version 1.6, 2018/08/14 21:42:36
|
version 1.8, 2023/06/02 00:28:03
|
Line 157 sub handler {
|
Line 157 sub handler {
|
# |
# |
|
|
my (%toolsettings,%ltitools); |
my (%toolsettings,%ltitools); |
my ($consumer_secret,$nonce_lifetime) = |
my ($consumer_secret,$nonce_lifetime) = |
&LONCAPA::ltiutils::get_tool_secret($params->{'oauth_consumer_key'}, |
&LONCAPA::ltiutils::get_tool_secret($params->{'oauth_consumer_key'}, |
$marker,$symb,$cdom,$cnum, |
$marker,$symb,$cdom,$cnum, |
\%toolsettings,\%ltitools,\%errors); |
\%toolsettings,\%ltitools,\%errors); |
Line 188 sub handler {
|
Line 188 sub handler {
|
# Verify XML in request body has not been tampered with |
# Verify XML in request body has not been tampered with |
# |
# |
|
|
my $bodyhash = Digest::SHA::sha1_base64($xmlbody); |
if ($content_type eq 'application/xml') { |
while (length($bodyhash) % 4) { |
my $bodyhash = Digest::SHA::sha1_base64($xmlbody); |
$bodyhash .= '='; |
while (length($bodyhash) % 4) { |
} |
$bodyhash .= '='; |
unless ($bodyhash eq $params->{oauth_body_hash}) { |
} |
$errors{16} = 1; |
unless ($bodyhash eq $params->{oauth_body_hash}) { |
&invalid_request($r,$params,\%errors); |
$errors{16} = 1; |
return OK; |
&invalid_request($r,$params,\%errors); |
|
return OK; |
|
} |
} |
} |
|
|
# |
# |