LTIX
class LTIX
This an opinionated LTI class that defines how Tsugi tools interact with LTI
This class deals with all of the session and database/data model details that Tsugi tools make use of during runtime. This makes use of the lower level \Tsugi\Util\LTI class which is focused on meeting the protocol requirements. Most tools will not use LTI at all - just LTIX.
Constants
| CONTEXT |
|
| USER |
|
| LINK |
|
| ALL |
|
| NONE |
|
| MAX_ACTIVITY |
|
| ROLE_LEARNER |
|
| ROLE_INSTRUCTOR |
|
| ROLE_ADMINISTRATOR |
|
| BROWSER_MARK_COOKIE |
|
Methods
Get a singleton global connection or set it up if not already set up.
Silently check if this is a launch and if so, handle it and redirect back to ourselves
Encrypt a secret to put into the session
Decrypt a secret from the session
Wrap getting a key from the session
Get all session values
Wrap setting a key from the session
Wrap forgetting a key from the session
Wrap flushing the session
Pull a keyed variable from the LTI data in the current session with default
Pull a keyed variable from the original LTI post data in the current session with default
Pull out a custom variable from the LTIX session. Do not include the "custom_" prefix - this is automatic.
The LTI parameter data
No description
No description
Extract all of the post data, set up data in tables, and set up session.
getPlatformPublicKey - Get the platform public key for the various sources
Pull the LTI POST data into our own data structure
Pull the LTI JWT data into our own data structure
encode and sign a JWT with a bunch of parameters
No description
Get a display name from a LTI 1.3 user claim
Load the data from our lti_ tables using one long LEFT JOIN
Make sure that the data in our lti_ tables matches the POST data
Optionally handle launch and/or set up the LTI session and global variables
Handle launch and/or set up the LTI session and global variables
Handle the launch, but with the caller given the chance to override defaults
Restore an LTI session and check if it worked
Internal method to handle the data setup
No description
Handle the optional LTI pre 1.3 Launch Authorization flow
Dump out the internal data structures adssociated with the current launch. Best if used within a pre tag.
Load the grade for a particular row and update our local copy (Deprecated - moved to Result)
Send a grade and update our local copy (Deprecated - moved to Result)
Send a grade applying the due date logic and only increasing grades (Deprecated - moved to Result)
signParameters - Look up the key and secret and call the underlying code in LTI
Send settings to the LMS using the simple JSON approach
Send a Caliper Body to the correct URL using the key and secret
Send a JSON Body to a URL after looking up the key and secret
ltiLinkUrl - Returns true if we can return LTI Links for this launch
getKeySecretForLaunch - Retrieve a Key/Secret for a Launch
curPageUrl - Returns the URL to the currently executing script with query string
curPageUrlNoQuery - Returns the URL to the currently executing query without query string
removeQueryString - Drop a query string from a url
curPageUrlFolder - Returns the URL to the folder currently executing
curPageUrlScript - Returns the URL to the currently executing script
curPageUrlBase - Returns the protocol, host, and port for the current URL
No description
getCoreLaunchData - Get the launch data common across launch types
getLaunchData - Get the launch data for a normal LTI 1.x launch
getLaunchData - Get the launch data for am LTI ContentItem launch
getLaunchData - Get the launch data for am LTI ContentItem launch
getLaunchContent - Get the launch data for am LTI ContentItem launch
We are aborting this request. If this is a launch, redirect back
Update the login_at fields as appropriate
populateRoster
No description
No description
No description
Compute the kid has value from a public key
Retrieve the context and link ids for a previous installation of the tool, such as if it were imported from another site during a site import. Returns false, if not.
Details
at line 57
static
getConnection()
Get a singleton global connection or set it up if not already set up.
at line 107
static
launchCheck($needed = self::ALL, $session_object = null, $request_data = false)
Silently check if this is a launch and if so, handle it and redirect back to ourselves
at line 153
static
encrypt_secret($secret)
Encrypt a secret to put into the session
at line 164
static
decrypt_secret($secret)
Decrypt a secret from the session
at line 179
static
wrapped_session_get($session_object, $key, $default = null)
Wrap getting a key from the session
at line 198
static
wrapped_session_all($session_object)
Get all session values
at line 219
static
wrapped_session_put($session_object, $key, $value)
Wrap setting a key from the session
at line 237
static
wrapped_session_forget($session_object, $key)
Wrap forgetting a key from the session
at line 255
static
wrapped_session_flush($session_object)
Wrap flushing the session
at line 279
static
ltiParameter($varname, $default = false)
deprecated
deprecated
Pull a keyed variable from the LTI data in the current session with default
at line 296
static
ltiRawPostArray()
deprecated
deprecated
Return the original $_POST array
at line 311
static
ltiRawParameter($varname, $default = false)
deprecated
deprecated
Pull a keyed variable from the original LTI post data in the current session with default
at line 329
static
ltiCustomGet($varname, $default = false)
deprecated
deprecated
Pull out a custom variable from the LTIX session. Do not include the "custom_" prefix - this is automatic.
at line 338
static
oauth_parameters()
The LTI parameter data
This code is taken from OAuthRequest
at line 365
static
setCookieStrong($name, $value, $expires)
at line 370
static
getBrowserMark()
at line 396
static
setupSession($needed = self::ALL, $session_object = null, $request_data = false)
Extract all of the post data, set up data in tables, and set up session.
at line 855
static
getPlatformPublicKey($issuer_id, $key_id, $request_kid, $our_kid, $public_key, $our_keyset_url, $our_keyset)
getPlatformPublicKey - Get the platform public key for the various sources
This will check the current kid, the current keyset, and if nothing matches re-load the keyset url, and check the new keyset url. If new information is retrieved, it is cached until the kid chages for this issuer.
at line 947
static
extractPost($needed = self::ALL, $input = false)
Pull the LTI POST data into our own data structure
We follow our naming conventions that match the column names in our lti_ tables.
at line 1089
static
extractJWT($needed = self::ALL, $input = false)
Pull the LTI JWT data into our own data structure
We follow our naming conventions that match the column names in our lti_ tables.
at line 1249
static
encode_jwt($params)
encode and sign a JWT with a bunch of parameters
at line 1260
static
getCompositeKey($post, $session_secret)
at line 1272
static
displayNameFromClaim($claim)
Get a display name from a LTI 1.3 user claim
at line 1297
static
loadAllData($p, $profile_table, $post)
Load the data from our lti_ tables using one long LEFT JOIN
This data may or may not exist - hence the use of the long LEFT JOIN.
at line 1519
static
adjustData($p, $row, $post, $needed)
Make sure that the data in our lti_ tables matches the POST data
This routine compares the POST data to the data pulled from the lti_ tables and goes through carefully INSERTing or UPDATING all the nexessary data in the lti_ tables to make sure that the lti_ table correctly match all the data from the incoming post.
While this looks like a lot of INSERT and UPDATE statements, the INSERT statements only run when we see a new user/course/link for the first time and after that, we only update if something changes. So in a high percentage of launches we are not seeing any new or updated data and so this code just falls through and does absolutely no SQL.
at line 1933
static Launch
session_start()
Optionally handle launch and/or set up the LTI session and global variables
This will set up as much of the $USER, $CONTEXT, $LINK, and $RESULT data as it can including leaving them all null if this is called on a request with no LTI launch and no LTI data in the session. This functions as and performs a PHP session_start().
at line 1955
static Launch
requireData($needed = self::ALL)
Handle launch and/or set up the LTI session and global variables
Make sure we have the values we need in the LTI session This routine will not start a session if none exists. It will die is there if no session_name() (PHPSESSID) cookie or parameter. No need to create any fresh sessions here.
at line 1968
static
requireDataOverride($needed, $pdox, $session_object, $current_url, $request_data)
Handle the launch, but with the caller given the chance to override defaults
at line 1982
static
restoreLTISession($session_id)
Restore an LTI session and check if it worked
If we are using memcached with php_serialize serialization, we take a wild guess that we might be having a race condition with memcache. So we wait a tic, and re-try the read.
at line 2042
static
requireDataPrivate($needed = self::ALL, $pdox = null, $session_object = null, $current_url = null, $request_data = null)
Internal method to handle the data setup
at line 2222
static
buildLaunch($LTI, $session_object = null)
at line 2349
static
launchAuthorizationFlow($request_data)
Handle the optional LTI pre 1.3 Launch Authorization flow
at line 2406
static
var_dump()
Dump out the internal data structures adssociated with the current launch. Best if used within a pre tag.
at line 2455
static mixed
gradeGet($row = false, $debug_log = false)
Load the grade for a particular row and update our local copy (Deprecated - moved to Result)
Call the right LTI service to retrieve the server's grade and update our local cached copy of the server_grade and the date retrieved. This routine pulls the key and secret from the LTIX session to avoid crossing cross tenant boundaries.
at line 2482
static mixed
gradeSend($grade, $row = false, $debug_log = false)
Send a grade and update our local copy (Deprecated - moved to Result)
Call the right LTI service to send a new grade up to the server. update our local cached copy of the server_grade and the date retrieved. This routine pulls the key and secret from the LTIX session to avoid crossing cross tenant boundaries.
at line 2497
static
gradeSendDueDate($gradetosend, $oldgrade = false, $dueDate = false)
Send a grade applying the due date logic and only increasing grades (Deprecated - moved to Result)
Puts messages in the session for a redirect.
at line 2506
static
signParameters($oldparms, $endpoint, $method, $submit_text = false, $org_id = false, $org_desc = false)
signParameters - Look up the key and secret and call the underlying code in LTI
at line 2518
static
settingsSend($settings, $settings_url, $debug_log = false)
Send settings to the LMS using the simple JSON approach
at line 2534
static
caliperSend($caliperBody, $content_type = 'application/json', $debug_log = false)
Send a Caliper Body to the correct URL using the key and secret
This is not yet a standard or production - it uses the Canvas extension only.
at line 2561
static mixed
jsonSend($method, $postBody, $content_type, $service_url, bool $debug_log = false)
Send a JSON Body to a URL after looking up the key and secret
at line 2577
static string
ltiLinkUrl($postdata = false)
ltiLinkUrl - Returns true if we can return LTI Links for this launch
at line 2586
static
getKeySecretForLaunch($url)
getKeySecretForLaunch - Retrieve a Key/Secret for a Launch
at line 2625
static
curPageUrl()
curPageUrl - Returns the URL to the currently executing script with query string
This is useful when we want to do OAuth where we need the exact incoming path but our host, protocol, and port might be messed up by a proxy or CDN.
URL Result http://x.com/data http://x.com/data http://x.com/data/index.php http://x.com/data/index.php http://x.com/data/index.php?y=1 http://x.com/data/index.php?y=1
at line 2637
static
curPageUrlNoQuery()
curPageUrlNoQuery - Returns the URL to the currently executing query without query string
URL Result http://x.com/data http://x.com/data http://x.com/data/keys http://x.com/data/keys http://x.com/data/keys?x=1 http://x.com/data/keys
at line 2644
static
removeQueryString($url)
removeQueryString - Drop a query string from a url
at line 2661
static
curPageUrlFolder()
curPageUrlFolder - Returns the URL to the folder currently executing
This is useful when rest-style files want to link back to "index.php" Note - this will not go up to a parent.
URL Result http://x.com/data/ http://x.com/data/ http://x.com/data/keys http://x.com/data/
at line 2685
static
curPageUrlScript()
curPageUrlScript - Returns the URL to the currently executing script
This is useful when we want to make a URL to another script at this location. Often we use this with str_replace().
URL Result
http://x.com/data http://x.com/data/index.php
http://x.com/data/index.php http://x.com/data/index.php
http://x.com/data/index.php?y=1 http://x.com/data/index.php
http://stackoverflow.com/questions/279966/php-self-vs-path-info-vs-script-name-vs-request-uri
http://example.com/bob
REQUEST_URI = /bob
PHP_SELF = /bob/index.php
at line 2711
static string
curPageUrlBase()
curPageUrlBase - Returns the protocol, host, and port for the current URL
This is useful when we are running behind a proxy like ngrok or CloudFlare. These proxies will accept with the http or https version of the URL but our web server will likely only se the incoming request as http. So we need to fall back to $CFG->wwwroot and reconstruct the right URL from there. Since the wwwroot might have some of the request URI, like
http://tsugi.ngrok.com/tsugi
We need to parse the wwwroot and put things back together.
URL Result http://x.com/data http://x.com http://x.com/data/index.php http://x.com http://x.com/data/index.php?y=1 http://x.com
at line 2783
static
loginSecureCookie($session_object = null)
at line 2899
static
getCoreLaunchData()
getCoreLaunchData - Get the launch data common across launch types
at line 2919
static
getLaunchData()
getLaunchData - Get the launch data for a normal LTI 1.x launch
at line 2935
static
getContentItem($contentReturn, $dataProps)
getLaunchData - Get the launch data for am LTI ContentItem launch
at line 2960
static
getLaunchUrl($endpoint, $debug = false)
getLaunchData - Get the launch data for am LTI ContentItem launch
at line 2972
static
getLaunchContent($endpoint, $debug = false)
getLaunchContent - Get the launch data for am LTI ContentItem launch
at line 2992
static
abort_with_error_log($msg, $extra = false, $prefix = "DIE:")
We are aborting this request. If this is a launch, redirect back
at line 3049
static
noteLoggedIn($row)
Update the login_at fields as appropriate
at line 3107
static bool
populateRoster($groups = false, $insert = false)
populateRoster
If the LTI Extension: Context Memberships Service is supported in the launch, get the memberships information and insert the information into lti_user and lti_membership
at line 3176
static
getBrowserSignature()
at line 3183
static
getBrowserSignatureRaw()
at line 3210
static
getTsugiStateCookieName()
at line 3218
static
getKidForKey(pubkey $pubkey)
Compute the kid has value from a public key
at line 3229
static array[
getLatestHistoryIds()
Retrieve the context and link ids for a previous installation of the tool, such as if it were imported from another site during a site import. Returns false, if not.