WIP LTI using new oauth lib - refs BT#13469

7 years ago · 5b62af9443
parent 60ff03ee73
commit 5b62af9443
3 changed files with 92 additions and 27 deletions
--- a/plugin/ims_lti/Entity/ImsLtiTool.php
+++ b/plugin/ims_lti/Entity/ImsLtiTool.php
@ -285,13 +285,43 @@ class ImsLtiTool

        foreach ($strings as $string) {
            $pairs = explode('=', $string);
+            $key = self::parseCustomKey($pairs[0]);
+            $value = $pairs[1];

-            $params['custom_'.$pairs[0]] = $pairs[1];
+            $params['custom_'.$key] = $value;
        }

        return $params;
    }

+    /**
+     * Map the key from custom param.
+     *
+     * @param string $key
+     *
+     * @return string
+     */
+    private static function parseCustomKey($key)
+    {
+        $newKey = '';
+        $key = strtolower($key);
+        $split = str_split($key);
+
+        foreach ($split as $char) {
+            if (
+                ($char >= 'a' && $char <= 'z') || ($char >= '0' && $char <= '9')
+            ) {
+                $newKey .= $char;
+
+                continue;
+            }
+
+            $newKey .= '_';
+        }
+
+        return $newKey;
+    }
+
    /**
     * Set activeDeepLinking.
     *
--- a/plugin/ims_lti/ImsLtiPlugin.php
+++ b/plugin/ims_lti/ImsLtiPlugin.php
@ -506,4 +506,41 @@ class ImsLtiPlugin extends Plugin

        return (string) $launchUrl;
    }
+
+    /**
+     * @param array $params
+     */
+    public function trimParams(array &$params)
+    {
+        foreach ($params as $key => $value) {
+            $newValue = preg_replace('/\s+/', ' ', $value);
+
+            $params[$key] = trim($newValue);
+        }
+    }
+
+    /**
+     * @param ImsLtiTool $tool
+     * @param array      $params
+     *
+     * @return array
+     */
+    public function removeUrlParamsFromLaunchParams(ImsLtiTool $tool, array &$params)
+    {
+        $urlQuery = parse_url($tool->getLaunchUrl(), PHP_URL_QUERY);
+
+        if (empty($urlQuery)) {
+            return $params;
+        }
+
+        $queryParams = [];
+        parse_str($urlQuery, $queryParams);
+        $queryKeys = array_keys($queryParams);
+
+        foreach ($queryKeys as $key) {
+            if (isset($params[$key])) {
+                unset($params[$key]);
+            }
+        }
+    }
 }
--- a/plugin/ims_lti/form.php
+++ b/plugin/ims_lti/form.php
@ -109,26 +109,33 @@ $params['tool_consumer_instance_guid'] = $platformDomain;
 $params['tool_consumer_instance_name'] = api_get_setting('siteName');
 $params['tool_consumer_instance_url'] = api_get_path(WEB_PATH);
 $params['tool_consumer_instance_contact_email'] = api_get_setting('emailAdministrator');
+$params['oauth_callback'] = 'about:blank';

 $params += $tool->parseCustomParams();

+$imsLtiPlugin->trimParams($params);
+
 if (!empty($tool->getConsumerKey()) && !empty($tool->getSharedSecret())) {
-    $oauth = new OAuthSimple(
+    $consumer = new OAuthConsumer(
        $tool->getConsumerKey(),
-        $tool->getSharedSecret()
+        $tool->getSharedSecret(),
+        null
+    );
+    $hmacMethod = new OAuthSignatureMethod_HMAC_SHA1();
+
+    $request = OAuthRequest::from_consumer_and_token(
+        $consumer,
+        '',
+        'POST',
+        $tool->getLaunchUrl(),
+        $params
    );
-    $oauth->setAction('post');
-    $oauth->setSignatureMethod('HMAC-SHA1');
-    $oauth->setParameters($params);
-    $result = $oauth->sign(array(
-        'path' => $tool->getLaunchUrl(),
-        'parameters' => array(
-            'oauth_callback' => 'about:blank'
-        )
-    ));
-
-    $params = $result['parameters'];
+    $request->sign_request($hmacMethod, $consumer, '');
+
+    $params = $request->get_parameters();
 }
+
+$imsLtiPlugin->removeUrlParamsFromLaunchParams($tool, $params);
 ?>
 <!DOCTYPE html>
 <html>
@ -138,19 +145,10 @@ if (!empty($tool->getConsumerKey()) && !empty($tool->getSharedSecret())) {
 <body>
 <form action="<?php echo $tool->getLaunchUrl() ?>" name="ltiLaunchForm" method="post"
      encType="application/x-www-form-urlencoded">
-    <?php
-    foreach ($params as $key => $values) {
-        echo '<input type="hidden" name="'.$key.'" value="'.htmlspecialchars($values).'" />'.PHP_EOL;
-    }
-    ?>
-    <button type="submit">
-        <?php echo $imsLtiPlugin->get_lang('PressToContinue') ?>
-    </button>
+    <?php foreach ($params as $key => $value) { ?>
+        <input type="hidden" name="<?php echo $key ?>" value="<?php echo htmlspecialchars($value) ?>">
+    <?php } ?>
 </form>
-
-<script language="javascript">
-    document.querySelector('form [type="submit"]').style.display = "none";
-    document.ltiLaunchForm.submit();
-</script>
+<script>document.ltiLaunchForm.submit();</script>
 </body>
 </html>