# configuration for the specific LTI Consumer
	#

	if (!$lti{$itemid}{'requser'}) {
	if ($tail =~ m{^/tiny/($match_domain)/(\w+)$}) {
	my $ltitype = 'd';
	foreach my $key (%{$params}) {
	delete($env{'form.'.$key});
	}
	my $ltoken = &Apache::lonnet::tmpput({'linkprot' => $itemid.$ltitype.':'.$tail},
	$lonhost);
	if ($ltoken) {
	$r->internal_redirect($tail.'?ltoken='.$ltoken);
	$r->set_handlers('PerlHandler'=> undef);
	} else {
	&invalid_request($r,18);
	}
	} else {
	&invalid_request($r,19);
	}
return OK;	return OK;
}	}

Line 391 sub handler {	Line 495 sub handler {
if ($sourcecrs ne '') {	if ($sourcecrs ne '') {
%consumers = &Apache::lonnet::get_dom('lticonsumers',[$sourcecrs],$cdom);	%consumers = &Apache::lonnet::get_dom('lticonsumers',[$sourcecrs],$cdom);
if (exists($consumers{$sourcecrs})) {	if (exists($consumers{$sourcecrs})) {
if ($consumers{$sourcecrs} =~ /^$match_courseid$/) {	if ($consumers{$sourcecrs} =~ /^\Q$itemid:\E($match_courseid)$/) {
my $crshome = &Apache::lonnet::homeserver($consumers{$sourcecrs},$cdom);	my $storedcnum = $1;
	my $crshome = &Apache::lonnet::homeserver($storedcnum,$cdom);
if ($crshome =~ /(con_lost\|no_host\|no_such_host)/) {	if ($crshome =~ /(con_lost\|no_host\|no_such_host)/) {
&invalid_request($r,9);	&invalid_request($r,20);
return OK;	return OK;
} else {	} else {
$posscnum = $consumers{$sourcecrs};	$posscnum = $storedcnum;
}	}
}	}
}	}
Line 406 sub handler {	Line 511 sub handler {
if ($urlcnum ne '') {	if ($urlcnum ne '') {
if ($posscnum ne '') {	if ($posscnum ne '') {
if ($posscnum ne $urlcnum) {	if ($posscnum ne $urlcnum) {
&invalid_request($r,10);	&invalid_request($r,21);
return OK;	return OK;
} else {	} else {
$cnum = $posscnum;	$cnum = $posscnum;
Line 414 sub handler {	Line 519 sub handler {
} else {	} else {
my $crshome = &Apache::lonnet::homeserver($urlcnum,$cdom);	my $crshome = &Apache::lonnet::homeserver($urlcnum,$cdom);
if ($crshome =~ /(con_lost\|no_host\|no_such_host)/) {	if ($crshome =~ /(con_lost\|no_host\|no_such_host)/) {
&invalid_request($r,11);	&invalid_request($r,22);
return OK;	return OK;
} else {	} else {
$cnum = $urlcnum;	$cnum = $urlcnum;
Line 435 sub handler {	Line 540 sub handler {

my (@ltiroles,@lcroles);	my (@ltiroles,@lcroles);
my @lcroleorder = ('cc','in','ta','ep','st');	my @lcroleorder = ('cc','in','ta','ep','st');
my ($lcrolesref,$ltirolesref) = &LONCAPA::ltiutils::get_lc_roles($params->{'roles'},	my ($lcrolesref,$ltirolesref) =
\@lcroleorder,	&LONCAPA::ltiutils::get_lc_roles($params->{'roles'},
$lti{$itemid}{maproles});	\@lcroleorder,
	$lti{$itemid}{maproles});
if (ref($lcrolesref) eq 'ARRAY') {	if (ref($lcrolesref) eq 'ARRAY') {
@lcroles = @{$lcrolesref};	@lcroles = @{$lcrolesref};
}	}
Line 478 sub handler {	Line 584 sub handler {
$domdesc,\%data,\%alerts,\%rulematch,	$domdesc,\%data,\%alerts,\%rulematch,
\%inst_results,\%curr_rules,%got_rules);	\%inst_results,\%curr_rules,%got_rules);
if ($result eq 'notallowed') {	if ($result eq 'notallowed') {
&invalid_request($r,12);	&invalid_request($r,23);
} elsif ($result eq 'ok') {	} elsif ($result eq 'ok') {
if (($ltiroles[0] eq 'Instructor') && ($lcroles[0] eq 'cc') && ($lti{$itemid}{'mapcrs'}) &&	if (($ltiroles[0] eq 'Instructor') && ($lcroles[0] eq 'cc') && ($lti{$itemid}{'mapcrs'}) &&
($lti{$itemid}{'makecrs'})) {	($lti{$itemid}{'makecrs'})) {
Line 487 sub handler {	Line 593 sub handler {
}	}
}	}
} else {	} else {
&invalid_request($r,13);	&invalid_request($r,24);
return OK;	return OK;
}	}
} else {	} else {
&invalid_request($r,14);	&invalid_request($r,25);
return OK;	return OK;
}	}
}	}
} else {	} else {
&invalid_request($r,15);	&invalid_request($r,26);
return OK;	return OK;
}	}

Line 508 sub handler {	Line 614 sub handler {

my $reqcrs;	my $reqcrs;
if ($cnum eq '') {	if ($cnum eq '') {
if ((@ltiroles) && ($lti{$itemid}{'mapcrs'}) &&	if ($lti{$itemid}{'crsinc'}) {
($ltiroles[0] eq 'Instructor') && ($lcroles[0] eq 'cc') && ($lti{$itemid}{'makecrs'})) {	if ((@ltiroles) && ($lti{$itemid}{'mapcrs'}) &&
my (%can_request,%request_domains);	($ltiroles[0] eq 'Instructor') && ($lcroles[0] eq 'cc') && ($lti{$itemid}{'makecrs'})) {
&Apache::lonnet::check_can_request($cdom,\%can_request,\%request_domains,$uname,$udom);	my (%can_request,%request_domains);
if ($can_request{'lti'}) {	&Apache::lonnet::check_can_request($cdom,\%can_request,\%request_domains,$uname,$udom);
$reqcrs = 1;	if ($can_request{'lti'}) {
&lti_session($r,$itemid,$uname,$udom,$uhome,$lonhost,undef,$mapurl,$tail,	$reqcrs = 1;
$symb,$cdom,$cnum,$params,\@ltiroles,$lti{$itemid},\@lcroles,	&lti_session($r,$itemid,$uname,$udom,$uhome,$lonhost,undef,$mapurl,$tail,
$reqcrs,$sourcecrs);	$symb,$cdom,$cnum,$params,\@ltiroles,$lti{$itemid},\@lcroles,
	$reqcrs,$sourcecrs);
	} else {
	&invalid_request($r,27);
	}
} else {	} else {
&invalid_request($r,16);	&invalid_request($r,28);
}	}
} else {	} else {
&invalid_request($r,17);	&lti_session($r,$itemid,$uname,$udom,$uhome,$lonhost,undef,$mapurl,$tail,
	$symb,$cdom,$cnum,$params,\@ltiroles,$lti{$itemid},\@lcroles,
	$reqcrs,$sourcecrs);
}	}
return OK;	return OK;
}	}
Line 529 sub handler {	Line 641 sub handler {
#	#
# If LON-CAPA course is a Community, and LON-CAPA role	# If LON-CAPA course is a Community, and LON-CAPA role
# indicated is cc, change role indicated to co.	# indicated is cc, change role indicated to co.
#	#

my %crsenv;	my %crsenv;
if ($lcroles[0] eq 'cc') {	if ($lcroles[0] eq 'cc') {
Line 607 sub handler {	Line 719 sub handler {
}	}
}	}
if ($reqrole eq '') {	if ($reqrole eq '') {
&invalid_request($r,18);	&invalid_request($r,29);
return OK;	return OK;
} else {	} else {
unless (%crsenv) {	unless (%crsenv) {
Line 617 sub handler {	Line 729 sub handler {
my $default_enrollment_end_date = $crsenv{'default_enrollment_end_date'};	my $default_enrollment_end_date = $crsenv{'default_enrollment_end_date'};
my $now = time;	my $now = time;
if ($default_enrollment_end_date && $default_enrollment_end_date <= $now) {	if ($default_enrollment_end_date && $default_enrollment_end_date <= $now) {
&invalid_request($r,19);	&invalid_request($r,30);
return OK;	return OK;
} elsif ($default_enrollment_start_date && $default_enrollment_start_date >$now) {	} elsif ($default_enrollment_start_date && $default_enrollment_start_date >$now) {
&invalid_request($r,20);	&invalid_request($r,31);
return OK;	return OK;
} else {	} else {
$selfenrollrole = $reqrole.'./'.$cdom.'/'.$cnum;	$selfenrollrole = $reqrole.'./'.$cdom.'/'.$cnum;
Line 634 sub handler {	Line 746 sub handler {
}	}

#	#
# Store consumer-to-LON-CAPA course mapping	# Retrieve course type of LON-CAPA course to check if mapping from a Consumer
	# course identifier permitted for this type of course (one of: official,
	# unofficial, community, textbook, placement or lti.
	#

	unless (%crsenv) {
	%crsenv = &Apache::lonnet::coursedescription($cdom.'_'.$cnum);
	}
	my $crstype = lc($crsenv{'type'});
	if ($crstype eq '') {
	$crstype = 'course';
	}
	if ($crstype eq 'course') {
	if ($crsenv{'internal.coursecode'}) {
	$crstype = 'official';
	} elsif ($crsenv{'internal.textbook'}) {
	$crstype = 'textbook';
	} elsif ($crsenv{'internal.lti'}) {
	$crstype = 'lti';
	} else {
	$crstype = 'unofficial';
	}
	}

	#
	# Store consumer-to-LON-CAPA course mapping if permitted
#	#

if (($sourcecrs ne '') && ($consumers{$sourcecrs} eq '') && ($cnum ne '')) {	if (($lti{$itemid}{'storecrs'}) && ($sourcecrs ne '') &&
&Apache::lonnet::put_dom('lticonsumers',{ $sourcecrs => $cnum },$cdom);	($consumers{$sourcecrs} eq '') && ($cnum ne '')) {
	if (ref($lti{$itemid}{'mapcrstype'}) eq 'ARRAY') {
	if (grep(/^$crstype$/,@{$lti{$itemid}{'mapcrstype'}})) {
	&Apache::lonnet::put_dom('lticonsumers',{ $sourcecrs => $itemid.':'.$cnum },$cdom);
	}
	}
}	}

#	#
Line 651 sub handler {	Line 793 sub handler {
return OK;	return OK;
}	}

	sub get_lti_itemid {
	my ($requri,$hostname,$params,$lti,$lti_by_key) = @_;
	return unless ((ref($params) eq 'HASH') && (ref($lti) eq 'HASH') && (ref($lti_by_key) eq 'HASH'));

	if (exists($params->{'oauth_callback'})) {
	$Net::OAuth::PROTOCOL_VERSION = Net::OAuth::PROTOCOL_VERSION_1_0A;
	} else {
	$Net::OAuth::PROTOCOL_VERSION = Net::OAuth::PROTOCOL_VERSION_1_0;
	}

	my $protocol = 'http';
	if ($ENV{'SERVER_PORT'} == 443) {
	$protocol = 'https';
	}

	my ($itemid,$consumer_key,$secret);
	my $consumer_key = $params->{'oauth_consumer_key'};
	if (ref($lti_by_key->{$consumer_key}) eq 'ARRAY') {
	foreach my $id (@{$lti_by_key->{$consumer_key}}) {
	if (ref($lti->{$id}) eq 'HASH') {
	$secret = $lti->{$id}{'secret'};
	my $request = Net::OAuth->request('request token')->from_hash($params,
	request_url => $protocol.'://'.$hostname.$requri,
	request_method => $env{'request.method'},
	consumer_secret => $secret,);
	if ($request->verify()) {
	$itemid = $id;
	last;
	}
	}
	}
	}
	return $itemid;
	}

sub lti_enroll {	sub lti_enroll {
my ($uname,$udom,$selfenrollrole) = @_;	my ($uname,$udom,$selfenrollrole) = @_;
my $enrollresult;	my $enrollresult;
Line 714 sub lti_session {	Line 891 sub lti_session {
my $lowest_load;	my $lowest_load;
($otherserver,undef,undef,undef,$lowest_load) = &Apache::lonnet::choose_server($udom);	($otherserver,undef,undef,undef,$lowest_load) = &Apache::lonnet::choose_server($udom);
if ($lowest_load > 100) {	if ($lowest_load > 100) {
$otherserver = &Apache::lonnet::spareserver($lowest_load,$lowest_load,1,$udom);	$otherserver = &Apache::lonnet::spareserver($r,$lowest_load,$lowest_load,1,$udom);
}	}
}	}
if ($otherserver ne '') {	if ($otherserver ne '') {
Line 724 sub lti_session {	Line 901 sub lti_session {
}	}
}	}
}	}
	my $protocol = 'http';
	if ($ENV{'SERVER_PORT'} == 443) {
	$protocol = 'https';
	}
if (($is_balancer) && (!$hosthere)) {	if (($is_balancer) && (!$hosthere)) {
# login but immediately go to switch server.	# login but immediately go to switch server.
&Apache::lonauth::success($r,$uname,$udom,$uhome,'noredirect');	&Apache::lonauth::success($r,$uname,$udom,$uhome,'noredirect');
	if (($ltihash->{'callback'}) && ($params->{$ltihash->{'callback'}})) {
	&LONCAPA::ltiutils::setup_logout_callback($uname,$udom,$otherserver,
	$ltihash->{'key'},
	$ltihash->{'secret'},
	$params->{$ltihash->{'callback'}},
	$r->dir_config('ltiIDsDir'),
	$protocol,$r->hostname);
	}
if ($symb) {	if ($symb) {
$env{'form.symb'} = $symb;	$env{'form.symb'} = $symb;
$env{'request.lti.uri'} = $symb;	$env{'request.lti.uri'} = $tail;
} else {	} else {
if ($mapurl) {	if ($mapurl) {
$env{'form.origurl'} = $mapurl;	$env{'form.origurl'} = $mapurl;
Line 742 sub lti_session {	Line 931 sub lti_session {
$env{'request.lti.uri'} = $tail;	$env{'request.lti.uri'} = $tail;
} else {	} else {
unless ($tail eq '/adm/roles') {	unless ($tail eq '/adm/roles') {
$env{'form.origurl'} = '/adm/navmaps';	if ($cnum) {
	$env{'form.origurl'} = '/adm/navmaps';
	}
}	}
}	}
}	}
Line 755 sub lti_session {	Line 946 sub lti_session {
$env{'request.lti.sourcecrs'} = $sourcecrs;	$env{'request.lti.sourcecrs'} = $sourcecrs;
}	}
if ($selfenrollrole) {	if ($selfenrollrole) {
$env{'request.lti.selfenroll'} = $selfenrollrole;	$env{'request.lti.selfenrollrole'} = $selfenrollrole;
$env{'request.lti.sourcecrs'} = $sourcecrs;	$env{'request.lti.sourcecrs'} = $sourcecrs;
}	}
if ($ltihash->{'passback'}) {	if ($ltihash->{'passback'}) {
Line 778 sub lti_session {	Line 969 sub lti_session {
if ($params->{'launch_presentation_document_target'}) {	if ($params->{'launch_presentation_document_target'}) {
$env{'request.lti.target'} = $params->{'launch_presentation_document_target'};	$env{'request.lti.target'} = $params->{'launch_presentation_document_target'};
}	}
foreach my $key (%{$params}) {	foreach my $key (keys(%{$params})) {
delete($env{'form.'.$key});	delete($env{'form.'.$key});
}	}
my $redirecturl = '/adm/switchserver';	my $redirecturl = '/adm/switchserver';
Line 790 sub lti_session {	Line 981 sub lti_session {
} else {	} else {
# need to login them in, so generate the need data that	# need to login them in, so generate the need data that
# migrate expects to do login	# migrate expects to do login
foreach my $key (%{$params}) {	foreach my $key (keys(%{$params})) {
delete($env{'form.'.$key});	delete($env{'form.'.$key});
}	}
	if (($ltihash->{'callback'}) && ($params->{$ltihash->{'callback'}})) {
	&LONCAPA::ltiutils::setup_logout_callback($uname,$udom,$lonhost,
	$ltihash->{'key'},
	$ltihash->{'secret'},
	$params->{$ltihash->{'callback'}},
	$r->dir_config('ltiIDsDir'),
	$protocol,$r->hostname);
	}
my $ip = $r->get_remote_host();	my $ip = $r->get_remote_host();
my %info=('ip' => $ip,	my %info=('ip' => $ip,
'domain' => $udom,	'domain' => $udom,
Line 842 sub lti_session {	Line 1041 sub lti_session {
$info{'origurl'} = $tail;	$info{'origurl'} = $tail;
} else {	} else {
unless ($tail eq '/adm/roles') {	unless ($tail eq '/adm/roles') {
$info{'origurl'} = '/adm/navmaps';	if ($cnum) {
	$info{'origurl'} = '/adm/navmaps';
	}
}	}
}	}
}	}
Line 872 sub invalid_request {	Line 1073 sub invalid_request {
return;	return;
}	}

	sub course_from_tinyurl {
	my ($tail) = @_;
	my ($urlcdom,$urlcnum);
	if ($tail =~ m{^/tiny/($match_domain)/(\w+)$}) {
	($urlcdom,my $key) = ($1,$2);
	my $tinyurl;
	my ($result,$cached)=&Apache::lonnet::is_cached_new('tiny',$urlcdom."\0".$key);
	if (defined($cached)) {
	$tinyurl = $result;
	} else {
	my $configuname = &Apache::lonnet::get_domainconfiguser($urlcdom);
	my %currtiny = &Apache::lonnet::get('tiny',[$key],$urlcdom,$configuname);
	if ($currtiny{$key} ne '') {
	$tinyurl = $currtiny{$key};
	&Apache::lonnet::do_cache_new('tiny',$urlcdom."\0".$key,$currtiny{$key},600);
	}
	}
	if ($tinyurl ne '') {
	$urlcnum = (split(/\&/,$tinyurl))[0];
	}
	}
	return ($urlcdom,$urlcnum);
	}

1;	1;

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

500 Internal Server Error

Internal Server Error

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator at root@localhost to inform them of the time this error occurred, and the actions you performed just before this error.

More information about this error may be available in the server error log.

Removed from v.1.14
changed lines
	Added in v.1.29