class LTIX

This an opinionated LTI class that defines how Tsugi tools interact with LTI

This class deals with all of the session and database/data model details that Tsugi tools make use of during runtime. This makes use of the lower level \Tsugi\Util\LTI class which is focused on meeting the protocol requirements. Most tools will not use LTI at all - just LTIX.

Constants

CONTEXT

USER

LINK

ALL

NONE

MAX_ACTIVITY

ROLE_LEARNER

ROLE_INSTRUCTOR

ROLE_ADMINISTRATOR

Methods

static 
getConnection()

Get a singleton global connection or set it up if not already set up.

static 
launchCheck($needed = self::ALL, $session_object = null, $request_data = false)

Silently check if this is a launch and if so, handle it and redirect back to ourselves

static 
encrypt_secret($secret)

Encrypt a secret to put into the session

static 
decrypt_secret($secret)

Decrypt a secret from the session

static 
wrapped_session_get($session_object, $key, $default = null)

Wrap getting a key from the session

static 
wrapped_session_all($session_object)

Get all session values

static 
wrapped_session_put($session_object, $key, $value)

Wrap setting a key from the session

static 
wrapped_session_forget($session_object, $key)

Wrap forgetting a key from the session

static 
wrapped_session_flush($session_object)

Wrap flushing the session

static 
ltiParameter($varname, $default = false) deprecated

Pull a keyed variable from the LTI data in the current session with default

static 
ltiRawPostArray() deprecated

Return the original $_POST array

static 
ltiRawParameter($varname, $default = false) deprecated

Pull a keyed variable from the original LTI post data in the current session with default

static 
ltiCustomGet($varname, $default = false) deprecated

Pull out a custom variable from the LTIX session. Do not include the "custom_" prefix - this is automatic.

static 
oauth_parameters()

The LTI parameter data

static 
setupSession($needed = self::ALL, $session_object = null, $request_data = false)

Extract all of the post data, set up data in tables, and set up session.

static 
extractPost($needed = self::ALL, $input = false)

Pull the LTI POST data into our own data structure

static 
extractJWT($needed = self::ALL, $input = false)

Pull the LTI JWT data into our own data structure

static 
encode_jwt($params)

encode and sign a JWT with a bunch of parameters

static 
getCompositeKey($post, $session_secret)

No description

static 
loadAllData($p, $profile_table, $post)

Load the data from our lti_ tables using one long LEFT JOIN

static 
adjustData($p, $row, $post, $needed)

Make sure that the data in our lti_ tables matches the POST data

static Launch
session_start()

Optionally handle launch and/or set up the LTI session and global variables

static Launch
requireData($needed = self::ALL)

Handle launch and/or set up the LTI session and global variables

static 
requireDataOverride($needed, $pdox, $session_object, $current_url, $request_data)

Handle the launch, but with the caller given the chance to override defaults

static 
requireDataPrivate($needed = self::ALL, $pdox = null, $session_object = null, $current_url = null, $request_data = null)

Internal method to handle the data setup

static 
buildLaunch($LTI, $session_object = null)

No description

static 
launchAuthorizationFlow($request_data)

Handle the optional LTI pre 1.3 Launch Authorization flow

static 
var_dump()

Dump out the internal data structures adssociated with the current launch. Best if used within a pre tag.

static mixed
gradeGet($row = false, $debug_log = false)

Load the grade for a particular row and update our local copy (Deprecated - moved to Result)

static mixed
gradeSend($grade, $row = false, $debug_log = false)

Send a grade and update our local copy (Deprecated - moved to Result)

static 
gradeSendDueDate($gradetosend, $oldgrade = false, $dueDate = false)

Send a grade applying the due date logic and only increasing grades (Deprecated - moved to Result)

static 
signParameters($oldparms, $endpoint, $method, $submit_text = false, $org_id = false, $org_desc = false)

signParameters - Look up the key and secret and call the underlying code in LTI

static 
settingsSend($settings, $settings_url, $debug_log = false)

Send settings to the LMS using the simple JSON approach

static 
caliperSend($caliperBody, $content_type = 'application/json', $debug_log = false)

Send a Caliper Body to the correct URL using the key and secret

static mixed
jsonSend($method, $postBody, $content_type, $service_url, bool $debug_log = false)

Send a JSON Body to a URL after looking up the key and secret

static string
ltiLinkUrl($postdata = false)

ltiLinkUrl - Returns true if we can return LTI Links for this launch

static 
getKeySecretForLaunch($url)

getKeySecretForLaunch - Retrieve a Key/Secret for a Launch

static 
curPageUrl()

curPageUrl - Returns the URL to the currently executing script with query string

static 
curPageUrlNoQuery()

curPageUrlNoQuery - Returns the URL to the currently executing query without query string

static 
removeQueryString($url)

removeQueryString - Drop a query string from a url

static 
curPageUrlFolder()

curPageUrlFolder - Returns the URL to the folder currently executing

static 
curPageUrlScript()

curPageUrlScript - Returns the URL to the currently executing script

static string
curPageUrlBase()

curPageUrlBase - Returns the protocol, host, and port for the current URL

static 
loginSecureCookie($session_object = null)

No description

static 
getCoreLaunchData()

getCoreLaunchData - Get the launch data common across launch types

static 
getLaunchData()

getLaunchData - Get the launch data for a normal LTI 1.x launch

static 
getContentItem($contentReturn, $dataProps)

getLaunchData - Get the launch data for am LTI ContentItem launch

static 
getLaunchUrl($endpoint, $debug = false)

getLaunchData - Get the launch data for am LTI ContentItem launch

static 
getLaunchContent($endpoint, $debug = false)

getLaunchContent - Get the launch data for am LTI ContentItem launch

static 
abort_with_error_log($msg, $extra = false, $prefix = "DIE:")

We are aborting this request. If this is a launch, redirect back

static 
noteLoggedIn($row)

Update the login_at fields as appropriate

static bool
populateRoster($groups = false, $insert = false)

populateRoster

static 
getBrowserSignature()

No description

static 
getBrowserSignatureRaw()

No description

static 
getTsugiStateCookieName()

No description

static 
getKidForKey(pubkey $pubkey)

Compute the kid has value from a public key

Details

at line 54
static getConnection()

Get a singleton global connection or set it up if not already set up.

at line 85
static launchCheck($needed = self::ALL, $session_object = null, $request_data = false)

Silently check if this is a launch and if so, handle it and redirect back to ourselves

Parameters

$needed
$session_object
$request_data

at line 131
static encrypt_secret($secret)

Encrypt a secret to put into the session

Parameters

$secret

at line 142
static decrypt_secret($secret)

Decrypt a secret from the session

Parameters

$secret

at line 155
static wrapped_session_get($session_object, $key, $default = null)

Wrap getting a key from the session

Parameters

$session_object
$key
$default

at line 174
static wrapped_session_all($session_object)

Get all session values

Parameters

$session_object

at line 195
static wrapped_session_put($session_object, $key, $value)

Wrap setting a key from the session

Parameters

$session_object
$key
$value

at line 213
static wrapped_session_forget($session_object, $key)

Wrap forgetting a key from the session

Parameters

$session_object
$key

at line 231
static wrapped_session_flush($session_object)

Wrap flushing the session

Parameters

$session_object

at line 255
static ltiParameter($varname, $default = false) deprecated

deprecated Session access should be through the Launch Object

Pull a keyed variable from the LTI data in the current session with default

Parameters

$varname
$default

at line 272
static ltiRawPostArray() deprecated

deprecated Session access should be through the Launch Object

Return the original $_POST array

at line 287
static ltiRawParameter($varname, $default = false) deprecated

deprecated Session access should be through the Launch Object

Pull a keyed variable from the original LTI post data in the current session with default

Parameters

$varname
$default

at line 305
static ltiCustomGet($varname, $default = false) deprecated

deprecated Session access should be through the Launch Object

Pull out a custom variable from the LTIX session. Do not include the "custom_" prefix - this is automatic.

Parameters

$varname
$default

at line 314
static oauth_parameters()

The LTI parameter data

This code is taken from OAuthRequest

at line 343
static setupSession($needed = self::ALL, $session_object = null, $request_data = false)

Extract all of the post data, set up data in tables, and set up session.

Parameters

$needed
$session_object
$request_data

at line 774
static extractPost($needed = self::ALL, $input = false)

Pull the LTI POST data into our own data structure

We follow our naming conventions that match the column names in our lti_ tables.

Parameters

$needed
$input

at line 908
static extractJWT($needed = self::ALL, $input = false)

Pull the LTI JWT data into our own data structure

We follow our naming conventions that match the column names in our lti_ tables.

Parameters

$needed
$input

at line 1059
static encode_jwt($params)

encode and sign a JWT with a bunch of parameters

Parameters

$params

at line 1073
static getCompositeKey($post, $session_secret)

Parameters

$post
$session_secret

at line 1088
static loadAllData($p, $profile_table, $post)

Load the data from our lti_ tables using one long LEFT JOIN

This data may or may not exist - hence the use of the long LEFT JOIN.

Parameters

$p
$profile_table
$post

at line 1290
static adjustData($p, $row, $post, $needed)

Make sure that the data in our lti_ tables matches the POST data

This routine compares the POST data to the data pulled from the lti_ tables and goes through carefully INSERTing or UPDATING all the nexessary data in the lti_ tables to make sure that the lti_ table correctly match all the data from the incoming post.

While this looks like a lot of INSERT and UPDATE statements, the INSERT statements only run when we see a new user/course/link for the first time and after that, we only update if something changes. So in a high percentage of launches we are not seeing any new or updated data and so this code just falls through and does absolutely no SQL.

Parameters

$p
$row
$post
$needed

at line 1688
static Launch session_start()

Optionally handle launch and/or set up the LTI session and global variables

This will set up as much of the $USER, $CONTEXT, $LINK, and $RESULT data as it can including leaving them all null if this is called on a request with no LTI launch and no LTI data in the session. This functions as and performs a PHP session_start().

Return Value

Launch A Tsugi Launch object.

at line 1710
static Launch requireData($needed = self::ALL)

Handle launch and/or set up the LTI session and global variables

Make sure we have the values we need in the LTI session This routine will not start a session if none exists. It will die is there if no session_name() (PHPSESSID) cookie or parameter. No need to create any fresh sessions here.

Parameters

$needed (optional, mixed) Indicates which of the data structures are * needed. If this is omitted, this assumes that CONTEXT, LINK, and USER data are required. If LTIX::NONE is present, then none of the three are rquired. If some combination of the three are needed, this accepts an array of the LTIX::CONTEXT, LTIX: LINK, and LTIX::USER can be passed in.

Return Value

Launch A Tsugi Launch object.

at line 1723
static requireDataOverride($needed, $pdox, $session_object, $current_url, $request_data)

Handle the launch, but with the caller given the chance to override defaults

Parameters

$needed
$pdox
$session_object
$current_url
$request_data

at line 1733
static requireDataPrivate($needed = self::ALL, $pdox = null, $session_object = null, $current_url = null, $request_data = null)

Internal method to handle the data setup

Parameters

$needed
$pdox
$session_object
$current_url
$request_data

at line 1887
static buildLaunch($LTI, $session_object = null)

Parameters

$LTI
$session_object

at line 1981
static launchAuthorizationFlow($request_data)

Handle the optional LTI pre 1.3 Launch Authorization flow

Parameters

$request_data

at line 2038
static var_dump()

Dump out the internal data structures adssociated with the current launch. Best if used within a pre tag.

at line 2087
static mixed gradeGet($row = false, $debug_log = false)

Load the grade for a particular row and update our local copy (Deprecated - moved to Result)

Call the right LTI service to retrieve the server's grade and update our local cached copy of the server_grade and the date retrieved. This routine pulls the key and secret from the LTIX session to avoid crossing cross tennant boundaries.

Parameters

$row An optional array with the data that has the result_id, sourcedid, and service (url) if this is not present, the data is pulled from the LTI session for the current user/link combination.
$debug_log An (optional) array (by reference) that returns the steps that were taken. Each entry is an array with the [0] element a message and an optional [1] element as some detail (i.e. like a POST body)

Return Value

mixed If this work this returns a float. If not you get a string with an error.

at line 2114
static mixed gradeSend($grade, $row = false, $debug_log = false)

Send a grade and update our local copy (Deprecated - moved to Result)

Call the right LTI service to send a new grade up to the server. update our local cached copy of the server_grade and the date retrieved. This routine pulls the key and secret from the LTIX session to avoid crossing cross tennant boundaries.

Parameters

$grade A new grade - floating point number between 0.0 and 1.0
$row An optional array with the data that has the result_id, sourcedid, and service (url) if this is not present, the data is pulled from the LTI session for the current user/link combination.
$debug_log An (optional) array (by reference) that returns the steps that were taken. Each entry is an array with the [0] element a message and an optional [1] element as some detail (i.e. like a POST body)

Return Value

mixed If this works it returns true. If not, you get a string with an error.

at line 2129
static gradeSendDueDate($gradetosend, $oldgrade = false, $dueDate = false)

Send a grade applying the due date logic and only increasing grades (Deprecated - moved to Result)

Puts messages in the session for a redirect.

Parameters

$gradetosend
  • The grade in the range 0.0 .. 1.0
$oldgrade
  • The previous grade in the range 0.0 .. 1.0 (optional)
$dueDate
  • The due date for this assignment

at line 2138
static signParameters($oldparms, $endpoint, $method, $submit_text = false, $org_id = false, $org_desc = false)

signParameters - Look up the key and secret and call the underlying code in LTI

Parameters

$oldparms
$endpoint
$method
$submit_text
$org_id
$org_desc

at line 2150
static settingsSend($settings, $settings_url, $debug_log = false)

Send settings to the LMS using the simple JSON approach

Parameters

$settings
$settings_url
$debug_log

at line 2166
static caliperSend($caliperBody, $content_type = 'application/json', $debug_log = false)

Send a Caliper Body to the correct URL using the key and secret

This is not yet a standard or production - it uses the Canvas extension only.

Parameters

$caliperBody
$content_type
$debug_log

at line 2193
static mixed jsonSend($method, $postBody, $content_type, $service_url, bool $debug_log = false)

Send a JSON Body to a URL after looking up the key and secret

Parameters

$method The HTTP Method to use
$postBody
$content_type
$service_url
bool $debug_log

Return Value

mixed

at line 2209
static string ltiLinkUrl($postdata = false)

ltiLinkUrl - Returns true if we can return LTI Links for this launch

Parameters

$postdata

Return Value

string The content_item_return_url or false

at line 2218
static getKeySecretForLaunch($url)

getKeySecretForLaunch - Retrieve a Key/Secret for a Launch

Parameters

$url
  • The url to lookup

at line 2257
static curPageUrl()

curPageUrl - Returns the URL to the currently executing script with query string

This is useful when we want to do OAuth where we need the exact incoming path but our host, protocol, and port might be messed up by a proxy or CDN.

URL Result http://x.com/data http://x.com/data http://x.com/data/index.php http://x.com/data/index.php http://x.com/data/index.php?y=1 http://x.com/data/index.php?y=1

at line 2269
static curPageUrlNoQuery()

curPageUrlNoQuery - Returns the URL to the currently executing query without query string

URL Result http://x.com/data http://x.com/data http://x.com/data/keys http://x.com/data/keys http://x.com/data/keys?x=1 http://x.com/data/keys

at line 2276
static removeQueryString($url)

removeQueryString - Drop a query string from a url

Parameters

$url

at line 2293
static curPageUrlFolder()

curPageUrlFolder - Returns the URL to the folder currently executing

This is useful when rest-style files want to link back to "index.php" Note - this will not go up to a parent.

URL Result http://x.com/data/ http://x.com/data/ http://x.com/data/keys http://x.com/data/

at line 2317
static curPageUrlScript()

curPageUrlScript - Returns the URL to the currently executing script

This is useful when we want to make a URL to another script at this location. Often we use this with str_replace().

URL                              Result
http://x.com/data                http://x.com/data/index.php
http://x.com/data/index.php      http://x.com/data/index.php
http://x.com/data/index.php?y=1  http://x.com/data/index.php

 http://stackoverflow.com/questions/279966/php-self-vs-path-info-vs-script-name-vs-request-uri

 http://example.com/bob
 REQUEST_URI = /bob
 PHP_SELF = /bob/index.php

at line 2343
static string curPageUrlBase()

curPageUrlBase - Returns the protocol, host, and port for the current URL

This is useful when we are running behind a proxy like ngrok or CloudFlare. These proxies will accept with the http or https version of the URL but our web server will likely only se the incoming request as http. So we need to fall back to $CFG->wwwroot and reconstruct the right URL from there. Since the wwwroot might have some of the request URI, like

http://tsugi.ngrok.com/tsugi

We need to parse the wwwroot and put things back together.

URL Result http://x.com/data http://x.com http://x.com/data/index.php http://x.com http://x.com/data/index.php?y=1 http://x.com

Return Value

string The current page protocol, host, and optionally port URL

at line 2415
static loginSecureCookie($session_object = null)

Parameters

$session_object

at line 2531
static getCoreLaunchData()

getCoreLaunchData - Get the launch data common across launch types

at line 2551
static getLaunchData()

getLaunchData - Get the launch data for a normal LTI 1.x launch

at line 2567
static getContentItem($contentReturn, $dataProps)

getLaunchData - Get the launch data for am LTI ContentItem launch

Parameters

$contentReturn
$dataProps

at line 2592
static getLaunchUrl($endpoint, $debug = false)

getLaunchData - Get the launch data for am LTI ContentItem launch

Parameters

$endpoint
$debug

at line 2604
static getLaunchContent($endpoint, $debug = false)

getLaunchContent - Get the launch data for am LTI ContentItem launch

Parameters

$endpoint
$debug

at line 2624
static abort_with_error_log($msg, $extra = false, $prefix = "DIE:")

We are aborting this request. If this is a launch, redirect back

Parameters

$msg
$extra
$prefix

at line 2655
static noteLoggedIn($row)

Update the login_at fields as appropriate

Parameters

$row

at line 2713
static bool populateRoster($groups = false, $insert = false)

populateRoster

If the LTI Extension: Context Memberships Service is supported in the launch, get the memberships information and insert the information into lti_user and lti_membership

Parameters

$groups
$insert

Return Value

bool true if successful, false if not possible

at line 2782
static getBrowserSignature()

at line 2788
static getBrowserSignatureRaw()

at line 2818
static getTsugiStateCookieName()

at line 2826
static getKidForKey(pubkey $pubkey)

Compute the kid has value from a public key

Parameters

pubkey $pubkey The public key