--- loncom/lti/ltiauth.pm 2018/06/30 23:58:14 1.15 +++ loncom/lti/ltiauth.pm 2019/06/13 17:45:26 1.18 @@ -1,7 +1,7 @@ # The LearningOnline Network # Basic LTI Authentication Module # -# $Id: ltiauth.pm,v 1.15 2018/06/30 23:58:14 raeburn Exp $ +# $Id: ltiauth.pm,v 1.18 2019/06/13 17:45:26 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -205,14 +205,14 @@ sub handler { $mapurl = $tail; } else { $symb = $tail; - $symb =~ s{^/+}{}; + $symb =~ s{^/}{}; } } elsif ($tail =~ m{^/res/(?:$match_domain)/(?:$match_username)/.+\.(?:sequence|page)(|___\d+___.+)$}) { if ($1 eq '') { $mapurl = $tail; } else { $symb = $tail; - $symb =~ s{^/+}{}; + $symb =~ s{^/res/}{}; } } elsif ($tail =~ m{^/($match_domain)/($match_courseid)$}) { ($urlcdom,$urlcnum) = ($1,$2); @@ -339,6 +339,30 @@ sub handler { } # +# Determine if a username is required from the domain +# configuration for the specific LTI Consumer +# + + if (!$lti{$itemid}{'requser'}) { + if ($tail =~ m{^/tiny/($match_domain)/(\w+)$}) { + foreach my $key (%{$params}) { + delete($env{'form.'.$key}); + } + my $ltoken = &Apache::lonnet::tmpput({'linkprot' => $itemid.':'.$tail}, + $lonhost); + if ($ltoken) { + $r->internal_redirect($tail.'?ltoken='.$ltoken); + $r->set_handlers('PerlHandler'=> undef); + } else { + &invalid_request($r,9); + } + } else { + &invalid_request($r,10); + } + return OK; + } + +# # Determine if source of username matches requirement from the # domain configuration for the specific LTI Consumer. # @@ -394,7 +418,7 @@ sub handler { if ($consumers{$sourcecrs} =~ /^$match_courseid$/) { my $crshome = &Apache::lonnet::homeserver($consumers{$sourcecrs},$cdom); if ($crshome =~ /(con_lost|no_host|no_such_host)/) { - &invalid_request($r,9); + &invalid_request($r,11); return OK; } else { $posscnum = $consumers{$sourcecrs}; @@ -406,7 +430,7 @@ sub handler { if ($urlcnum ne '') { if ($posscnum ne '') { if ($posscnum ne $urlcnum) { - &invalid_request($r,10); + &invalid_request($r,12); return OK; } else { $cnum = $posscnum; @@ -414,7 +438,7 @@ sub handler { } else { my $crshome = &Apache::lonnet::homeserver($urlcnum,$cdom); if ($crshome =~ /(con_lost|no_host|no_such_host)/) { - &invalid_request($r,11); + &invalid_request($r,13); return OK; } else { $cnum = $urlcnum; @@ -479,7 +503,7 @@ sub handler { $domdesc,\%data,\%alerts,\%rulematch, \%inst_results,\%curr_rules,%got_rules); if ($result eq 'notallowed') { - &invalid_request($r,12); + &invalid_request($r,14); } elsif ($result eq 'ok') { if (($ltiroles[0] eq 'Instructor') && ($lcroles[0] eq 'cc') && ($lti{$itemid}{'mapcrs'}) && ($lti{$itemid}{'makecrs'})) { @@ -488,16 +512,16 @@ sub handler { } } } else { - &invalid_request($r,13); + &invalid_request($r,15); return OK; } } else { - &invalid_request($r,14); + &invalid_request($r,16); return OK; } } } else { - &invalid_request($r,15); + &invalid_request($r,17); return OK; } @@ -519,10 +543,10 @@ sub handler { $symb,$cdom,$cnum,$params,\@ltiroles,$lti{$itemid},\@lcroles, $reqcrs,$sourcecrs); } else { - &invalid_request($r,16); + &invalid_request($r,18); } } else { - &invalid_request($r,17); + &invalid_request($r,19); } return OK; } @@ -608,7 +632,7 @@ sub handler { } } if ($reqrole eq '') { - &invalid_request($r,18); + &invalid_request($r,20); return OK; } else { unless (%crsenv) { @@ -618,10 +642,10 @@ sub handler { my $default_enrollment_end_date = $crsenv{'default_enrollment_end_date'}; my $now = time; if ($default_enrollment_end_date && $default_enrollment_end_date <= $now) { - &invalid_request($r,19); + &invalid_request($r,21); return OK; } elsif ($default_enrollment_start_date && $default_enrollment_start_date >$now) { - &invalid_request($r,20); + &invalid_request($r,22); return OK; } else { $selfenrollrole = $reqrole.'./'.$cdom.'/'.$cnum; @@ -730,7 +754,7 @@ sub lti_session { &Apache::lonauth::success($r,$uname,$udom,$uhome,'noredirect'); if ($symb) { $env{'form.symb'} = $symb; - $env{'request.lti.uri'} = $symb; + $env{'request.lti.uri'} = $tail; } else { if ($mapurl) { $env{'form.origurl'} = $mapurl; @@ -756,7 +780,7 @@ sub lti_session { $env{'request.lti.sourcecrs'} = $sourcecrs; } if ($selfenrollrole) { - $env{'request.lti.selfenroll'} = $selfenrollrole; + $env{'request.lti.selfenrollrole'} = $selfenrollrole; $env{'request.lti.sourcecrs'} = $sourcecrs; } if ($ltihash->{'passback'}) {