[LON-CAPA-cvs] cvs: loncom /interface domainprefs.pm lonexttool.pm /lti ltiutils.pm
raeburn
raeburn at source.lon-capa.org
Sat Dec 30 09:04:00 EST 2017
raeburn Sat Dec 30 14:04:00 2017 EDT
Modified files:
/loncom/interface lonexttool.pm domainprefs.pm
/loncom/lti ltiutils.pm
Log:
- Bug 6754 LON-CAPA as LTI Consumer
- Signature method can be HMAC-SHA1 (default), or HMAC-SHA256, if LTI
Provider supports it.
-------------- next part --------------
Index: loncom/interface/lonexttool.pm
diff -u loncom/interface/lonexttool.pm:1.13 loncom/interface/lonexttool.pm:1.14
--- loncom/interface/lonexttool.pm:1.13 Sat Dec 30 00:16:29 2017
+++ loncom/interface/lonexttool.pm Sat Dec 30 14:03:53 2017
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# Launch External Tool Provider (LTI)
#
-# $Id: lonexttool.pm,v 1.13 2017/12/30 00:16:29 raeburn Exp $
+# $Id: lonexttool.pm,v 1.14 2017/12/30 14:03:53 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -200,7 +200,7 @@
$url .= $toolhash{'crsappend'};
}
$r->print(&launch_html($url,$toolhash{'key'},$toolhash{'secret'},
- $submittext,\%lti));
+ $toolhash{'sigmethod'},$submittext,\%lti));
} else {
$r->print('<div>'.&mt('External Tool Unavailable').'</div>');
}
@@ -412,8 +412,8 @@
}
sub launch_html {
- my ($url,$key,$secret,$submittext,$paramsref) = @_;
- my $hashref = &LONCAPA::ltiutils::sign_params($url,$key,$secret,$paramsref);
+ my ($url,$key,$secret,$sigmethod,$submittext,$paramsref) = @_;
+ my $hashref = &LONCAPA::ltiutils::sign_params($url,$key,$secret,$sigmethod,$paramsref);
my $action = &HTML::Entities::encode($url,'<>&"');
my $form = <<"END";
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
Index: loncom/interface/domainprefs.pm
diff -u loncom/interface/domainprefs.pm:1.322 loncom/interface/domainprefs.pm:1.323
--- loncom/interface/domainprefs.pm:1.322 Thu Dec 7 01:36:11 2017
+++ loncom/interface/domainprefs.pm Sat Dec 30 14:03:53 2017
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# Handler to set domain-wide configuration settings
#
-# $Id: domainprefs.pm,v 1.322 2017/12/07 01:36:11 raeburn Exp $
+# $Id: domainprefs.pm,v 1.323 2017/12/30 14:03:53 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -4112,7 +4112,7 @@
for (my $i=0; $i<@items; $i++) {
$css_class = $itemcount%2?' class="LC_odd_row"':'';
my $item = $ordered{$items[$i]};
- my ($title,$key,$secret,$url,$lifetime,$imgsrc);
+ my ($title,$key,$secret,$url,$lifetime,$imgsrc,%sigsel);
if (ref($settings->{$item}) eq 'HASH') {
$title = $settings->{$item}->{'title'};
$url = $settings->{$item}->{'url'};
@@ -4123,6 +4123,11 @@
if ($image ne '') {
$imgsrc = '<img src="'.$image.'" alt="'.&mt('Tool Provider icon').'" />';
}
+ if ($settings->{$item}->{'sigmethod'} eq 'HMAC-256') {
+ $sigsel{'HMAC-256'} = ' selected="selected"';
+ } else {
+ $sigsel{'HMAC-SHA1'} = ' selected="selected"';
+ }
}
my $chgstr = ' onchange="javascript:reorderLTITools(this.form,'."'ltitools_".$item."'".');"';
$datatable .= '<tr '.$css_class.'><td><span class="LC_nobreak">'
@@ -4140,15 +4145,19 @@
&mt('Delete?').'</label></span></td>'.
'<td colspan="2">'.
'<fieldset><legend>'.&mt('Required settings').'</legend>'.
- '<span class="LC_nobreak">'.$lt{'title'}.':<input type="text" size="30" name="ltitools_title_'.$i.'" value="'.$title.'" /></span> '.
+ '<span class="LC_nobreak">'.$lt{'title'}.':<input type="text" size="20" name="ltitools_title_'.$i.'" value="'.$title.'" /></span> '.
(' 'x2).
'<span class="LC_nobreak">'.$lt{'version'}.':<select name="ltitools_version_'.$i.'">'.
'<option value="LTI-1p0" selected="selected">1.1</option></select></span> '.
(' 'x2).
'<span class="LC_nobreak">'.$lt{'msgtype'}.':<select name="ltitools_msgtype_'.$i.'">'.
'<option value="basic-lti-launch-request" selected="selected">Launch</option></select></span> '.
+ (' 'x2).
+ '<span class="LC_nobreak">'.$lt{'sigmethod'}.':<select name="ltitools_sigmethod_'.$i.'">'.
+ '<option value="HMAC-SHA1"'.$sigsel{'HMAC-SHA1'}.'>HMAC-SHA1</option>'.
+ '<option value="HMAC-SHA256"'.$sigsel{'HMAC-SHA256'}.'>HMAC-SHA256</option></select></span>'.
'<br /><br />'.
- '<span class="LC_nobreak">'.$lt{'url'}.':<input type="text" size="30" name="ltitools_url_'.$i.'"'.
+ '<span class="LC_nobreak">'.$lt{'url'}.':<input type="text" size="40" name="ltitools_url_'.$i.'"'.
' value="'.$url.'" /></span>'.
(' 'x2).
'<span class="LC_nobreak">'.$lt{'key'}.':'.
@@ -4345,15 +4354,18 @@
'<input type="checkbox" name="ltitools_add" value="1" />'.&mt('Add').'</td>'."\n".
'<td colspan="2">'.
'<fieldset><legend>'.&mt('Required settings').'</legend>'.
- '<span class="LC_nobreak">'.$lt{'title'}.':<input type="text" size="30" name="ltitools_add_title" value="" /></span> '."\n".
+ '<span class="LC_nobreak">'.$lt{'title'}.':<input type="text" size="20" name="ltitools_add_title" value="" /></span> '."\n".
(' 'x2).
'<span class="LC_nobreak">'.$lt{'version'}.':<select name="ltitools_add_version">'.
'<option value="LTI-1p0" selected="selected">1.1</option></select></span> '."\n".
(' 'x2).
'<span class="LC_nobreak">'.$lt{'msgtype'}.':<select name="ltitools_add_msgtype">'.
'<option value="basic-lti-launch-request" selected="selected">Launch</option></select></span> '.
+ '<span class="LC_nobreak">'.$lt{'sigmethod'}.':<select name="ltitools_add_sigmethod">'.
+ '<option value="HMAC-SHA1" selected="selected">HMAC-SHA1</option>'.
+ '<option value="HMAC-SHA256">HMAC-SHA256</option></select></span>'.
'<br />'.
- '<span class="LC_nobreak">'.$lt{'url'}.':<input type="text" size="30" name="ltitools_add_url" value="" /></span> '."\n".
+ '<span class="LC_nobreak">'.$lt{'url'}.':<input type="text" size="40" name="ltitools_add_url" value="" /></span> '."\n".
(' 'x2).
'<span class="LC_nobreak">'.$lt{'key'}.':<input type="text" size="25" name="ltitools_add_key" value="" /></span> '."\n".
(' 'x2).
@@ -4457,6 +4469,7 @@
'title' => 'Title',
'version' => 'Version',
'msgtype' => 'Message Type',
+ 'sigmethod' => 'Signature Method',
'url' => 'URL',
'key' => 'Key',
'lifetime' => 'Nonce lifetime (s)',
@@ -10670,6 +10683,11 @@
if ($env{'form.ltitools_add_msgtype'} eq 'basic-lti-launch-request') {
$confhash{$newid}{'msgtype'} = $env{'form.ltitools_add_msgtype'};
}
+ if ($env{'form.ltitools_add_sigmethod'} eq 'HMAC-SHA256') {
+ $confhash{$newid}{'sigmethod'} = $env{'form.ltitools_add_sigmethod'};
+ } else {
+ $confhash{$newid}{'sigmethod'} = 'HMAC-SHA1';
+ }
foreach my $item ('width','height','linktext','explanation') {
$env{'form.ltitools_add_'.$item} =~ s/^\s+//;
$env{'form.ltitools_add_'.$item} =~ s/\s+$//;
@@ -10796,6 +10814,18 @@
if ($env{'form.ltitools_msgtype_'.$i} eq 'basic-lti-launch-request') {
$confhash{$itemid}{'msgtype'} = $env{'form.ltitools_msgtype_'.$i};
}
+ if ($env{'form.ltitools_sigmethod_'.$i} eq 'HMAC-SHA256') {
+ $confhash{$itemid}{'sigmethod'} = $env{'form.ltitools_sigmethod_'.$i};
+ } else {
+ $confhash{$itemid}{'sigmethod'} = 'HMAC-SHA1';
+ }
+ if ($domconfig{$action}{$itemid}{'sigmethod'} eq '') {
+ if ($confhash{$itemid}{'sigmethod'} ne 'HMAC-SHA1') {
+ $changes{$itemid} = 1;
+ }
+ } elsif ($domconfig{$action}{$itemid}{'sigmethod'} ne $confhash{$itemid}{'sigmethod'}) {
+ $changes{$itemid} = 1;
+ }
foreach my $size ('width','height') {
$env{'form.ltitools_'.$size.'_'.$i} =~ s/^\s+//;
$env{'form.ltitools_'.$size.'_'.$i} =~ s/\s+$//;
@@ -11042,7 +11072,7 @@
$resulttext .= '</li><ul>';
my $position = $pos + 1;
$resulttext .= '<li>'.&mt('Order: [_1]',$position).'</li>';
- foreach my $item ('version','msgtype','url','lifetime') {
+ foreach my $item ('version','msgtype','sigmethod','url','lifetime') {
if ($confhash{$itemid}{$item} ne '') {
$resulttext .= '<li>'.$lt{$item}.': '.$confhash{$itemid}{$item}.'</li>';
}
Index: loncom/lti/ltiutils.pm
diff -u loncom/lti/ltiutils.pm:1.2 loncom/lti/ltiutils.pm:1.3
--- loncom/lti/ltiutils.pm:1.2 Sat Dec 9 16:24:03 2017
+++ loncom/lti/ltiutils.pm Sat Dec 30 14:04:00 2017
@@ -1,7 +1,7 @@
# The LearningOnline Network with CAPA
# Utility functions for managing LON-CAPA LTI interactions
#
-# $Id: ltiutils.pm,v 1.2 2017/12/09 16:24:03 raeburn Exp $
+# $Id: ltiutils.pm,v 1.3 2017/12/30 14:04:00 raeburn Exp $
#
# Copyright Michigan State University Board of Trustees
#
@@ -319,15 +319,18 @@
#
sub sign_params {
- my ($url,$key,$secret,$paramsref) = @_;
+ my ($url,$key,$secret,$sigmethod,$paramsref) = @_;
return unless (ref($paramsref) eq 'HASH');
+ if ($sigmethod eq '') {
+ $sigmethod = 'HMAC-SHA1';
+ }
my $nonce = Digest::SHA::sha1_hex(sprintf("%06x%06x",rand(0xfffff0),rand(0xfffff0)));
my $request = Net::OAuth->request("request token")->new(
consumer_key => $key,
consumer_secret => $secret,
request_url => $url,
request_method => 'POST',
- signature_method => 'HMAC-SHA1',
+ signature_method => $sigmethod,
timestamp => time,
nonce => $nonce,
callback => 'about:blank',
@@ -444,7 +447,7 @@
#
sub release_tool_lock {
- my ($cdom,$cnum,$marker) = @_;
+ my ($cdom,$cnum,$marker,$name) = @_;
# remove lock
my @del_lock = ($name."\0".$marker."\0".'lock');
my $dellockoutcome=&Apache::lonnet::del('exttools',\@del_lock,$cdom,$cnum);
More information about the LON-CAPA-cvs
mailing list