152 lines
5.4 KiB
PHP
152 lines
5.4 KiB
PHP
|
<?php
|
||
|
|
||
|
/**
|
||
|
* This program is free software; you can redistribute it and/or
|
||
|
* modify it under the terms of the GNU General Public License
|
||
|
* as published by the Free Software Foundation; under version 2
|
||
|
* of the License (non-upgradable).
|
||
|
*
|
||
|
* This program is distributed in the hope that it will be useful,
|
||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||
|
* GNU General Public License for more details.
|
||
|
*
|
||
|
* You should have received a copy of the GNU General Public License
|
||
|
* along with this program; if not, write to the Free Software
|
||
|
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
|
||
|
*
|
||
|
* Copyright (c) 2013-2019 (original work) Open Assessment Technologies SA (under the project TAO-PRODUCT);
|
||
|
*
|
||
|
*/
|
||
|
|
||
|
namespace oat\taoLti\controller;
|
||
|
|
||
|
use common_Exception;
|
||
|
use common_exception_Error;
|
||
|
use common_exception_IsAjaxAction;
|
||
|
use common_http_Request;
|
||
|
use common_session_SessionManager as SessionManager;
|
||
|
use OAT\Library\Lti1p3Core\Message\Payload\LtiMessagePayloadInterface;
|
||
|
use oat\tao\model\oauth\OauthService;
|
||
|
use oat\taoLti\models\classes\Tool\Validation\Lti1p3Validator;
|
||
|
use tao_helpers_Request;
|
||
|
use common_Logger;
|
||
|
use common_user_auth_AuthFailedException;
|
||
|
use InterruptedActionException;
|
||
|
use oat\taoLti\models\classes\CookieVerifyService;
|
||
|
use oat\taoLti\models\classes\LaunchData\Validator\LtiValidatorService;
|
||
|
use oat\taoLti\models\classes\LtiException;
|
||
|
use oat\taoLti\models\classes\LtiLaunchData;
|
||
|
use oat\taoLti\models\classes\LtiMessages\LtiErrorMessage;
|
||
|
use oat\taoLti\models\classes\LtiService;
|
||
|
use ResolverException;
|
||
|
use tao_models_classes_accessControl_AclProxy;
|
||
|
use tao_models_classes_oauth_Exception;
|
||
|
|
||
|
/**
|
||
|
* An abstract tool controller to be extended by the concrete tools
|
||
|
*
|
||
|
* @package taoLti
|
||
|
*/
|
||
|
abstract class ToolModule extends LtiModule
|
||
|
{
|
||
|
/**
|
||
|
* Entrypoint of every tool
|
||
|
*
|
||
|
* @throws LtiException
|
||
|
* @throws ResolverException
|
||
|
* @throws common_Exception
|
||
|
* @throws common_exception_Error
|
||
|
* @throws InterruptedActionException
|
||
|
*/
|
||
|
public function launch()
|
||
|
{
|
||
|
SessionManager::endSession();
|
||
|
|
||
|
try {
|
||
|
$request = common_http_Request::currentRequest();
|
||
|
$ltiLaunchData = LtiLaunchData::fromRequest($request);
|
||
|
$this->logLti($ltiLaunchData->getVariables());
|
||
|
/** @var LtiValidatorService $validator */
|
||
|
$validator = $this->getServiceLocator()->get(LtiValidatorService::SERVICE_ID);
|
||
|
$validator->validateLaunchData($ltiLaunchData);
|
||
|
|
||
|
LtiService::singleton()->startLtiSession($request);
|
||
|
|
||
|
|
||
|
/** @var CookieVerifyService $cookieService */
|
||
|
$cookieService = $this->getServiceManager()->get(CookieVerifyService::SERVICE_ID);
|
||
|
if ($cookieService->isVerifyCookieRequired()) {
|
||
|
if (tao_models_classes_accessControl_AclProxy::hasAccess('verifyCookie', 'CookieUtils', 'taoLti')) {
|
||
|
$cookieRedirect = _url(
|
||
|
'verifyCookie',
|
||
|
'CookieUtils',
|
||
|
'taoLti',
|
||
|
[
|
||
|
'session' => session_id(),
|
||
|
'redirect' => urlencode(_url('run', null, null, $_GET)),
|
||
|
]
|
||
|
);
|
||
|
$this->redirect($cookieRedirect);
|
||
|
} else {
|
||
|
throw new LtiException(
|
||
|
__('You are not authorized to use this system'),
|
||
|
LtiErrorMessage::ERROR_UNAUTHORIZED
|
||
|
);
|
||
|
}
|
||
|
} else {
|
||
|
$this->forward('run', null, null, $_GET);
|
||
|
}
|
||
|
} catch (common_user_auth_AuthFailedException $e) {
|
||
|
$lockoutService = $this->getServiceLocator()->get(OauthService::SERVICE_ID)
|
||
|
->getSubService(OauthService::OPTION_LOCKOUT_SERVICE);
|
||
|
$lockoutService->logFailedAttempt();
|
||
|
common_Logger::i($e->getMessage());
|
||
|
throw new LtiException(
|
||
|
__('The LTI connection could not be established'),
|
||
|
LtiErrorMessage::ERROR_UNAUTHORIZED
|
||
|
);
|
||
|
} catch (LtiException $e) {
|
||
|
common_Logger::i($e->__toString());
|
||
|
|
||
|
if (tao_helpers_Request::isAjax()) {
|
||
|
throw new common_exception_IsAjaxAction(__CLASS__ . '::' . __FUNCTION__);
|
||
|
}
|
||
|
throw $e;
|
||
|
} catch (tao_models_classes_oauth_Exception $e) {
|
||
|
common_Logger::i($e->getMessage());
|
||
|
throw new LtiException(
|
||
|
__('The LTI connection could not be established'),
|
||
|
LtiErrorMessage::ERROR_UNAUTHORIZED
|
||
|
);
|
||
|
}
|
||
|
}
|
||
|
|
||
|
/**
|
||
|
* run() contains the actual tool's controller
|
||
|
*/
|
||
|
abstract public function run();
|
||
|
|
||
|
|
||
|
/**
|
||
|
* Logging LTI launch params
|
||
|
* @param $variables
|
||
|
*/
|
||
|
protected function logLti($variables)
|
||
|
{
|
||
|
foreach ($variables as $key => $value) {
|
||
|
if (strpos($key, 'oauth_') === 0) {
|
||
|
unset($variables[$key]);
|
||
|
}
|
||
|
}
|
||
|
$this->logInfo('LTI_LAUNCH_PARAMS:' . json_encode($variables));
|
||
|
}
|
||
|
|
||
|
protected function getValidatedLtiMessagePayload(): LtiMessagePayloadInterface
|
||
|
{
|
||
|
return $this->getServiceLocator()
|
||
|
->get(Lti1p3Validator::class)
|
||
|
->getValidatedPayload($this->getPsrRequest());
|
||
|
}
|
||
|
}
|