Annotation of loncom/lti/ltiauth.pm, revision 1.5
1.1 raeburn 1: # The LearningOnline Network
2: # Basic LTI Authentication Module
3: #
1.5 ! raeburn 4: # $Id: ltiauth.pm,v 1.4 2018/01/03 22:04:19 raeburn Exp $
1.1 raeburn 5: #
6: # Copyright Michigan State University Board of Trustees
7: #
8: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
9: #
10: # LON-CAPA is free software; you can redistribute it and/or modify
11: # it under the terms of the GNU General Public License as published by
12: # the Free Software Foundation; either version 2 of the License, or
13: # (at your option) any later version.
14: #
15: # LON-CAPA is distributed in the hope that it will be useful,
16: # but WITHOUT ANY WARRANTY; without even the implied warranty of
17: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18: # GNU General Public License for more details.
19: #
20: # You should have received a copy of the GNU General Public License
21: # along with LON-CAPA; if not, write to the Free Software
22: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23: #
24: # /home/httpd/html/adm/gpl.txt
25: #
26: # http://www.lon-capa.org/
27: #
28:
29: package Apache::ltiauth;
30:
31: use strict;
32: use LONCAPA qw(:DEFAULT :match);
33: use Apache::Constants qw(:common :http);
34: use Net::OAuth;
35: use Apache::lonlocal;
36: use Apache::lonnet;
37: use Apache::loncommon;
38: use Apache::lonacc;
1.2 raeburn 39: use LONCAPA::ltiutils;
1.1 raeburn 40:
41: sub handler {
42: my $r = shift;
43: my $requri = $r->uri;
44: #
45: # Retrieve data POSTed by LTI Consumer on launch
46: #
47: &Apache::lonacc::get_posted_cgi($r);
48: my $params = {};
49: foreach my $key (sort(keys(%env))) {
50: if ($key =~ /^form\.(.+)$/) {
51: $params->{$1} = $env{$key};
52: }
53: }
54:
55: unless (keys(%{$params})) {
56: &invalid_request($r,1);
57: return OK;
58: }
59:
60: unless ($params->{'oauth_consumer_key'} &&
61: $params->{'oauth_nonce'} &&
62: $params->{'oauth_timestamp'} &&
63: $params->{'oauth_version'} &&
64: $params->{'oauth_signature'} &&
65: $params->{'oauth_signature_method'}) {
66: &invalid_request($r,2);
67: return OK;
68: }
69:
70: #
71: # Retrieve "internet domains" for all this institution's LON-CAPA
72: # nodes.
73: #
74: my ($udom,$uname,$uhome,$cdom,$cnum,$symb,$mapurl,@intdoms);
75: my $lonhost = $r->dir_config('lonHostID');
76: my $internet_names = &Apache::lonnet::get_internet_names($lonhost);
77: if (ref($internet_names) eq 'ARRAY') {
78: @intdoms = @{$internet_names};
79: }
80:
81: #
82: # For user who launched LTI in Consumer, determine user's domain in
83: # LON-CAPA.
84: #
85: # Order is:
86: #
87: # (a) from custom_userdomain item in POSTed data
88: # (b) from lis_person_sourcedid in POSTed data
89: # (c) from default "log-in" domain for node
90: # (can support multidomain servers, where specific domain is
91: # first part of hostname).
92: #
93: # Note: "internet domain" for user's domain must be one of the
94: # "internet domain(s)" for the institution's LON-CAPA servers.
95: #
96: if (exists($params->{'custom_userdomain'})) {
97: if ($params->{'custom_userdomain'} =~ /^$match_domain$/) {
98: my $uprimary_id = &Apache::lonnet::domain($params->{'custom_userdomain'},'primary');
99: if ($uprimary_id ne '') {
100: my $uintdom = &Apache::lonnet::internet_dom($uprimary_id);
101: if (($uintdom ne '') && (grep(/^\Q$uintdom\E$/,@intdoms))) {
102: $udom = $params->{'custom_userdomain'};
103: }
104: }
105: }
106: }
107: my $defdom = &Apache::lonnet::default_login_domain();
108: my ($domain,$possuname,$possudom,$possmapuser);
109: if ($env{'form.lis_person_sourcedid'} =~ /^($match_username)\:($match_domain)$/) {
110: ($possuname,$possudom) = ($1,$2);
111: if ($udom eq '') {
112: my $uintdom = &Apache::lonnet::domain($possudom,'primary');
113: if (($uintdom ne '') && (grep(/^\Q$uintdom\E$/,@intdoms))) {
114: $udom = $possudom;
115: $possmapuser = 'lis_person_sourcedid';
116: } else {
117: $udom = $defdom;
118: }
119: } elsif ($udom eq $possudom) {
120: $possmapuser = 'lis_person_sourcedid';
121: }
122: }
123: unless ($possuname) {
124: if ($env{'form.lis_person_sourcedid'} =~ /^$match_username$/) {
125: $possuname = $env{'form.lis_person_sourcedid'};
126: $possmapuser = 'lis_person_sourcedid';
127: } elsif ($env{'form.lis_person_contact_email_primary'} =~ /^$match_username$/) {
128: $possuname = $env{'form.lis_person_contact_email_primary'};
129: $possmapuser = 'lis_person_contact_email_primary';
130: }
131: unless ($udom) {
132: $udom = $defdom;
133: }
134: }
135:
136: #
137: # Determine course's domain in LON-CAPA
138: #
139: # Order is:
140: #
141: # (a) from custom_coursedomain item in POSTed data
142: # (b) from tail of requested URL (after /adm/lti) if it has format of a symb
143: # (c) from tail of requested URL (after /adm/lti) if it has format of a map
144: # (d) from tail of requested URL (after /adm/lti) if it has format /domain/courseID
1.5 ! raeburn 145: # (e) from tail of requested URL (after /adm/lti) if it has format /tiny/domain/\w+
! 146: # i.e., a shortened URL (see bug #6400).
1.1 raeburn 147: # (f) same as user's domain
148: #
149: # Request invalid if custom_coursedomain is defined and is inconsistent with
150: # domain contained in requested URL.
151: #
152: # Note: "internet domain" for course's domain must be one of the
153: # internet domains for the institution's LON-CAPA servers.
154: #
155:
156: if (exists($params->{'custom_coursedomain'})) {
157: if ($params->{'custom_coursedomain'} =~ /^$match_domain$/) {
158: my $cprimary_id = &Apache::lonnet::domain($params->{'custom_coursedomain'},'primary');
159: if ($cprimary_id ne '') {
160: my $cintdom = &Apache::lonnet::internet_dom($cprimary_id);
161: if (($cintdom ne '') && (grep(/^\Q$cintdom\E$/,@intdoms))) {
162: $cdom = $params->{'custom_coursedomain'};
163: }
164: }
165: }
166: }
167:
168: my ($tail) = ($requri =~ m{^/adm/lti(|/.*)$});
169: my $urlcnum;
170: if ($tail ne '') {
171: my $urlcdom;
172: if ($tail =~ m{^/uploaded/($match_domain)/($match_courseid)/(?:default|supplemental)(?:|_\d+)\.(?:sequence|page)(|___\d+___.+)$}) {
173: ($urlcdom,$urlcnum,my $rest) = ($1,$2,$3);
174: if (($cdom ne '') && ($cdom ne $urlcdom)) {
175: &invalid_request($r,3);
176: return OK;
177: }
178: if ($rest eq '') {
179: $mapurl = $tail;
180: } else {
181: $symb = $tail;
182: $symb =~ s{^/+}{};
183: }
1.5 ! raeburn 184: #FIXME Need to handle encrypted URLs
1.1 raeburn 185: } elsif ($tail =~ m{^/($match_domain)/($match_courseid)$}) {
186: ($urlcdom,$urlcnum) = ($1,$2);
187: if (($cdom ne '') && ($cdom ne $urlcdom)) {
188: &invalid_request($r,4);
189: return OK;
190: }
1.5 ! raeburn 191: } elsif ($tail =~ m{^/tiny/($match_domain)/(\w+)$}) {
! 192: ($urlcdom,my $key) = ($1,$2);
! 193: if (($cdom ne '') && ($cdom ne $urlcdom)) {
! 194: &invalid_request($r,5);
! 195: return OK;
! 196: }
! 197: my $tinyurl;
! 198: my ($result,$cached)=&Apache::lonnet::is_cached_new('tiny',$urlcdom."\0".$key);
! 199: if (defined($cached)) {
! 200: $tinyurl = $result;
! 201: } else {
! 202: my $configuname = &Apache::lonnet::get_domainconfiguser($urlcdom);
! 203: my %currtiny = &Apache::lonnet::get('tiny',[$key],$urlcdom,$configuname);
! 204: if ($currtiny{$key} ne '') {
! 205: $tinyurl = $currtiny{$key};
! 206: &Apache::lonnet::do_cache_new('tiny',$urlcdom."\0".$key,$currtiny{$key},600);
! 207: }
! 208: }
! 209: if ($tinyurl ne '') {
! 210: $urlcnum = (split(/\&/,$tinyurl))[0];
! 211: }
1.1 raeburn 212: }
213: if (($cdom eq '') && ($urlcdom ne '')) {
214: my $cprimary_id = &Apache::lonnet::domain($urlcdom,'primary');
215: if ($cprimary_id ne '') {
216: my $cintdom = &Apache::lonnet::internet_dom($cprimary_id);
217: if (($cintdom ne '') && (grep(/^\Q$cintdom\E$/,@intdoms))) {
218: $cdom = $urlcdom;
219: }
220: } else {
221: $urlcnum = '';
222: }
223: }
224: }
225: if ($cdom eq '') {
226: if ($udom ne '') {
227: $cdom = $udom;
228: } else {
229: $cdom = $defdom;
230: }
231: }
232:
233: #
234: # Retrieve information for LTI Consumers in course domain
235: # and populate hash -- %lti_by_key -- for which keys
236: # are those defined in domain configuration for LTI.
237: #
238:
239: my %lti = &Apache::lonnet::get_domain_lti($cdom,'provider');
240: unless (keys(%lti) > 0) {
1.5 ! raeburn 241: &invalid_request($r,6);
1.1 raeburn 242: return OK;
243: }
244: my %lti_by_key;
245: if (keys(%lti)) {
246: foreach my $id (keys(%lti)) {
247: if (ref($lti{$id}) eq 'HASH') {
248: my $key = $lti{$id}{'key'};
249: push(@{$lti_by_key{$key}},$id);
250: }
251: }
252: }
253:
254: #
255: # Verify the signed request using the secret for those
256: # Consumers for which the key in the POSTed data matches
257: # keys in the domain configuration for LTI.
258: #
259: my $hostname = $r->hostname;
260: my $protocol = 'http';
261: if ($ENV{'SERVER_PORT'} == 443) {
262: $protocol = 'https';
263: }
264:
1.3 raeburn 265: my ($itemid,$consumer_key,$secret,@ltiroles);
266: $consumer_key = $params->{'oauth_consumer_key'};
267: if (ref($lti_by_key{$consumer_key}) eq 'ARRAY') {
268: foreach my $id (@{$lti_by_key{$consumer_key}}) {
1.1 raeburn 269: if (ref($lti{$id}) eq 'HASH') {
1.2 raeburn 270: $secret = $lti{$id}{'secret'};
1.1 raeburn 271: my $request = Net::OAuth->request('request token')->from_hash($params,
272: request_url => $protocol.'://'.$hostname.$requri,
273: request_method => $env{'request.method'},
274: consumer_secret => $secret,);
275: if ($request->verify()) {
276: $itemid = $id;
277: last;
278: }
279: }
280: }
281: }
282:
283: #
284: # Request is invalid if the signed request could not be verified
285: # for the Consumer key and Consumer secret from the domain
286: # configuration in LON-CAPA for that LTI Consumer.
287: #
288: unless (($itemid) && (ref($lti{$itemid}) eq 'HASH')) {
1.5 ! raeburn 289: &invalid_request($r,7);
1.1 raeburn 290: return OK;
291: }
292:
293: #
294: # Determine if nonce in POSTed data has expired.
295: # If unexpired, confirm it has not already been used.
296: #
1.2 raeburn 297: unless (&LONCAPA::ltiutils::check_nonce($params->{'oauth_nonce'},$params->{'oauth_timestamp'},
298: $lti{$itemid}{'lifetime'},$cdom,$r->dir_config('lonLTIDir'))) {
1.5 ! raeburn 299: &invalid_request($r,8);
1.1 raeburn 300: return OK;
301: }
302:
303: #
304: # Determinine if source of username matches requirement from the
305: # domain configuration for the specific LTI Consumer.
306: #
307:
308: if ($lti{$itemid}{'mapuser'} eq $possmapuser) {
309: $uname = $possuname;
310: } elsif ($lti{$itemid}{'mapuser'} eq 'lis_person_sourcedid') {
311: if ($params->{'lis_person_sourcedid'} =~ /^$match_username$/) {
312: $uname = $possuname;
313: }
314: } elsif ($lti{$itemid}{'mapuser'} eq 'lis_person_contact_email_primary') {
315: if ($params->{'lis_person_contact_email_primary'} =~ /^$match_username$/) {
316: $uname = $params->{'lis_person_contact_email_primary'};
317: }
318: } elsif (exists($params->{$lti{$itemid}{'mapuser'}})) {
319: if ($params->{$lti{$itemid}{'mapuser'}} =~ /^$match_username$/) {
320: $uname = $params->{$lti{$itemid}{'mapuser'}};
321: }
322: }
323:
324: #
325: # Determine the courseID of the LON-CAPA course to which the
326: # launch of LON-CAPA should provide access.
327: #
328: # Order is:
329: #
330: # (a) from course mapping (if the link between Consumer "course" and
331: # Provider "course" has been established previously).
332: # (b) from tail of requested URL (after /adm/lti) if it has format of a symb
333: # (c) from tail of requested URL (after /adm/lti) if it has format of a map
334: # (d) from tail of requested URL (after /adm/lti) if it has format /domain/courseID
1.5 ! raeburn 335: # (e) from tail of requested URL (after /adm/lti) if it has format /tiny/domain/\w+
! 336: # i.e., a shortened URL (see bug #6400).
1.1 raeburn 337: #
338: # If Consumer course included in POSTed data points as a target course which
339: # has a format which matches a LON-CAPA courseID, but the course does not
340: # exist, the request is invalid.
341: #
342:
343: my ($sourcecrs,%consumers);
344: if ($lti{$itemid}{'mapcrs'} eq 'course_offering_sourcedid') {
345: $sourcecrs = $params->{'course_offering_sourcedid'};
346: } elsif ($lti{$itemid}{'mapcrs'} eq 'context_id') {
347: $sourcecrs = $params->{'context_id'};
348: } elsif ($lti{$itemid}{'mapcrs'} ne '') {
349: $sourcecrs = $params->{$lti{$itemid}{'mapcrs'}};
350: }
351:
352: my $posscnum;
353: if ($sourcecrs ne '') {
354: %consumers = &Apache::lonnet::get_dom('lticonsumers',[$sourcecrs],$cdom);
355: if (exists($consumers{$sourcecrs})) {
356: if ($consumers{$sourcecrs} =~ /^$match_courseid$/) {
357: my $crshome = &Apache::lonnet::homeserver($consumers{$sourcecrs},$cdom);
358: if ($crshome =~ /(con_lost|no_host|no_such_host)/) {
1.5 ! raeburn 359: &invalid_request($r,9);
1.1 raeburn 360: return OK;
361: } else {
362: $posscnum = $consumers{$sourcecrs};
363: }
364: }
365: }
366: }
367:
368: if ($urlcnum ne '') {
369: if ($posscnum ne '') {
370: if ($posscnum ne $urlcnum) {
1.5 ! raeburn 371: &invalid_request($r,10);
1.1 raeburn 372: return OK;
373: } else {
374: $cnum = $posscnum;
375: }
376: } else {
377: my $crshome = &Apache::lonnet::homeserver($urlcnum,$cdom);
378: if ($crshome =~ /(con_lost|no_host|no_such_host)/) {
1.5 ! raeburn 379: &invalid_request($r,11);
1.1 raeburn 380: return OK;
381: } else {
382: $cnum = $urlcnum;
383: }
384: }
385: } elsif ($posscnum ne '') {
386: $cnum = $posscnum;
387: }
388:
389: #
390: # Get LON-CAPA role to use from role-mapping of Consumer roles
391: # defined in domain configuration for the appropriate LTI
392: # Consumer.
393: #
394: # If multiple LON-CAPA roles are indicated, choose based
395: # on the order: cc, in, ta, ep, st
396: #
397:
398: my $reqrole;
399:
400: my @roleorder = ('cc','in','ta','ep','st');
401: if ($params->{'roles'} =~ /,/) {
402: @ltiroles = split(/\s*,\s*/,$params->{'role'});
403: } else {
404: my $singlerole = $params->{'roles'};
405: $singlerole =~ s/^\s|\s+$//g;
406: @ltiroles = ($singlerole);
407: }
408: if (@ltiroles) {
409: if (ref($lti{$itemid}{maproles}) eq 'HASH') {
410: my %possroles;
411: map { $possroles{$lti{$itemid}{maproles}{$_}} = 1; } @ltiroles;
412: my @possibles = keys(%possroles);
413: if (@possibles == 1) {
414: if (grep(/^\Q$possibles[0]\E$/,@roleorder)) {
415: $reqrole = $possibles[0];
416:
417: }
418: } elsif (@possibles > 1) {
419: foreach my $item (@roleorder) {
420: if ($possroles{$item}) {
421: $reqrole = $item;
422: last;
423: }
424: }
425: }
426: }
427: }
428:
429: #
430: # If no LON-CAPA username -- is user allowed to create one?
431: #
432:
433: my $selfcreate;
434: if (($uname ne '') && ($udom ne '')) {
435: $uhome = &Apache::lonnet::homeserver($uname,$udom);
436: if ($uhome =~ /(con_lost|no_host|no_such_host)/) {
437: &Apache::lonnet::logthis(" LTI authorized unknown user $uname:$udom ");
438: if (ref($lti{$itemid}{'makeuser'}) eq 'ARRAY') {
439: if (@{$lti{$itemid}{'makeuser'}} > 0) {
440: foreach my $ltirole (@ltiroles) {
441: if (grep(/^\Q$ltirole\E$/,@{$lti{$itemid}{'makeuser'}})) {
442: $selfcreate = 1;
443: }
444: }
445: }
446: }
447: if ($selfcreate) {
448: #FIXME Do user creation here.
449: return OK
450: } else {
1.5 ! raeburn 451: &invalid_request($r,12);
1.1 raeburn 452: return OK;
453: }
454: }
455: } else {
1.5 ! raeburn 456: &invalid_request($r,13);
1.1 raeburn 457: return OK;
458: }
459:
460: #
461: # If no LON-CAPA course available, check if domain's configuration
462: # for the specific LTI Consumer allows a new course to be created
463: # (requires role in Consumer to be: Instructor).
464: #
465:
466: if ($cnum eq '') {
467: if ((@ltiroles) && (grep(/^Instructor$/,@ltiroles)) &&
468: ($lti{$itemid}{'mapcrs'})) {
469: #FIXME Create a new LON-CAPA course here.
470: return OK;
471: } else {
1.5 ! raeburn 472: &invalid_request($r,14);
1.1 raeburn 473: return OK;
474: }
475: }
476:
477: #
478: # If LON-CAPA course is a Community, and LON-CAPA role
479: # indicated is cc, change role indicated to co.
480: #
481:
482: if ($reqrole eq 'cc') {
483: if (($cdom ne '') && ($cnum ne '')) {
484: my %crsenv = &Apache::lonnet::coursedescription($cnum.'_'.$cdom,{ 'one_time' => 1,});
485: if ($crsenv{'type'} eq 'Community') {
486: $reqrole = 'co';
487: }
488: }
489: }
490:
491: #
492: # Determine if user has required LON-CAPA role
493: # in the mapped LON-CAPA course.
494: #
495:
496: my $role;
497: my %crsroles = &Apache::lonnet::get_my_roles($uname,$udom,'userroles',undef,[$reqrole],[$cdom]);
498: if (exists($crsroles{$cnum.':'.$cdom.':'.$reqrole})) {
499: $role = $reqrole.'./'.$cdom.'/'.$cnum;
500: #FIXME Need to accommodate sections
501: } elsif (ref($lti{$itemid}{'selfenroll'}) eq 'ARRAY') {
502: if (grep(/^\Q$reqrole\E$/,@{$lti{$itemid}{'selfenroll'}})) {
503: #FIXME Do self-enrollment here
504: return OK;
505: } else {
1.5 ! raeburn 506: &invalid_request($r,15);
1.4 raeburn 507: return OK;
1.1 raeburn 508: }
509: }
510:
511: #
512: # Store consumer-to-LON-CAPA course mapping
513: #
514: if (($sourcecrs ne '') && ($consumers{$sourcecrs} eq '') && ($cnum ne '')) {
515: &Apache::lonnet::put_dom('lticonsumers',{ $sourcecrs => $cnum },$cdom);
516: }
517:
518: #
519: # Check if user should be hosted here or switched to another server.
520: #
521:
1.3 raeburn 522: &Apache::lonnet::logthis(" LTI authorized user: $uname:$udom role: $role course: $cdom\_$cnum");
1.1 raeburn 523: $r->user($uname);
524: my ($is_balancer,$otherserver,$hosthere);
525: ($is_balancer,$otherserver) =
526: &Apache::lonnet::check_loadbalancing($uname,$udom,'login');
527: if ($is_balancer) {
528: if ($otherserver eq '') {
529: my $lowest_load;
530: ($otherserver,undef,undef,undef,$lowest_load) = &Apache::lonnet::choose_server($udom);
531: if ($lowest_load > 100) {
532: $otherserver = &Apache::lonnet::spareserver($lowest_load,$lowest_load,1,$udom);
533: }
534: }
535: if ($otherserver ne '') {
536: my @hosts = &Apache::lonnet::current_machine_ids();
537: if (grep(/^\Q$otherserver\E$/,@hosts)) {
538: $hosthere = $otherserver;
539: }
540: }
541: }
542: if (($is_balancer) && (!$hosthere)) {
543: # login but immediately go to switch server.
544: &Apache::lonauth::success($r,$uname,$udom,$uhome,'noredirect');
545: if ($symb) {
546: $env{'form.symb'} = $symb;
547: }
548: if ($role) {
549: $env{'form.role'} = $role;
550: }
551: if ($lti{$itemid}{'passback'}) {
552: if ($params->{'lis_result_sourcedid'}) {
553: $env{'request.lti.passbackid'} = $params->{'lis_result_sourcedid'};
554: }
555: if ($params->{'lis_outcome_service_url'}) {
556: $env{'request.lti.passbackurl'} = $params->{'lis_outcome_service_url'};
557: }
558: }
559: if (($lti{$itemid}{'roster'}) && (grep(/^Instructor$/,@ltiroles))) {
560: if ($params->{'ext_ims_lis_memberships_id'}) {
561: $env{'request.lti.rosterid'} = $params->{'ext_ims_lis_memberships_id'};
562: }
563: if ($params->{'ext_ims_lis_memberships_url'}) {
564: $env{'request.lti.rosterurl'} = $params->{'ext_ims_lis_memberships_url'};
565: }
566: }
567: $env{'request.lti.login'} = 1;
568: foreach my $key (%{$params}) {
569: delete($env{'form.'.$key});
570: }
571: my $redirecturl = '/adm/switchserver';
572: if ($otherserver ne '') {
573: $redirecturl .= '?otherserver='.$otherserver;
574: }
575: $r->internal_redirect($redirecturl);
576: $r->set_handlers('PerlHandler'=> undef);
577: } else {
578: # need to login them in, so generate the need data that
579: # migrate expects to do login
580: foreach my $key (%{$params}) {
581: delete($env{'form.'.$key});
582: }
583: my $ip = $r->get_remote_host();
584: my %info=('ip' => $ip,
585: 'domain' => $udom,
586: 'username' => $uname,
587: 'server' => $lonhost,
588: 'lti.login' => 1,
589: );
590: if ($role) {
591: $info{'role'} = $role;
592: }
593: if ($symb) {
594: $info{'symb'} = $symb;
595: }
596: if ($lti{$itemid}{'passback'}) {
597: if ($params->{'lis_result_sourcedid'}) {
598: $info{'lti.passbackid'} = $params->{'lis_result_sourcedid'}
599: }
600: if ($params->{'lis_outcome_service_url'}) {
601: $info{'lti.passbackurl'} = $params->{'lis_outcome_service_url'}
602: }
603: }
604: if (($lti{$itemid}{'roster'}) && (grep(/^Instructor$/,@ltiroles))) {
605: if ($params->{'ext_ims_lis_memberships_id'}) {
606: $info{'lti.rosterid'} = $params->{'ext_ims_lis_memberships_id'};
607: }
608: if ($params->{'ext_ims_lis_memberships_url'}) {
609: $info{'lti.rosterurl'} = $params->{'ext_ims_lis_memberships_url'};
610: }
611: }
612: unless ($info{'symb'}) {
613: if ($mapurl) {
614: $info{'origurl'} = $mapurl;
615: if ($mapurl =~ m{/default_\d+\.sequence$}) {
616: $info{'origurl'} .= (($mapurl =~/\?/)?'&':'?').'navmap=1';
617: }
618: } else {
619: unless ($tail eq '/adm/roles') {
620: $info{'origurl'} = '/adm/navmaps';
621: }
622: }
623: }
624: if (($is_balancer) && ($hosthere)) {
625: $info{'noloadbalance'} = $hosthere;
626: }
627: my $token = &Apache::lonnet::tmpput(\%info,$lonhost);
628: $env{'form.token'} = $token;
629: $r->internal_redirect('/adm/migrateuser');
630: $r->set_handlers('PerlHandler'=> undef);
631: }
632: return OK;
633: }
634:
635: sub invalid_request {
636: my ($r,$num) = @_;
637: &Apache::loncommon::content_type($r,'text/html');
638: $r->send_http_header;
639: if ($r->header_only) {
640: return;
641: }
642: &Apache::lonlocal::get_language_handle($r);
643: $r->print(
644: &Apache::loncommon::start_page('Invalid LTI call').
645: &mt('Invalid LTI call [_1]',$num).
646: &Apache::loncommon::end_page());
647: return;
648: }
649:
650: 1;
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/back.gif){kind=icon}
Return to ltiauth.pm CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom / lti