--- loncom/lti/ltiauth.pm 2018/08/14 21:03:39 1.16 +++ loncom/lti/ltiauth.pm 2019/07/18 18:28:46 1.19 @@ -1,7 +1,7 @@ # The LearningOnline Network # Basic LTI Authentication Module # -# $Id: ltiauth.pm,v 1.16 2018/08/14 21:03:39 raeburn Exp $ +# $Id: ltiauth.pm,v 1.19 2019/07/18 18:28:46 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -339,6 +339,30 @@ sub handler { } # +# Determine if a username is required from the domain +# configuration for the specific LTI Consumer +# + + if (!$lti{$itemid}{'requser'}) { + if ($tail =~ m{^/tiny/($match_domain)/(\w+)$}) { + foreach my $key (%{$params}) { + delete($env{'form.'.$key}); + } + my $ltoken = &Apache::lonnet::tmpput({'linkprot' => $itemid.':'.$tail}, + $lonhost); + if ($ltoken) { + $r->internal_redirect($tail.'?ltoken='.$ltoken); + $r->set_handlers('PerlHandler'=> undef); + } else { + &invalid_request($r,9); + } + } else { + &invalid_request($r,10); + } + return OK; + } + +# # Determine if source of username matches requirement from the # domain configuration for the specific LTI Consumer. # @@ -394,7 +418,7 @@ sub handler { if ($consumers{$sourcecrs} =~ /^$match_courseid$/) { my $crshome = &Apache::lonnet::homeserver($consumers{$sourcecrs},$cdom); if ($crshome =~ /(con_lost|no_host|no_such_host)/) { - &invalid_request($r,9); + &invalid_request($r,11); return OK; } else { $posscnum = $consumers{$sourcecrs}; @@ -406,7 +430,7 @@ sub handler { if ($urlcnum ne '') { if ($posscnum ne '') { if ($posscnum ne $urlcnum) { - &invalid_request($r,10); + &invalid_request($r,12); return OK; } else { $cnum = $posscnum; @@ -414,7 +438,7 @@ sub handler { } else { my $crshome = &Apache::lonnet::homeserver($urlcnum,$cdom); if ($crshome =~ /(con_lost|no_host|no_such_host)/) { - &invalid_request($r,11); + &invalid_request($r,13); return OK; } else { $cnum = $urlcnum; @@ -479,7 +503,7 @@ sub handler { $domdesc,\%data,\%alerts,\%rulematch, \%inst_results,\%curr_rules,%got_rules); if ($result eq 'notallowed') { - &invalid_request($r,12); + &invalid_request($r,14); } elsif ($result eq 'ok') { if (($ltiroles[0] eq 'Instructor') && ($lcroles[0] eq 'cc') && ($lti{$itemid}{'mapcrs'}) && ($lti{$itemid}{'makecrs'})) { @@ -488,16 +512,16 @@ sub handler { } } } else { - &invalid_request($r,13); + &invalid_request($r,15); return OK; } } else { - &invalid_request($r,14); + &invalid_request($r,16); return OK; } } } else { - &invalid_request($r,15); + &invalid_request($r,17); return OK; } @@ -519,10 +543,10 @@ sub handler { $symb,$cdom,$cnum,$params,\@ltiroles,$lti{$itemid},\@lcroles, $reqcrs,$sourcecrs); } else { - &invalid_request($r,16); + &invalid_request($r,18); } } else { - &invalid_request($r,17); + &invalid_request($r,19); } return OK; } @@ -608,7 +632,7 @@ sub handler { } } if ($reqrole eq '') { - &invalid_request($r,18); + &invalid_request($r,20); return OK; } else { unless (%crsenv) { @@ -618,10 +642,10 @@ sub handler { my $default_enrollment_end_date = $crsenv{'default_enrollment_end_date'}; my $now = time; if ($default_enrollment_end_date && $default_enrollment_end_date <= $now) { - &invalid_request($r,19); + &invalid_request($r,21); return OK; } elsif ($default_enrollment_start_date && $default_enrollment_start_date >$now) { - &invalid_request($r,20); + &invalid_request($r,22); return OK; } else { $selfenrollrole = $reqrole.'./'.$cdom.'/'.$cnum; @@ -725,9 +749,21 @@ sub lti_session { } } } + my $protocol = 'http'; + if ($ENV{'SERVER_PORT'} == 443) { + $protocol = 'https'; + } if (($is_balancer) && (!$hosthere)) { # login but immediately go to switch server. &Apache::lonauth::success($r,$uname,$udom,$uhome,'noredirect'); + if (($ltihash->{'callback'}) && ($params->{$ltihash->{'callback'}})) { + &LONCAPA::ltiutils::setup_logout_callback($uname,$udom,$otherserver, + $ltihash->{'key'}, + $ltihash->{'secret'}, + $params->{$ltihash->{'callback'}}, + $r->dir_config('ltiIDsDir'), + $protocol,$r->hostname); + } if ($symb) { $env{'form.symb'} = $symb; $env{'request.lti.uri'} = $tail; @@ -756,7 +792,7 @@ sub lti_session { $env{'request.lti.sourcecrs'} = $sourcecrs; } if ($selfenrollrole) { - $env{'request.lti.selfenroll'} = $selfenrollrole; + $env{'request.lti.selfenrollrole'} = $selfenrollrole; $env{'request.lti.sourcecrs'} = $sourcecrs; } if ($ltihash->{'passback'}) { @@ -794,6 +830,14 @@ sub lti_session { foreach my $key (%{$params}) { delete($env{'form.'.$key}); } + if (($ltihash->{'callback'}) && ($params->{$ltihash->{'callback'}})) { + &LONCAPA::ltiutils::setup_logout_callback($uname,$udom,$lonhost, + $ltihash->{'key'}, + $ltihash->{'secret'}, + $params->{$ltihash->{'callback'}}, + $r->dir_config('ltiIDsDir'), + $protocol,$r->hostname); + } my $ip = $r->get_remote_host(); my %info=('ip' => $ip, 'domain' => $udom,