poprawione

This commit is contained in:
unknown 2020-05-01 17:53:18 +02:00
parent 98178c1066
commit 096386e7aa
4 changed files with 17 additions and 9 deletions

View File

@ -18,14 +18,17 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
http
.authorizeRequests()
.antMatchers("/", "/home").permitAll()
.anyRequest().authenticated()
.antMatchers("/", "/start").authenticated()
//.anyRequest().authenticated()
.and()
.formLogin()
.loginPage("/login")
.permitAll()
.and()
.logout()
.permitAll();
.and().
// .logout()
//.permitAll().
cors().and().
csrf().disable();
}
@Bean

View File

@ -8,6 +8,7 @@ import org.springframework.security.core.userdetails.User;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestParam;
import java.net.URLEncoder;
@ -17,7 +18,7 @@ import java.util.Map;
@Controller
public class StartController {
@GetMapping("/start")
@PostMapping("/start")
public String start(
@RequestParam(name = "key", required = false, defaultValue = "")
String key, @RequestParam(name = "secret", required = false, defaultValue = "")
@ -28,8 +29,7 @@ public class StartController {
Map<String, String> parameters = new HashMap<>();
parameters.put("lti_message_type","basic-lti-launch-request");
parameters.put("lti_version", "LTI-1p0");
parameters.put("resource_link_id", "gsdgsdgsdgsdsgddsg3g3");
//parameters.put("resource_link_id", ((User) SecurityContextHolder.getContext().getAuthentication().getPrincipal()).getUsername());
parameters.put("resource_link_id", ((User) SecurityContextHolder.getContext().getAuthentication().getPrincipal()).getUsername());
try {
Map<String, String> signedParameters = signer.signParameters(parameters, key, secret, url, "POST");
String link = url + "?" + "oauth_nonce=" + signedParameters.get("oauth_nonce") + "&oauth_signature=" + signedParameters.get("oauth_signature") + "&oauth_consumer_key=" + signedParameters.get("oauth_consumer_key") + "&oauth_signature_method=" + signedParameters.get("oauth_signature_method") + "&oauth_timestamp=" + signedParameters.get("oauth_timestamp") + "&oauth_version=" + signedParameters.get("oauth_version") + "&lti_message_type=" + signedParameters.get("lti_message_type") + "&lti_version=" + signedParameters.get("lti_version") + "&resource_link_id=" + signedParameters.get("resource_link_id");

View File

@ -10,6 +10,11 @@
</head>
<body>
This is tool consumer for LTI<br>
<button type="button" th:onclick="|window.location.href='/start?url=https://cloud.scorm.com/sc/blti&key=7ec922aa-7095-497d-a1b8-5a507008fb90&secret=Fr5hG91UdCPQ2mKodG82u3UNqf0SLJ7NB1wSxAJ8'|">Launch</button>
<form th:action="@{/start}" method="post">
<div><label> URL: <input type="text" name="url"/></label></div>
<div><label> Key: <input type="text" name="key"/></label></div>
<div><label> Secret: <input type="text" name="secret"/></label></div>
<div><input type="submit" value="Submit"/></div>
</form>
</body>
</html>

View File

@ -9,7 +9,7 @@
<link rel="stylesheet" th:href="@{/css/main.css}"/>
</head>
<body>
<form th:action="${launchUrl}" target="_blank" method="POST">
<form th:action="${launchUrl}" method="POST">
<input type="submit">Launch Tool</input>
</form>
</body>