2 // This file is part of Moodle - http://moodle.org/
4 // Moodle is free software: you can redistribute it and/or modify
5 // it under the terms of the GNU General Public License as published by
6 // the Free Software Foundation, either version 3 of the License, or
7 // (at your option) any later version.
9 // Moodle is distributed in the hope that it will be useful,
10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 // GNU General Public License for more details.
14 // You should have received a copy of the GNU General Public License
15 // along with Moodle. If not, see <http://www.gnu.org/licenses/>.
17 // This file is part of BasicLTI4Moodle
19 // BasicLTI4Moodle is an IMS BasicLTI (Basic Learning Tools for Interoperability)
20 // consumer for Moodle 1.9 and Moodle 2.0. BasicLTI is a IMS Standard that allows web
21 // based learning tools to be easily integrated in LMS as native ones. The IMS BasicLTI
22 // specification is part of the IMS standard Common Cartridge 1.1 Sakai and other main LMS
23 // are already supporting or going to support BasicLTI. This project Implements the consumer
24 // for Moodle. Moodle is a Free Open source Learning Management System by Martin Dougiamas.
25 // BasicLTI4Moodle is a project iniciated and leaded by Ludo(Marc Alier) and Jordi Piguillem
26 // at the GESSI research group at UPC.
27 // SimpleLTI consumer for Moodle is an implementation of the early specification of LTI
28 // by Charles Severance (Dr Chuck) htp://dr-chuck.com , developed by Jordi Piguillem in a
29 // Google Summer of Code 2008 project co-mentored by Charles Severance and Marc Alier.
31 // BasicLTI4Moodle is copyright 2009 by Marc Alier Forment, Jordi Piguillem and Nikolas Galanis
32 // of the Universitat Politecnica de Catalunya http://www.upc.edu
33 // Contact info: Marc Alier Forment granludo @ gmail.com or marc.alier @ upc.edu
36 * This file contains the library of functions and constants for the lti module
40 * @copyright 2009 Marc Alier, Jordi Piguillem, Nikolas Galanis
42 * @copyright 2009 Universitat Politecnica de Catalunya http://www.upc.edu
44 * @author Jordi Piguillem
45 * @author Nikolas Galanis
46 * @author Chris Scribner
47 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
50 defined('MOODLE_INTERNAL') ||
die;
52 // TODO: Switch to core oauthlib once implemented - MDL-30149
53 use moodle\mod\lti
as lti
;
55 require_once($CFG->dirroot
.'/mod/lti/OAuth.php');
57 define('LTI_URL_DOMAIN_REGEX', '/(?:https?:\/\/)?(?:www\.)?([^\/]+)(?:\/|$)/i');
59 define('LTI_LAUNCH_CONTAINER_DEFAULT', 1);
60 define('LTI_LAUNCH_CONTAINER_EMBED', 2);
61 define('LTI_LAUNCH_CONTAINER_EMBED_NO_BLOCKS', 3);
62 define('LTI_LAUNCH_CONTAINER_WINDOW', 4);
63 define('LTI_LAUNCH_CONTAINER_REPLACE_MOODLE_WINDOW', 5);
65 define('LTI_TOOL_STATE_ANY', 0);
66 define('LTI_TOOL_STATE_CONFIGURED', 1);
67 define('LTI_TOOL_STATE_PENDING', 2);
68 define('LTI_TOOL_STATE_REJECTED', 3);
70 define('LTI_SETTING_NEVER', 0);
71 define('LTI_SETTING_ALWAYS', 1);
72 define('LTI_SETTING_DELEGATE', 2);
75 * Prints a Basic LTI activity
77 * $param int $basicltiid Basic LTI activity id
79 function lti_view($instance) {
82 if (empty($instance->typeid
)) {
83 $tool = lti_get_tool_by_url_match($instance->toolurl
, $instance->course
);
90 $typeid = $instance->typeid
;
94 $typeconfig = lti_get_type_config($typeid);
96 //There is no admin configuration for this tool. Use configuration in the lti instance record plus some defaults.
97 $typeconfig = (array)$instance;
99 $typeconfig['sendname'] = $instance->instructorchoicesendname
;
100 $typeconfig['sendemailaddr'] = $instance->instructorchoicesendemailaddr
;
101 $typeconfig['customparameters'] = $instance->instructorcustomparameters
;
102 $typeconfig['acceptgrades'] = $instance->instructorchoiceacceptgrades
;
103 $typeconfig['allowroster'] = $instance->instructorchoiceallowroster
;
104 $typeconfig['forcessl'] = '0';
107 //Default the organizationid if not specified
108 if (empty($typeconfig['organizationid'])) {
109 $urlparts = parse_url($CFG->wwwroot
);
111 $typeconfig['organizationid'] = $urlparts['host'];
114 if (!empty($instance->resourcekey
)) {
115 $key = $instance->resourcekey
;
116 } else if (!empty($typeconfig['resourcekey'])) {
117 $key = $typeconfig['resourcekey'];
122 if (!empty($instance->password
)) {
123 $secret = $instance->password
;
124 } else if (!empty($typeconfig['password'])) {
125 $secret = $typeconfig['password'];
130 $endpoint = !empty($instance->toolurl
) ?
$instance->toolurl
: $typeconfig['toolurl'];
131 $endpoint = trim($endpoint);
133 //If the current request is using SSL and a secure tool URL is specified, use it
134 if (lti_request_is_using_ssl() && !empty($instance->securetoolurl
)) {
135 $endpoint = trim($instance->securetoolurl
);
138 //If SSL is forced, use the secure tool url if specified. Otherwise, make sure https is on the normal launch URL.
139 if ($typeconfig['forcessl'] == '1') {
140 if (!empty($instance->securetoolurl
)) {
141 $endpoint = trim($instance->securetoolurl
);
144 $endpoint = lti_ensure_url_is_https($endpoint);
146 if (!strstr($endpoint, '://')) {
147 $endpoint = 'http://' . $endpoint;
151 $orgid = $typeconfig['organizationid'];
153 $course = $PAGE->course
;
154 $requestparams = lti_build_request($instance, $typeconfig, $course);
156 $launchcontainer = lti_get_launch_container($instance, $typeconfig);
157 $returnurlparams = array('course' => $course->id
, 'launch_container' => $launchcontainer, 'instanceid' => $instance->id
);
160 $requestparams["tool_consumer_instance_guid"] = $orgid;
163 if (empty($key) ||
empty($secret)) {
164 $returnurlparams['unsigned'] = '1';
166 //Add the return URL. We send the launch container along to help us avoid frames-within-frames when the user returns
167 $url = new moodle_url('/mod/lti/return.php', $returnurlparams);
168 $returnurl = $url->out(false);
170 if ($typeconfig['forcessl'] == '1') {
171 $returnurl = lti_ensure_url_is_https($returnurl);
174 $requestparams['launch_presentation_return_url'] = $returnurl;
177 if (!empty($key) && !empty($secret)) {
178 $parms = lti_sign_parameters($requestparams, $endpoint, "POST", $key, $secret);
180 //If no key and secret, do the launch unsigned.
181 $parms = $requestparams;
184 $debuglaunch = ( $instance->debuglaunch
== 1 );
186 $content = lti_post_launch_html($parms, $endpoint, $debuglaunch);
191 function lti_build_sourcedid($instanceid, $userid, $launchid = null, $servicesalt) {
192 $data = new stdClass();
194 $data->instanceid
= $instanceid;
195 $data->userid
= $userid;
196 if (!empty($launchid)) {
197 $data->launchid
= $launchid;
199 $data->launchid
= mt_rand();
202 $json = json_encode($data);
204 $hash = hash('sha256', $json . $servicesalt, false);
206 $container = new stdClass();
207 $container->data
= $data;
208 $container->hash
= $hash;
214 * This function builds the request that must be sent to the tool producer
216 * @param object $instance Basic LTI instance object
217 * @param object $typeconfig Basic LTI tool configuration
218 * @param object $course Course object
220 * @return array $request Request details
222 function lti_build_request($instance, $typeconfig, $course) {
225 if (empty($instance->cmid
)) {
229 $role = lti_get_ims_role($USER, $instance->cmid
, $instance->course
);
231 $locale = $course->lang
;
232 if ( strlen($locale) < 1 ) {
233 $locale = $CFG->lang
;
236 $requestparams = array(
237 'resource_link_id' => $instance->id
,
238 'resource_link_title' => $instance->name
,
239 'resource_link_description' => $instance->intro
,
240 'user_id' => $USER->id
,
242 'context_id' => $course->id
,
243 'context_label' => $course->shortname
,
244 'context_title' => $course->fullname
,
245 'launch_presentation_locale' => $locale,
248 $placementsecret = $instance->servicesalt
;
250 if ( isset($placementsecret) ) {
251 $sourcedid = json_encode(lti_build_sourcedid($instance->id
, $USER->id
, null, $placementsecret));
254 if ( isset($placementsecret) &&
255 ( $typeconfig['acceptgrades'] == LTI_SETTING_ALWAYS ||
256 ( $typeconfig['acceptgrades'] == LTI_SETTING_DELEGATE
&& $instance->instructorchoiceacceptgrades
== LTI_SETTING_ALWAYS
) ) ) {
257 $requestparams['lis_result_sourcedid'] = $sourcedid;
259 //Add outcome service URL
260 $serviceurl = new moodle_url('/mod/lti/service.php');
261 $serviceurl = $serviceurl->out();
263 if ($typeconfig['forcessl'] == '1') {
264 $serviceurl = lti_ensure_url_is_https($serviceurl);
267 $requestparams['lis_outcome_service_url'] = $serviceurl;
270 // Send user's name and email data if appropriate
271 if ( $typeconfig['sendname'] == LTI_SETTING_ALWAYS ||
272 ( $typeconfig['sendname'] == LTI_SETTING_DELEGATE
&& $instance->instructorchoicesendname
== LTI_SETTING_ALWAYS
) ) {
273 $requestparams['lis_person_name_given'] = $USER->firstname
;
274 $requestparams['lis_person_name_family'] = $USER->lastname
;
275 $requestparams['lis_person_name_full'] = $USER->firstname
." ".$USER->lastname
;
278 if ( $typeconfig['sendemailaddr'] == LTI_SETTING_ALWAYS ||
279 ( $typeconfig['sendemailaddr'] == LTI_SETTING_DELEGATE
&& $instance->instructorchoicesendemailaddr
== LTI_SETTING_ALWAYS
) ) {
280 $requestparams['lis_person_contact_email_primary'] = $USER->email
;
283 // Concatenate the custom parameters from the administrator and the instructor
284 // Instructor parameters are only taken into consideration if the administrator
285 // has giver permission
286 $customstr = $typeconfig['customparameters'];
287 $instructorcustomstr = $instance->instructorcustomparameters
;
289 $instructorcustom = array();
291 $custom = lti_split_custom_parameters($customstr);
293 if (!isset($typeconfig['allowinstructorcustom']) ||
$typeconfig['allowinstructorcustom'] == LTI_SETTING_NEVER
) {
294 $requestparams = array_merge($custom, $requestparams);
296 if ($instructorcustomstr) {
297 $instructorcustom = lti_split_custom_parameters($instructorcustomstr);
299 foreach ($instructorcustom as $key => $val) {
300 // Ignore the instructor's parameter
301 if (!array_key_exists($key, $custom)) {
302 $custom[$key] = $val;
305 $requestparams = array_merge($custom, $requestparams);
308 // Make sure we let the tool know what LMS they are being called from
309 $requestparams["ext_lms"] = "moodle-2";
310 $requestparams['tool_consumer_info_product_family_code'] = 'moodle';
311 $requestparams['tool_consumer_info_version'] = strval($CFG->version
);
313 // Add oauth_callback to be compliant with the 1.0A spec
314 $requestparams['oauth_callback'] = 'about:blank';
316 //The submit button needs to be part of the signature as it gets posted with the form.
317 //This needs to be here to support launching without javascript.
318 $submittext = get_string('press_to_submit', 'lti');
319 $requestparams['ext_submit'] = $submittext;
321 $requestparams['lti_version'] = 'LTI-1p0';
322 $requestparams['lti_message_type'] = 'basic-lti-launch-request';
324 return $requestparams;
327 function lti_get_tool_table($tools, $id) {
331 $typename = get_string('typename', 'lti');
332 $baseurl = get_string('baseurl', 'lti');
333 $action = get_string('action', 'lti');
334 $createdon = get_string('createdon', 'lti');
336 if ($id == 'lti_configured') {
337 $html .= '<div><a style="margin-top:.25em" href="'.$CFG->wwwroot
.'/mod/lti/typessettings.php?action=add&sesskey='.$USER->sesskey
.'">'.get_string('addtype', 'lti').'</a></div>';
340 if (!empty($tools)) {
342 <div id=\"{$id}_container\" style=\"margin-top:.5em;margin-bottom:.5em\">
343 <table id=\"{$id}_tools\">
354 foreach ($tools as $type) {
355 $date = userdate($type->timecreated
);
356 $accept = get_string('accept', 'lti');
357 $update = get_string('update', 'lti');
358 $delete = get_string('delete', 'lti');
361 <a class=\"editing_accept\" href=\"{$CFG->wwwroot}/mod/lti/typessettings.php?action=accept&id={$type->id}&sesskey={$USER->sesskey}&tab={$id}\" title=\"{$accept}\">
362 <img class=\"iconsmall\" alt=\"{$accept}\" src=\"{$CFG->wwwroot}/pix/t/clear.gif\"/>
366 $deleteaction = 'delete';
368 if ($type->state
== LTI_TOOL_STATE_CONFIGURED
) {
372 if ($type->state
!= LTI_TOOL_STATE_REJECTED
) {
373 $deleteaction = 'reject';
374 $delete = get_string('reject', 'lti');
388 <td align=\"center\">
390 <a class=\"editing_update\" href=\"{$CFG->wwwroot}/mod/lti/typessettings.php?action=update&id={$type->id}&sesskey={$USER->sesskey}&tab={$id}\" title=\"{$update}\">
391 <img class=\"iconsmall\" alt=\"{$update}\" src=\"{$CFG->wwwroot}/pix/t/edit.gif\"/>
393 <a class=\"editing_delete\" href=\"{$CFG->wwwroot}/mod/lti/typessettings.php?action={$deleteaction}&id={$type->id}&sesskey={$USER->sesskey}&tab={$id}\" title=\"{$delete}\">
394 <img class=\"iconsmall\" alt=\"{$delete}\" src=\"{$CFG->wwwroot}/pix/t/delete.gif\"/>
400 $html .= '</table></div>';
402 $html .= get_string('no_' . $id, 'lti');
409 * Splits the custom parameters field to the various parameters
411 * @param string $customstr String containing the parameters
413 * @return Array of custom parameters
415 function lti_split_custom_parameters($customstr) {
416 $lines = preg_split("/[\n;]/", $customstr);
418 foreach ($lines as $line) {
419 $pos = strpos($line, "=");
420 if ( $pos === false ||
$pos < 1 ) {
423 $key = trim(textlib
::substr($line, 0, $pos));
424 $val = trim(textlib
::substr($line, $pos+
1, strlen($line)));
425 $key = lti_map_keyname($key);
426 $retval['custom_'.$key] = $val;
432 * Used for building the names of the different custom parameters
434 * @param string $key Parameter name
436 * @return string Processed name
438 function lti_map_keyname($key) {
440 $key = textlib
::strtolower(trim($key));
441 foreach (str_split($key) as $ch) {
442 if ( ($ch >= 'a' && $ch <= 'z') ||
($ch >= '0' && $ch <= '9') ) {
452 * Gets the IMS role string for the specified user and LTI course module.
454 * @param mixed $user User object or user id
455 * @param int $cmid The course module id of the LTI activity
456 * @return string A role string suitable for passing with an LTI launch
458 function lti_get_ims_role($user, $cmid, $courseid) {
462 //If no cmid is passed, check if the user is a teacher in the course
463 //This allows other modules to programmatically "fake" a launch without
464 //a real LTI instance
465 $coursecontext = get_context_instance(CONTEXT_COURSE
, $courseid);
467 if (has_capability('moodle/course:manageactivities', $coursecontext)) {
468 array_push($roles, 'Instructor');
470 array_push($roles, 'Learner');
473 $context = get_context_instance(CONTEXT_MODULE
, $cmid);
475 if (has_capability('mod/lti:manage', $context)) {
476 array_push($roles, 'Instructor');
478 array_push($roles, 'Learner');
482 if (is_siteadmin($user)) {
483 array_push($roles, 'urn:lti:sysrole:ims/lis/Administrator');
486 return join(',', $roles);
490 * Returns configuration details for the tool
492 * @param int $typeid Basic LTI tool typeid
494 * @return array Tool Configuration
496 function lti_get_type_config($typeid) {
499 $query = "SELECT name, value
500 FROM {lti_types_config}
501 WHERE typeid = :typeid1
503 SELECT 'toolurl' AS name, baseurl AS value
505 WHERE id = :typeid2";
507 $typeconfig = array();
508 $configs = $DB->get_records_sql($query, array('typeid1' => $typeid, 'typeid2' => $typeid));
510 if (!empty($configs)) {
511 foreach ($configs as $config) {
512 $typeconfig[$config->name
] = $config->value
;
519 function lti_get_tools_by_url($url, $state, $courseid = null) {
520 $domain = lti_get_domain_from_url($url);
522 return lti_get_tools_by_domain($domain, $state, $courseid);
525 function lti_get_tools_by_domain($domain, $state = null, $courseid = null) {
528 $filters = array('tooldomain' => $domain);
534 $statefilter = 'AND state = :state';
537 if ($courseid && $courseid != $SITE->id
) {
538 $coursefilter = 'OR course = :courseid';
543 WHERE tooldomain = :tooldomain
544 AND (course = :siteid $coursefilter)
547 return $DB->get_records_sql($query, array(
548 'courseid' => $courseid,
549 'siteid' => $SITE->id
,
550 'tooldomain' => $domain,
556 * Returns all basicLTI tools configured by the administrator
559 function lti_filter_get_types($course) {
562 if (!empty($course)) {
563 $filter = array('course' => $course);
568 return $DB->get_records('lti_types', $filter);
571 function lti_get_types_for_add_instance() {
572 global $DB, $SITE, $COURSE;
576 WHERE coursevisible = 1
577 AND (course = :siteid OR course = :courseid)
578 AND state = :active";
580 $admintypes = $DB->get_records_sql($query, array('siteid' => $SITE->id
, 'courseid' => $COURSE->id
, 'active' => LTI_TOOL_STATE_CONFIGURED
));
583 $types[0] = (object)array('name' => get_string('automatic', 'lti'), 'course' => $SITE->id
);
585 foreach ($admintypes as $type) {
586 $types[$type->id
] = $type;
592 function lti_get_domain_from_url($url) {
595 if (preg_match(LTI_URL_DOMAIN_REGEX
, $url, $matches)) {
600 function lti_get_tool_by_url_match($url, $courseid = null, $state = LTI_TOOL_STATE_CONFIGURED
) {
601 $possibletools = lti_get_tools_by_url($url, $state, $courseid);
603 return lti_get_best_tool_by_url($url, $possibletools, $courseid);
606 function lti_get_url_thumbprint($url) {
607 $urlparts = parse_url(strtolower($url));
608 if (!isset($urlparts['path'])) {
609 $urlparts['path'] = '';
612 if (!isset($urlparts['host'])) {
613 $urlparts['host'] = '';
616 if (substr($urlparts['host'], 0, 4) === 'www.') {
617 $urlparts['host'] = substr($urlparts['host'], 4);
620 return $urllower = $urlparts['host'] . '/' . $urlparts['path'];
623 function lti_get_best_tool_by_url($url, $tools, $courseid = null) {
624 if (count($tools) === 0) {
628 $urllower = lti_get_url_thumbprint($url);
630 foreach ($tools as $tool) {
631 $tool->_matchscore
= 0;
633 $toolbaseurllower = lti_get_url_thumbprint($tool->baseurl
);
635 if ($urllower === $toolbaseurllower) {
636 //100 points for exact thumbprint match
637 $tool->_matchscore +
= 100;
638 } else if (substr($urllower, 0, strlen($toolbaseurllower)) === $toolbaseurllower) {
639 //50 points if tool thumbprint starts with the base URL thumbprint
640 $tool->_matchscore +
= 50;
643 //Prefer course tools over site tools
644 if (!empty($courseid)) {
645 //Minus 10 points for not matching the course id (global tools)
646 if ($tool->course
!= $courseid) {
647 $tool->_matchscore
-= 10;
652 $bestmatch = array_reduce($tools, function($value, $tool) {
653 if ($tool->_matchscore
> $value->_matchscore
) {
659 }, (object)array('_matchscore' => -1));
661 //None of the tools are suitable for this URL
662 if ($bestmatch->_matchscore
<= 0) {
669 function lti_get_shared_secrets_by_key($key) {
672 //Look up the shared secret for the specified key in both the types_config table (for configured tools)
673 //And in the lti resource table for ad-hoc tools
674 $query = "SELECT t2.value
675 FROM {lti_types_config} t1
676 JOIN {lti_types_config} t2 ON t1.typeid = t2.typeid
677 JOIN {lti_types} type ON t2.typeid = type.id
678 WHERE t1.name = 'resourcekey'
680 AND t2.name = 'password'
681 AND type.state = :configured
683 SELECT password AS value
685 WHERE resourcekey = :key2";
687 $sharedsecrets = $DB->get_records_sql($query, array('configured' => LTI_TOOL_STATE_CONFIGURED
, 'key1' => $key, 'key2' => $key));
689 $values = array_map(function($item) {
693 //There should really only be one shared secret per key. But, we can't prevent
694 //more than one getting entered. For instance, if the same key is used for two tool providers.
699 * Delete a Basic LTI configuration
701 * @param int $id Configuration id
703 function lti_delete_type($id) {
706 //We should probably just copy the launch URL to the tool instances in this case... using a single query
708 $instances = $DB->get_records('lti', array('typeid' => $id));
709 foreach ($instances as $instance) {
710 $instance->typeid = 0;
711 $DB->update_record('lti', $instance);
714 $DB->delete_records('lti_types', array('id' => $id));
715 $DB->delete_records('lti_types_config', array('typeid' => $id));
718 function lti_set_state_for_type($id, $state) {
721 $DB->update_record('lti_types', array('id' => $id, 'state' => $state));
725 * Transforms a basic LTI object to an array
727 * @param object $ltiobject Basic LTI object
729 * @return array Basic LTI configuration details
731 function lti_get_config($ltiobject) {
732 $typeconfig = array();
733 $typeconfig = (array)$ltiobject;
734 $additionalconfig = lti_get_type_config($ltiobject->typeid
);
735 $typeconfig = array_merge($typeconfig, $additionalconfig);
741 * Generates some of the tool configuration based on the instance details
745 * @return Instance configuration
748 function lti_get_type_config_from_instance($id) {
751 $instance = $DB->get_record('lti', array('id' => $id));
752 $config = lti_get_config($instance);
754 $type = new stdClass();
755 $type->lti_fix
= $id;
756 if (isset($config['toolurl'])) {
757 $type->lti_toolurl
= $config['toolurl'];
759 if (isset($config['instructorchoicesendname'])) {
760 $type->lti_sendname
= $config['instructorchoicesendname'];
762 if (isset($config['instructorchoicesendemailaddr'])) {
763 $type->lti_sendemailaddr
= $config['instructorchoicesendemailaddr'];
765 if (isset($config['instructorchoiceacceptgrades'])) {
766 $type->lti_acceptgrades
= $config['instructorchoiceacceptgrades'];
768 if (isset($config['instructorchoiceallowroster'])) {
769 $type->lti_allowroster
= $config['instructorchoiceallowroster'];
772 if (isset($config['instructorcustomparameters'])) {
773 $type->lti_allowsetting
= $config['instructorcustomparameters'];
779 * Generates some of the tool configuration based on the admin configuration details
783 * @return Configuration details
785 function lti_get_type_type_config($id) {
788 $basicltitype = $DB->get_record('lti_types', array('id' => $id));
789 $config = lti_get_type_config($id);
791 $type = new stdClass();
793 $type->lti_typename
= $basicltitype->name
;
795 $type->typeid
= $basicltitype->id
;
797 $type->lti_toolurl
= $basicltitype->baseurl
;
799 if (isset($config['resourcekey'])) {
800 $type->lti_resourcekey
= $config['resourcekey'];
802 if (isset($config['password'])) {
803 $type->lti_password
= $config['password'];
806 if (isset($config['sendname'])) {
807 $type->lti_sendname
= $config['sendname'];
809 if (isset($config['instructorchoicesendname'])) {
810 $type->lti_instructorchoicesendname
= $config['instructorchoicesendname'];
812 if (isset($config['sendemailaddr'])) {
813 $type->lti_sendemailaddr
= $config['sendemailaddr'];
815 if (isset($config['instructorchoicesendemailaddr'])) {
816 $type->lti_instructorchoicesendemailaddr
= $config['instructorchoicesendemailaddr'];
818 if (isset($config['acceptgrades'])) {
819 $type->lti_acceptgrades
= $config['acceptgrades'];
821 if (isset($config['instructorchoiceacceptgrades'])) {
822 $type->lti_instructorchoiceacceptgrades
= $config['instructorchoiceacceptgrades'];
824 if (isset($config['allowroster'])) {
825 $type->lti_allowroster
= $config['allowroster'];
827 if (isset($config['instructorchoiceallowroster'])) {
828 $type->lti_instructorchoiceallowroster
= $config['instructorchoiceallowroster'];
831 if (isset($config['customparameters'])) {
832 $type->lti_customparameters
= $config['customparameters'];
835 if (isset($config['forcessl'])) {
836 $type->lti_forcessl
= $config['forcessl'];
839 if (isset($config['organizationid'])) {
840 $type->lti_organizationid
= $config['organizationid'];
842 if (isset($config['organizationurl'])) {
843 $type->lti_organizationurl
= $config['organizationurl'];
845 if (isset($config['organizationdescr'])) {
846 $type->lti_organizationdescr
= $config['organizationdescr'];
848 if (isset($config['launchcontainer'])) {
849 $type->lti_launchcontainer
= $config['launchcontainer'];
852 if (isset($config['coursevisible'])) {
853 $type->lti_coursevisible
= $config['coursevisible'];
856 if (isset($config['debuglaunch'])) {
857 $type->lti_debuglaunch
= $config['debuglaunch'];
860 if (isset($config['module_class_type'])) {
861 $type->lti_module_class_type
= $config['module_class_type'];
867 function lti_prepare_type_for_save($type, $config) {
868 $type->baseurl
= $config->lti_toolurl
;
869 $type->tooldomain
= lti_get_domain_from_url($config->lti_toolurl
);
870 $type->name
= $config->lti_typename
;
872 $type->coursevisible
= !empty($config->lti_coursevisible
) ?
$config->lti_coursevisible
: 0;
873 $config->lti_coursevisible
= $type->coursevisible
;
875 $type->forcessl
= !empty($config->lti_forcessl
) ?
$config->lti_forcessl
: 0;
876 $config->lti_forcessl
= $type->forcessl
;
878 $type->timemodified
= time();
880 unset ($config->lti_typename
);
881 unset ($config->lti_toolurl
);
884 function lti_update_type($type, $config) {
887 lti_prepare_type_for_save($type, $config);
889 if ($DB->update_record('lti_types', $type)) {
890 foreach ($config as $key => $value) {
891 if (substr($key, 0, 4)=='lti_' && !is_null($value)) {
892 $record = new StdClass();
893 $record->typeid
= $type->id
;
894 $record->name
= substr($key, 4);
895 $record->value
= $value;
897 lti_update_config($record);
903 function lti_add_type($type, $config) {
904 global $USER, $SITE, $DB;
906 lti_prepare_type_for_save($type, $config);
908 if (!isset($type->state
)) {
909 $type->state
= LTI_TOOL_STATE_PENDING
;
912 if (!isset($type->timecreated
)) {
913 $type->timecreated
= time();
916 if (!isset($type->createdby
)) {
917 $type->createdby
= $USER->id
;
920 if (!isset($type->course
)) {
921 $type->course
= $SITE->id
;
924 //Create a salt value to be used for signing passed data to extension services
925 //The outcome service uses the service salt on the instance. This can be used
926 //for communication with services not related to a specific LTI instance.
927 $config->lti_servicesalt
= uniqid('', true);
929 $id = $DB->insert_record('lti_types', $type);
932 foreach ($config as $key => $value) {
933 if (substr($key, 0, 4)=='lti_' && !is_null($value)) {
934 $record = new StdClass();
935 $record->typeid
= $id;
936 $record->name
= substr($key, 4);
937 $record->value
= $value;
939 lti_add_config($record);
948 * Add a tool configuration in the database
950 * @param $config Tool configuration
952 * @return int Record id number
954 function lti_add_config($config) {
957 return $DB->insert_record('lti_types_config', $config);
961 * Updates a tool configuration in the database
963 * @param $config Tool configuration
965 * @return Record id number
967 function lti_update_config($config) {
971 $old = $DB->get_record('lti_types_config', array('typeid' => $config->typeid
, 'name' => $config->name
));
974 $config->id
= $old->id
;
975 $return = $DB->update_record('lti_types_config', $config);
977 $return = $DB->insert_record('lti_types_config', $config);
983 * Signs the petition to launch the external tool using OAuth
985 * @param $oldparms Parameters to be passed for signing
986 * @param $endpoint url of the external tool
987 * @param $method Method for sending the parameters (e.g. POST)
988 * @param $oauth_consumoer_key Key
989 * @param $oauth_consumoer_secret Secret
990 * @param $submittext The text for the submit button
991 * @param $orgid LMS name
992 * @param $orgdesc LMS key
994 function lti_sign_parameters($oldparms, $endpoint, $method, $oauthconsumerkey, $oauthconsumersecret) {
995 //global $lastbasestring;
1000 // TODO: Switch to core oauthlib once implemented - MDL-30149
1001 $hmacmethod = new lti\
OAuthSignatureMethod_HMAC_SHA1();
1002 $testconsumer = new lti\
OAuthConsumer($oauthconsumerkey, $oauthconsumersecret, null);
1003 $accreq = lti\OAuthRequest
::from_consumer_and_token($testconsumer, $testtoken, $method, $endpoint, $parms);
1004 $accreq->sign_request($hmacmethod, $testconsumer, $testtoken);
1006 // Pass this back up "out of band" for debugging
1007 //$lastbasestring = $accreq->get_signature_base_string();
1009 $newparms = $accreq->get_parameters();
1015 * Posts the launch petition HTML
1017 * @param $newparms Signed parameters
1018 * @param $endpoint URL of the external tool
1019 * @param $debug Debug (true/false)
1021 function lti_post_launch_html($newparms, $endpoint, $debug=false) {
1022 $r = "<form action=\"".$endpoint."\" name=\"ltiLaunchForm\" id=\"ltiLaunchForm\" method=\"post\" encType=\"application/x-www-form-urlencoded\">\n";
1024 $submittext = $newparms['ext_submit'];
1026 // Contruct html for the launch parameters
1027 foreach ($newparms as $key => $value) {
1028 $key = htmlspecialchars($key);
1029 $value = htmlspecialchars($value);
1030 if ( $key == "ext_submit" ) {
1031 $r .= "<input type=\"submit\" name=\"";
1033 $r .= "<input type=\"hidden\" name=\"";
1036 $r .= "\" value=\"";
1042 $r .= "<script language=\"javascript\"> \n";
1043 $r .= " //<![CDATA[ \n";
1044 $r .= "function basicltiDebugToggle() {\n";
1045 $r .= " var ele = document.getElementById(\"basicltiDebug\");\n";
1046 $r .= " if (ele.style.display == \"block\") {\n";
1047 $r .= " ele.style.display = \"none\";\n";
1050 $r .= " ele.style.display = \"block\";\n";
1054 $r .= "</script>\n";
1055 $r .= "<a id=\"displayText\" href=\"javascript:basicltiDebugToggle();\">";
1056 $r .= get_string("toggle_debug_data", "lti")."</a>\n";
1057 $r .= "<div id=\"basicltiDebug\" style=\"display:none\">\n";
1058 $r .= "<b>".get_string("basiclti_endpoint", "lti")."</b><br/>\n";
1059 $r .= $endpoint . "<br/>\n <br/>\n";
1060 $r .= "<b>".get_string("basiclti_parameters", "lti")."</b><br/>\n";
1061 foreach ($newparms as $key => $value) {
1062 $key = htmlspecialchars($key);
1063 $value = htmlspecialchars($value);
1064 $r .= "$key = $value<br/>\n";
1066 $r .= " <br/>\n";
1067 //$r .= "<p><b>".get_string("basiclti_base_string", "lti")."</b><br/>\n".$lastbasestring."</p>\n";
1073 $ext_submit = "ext_submit";
1074 $ext_submit_text = $submittext;
1075 $r .= " <script type=\"text/javascript\"> \n" .
1077 " document.getElementById(\"ltiLaunchForm\").style.display = \"none\";\n" .
1078 " nei = document.createElement('input');\n" .
1079 " nei.setAttribute('type', 'hidden');\n" .
1080 " nei.setAttribute('name', '".$ext_submit."');\n" .
1081 " nei.setAttribute('value', '".$ext_submit_text."');\n" .
1082 " document.getElementById(\"ltiLaunchForm\").appendChild(nei);\n" .
1083 " document.ltiLaunchForm.submit(); \n" .
1090 function lti_get_type($typeid) {
1093 return $DB->get_record('lti_types', array('id' => $typeid));
1096 function lti_get_launch_container($lti, $toolconfig) {
1097 if (empty($lti->launchcontainer
)) {
1098 $lti->launchcontainer
= LTI_LAUNCH_CONTAINER_DEFAULT
;
1101 if ($lti->launchcontainer
== LTI_LAUNCH_CONTAINER_DEFAULT
) {
1102 if (isset($toolconfig['launchcontainer'])) {
1103 $launchcontainer = $toolconfig['launchcontainer'];
1106 $launchcontainer = $lti->launchcontainer
;
1109 if (empty($launchcontainer) ||
$launchcontainer == LTI_LAUNCH_CONTAINER_DEFAULT
) {
1110 $launchcontainer = LTI_LAUNCH_CONTAINER_EMBED_NO_BLOCKS
;
1113 $devicetype = get_device_type();
1115 //Scrolling within the object element doesn't work on iOS or Android
1116 //Opening the popup window also had some issues in testing
1117 //For mobile devices, always take up the entire screen to ensure the best experience
1118 if ($devicetype === 'mobile' ||
$devicetype === 'tablet' ) {
1119 $launchcontainer = LTI_LAUNCH_CONTAINER_REPLACE_MOODLE_WINDOW
;
1122 return $launchcontainer;
1125 function lti_request_is_using_ssl() {
1127 return (stripos($CFG->httpswwwroot
, 'https://') === 0);
1130 function lti_ensure_url_is_https($url) {
1131 if (!strstr($url, '://')) {
1132 $url = 'https://' . $url;
1134 //If the URL starts with http, replace with https
1135 if (stripos($url, 'http://') === 0) {
1136 $url = 'https://' . substr($url, 8);