CVS log for loncom/lti/ltiauth.pm
Up to [LON-CAPA] / loncom / lti
Request diff between arbitrary revisions
Keyword substitution: kv
Default branch: MAIN
Revision 1.43: download - view: text, markup, annotated - select for diffs
Fri Aug 18 22:14:34 2023 UTC (14 months, 2 weeks ago) by raeburn
Branches: MAIN
CVS tags: version_2_12_X,
version_2_11_5_msu,
version_2_11_4_msu,
HEAD
Diff to previous 1.42: preferred, colored to selected 1.33: preferred, colored
Changes since revision 1.42: +2 -2
lines
- Fix typo.
Revision 1.42: download - view: text, markup, annotated - select for diffs
Fri Jun 2 01:20:28 2023 UTC (17 months ago) by raeburn
Branches: MAIN
Diff to previous 1.41: preferred, colored to selected 1.33: preferred, colored
Changes since revision 1.41: +34 -10
lines
- Bugs 6754 and 6907
- Return of grades to launcher CMS supported for resources or folders
accessed via LTI-mediated deep link.
- Support option: "Encrypt stored consumer secrets defined in domain"
- Signing of LTI payloads for roster retrieval, passback of grades,
and callback to logput launcher CMS session all now occur on
primary library server for course's domain.
Revision 1.41: download - view: text, markup, annotated - select for diffs
Wed May 24 14:55:57 2023 UTC (17 months, 1 week ago) by raeburn
Branches: MAIN
Diff to previous 1.40: preferred, colored to selected 1.33: preferred, colored
Changes since revision 1.40: +2 -2
lines
- Additional arg needed in call to get_course_lti() following changes in
lonnet.pm rev. 1.1510
Revision 1.40: download - view: text, markup, annotated - select for diffs
Tue Jul 12 22:55:46 2022 UTC (2 years, 3 months ago) by raeburn
Branches: MAIN
Diff to previous 1.39: preferred, colored to selected 1.33: preferred, colored
Changes since revision 1.39: +6 -1
lines
- On a balancer node, if LON-CAPA is an LTI Provider or if deep link access
with LTI mediated link protection is in use, check for balancer cookie
after credentials in LTI payload validated.
Revision 1.39: download - view: text, markup, annotated - select for diffs
Thu Jun 30 21:04:14 2022 UTC (2 years, 4 months ago) by raeburn
Branches: MAIN
Diff to previous 1.38: preferred, colored to selected 1.33: preferred, colored
Changes since revision 1.38: +20 -3
lines
- Bug 6907
"Exit Tool" button available to logout a session launched via deep link
and escape iframe and redirect (for LTI-protected link).
Revision 1.38: download - view: text, markup, annotated - select for diffs
Sun Jun 26 04:03:48 2022 UTC (2 years, 4 months ago) by raeburn
Branches: MAIN
Diff to previous 1.37: preferred, colored to selected 1.33: preferred, colored
Changes since revision 1.37: +3 -1
lines
- Bug 6907
- Set request.linkprotuser in %env for students accessing deep-linked items
with LTI link protection which includes username from other LMS.
- Set "only_body" for intermediate pages shown while session is being set up
for LTI link-protected access.
- Provide appropriate feedback when a deep link is followed but the user
only has a future and/or expired role in the target course.
Revision 1.37: download - view: text, markup, annotated - select for diffs
Sat Jun 18 02:10:19 2022 UTC (2 years, 4 months ago) by raeburn
Branches: MAIN
Diff to previous 1.36: preferred, colored to selected 1.33: preferred, colored
Changes since revision 1.36: +19 -11
lines
- Bug 6907
For LTI-protected deep links in which username is included in launch payload
compare username in payload with username for any existing LON-CAPA session
in current web browser and expire old session, if different user.
Revision 1.36: download - view: text, markup, annotated - select for diffs
Wed Apr 6 21:44:49 2022 UTC (2 years, 6 months ago) by raeburn
Branches: MAIN
Diff to previous 1.35: preferred, colored to selected 1.33: preferred, colored
Changes since revision 1.35: +3 -2
lines
- Bug 6907
- Don't show log-in page if link protection configuration has
"Action when username is not for an enrolled student" set to:
"Discontinue launch process", and username was not available.
- White space added between two sentences in displayed warning.
Revision 1.35: download - view: text, markup, annotated - select for diffs
Tue Mar 29 19:37:25 2022 UTC (2 years, 7 months ago) by raeburn
Branches: MAIN
Diff to previous 1.34: preferred, colored to selected 1.33: preferred, colored
Changes since revision 1.34: +3 -2
lines
- Net::OAuth expects characters outside the ASCII character set to have been
decoded to perl's internal character structure, as it will UTF-8 encode them
itself when making a signature.
Revision 1.34: download - view: text, markup, annotated - select for diffs
Thu Feb 17 22:35:51 2022 UTC (2 years, 8 months ago) by raeburn
Branches: MAIN
Diff to previous 1.33: preferred, colored
Changes since revision 1.33: +8 -8
lines
- Bug 6907
- Link Protectors for deep-linking from launch from LTI Consumer can be
configured at both a domain level and a course level.
- Support encryption of link protection secrets set in a domain.
- Requires perl-Crypt-CBC
Revision
1.33:
download - view:
text,
markup,
annotated -
[selected for diffs]
Tue Feb 8 15:08:53 2022 UTC (2 years, 8 months ago) by
raeburn
Branches:
MAIN
Diff to previous 1.32:
preferred,
colored
Changes since revision 1.32: +5 -4
lines
- Bug 6907
- Modify message logged for user session launched from LTI-protected
deep-link which includes username in signed payload.
- On a balancer call lonauth::success before redirect to switchserver
- Fix typo.
Revision 1.32: download - view: text, markup, annotated - select for diffs
Sun Feb 6 21:37:00 2022 UTC (2 years, 8 months ago) by raeburn
Branches: MAIN
Diff to previous 1.31: preferred, colored to selected 1.33: preferred, colored
Changes since revision 1.31: +172 -57
lines
- Bug 6907
- Domain default to determine whether LTI launch of deep-linked URL requires
student to authenticate; can be overridden for specific course(s).
- If domain config permits it, link protection setting in a course can
specify whether to accept username included in LTI payload, and action
to take if username is not for an enrolled student.
- Second arg passed to ltiauth::invalid_request() is text string stating why
LTI launch was invalid.
Revision 1.31: download - view: text, markup, annotated - select for diffs
Wed Feb 2 00:31:16 2022 UTC (2 years, 8 months ago) by raeburn
Branches: MAIN
Diff to previous 1.30: preferred, colored to selected 1.33: preferred, colored
Changes since revision 1.30: +2 -2
lines
- Typo
Revision 1.30: download - view: text, markup, annotated - select for diffs
Tue Feb 1 23:13:20 2022 UTC (2 years, 8 months ago) by raeburn
Branches: MAIN
Diff to previous 1.29: preferred, colored to selected 1.33: preferred, colored
Changes since revision 1.29: +56 -111
lines
- Bug 6907
- Extraction of LTI itemID based on consumer key in signed LTI payload, and
verification with available secret moved from ltiauth.pm to Lond.pm.
- Verification will now occur on course's home server or domain's primary
library server, for course-defined LTI ID, and domain-defined LTI ID
respectively.
- Setting and modifying link protection key and secret now requires user
session on course's home server.
- Display of existing LTI key only available of course's home server.
- Display of stored LTI secret eliminated so a Course Coordinator will
need to record it offline or commit it to memory.
Revision 1.29: download - view: text, markup, annotated - select for diffs
Tue Feb 1 19:54:36 2022 UTC (2 years, 8 months ago) by raeburn
Branches: MAIN
Diff to previous 1.28: preferred, colored to selected 1.33: preferred, colored
Changes since revision 1.28: +2 -2
lines
- Typo
Revision 1.28: download - view: text, markup, annotated - select for diffs
Tue Feb 1 19:47:20 2022 UTC (2 years, 8 months ago) by raeburn
Branches: MAIN
Diff to previous 1.27: preferred, colored to selected 1.33: preferred, colored
Changes since revision 1.27: +6 -5
lines
- Bug 6754
When storing mapping of Consumer system's courseID to LON-CAPA's course
"number" include LTI item id verified from signed payload.
Revision 1.27: download - view: text, markup, annotated - select for diffs
Wed Nov 24 04:25:03 2021 UTC (2 years, 11 months ago) by raeburn
Branches: MAIN
Diff to previous 1.26: preferred, colored to selected 1.33: preferred, colored
Changes since revision 1.26: +35 -5
lines
- Bug 6754
- Storing mapping of Consumer course identifier to LON-CAPA courseID
honors rules for allowable course types, and also general Y/N option for
any type.
- When a course is created due to launch from LTI Consumer, course's
environment.db contains internal.lti set to 1, and extended course type
is identified as "lti".
Revision 1.26: download - view: text, markup, annotated - select for diffs
Mon Nov 22 23:41:00 2021 UTC (2 years, 11 months ago) by raeburn
Branches: MAIN
Diff to previous 1.25: preferred, colored to selected 1.33: preferred, colored
Changes since revision 1.25: +24 -14
lines
- Bug 6754
Basic LTI authentication option for launch from Consumer for which user
information but no course information are provided on launch.
Revision 1.25: download - view: text, markup, annotated - select for diffs
Mon Nov 22 03:19:05 2021 UTC (2 years, 11 months ago) by raeburn
Branches: MAIN
Diff to previous 1.24: preferred, colored to selected 1.33: preferred, colored
Changes since revision 1.24: +3 -3
lines
- Add missing keys() command.
Revision 1.24: download - view: text, markup, annotated - select for diffs
Wed Nov 3 01:04:04 2021 UTC (2 years, 11 months ago) by raeburn
Branches: MAIN
Diff to previous 1.23: preferred, colored to selected 1.33: preferred, colored
Changes since revision 1.23: +2 -2
lines
- Bug 6907
- Use of token to store linkprot or linkkey compatible with use of
btoken and iptoken (for load balancing and IP change respectively).
- Launching access from a deeplink, with its own ltoken and/or linkkey,
for a user session originally launched from a different deeplink will
update required session information.
Revision 1.23: download - view: text, markup, annotated - select for diffs
Thu Aug 12 00:05:27 2021 UTC (3 years, 2 months ago) by raeburn
Branches: MAIN
Diff to previous 1.22: preferred, colored to selected 1.33: preferred, colored
Changes since revision 1.22: +2 -2
lines
- Args in lonnet::spareserver() consistent with lonnet.pm rev. 1.1451 change.
Revision 1.22: download - view: text, markup, annotated - select for diffs
Sat Aug 7 20:11:53 2021 UTC (3 years, 2 months ago) by raeburn
Branches: MAIN
Diff to previous 1.21: preferred, colored to selected 1.33: preferred, colored
Changes since revision 1.21: +2 -2
lines
- Fix typo in comment.
Revision 1.21: download - view: text, markup, annotated - select for diffs
Sat Aug 7 01:34:20 2021 UTC (3 years, 2 months ago) by raeburn
Branches: MAIN
Diff to previous 1.20: preferred, colored to selected 1.33: preferred, colored
Changes since revision 1.20: +2 -2
lines
- scope for $urlcdom in &course_from_tinyurl() routine added in rev. 1.20
Revision 1.20: download - view: text, markup, annotated - select for diffs
Wed Aug 4 19:59:11 2021 UTC (3 years, 2 months ago) by raeburn
Branches: MAIN
Diff to previous 1.19: preferred, colored to selected 1.33: preferred, colored
Changes since revision 1.19: +210 -71
lines
- Bug 6907 Content in a course can be set to be deep-link only.
- deeplink parameter has 5 components:
state, others, listing, scope, protect and menus.
- deeplink protection for launch from non-LON-CAPA LTI-enabled systems
uses /adm/launch/tiny/$dom/$uniqueID, and key and secret used by launcher
can be set in a course (by CC), or for domain (by DC).
Revision 1.19: download - view: text, markup, annotated - select for diffs
Thu Jul 18 18:28:46 2019 UTC (5 years, 3 months ago) by raeburn
Branches: MAIN
Diff to previous 1.18: preferred, colored to selected 1.33: preferred, colored
Changes since revision 1.18: +21 -1
lines
- Bug 6754. LON-CAPA as LTI Provider.
Domain configuration to support session expiration in LON-CAPA,
after user logs out of LTI Consumer which originally launched session,
(if Consumer supports logoutServiceUrl; e.g. custom_logout_url in Canvas).
Revision 1.18: download - view: text, markup, annotated - select for diffs
Thu Jun 13 17:45:26 2019 UTC (5 years, 4 months ago) by raeburn
Branches: MAIN
Diff to previous 1.17: preferred, colored to selected 1.33: preferred, colored
Changes since revision 1.17: +2 -2
lines
- Consistent naming for selfenrollrole item in %env when LTI launch requires
user's self-enrollment.
Revision 1.17: download - view: text, markup, annotated - select for diffs
Wed Dec 26 20:10:29 2018 UTC (5 years, 10 months ago) by raeburn
Branches: MAIN
Diff to previous 1.16: preferred, colored to selected 1.33: preferred, colored
Changes since revision 1.16: +37 -13
lines
- Bug 6400 Deep-linking
- URLs like /adm/lti/tiny/domain/uniqueID can be used to restrict use of
deep links to access from another LTI-enabled application (no user data
passed in this context).
Revision 1.16: download - view: text, markup, annotated - select for diffs
Tue Aug 14 21:03:39 2018 UTC (6 years, 2 months ago) by raeburn
Branches: MAIN
Diff to previous 1.15: preferred, colored to selected 1.33: preferred, colored
Changes since revision 1.15: +4 -4
lines
- Bug 6754 LON-CAPA as LTI Provider
- Convert tail of launch URL to a real symb, if launch was for a single
resource.
Revision 1.15: download - view: text, markup, annotated - select for diffs
Sat Jun 30 23:58:14 2018 UTC (6 years, 4 months ago) by raeburn
Branches: MAIN
Diff to previous 1.14: preferred, colored to selected 1.33: preferred, colored
Changes since revision 1.14: +5 -4
lines
- Formatting (whitespace changes only).
Revision 1.14: download - view: text, markup, annotated - select for diffs
Wed May 30 18:06:13 2018 UTC (6 years, 5 months ago) by raeburn
Branches: MAIN
Diff to previous 1.13: preferred, colored to selected 1.33: preferred, colored
Changes since revision 1.13: +6 -12
lines
- Bug 6754 LON-CAPA as LTI Provider
- Include value of 1 for $selfenroll arg when calling ltiutils::enrolluser()
so user privs will be added to the user's environment for the new role.
Revision 1.13: download - view: text, markup, annotated - select for diffs
Mon May 28 23:26:04 2018 UTC (6 years, 5 months ago) by raeburn
Branches: MAIN
Diff to previous 1.12: preferred, colored to selected 1.33: preferred, colored
Changes since revision 1.12: +22 -160
lines
- Bug 6754 LON-CAPA as LTI Provider
- Support LTI Extension: Context Memberships Service, whereby launch of
Consumer can trigger Provider to request course roster.
- Code moved from ltiauth.pm to routines in ltiutils.pm:
&get_lc_roles(), &create_user() and &enrolluser(); &create_passwd() routine
also moved.
- Code moved from &parse_roster() to &get_roster() in ltiutils.pm.
- New routines: &batchaddroster(), &datechange_check(), &store_passbackurl()
added to support roster updates, (including saving user-specific values
for: lis_result_sourcedid, used for passback of grades to Consumer.
Revision 1.12: download - view: text, markup, annotated - select for diffs
Mon May 14 20:10:15 2018 UTC (6 years, 5 months ago) by raeburn
Branches: MAIN
Diff to previous 1.11: preferred, colored to selected 1.33: preferred, colored
Changes since revision 1.11: +7 -1
lines
- Bug 6754 LON-CAPA as LTI Provider
- Support LTI Consumer using OAuth version 1.0a (sends oauth_callback)
Revision 1.11: download - view: text, markup, annotated - select for diffs
Mon May 14 19:56:05 2018 UTC (6 years, 5 months ago) by raeburn
Branches: MAIN
Diff to previous 1.10: preferred, colored to selected 1.33: preferred, colored
Changes since revision 1.10: +2 -2
lines
- Fix typo.
Revision 1.10: download - view: text, markup, annotated - select for diffs
Tue May 8 00:44:14 2018 UTC (6 years, 5 months ago) by raeburn
Branches: MAIN
Diff to previous 1.9: preferred, colored to selected 1.33: preferred, colored
Changes since revision 1.9: +5 -5
lines
- Bug 6754 LON-CAPA as LTI Provider
- request.lti.login set to consumer's ID for LTI authenticated session.
- Rights to create LON-CAPA courses (LTI type) assigned, as per domain
config to new user created for LTI instructor
- No "Login" shown for "Invalid call" displayed for failed LTI launch.
Revision 1.9: download - view: text, markup, annotated - select for diffs
Sat Apr 21 20:34:50 2018 UTC (6 years, 6 months ago) by raeburn
Branches: MAIN
Diff to previous 1.8: preferred, colored to selected 1.33: preferred, colored
Changes since revision 1.8: +38 -3
lines
- Bug 6754 LON-CAPA as LTI Provider
- LTI launch results in call to ltiauth, even if user has existing LON-CAPA
session (role, course etc. will be updated).
- LTI launch can be for a published .sequence
Revision 1.8: download - view: text, markup, annotated - select for diffs
Sat Apr 14 02:30:07 2018 UTC (6 years, 6 months ago) by raeburn
Branches: MAIN
Diff to previous 1.7: preferred, colored to selected 1.33: preferred, colored
Changes since revision 1.7: +12 -1
lines
- Bug 6754 LON-CAPA as LTI Provider
- Original LTI launch of LON-CAPA is for a resource, a map, or an entire
course, and display is for iframe, tab or window; retain this in %env.
Revision 1.7: download - view: text, markup, annotated - select for diffs
Fri Mar 23 18:08:45 2018 UTC (6 years, 7 months ago) by raeburn
Branches: MAIN
Diff to previous 1.6: preferred, colored to selected 1.33: preferred, colored
Changes since revision 1.6: +26 -2
lines
- Bug 6754 LON-CAPA as LTI Provider
- Assign randomly generated password to user in LON-CAPA if configuration
for LTI Consumer permits both LTI auth and LON-CAPA log-in (internal) for
a new user.
Revision 1.6: download - view: text, markup, annotated - select for diffs
Fri Mar 23 01:01:47 2018 UTC (6 years, 7 months ago) by raeburn
Branches: MAIN
Diff to previous 1.5: preferred, colored to selected 1.33: preferred, colored
Changes since revision 1.5: +354 -61
lines
- Bug 6754 LON-CAPA as LTI Provider
- Creation of new LON-CAPA user account available from an LTI Consumer.
- Creation of new LON-CAPA course available from an LTI Consumer.
- Self-enrollment in a LON-CAPA course available from an LTI Consumer.
Revision 1.5: download - view: text, markup, annotated - select for diffs
Fri Jan 12 20:42:38 2018 UTC (6 years, 9 months ago) by raeburn
Branches: MAIN
Diff to previous 1.4: preferred, colored to selected 1.33: preferred, colored
Changes since revision 1.4: +37 -16
lines
- Bug 6754 LON-CAPA as LTI Provider
- Tiny URLs can be part of the launch URL used to access a LON-CAPA
assignment from another CMS. On launch (in the Consumer), POSTed data
would be sent to a URL such as: /adm/lti/tiny/<domain>/<key>, where key
is six characters.
Revision 1.4: download - view: text, markup, annotated - select for diffs
Wed Jan 3 22:04:19 2018 UTC (6 years, 9 months ago) by raeburn
Branches: MAIN
Diff to previous 1.3: preferred, colored to selected 1.33: preferred, colored
Changes since revision 1.3: +2 -1
lines
- Bug 6754 LON-CAPA as LTI Provider
- Launch terminated if user has no role in target course, and
self-enrollment is not permitted.
Revision 1.3: download - view: text, markup, annotated - select for diffs
Sat Dec 9 16:15:47 2017 UTC (6 years, 10 months ago) by raeburn
Branches: MAIN
Diff to previous 1.2: preferred, colored to selected 1.33: preferred, colored
Changes since revision 1.2: +6 -6
lines
Bug 6754 LON-CAPA as LTI Provider
- More descriptive name for Consumer Key scalar.
- Include LON-CAPA courseID in standard format when logging successful
authentication via basic LTI.
Revision 1.2: download - view: text, markup, annotated - select for diffs
Thu Dec 7 15:36:25 2017 UTC (6 years, 10 months ago) by raeburn
Branches: MAIN
Diff to previous 1.1: preferred, colored to selected 1.33: preferred, colored
Changes since revision 1.1: +7 -35
lines
Bug 6754 LTI Integration
- ltiutils.pm contains common LTI routines (to facilitate re-use).
- &check_nonce() moved from ltiauth.pm to ltiutils.pm.
- &set_callback_secret() moved from lonexttool.pm to ltiutils.pm, and
renamed &set_service_secret().
- &sign_params(), &get_tool_lock(), and &release_tool_lock() moved from
lonexttool.pm to ltiutils.pm
- ltiroster.pm will service requests for course membership information
from an LTI Provider, where domain configuration for Tool permits this
service, and launch (by Instructor( included ext_ims_lis_memberships_id.
Revision 1.1: download - view: text, markup, annotated - select for diffs
Wed Dec 6 01:53:56 2017 UTC (6 years, 10 months ago) by raeburn
Branches: MAIN
Diff to selected 1.33: preferred, colored
- Bug 6754 LTI Integration: LON-CAPA as LTI Provider
- Move auth/lonlti.pm to lti/ltiauth.pm
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>