loncom/lti/ltiroster.pm - diff

Return to ltiroster.pm CVS log

Up to [LON-CAPA] / loncom / lti

Diff for /loncom/lti/ltiroster.pm between versions 1.2 and 1.6

version 1.2, 2017/12/09 16:24:03	version 1.6, 2022/03/29 20:12:46
Line 32 use strict;	Line 32 use strict;
use Apache::Constants qw(:common :http);	use Apache::Constants qw(:common :http);
use Encode;	use Encode;
use Digest::SHA;	use Digest::SHA;
	use URI::Escape;
use Apache::lonnet;	use Apache::lonnet;
use Apache::loncommon;	use Apache::loncommon;
use Apache::lonacc;	use Apache::lonacc;
Line 41 use LONCAPA::ltiutils;	Line 42 use LONCAPA::ltiutils;
sub handler {	sub handler {
my $r = shift;	my $r = shift;
my %errors;	my %errors;
	my $params = {};
	my ($oauthtype,$authheader);
	#
	# Retrieve content type from headers
	#
	my $content_type = $r->headers_in->get('Content-Type');
	if ($content_type eq 'application/xml') {
	$oauthtype = 'consumer';
	#
	# Retrieve OAuth data sent by LTI Provider from Authorization header
	#
	$authheader = $r->headers_in->get('Authorization');
	my ($authtype,$valuestr) = ($authheader =~ /^(OAuth)\s+(.+)$/i);
	if (lc($authtype) eq 'oauth') {
	foreach my $pair (split(/\s,\s/,$valuestr)) {
	my ($key,$value) = split(/=/,$pair);
	$value =~ s /(^"\|"$)//g;
	$params->{$key} = URI::Escape::uri_unescape($value);
	}
	}
	} else {
	$oauthtype = 'request token';
#	#
# Retrieve data POSTed by LTI Provider	# Retrieve data POSTed by LTI Provider
#	#
&Apache::lonacc::get_posted_cgi($r);	&Apache::lonacc::get_posted_cgi($r);
my $params = {};	foreach my $key (sort(keys(%env))) {
foreach my $key (sort(keys(%env))) {	if ($key =~ /^form\.(.+)$/) {
if ($key =~ /^form\.(.+)$/) {	$params->{$1} = $env{$key};
$params->{$1} = $env{$key};	}
}	}
}	}

Line 122 sub handler {	Line 145 sub handler {
if ($ENV{'SERVER_PORT'} == 443) {	if ($ENV{'SERVER_PORT'} == 443) {
$protocol = 'https';	$protocol = 'https';
}	}
unless (LONCAPA::ltiutils::verify_request($params,$protocol,$r->hostname,$r->uri,	unless (LONCAPA::ltiutils::verify_request($oauthtype,$protocol,$r->hostname,$r->uri,
$env{'request.method'},$consumer_secret,	$env{'request.method'},$consumer_secret,
\%errors)) {	$params,$authheader,\%errors)) {
&invalid_request($r,\%errors);	&invalid_request($r,\%errors);
return OK;	return OK;
}	}
Line 180 sub handler {	Line 203 sub handler {
\%toolsettings,\%ltitools) eq 'ok') {	\%toolsettings,\%ltitools) eq 'ok') {
if ($toolsettings{'gradesecret'} ne '') {	if ($toolsettings{'gradesecret'} ne '') {
$needsresult = 1;	$needsresult = 1;
$gradesecret = $ltitools{'gradesecret'};	$gradesecret = $toolsettings{'gradesecret'};
}	}
}	}
}	}
Line 257 END	Line 280 END
}	}
$r->print(" <member>\n");	$r->print(" <member>\n");
my ($uname,$udom) = split(/:/,$user);	my ($uname,$udom) = split(/:/,$user);
my $digest_user = &Encode::decode_utf8($uname.':'.$udom);	my $digest_user = &Encode::decode('UTF-8',$uname.':'.$udom);
$digest_user = &Digest::SHA::sha1_hex($digest_user);	$digest_user = &Digest::SHA::sha1_hex($digest_user);
$r->print(' <user_id>'.$digest_user.'</user_id>'."\n");	$r->print(' <user_id>'.$digest_user.'</user_id>'."\n");
if (exists($students{$user})) {	if (exists($students{$user})) {
Line 325 END	Line 348 END
next unless ($students{$user}[$statusidx] eq 'Active');	next unless ($students{$user}[$statusidx] eq 'Active');
$r->print(" <member>\n");	$r->print(" <member>\n");
my ($uname,$udom) = split(/:/,$user);	my ($uname,$udom) = split(/:/,$user);
my $digest_user = &Encode::decode_utf8($uname.':'.$udom);	my $digest_user = &Encode::decode('UTF-8',$uname.':'.$udom);
$digest_user = &Digest::SHA::sha1_hex($digest_user);	$digest_user = &Digest::SHA::sha1_hex($digest_user);
$r->print(' <user_id>'.$digest_user.'</user_id>'."\n");	$r->print(' <user_id>'.$digest_user.'</user_id>'."\n");
if ($needroles) {	if ($needroles) {

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.2
changed lines
	Added in v.1.6