From 830d9605016e1cae65905b419f3f0054d8a6f26e Mon Sep 17 00:00:00 2001 From: kpommerenke Date: Wed, 9 Dec 2020 16:19:21 -0800 Subject: [PATCH 1/6] Update LTI_Assignments_Grades_Service.php Take into account that $line_item['resourceId'] and $line_item['tag'] are optional --- src/lti/LTI_Assignments_Grades_Service.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/lti/LTI_Assignments_Grades_Service.php b/src/lti/LTI_Assignments_Grades_Service.php index ffd1cde0..08981659 100644 --- a/src/lti/LTI_Assignments_Grades_Service.php +++ b/src/lti/LTI_Assignments_Grades_Service.php @@ -54,8 +54,8 @@ public function find_or_create_lineitem(LTI_Lineitem $new_line_item) { 'application/vnd.ims.lis.v2.lineitemcontainer+json' ); foreach ($line_items['body'] as $line_item) { - if (empty($new_line_item->get_resource_id()) || $line_item['resourceId'] == $new_line_item->get_resource_id()) { - if (empty($new_line_item->get_tag()) || $line_item['tag'] == $new_line_item->get_tag()) { + if (empty($new_line_item->get_resource_id()) || (isset($line_item['resourceId']) && $line_item['resourceId'] == $new_line_item->get_resource_id())) { + if (empty($new_line_item->get_tag()) || (isset($line_item['tag']) && $line_item['tag'] == $new_line_item->get_tag())) { return new LTI_Lineitem($line_item); } } @@ -88,4 +88,4 @@ public function get_grades(LTI_Lineitem $lineitem) { return $scores['body']; } } -?> \ No newline at end of file +?> From 6c9466d024001511280b93c8a95e8ce07b5dfd7d Mon Sep 17 00:00:00 2001 From: kpommerenke Date: Wed, 9 Dec 2020 16:25:52 -0800 Subject: [PATCH 2/6] Update LTI_Deep_Link.php deep_link_settings['data'] might be empty. It is only required if present in LtiDeepLinkingRequest message: https://www.imsglobal.org/spec/lti-dl/v2p0#data --- src/lti/LTI_Deep_Link.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/lti/LTI_Deep_Link.php b/src/lti/LTI_Deep_Link.php index c87cb0da..f9eafaf8 100644 --- a/src/lti/LTI_Deep_Link.php +++ b/src/lti/LTI_Deep_Link.php @@ -25,7 +25,7 @@ public function get_response_jwt($resources) { "https://purl.imsglobal.org/spec/lti/claim/message_type" => "LtiDeepLinkingResponse", "https://purl.imsglobal.org/spec/lti/claim/version" => "1.3.0", "https://purl.imsglobal.org/spec/lti-dl/claim/content_items" => array_map(function($resource) { return $resource->to_array(); }, $resources), - "https://purl.imsglobal.org/spec/lti-dl/claim/data" => $this->deep_link_settings['data'], + "https://purl.imsglobal.org/spec/lti-dl/claim/data" => $this->deep_link_settings['data']?? "", ]; return JWT::encode($message_jwt, $this->registration->get_tool_private_key(), 'RS256', $this->registration->get_kid()); } @@ -43,4 +43,4 @@ public function output_response_form($resources) { \ No newline at end of file +?> From b77df5908b1d98d7c9584ad8b48e2d9d9084af97 Mon Sep 17 00:00:00 2001 From: kpommerenke Date: Wed, 9 Dec 2020 17:15:35 -0800 Subject: [PATCH 3/6] Update LTI_OIDC_Login.php Use $request['target_link_uri'] as the fall-back redirect_uri. --- src/lti/LTI_OIDC_Login.php | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/src/lti/LTI_OIDC_Login.php b/src/lti/LTI_OIDC_Login.php index 2c135c09..73faed05 100644 --- a/src/lti/LTI_OIDC_Login.php +++ b/src/lti/LTI_OIDC_Login.php @@ -42,16 +42,12 @@ public static function new(Database $database, Cache $cache = null, Cookie $cook * * @return Redirect Returns a redirect object containing the fully formed OIDC login URL. */ - public function do_oidc_login_redirect($launch_url, array $request = null) { + public function do_oidc_login_redirect(string $launch_url = "", array $request = null) { if ($request === null) { $request = $_REQUEST; } - if (empty($launch_url)) { - throw new OIDC_Exception("No launch URL configured", 1); - } - // Validate Request Data. $registration = $this->validate_oidc_login($request); @@ -75,7 +71,7 @@ public function do_oidc_login_redirect($launch_url, array $request = null) { 'response_mode' => 'form_post', // OIDC response is always a form post. 'prompt' => 'none', // Don't prompt user on redirect. 'client_id' => $registration->get_client_id(), // Registered client id. - 'redirect_uri' => $launch_url, // URL to return to after login. + 'redirect_uri' => $launch_url?: $request['target_link_uri'], // URL to return to after login. 'state' => $state, // State to identify browser session. 'nonce' => $nonce, // Prevent replay attacks. 'login_hint' => $request['login_hint'] // Login hint to identify platform session. @@ -117,4 +113,4 @@ protected function validate_oidc_login($request) { // Return Registration. return $registration; } -} \ No newline at end of file +} From d097113c34294fad8bafccc38797bebee18e654a Mon Sep 17 00:00:00 2001 From: kpommerenke Date: Wed, 9 Dec 2020 17:21:25 -0800 Subject: [PATCH 4/6] Update LTI_Message_Launch.php Return new static instead of new LTI_Message_Launch so that the class can be extended. Throw exception when nonce does not check out. Remove var_dump() statement. --- src/lti/LTI_Message_Launch.php | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/src/lti/LTI_Message_Launch.php b/src/lti/LTI_Message_Launch.php index 7a18195d..f2b308bc 100644 --- a/src/lti/LTI_Message_Launch.php +++ b/src/lti/LTI_Message_Launch.php @@ -43,7 +43,7 @@ function __construct(Database $database, Cache $cache = null, Cookie $cookie = n * Static function to allow for method chaining without having to assign to a variable first. */ public static function new(Database $database, Cache $cache = null, Cookie $cookie = null) { - return new LTI_Message_Launch($database, $cache, $cookie); + return new static($database, $cache, $cookie); } /** @@ -57,7 +57,7 @@ public static function new(Database $database, Cache $cache = null, Cookie $cook * @return LTI_Message_Launch A populated and validated LTI_Message_Launch. */ public static function from_cache($launch_id, Database $database, Cache $cache = null) { - $new = new LTI_Message_Launch($database, $cache, null); + $new = new static($database, $cache, null); $new->launch_id = $launch_id; $new->jwt = [ 'body' => $new->cache->get_launch_data($launch_id) ]; return $new->validate_registration(); @@ -270,7 +270,7 @@ private function validate_jwt_format() { private function validate_nonce() { if (!$this->cache->check_nonce($this->jwt['body']['nonce'])) { - //throw new LTI_Exception("Invalid Nonce"); + throw new LTI_Exception("Invalid Nonce"); } return $this; } @@ -301,7 +301,6 @@ private function validate_jwt_signature() { try { JWT::decode($this->request['id_token'], $public_key['key'], array('RS256')); } catch(\Exception $e) { - var_dump($e); // Error validating signature. throw new LTI_Exception("Invalid signature on id_token", 1); } @@ -369,4 +368,4 @@ private function validate_message() { } } -?> \ No newline at end of file +?> From 48ac76c21cbfaa43a83f1c9848024e1392879b8a Mon Sep 17 00:00:00 2001 From: kpommerenke Date: Wed, 9 Dec 2020 20:09:39 -0800 Subject: [PATCH 5/6] Update LTI_Deep_Link_Resource.php Return new static instead of new LTI_Deep_Link_Resource to make it easier to extend the class. Include all line_item attributes in new deep link resource, not just scoreMaximum and label. --- src/lti/LTI_Deep_Link_Resource.php | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/src/lti/LTI_Deep_Link_Resource.php b/src/lti/LTI_Deep_Link_Resource.php index 8abeadd6..9919e843 100644 --- a/src/lti/LTI_Deep_Link_Resource.php +++ b/src/lti/LTI_Deep_Link_Resource.php @@ -11,7 +11,7 @@ class LTI_Deep_Link_Resource { private $target = 'iframe'; public static function new() { - return new LTI_Deep_Link_Resource(); + return new static(); } public function get_type() { @@ -79,10 +79,7 @@ public function to_array() { "custom" => $this->custom_params, ]; if ($this->lineitem !== null) { - $resource["lineItem"] = [ - "scoreMaximum" => $this->lineitem->get_score_maximum(), - "label" => $this->lineitem->get_label(), - ]; + $resource["lineItem"] = $this->lineitem->to_array(); } return $resource; } From 69bf3f72210a82b9b8e92a22931e51a4e91790df Mon Sep 17 00:00:00 2001 From: kpommerenke Date: Wed, 9 Dec 2020 20:17:42 -0800 Subject: [PATCH 6/6] Update LTI_Lineitem.php Offer default for missing $lineitem["startDateTime"] and $lineitem["endDateTime"]. Return new static instead of new LTI_Lineitem to make it easier to extend the class. Decompose __toString() into two functions: to_array() and __toString() --- src/lti/LTI_Lineitem.php | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/src/lti/LTI_Lineitem.php b/src/lti/LTI_Lineitem.php index ba8e20a7..cc756b70 100644 --- a/src/lti/LTI_Lineitem.php +++ b/src/lti/LTI_Lineitem.php @@ -19,15 +19,15 @@ public function __construct(array $lineitem = null) { $this->label = $lineitem["label"]; $this->resource_id = $lineitem["resourceId"]; $this->tag = $lineitem["tag"]; - $this->start_date_time = $lineitem["startDateTime"]; - $this->end_date_time = $lineitem["endDateTime"]; + $this->start_date_time = $lineitem["startDateTime"]?? date(\DateTime::ISO8601); + $this->end_date_time = $lineitem["endDateTime"]?? date(\DateTime::ISO8601); } /** * Static function to allow for method chaining without having to assign to a variable first. */ public static function new() { - return new LTI_Lineitem(); + return new static(); } public function get_id() { @@ -93,8 +93,8 @@ public function set_end_date_time($value) { return $this; } - public function __toString() { - return json_encode(array_filter([ + public function to_array() { + return [ "id" => $this->id, "scoreMaximum" => $this->score_maximum, "label" => $this->label, @@ -102,7 +102,11 @@ public function __toString() { "tag" => $this->tag, "startDateTime" => $this->start_date_time, "endDateTime" => $this->end_date_time, - ])); + ]; + } + + public function __toString() { + return json_encode(array_filter($this->to_array())); } } -?> \ No newline at end of file +?>