--- loncom/lti/ltiutils.pm 2018/08/14 21:42:36 1.15 +++ loncom/lti/ltiutils.pm 2022/03/29 20:12:46 1.18 @@ -1,7 +1,7 @@ # The LearningOnline Network with CAPA # Utility functions for managing LON-CAPA LTI interactions # -# $Id: ltiutils.pm,v 1.15 2018/08/14 21:42:36 raeburn Exp $ +# $Id: ltiutils.pm,v 1.18 2022/03/29 20:12:46 raeburn Exp $ # # Copyright Michigan State University Board of Trustees # @@ -31,6 +31,8 @@ package LONCAPA::ltiutils; use strict; use Net::OAuth; use Digest::SHA; +use Digest::MD5 qw(md5_hex); +use Encode; use UUID::Tiny ':std'; use Apache::lonnet; use Apache::loncommon; @@ -339,14 +341,20 @@ sub verify_lis_item { # sub sign_params { - my ($url,$key,$secret,$sigmethod,$paramsref) = @_; + my ($url,$key,$secret,$paramsref,$sigmethod,$type,$callback,$post) = @_; return unless (ref($paramsref) eq 'HASH'); if ($sigmethod eq '') { $sigmethod = 'HMAC-SHA1'; } + if ($type eq '') { + $type = 'request token'; + } + if ($callback eq '') { + $callback = 'about:blank', + } srand( time() ^ ($$ + ($$ << 15)) ); # Seed rand. my $nonce = Digest::SHA::sha1_hex(sprintf("%06x%06x",rand(0xfffff0),rand(0xfffff0))); - my $request = Net::OAuth->request("request token")->new( + my $request = Net::OAuth->request($type)->new( consumer_key => $key, consumer_secret => $secret, request_url => $url, @@ -354,12 +362,16 @@ sub sign_params { signature_method => $sigmethod, timestamp => time, nonce => $nonce, - callback => 'about:blank', + callback => $callback, extra_params => $paramsref, version => '1.0', ); $request->sign(); - return $request->to_hash(); + if ($post) { + return $request->to_post_body(); + } else { + return $request->to_hash(); + } } # @@ -647,7 +659,7 @@ sub get_roster { lti_message_type => 'basic-lis-readmembershipsforcontext', ext_ims_lis_memberships_id => $id, ); - my $hashref = &sign_params($url,$ckey,$secret,'',\%ltiparams); + my $hashref = &sign_params($url,$ckey,$secret,\%ltiparams); if (ref($hashref) eq 'HASH') { my $request=new HTTP::Request('POST',$url); $request->content(join('&',map { @@ -735,7 +747,7 @@ sub send_grade { result_statusofresult => 'final', result_date => $date, ); - my $hashref = &sign_params($url,$ckey,$secret,$sigmethod,\%ltiparams); + my $hashref = &sign_params($url,$ckey,$secret,\%ltiparams,$sigmethod); if (ref($hashref) eq 'HASH') { $request=new HTTP::Request('POST',$url); $request->content(join('&',map { @@ -790,6 +802,7 @@ END nonce => $nonce, body_hash => $bodyhash, ); + $gradereq->add_required_message_params('body_hash'); $gradereq->sign(); $request = HTTP::Request->new( $gradereq->request_method, @@ -806,6 +819,28 @@ END #FIXME Handle case where pass back of score to LTI Consumer failed. } +sub setup_logout_callback { + my ($uname,$udom,$server,$ckey,$secret,$service_url,$idsdir,$protocol,$hostname) = @_; + if ($service_url =~ m{^https?://[^/]+/}) { + my $digest_user = &Encode::decode('UTF-8',$uname.':'.$udom); + my $loginfile = &Digest::SHA::sha1_hex($digest_user).&md5_hex(&md5_hex(time.{}.rand().$$)); + if ((-d $idsdir) && (open(my $fh,'>',"$idsdir/$loginfile"))) { + print $fh "$uname,$udom,$server\n"; + close($fh); + my $callback = 'http://'.$hostname.'/adm/service/logout/'.$loginfile; + my %ltiparams = ( + callback => $callback, + ); + my $post = &sign_params($service_url,$ckey,$secret,\%ltiparams, + '','','',1); + my $request=new HTTP::Request('POST',$service_url); + $request->content($post); + my $response = &LONCAPA::LWPReq::makerequest('',$request,'','',10); + } + } + return; +} + # # LON-CAPA as LTI Provider #