| [ Index ] |
PHP Cross Reference of moodle-2.8 |
[Summary view] [Print] [Text view]
1 <?php 2 // This file is part of Moodle - http://moodle.org/ 3 // 4 // Moodle is free software: you can redistribute it and/or modify 5 // it under the terms of the GNU General Public License as published by 6 // the Free Software Foundation, either version 3 of the License, or 7 // (at your option) any later version. 8 // 9 // Moodle is distributed in the hope that it will be useful, 10 // but WITHOUT ANY WARRANTY; without even the implied warranty of 11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 // GNU General Public License for more details. 13 // 14 // You should have received a copy of the GNU General Public License 15 // along with Moodle. If not, see <http://www.gnu.org/licenses/>. 16 17 /** 18 * LTI web service endpoints 19 * 20 * @package mod_lti 21 * @copyright Copyright (c) 2011 Moodlerooms Inc. (http://www.moodlerooms.com) 22 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later 23 * @author Chris Scribner 24 */ 25 26 define('NO_DEBUG_DISPLAY', true); 27 define('NO_MOODLE_COOKIES', true); 28 29 require_once(dirname(__FILE__) . "/../../config.php"); 30 require_once($CFG->dirroot.'/mod/lti/locallib.php'); 31 require_once($CFG->dirroot.'/mod/lti/servicelib.php'); 32 33 // TODO: Switch to core oauthlib once implemented - MDL-30149. 34 use moodle\mod\lti as lti; 35 36 $rawbody = file_get_contents("php://input"); 37 38 if (lti_should_log_request($rawbody)) { 39 lti_log_request($rawbody); 40 } 41 42 foreach (lti\OAuthUtil::get_headers() as $name => $value) { 43 if ($name === 'Authorization') { 44 // TODO: Switch to core oauthlib once implemented - MDL-30149. 45 $oauthparams = lti\OAuthUtil::split_header($value); 46 47 $consumerkey = $oauthparams['oauth_consumer_key']; 48 break; 49 } 50 } 51 52 if (empty($consumerkey)) { 53 throw new Exception('Consumer key is missing.'); 54 } 55 56 $sharedsecret = lti_verify_message($consumerkey, lti_get_shared_secrets_by_key($consumerkey), $rawbody); 57 58 if ($sharedsecret === false) { 59 throw new Exception('Message signature not valid'); 60 } 61 62 // TODO MDL-46023 Replace this code with a call to the new library. 63 $origentity = libxml_disable_entity_loader(true); 64 $xml = simplexml_load_string($rawbody); 65 if (!$xml) { 66 libxml_disable_entity_loader($origentity); 67 throw new Exception('Invalid XML content'); 68 } 69 libxml_disable_entity_loader($origentity); 70 71 $body = $xml->imsx_POXBody; 72 foreach ($body->children() as $child) { 73 $messagetype = $child->getName(); 74 } 75 76 switch ($messagetype) { 77 case 'replaceResultRequest': 78 try { 79 $parsed = lti_parse_grade_replace_message($xml); 80 } catch (Exception $e) { 81 $responsexml = lti_get_response_xml( 82 'failure', 83 $e->getMessage(), 84 uniqid(), 85 'replaceResultResponse'); 86 87 echo $responsexml->asXML(); 88 break; 89 } 90 91 $ltiinstance = $DB->get_record('lti', array('id' => $parsed->instanceid)); 92 93 if (!lti_accepts_grades($ltiinstance)) { 94 throw new Exception('Tool does not accept grades'); 95 } 96 97 lti_verify_sourcedid($ltiinstance, $parsed); 98 lti_set_session_user($parsed->userid); 99 100 $gradestatus = lti_update_grade($ltiinstance, $parsed->userid, $parsed->launchid, $parsed->gradeval); 101 102 $responsexml = lti_get_response_xml( 103 $gradestatus ? 'success' : 'failure', 104 'Grade replace response', 105 $parsed->messageid, 106 'replaceResultResponse' 107 ); 108 109 echo $responsexml->asXML(); 110 111 break; 112 113 case 'readResultRequest': 114 $parsed = lti_parse_grade_read_message($xml); 115 116 $ltiinstance = $DB->get_record('lti', array('id' => $parsed->instanceid)); 117 118 if (!lti_accepts_grades($ltiinstance)) { 119 throw new Exception('Tool does not accept grades'); 120 } 121 122 // Getting the grade requires the context is set. 123 $context = context_course::instance($ltiinstance->course); 124 $PAGE->set_context($context); 125 126 lti_verify_sourcedid($ltiinstance, $parsed); 127 128 $grade = lti_read_grade($ltiinstance, $parsed->userid); 129 130 $responsexml = lti_get_response_xml( 131 'success', // Empty grade is also 'success'. 132 'Result read', 133 $parsed->messageid, 134 'readResultResponse' 135 ); 136 137 $node = $responsexml->imsx_POXBody->readResultResponse; 138 $node = $node->addChild('result')->addChild('resultScore'); 139 $node->addChild('language', 'en'); 140 $node->addChild('textString', isset($grade) ? $grade : ''); 141 142 echo $responsexml->asXML(); 143 144 break; 145 146 case 'deleteResultRequest': 147 $parsed = lti_parse_grade_delete_message($xml); 148 149 $ltiinstance = $DB->get_record('lti', array('id' => $parsed->instanceid)); 150 151 if (!lti_accepts_grades($ltiinstance)) { 152 throw new Exception('Tool does not accept grades'); 153 } 154 155 lti_verify_sourcedid($ltiinstance, $parsed); 156 lti_set_session_user($parsed->userid); 157 158 $gradestatus = lti_delete_grade($ltiinstance, $parsed->userid); 159 160 $responsexml = lti_get_response_xml( 161 $gradestatus ? 'success' : 'failure', 162 'Grade delete request', 163 $parsed->messageid, 164 'deleteResultResponse' 165 ); 166 167 echo $responsexml->asXML(); 168 169 break; 170 171 default: 172 // Fire an event if we get a web service request which we don't support directly. 173 // This will allow others to extend the LTI services, which I expect to be a common 174 // use case, at least until the spec matures. 175 $data = new stdClass(); 176 $data->body = $rawbody; 177 $data->xml = $xml; 178 $data->messageid = lti_parse_message_id($xml); 179 $data->messagetype = $messagetype; 180 $data->consumerkey = $consumerkey; 181 $data->sharedsecret = $sharedsecret; 182 $eventdata = array(); 183 $eventdata['other'] = array(); 184 $eventdata['other']['messageid'] = $data->messageid; 185 $eventdata['other']['messagetype'] = $messagetype; 186 $eventdata['other']['consumerkey'] = $consumerkey; 187 188 // Before firing the event, allow subplugins a chance to handle. 189 if (lti_extend_lti_services($data)) { 190 break; 191 } 192 193 // If an event handler handles the web service, it should set this global to true 194 // So this code knows whether to send an "operation not supported" or not. 195 global $ltiwebservicehandled; 196 $ltiwebservicehandled = false; 197 198 try { 199 $event = \mod_lti\event\unknown_service_api_called::create($eventdata); 200 $event->set_message_data($data); 201 $event->trigger(); 202 } catch (Exception $e) { 203 $ltiwebservicehandled = false; 204 } 205 206 if (!$ltiwebservicehandled) { 207 $responsexml = lti_get_response_xml( 208 'unsupported', 209 'unsupported', 210 lti_parse_message_id($xml), 211 $messagetype 212 ); 213 214 echo $responsexml->asXML(); 215 } 216 217 break; 218 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Fri Nov 28 20:29:05 2014 | Cross-referenced by PHPXref 0.7.1 |