LTIX

Get a singleton global connection or set it up if not already set up.

Silently check if this is a launch and if so, handle it and redirect back to ourselves

Encrypt a secret to put into the session

Decrypt a secret from the session

Wrap getting a key from the session

Get all session values

Wrap setting a key from the session

Wrap forgetting a key from the session

Wrap flushing the session

Pull a keyed variable from the LTI data in the current session with default

Return the original $_POST array

Pull a keyed variable from the original LTI post data in the current session with default

Pull out a custom variable from the LTIX session. Do not include the "custom_" prefix - this is automatic.

The LTI parameter data

This code is taken from OAuthRequest

Extract all of the post data, set up data in tables, and set up session.

getPlatformPublicKey - Get the platform public key for the various sources

This will check the current kid, the current keyset, and if nothing matches re-load the keyset url, and check the new keyset url. If new information is retrieved, it is cached until the kid chages for this issuer.

Pull the LTI POST data into our own data structure

We follow our naming conventions that match the column names in our lti_ tables.

Pull the LTI JWT data into our own data structure

We follow our naming conventions that match the column names in our lti_ tables.

encode and sign a JWT with a bunch of parameters

Get a display name from a LTI 1.3 user claim

Load the data from our lti_ tables using one long LEFT JOIN

This data may or may not exist - hence the use of the long LEFT JOIN.

Make sure that the data in our lti_ tables matches the POST data

This routine compares the POST data to the data pulled from the lti_ tables and goes through carefully INSERTing or UPDATING all the nexessary data in the lti_ tables to make sure that the lti_ table correctly match all the data from the incoming post.

While this looks like a lot of INSERT and UPDATE statements, the INSERT statements only run when we see a new user/course/link for the first time and after that, we only update if something changes. So in a high percentage of launches we are not seeing any new or updated data and so this code just falls through and does absolutely no SQL.

Optionally handle launch and/or set up the LTI session and global variables

This will set up as much of the $USER, $CONTEXT, $LINK, and $RESULT data as it can including leaving them all null if this is called on a request with no LTI launch and no LTI data in the session. This functions as and performs a PHP session_start().

Handle launch and/or set up the LTI session and global variables

Make sure we have the values we need in the LTI session This routine will not start a session if none exists. It will die is there if no session_name() (PHPSESSID) cookie or parameter. No need to create any fresh sessions here.

Handle the launch, but with the caller given the chance to override defaults

Restore an LTI session and check if it worked

If we are using memcached with php_serialize serialization, we take a wild guess that we might be having a race condition with memcache. So we wait a tic, and re-try the read.

Internal method to handle the data setup

Handle the optional LTI pre 1.3 Launch Authorization flow

Dump out the internal data structures adssociated with the current launch. Best if used within a pre tag.

Load the grade for a particular row and update our local copy (Deprecated - moved to Result)

Call the right LTI service to retrieve the server's grade and update our local cached copy of the server_grade and the date retrieved. This routine pulls the key and secret from the LTIX session to avoid crossing cross tenant boundaries.

Send a grade and update our local copy (Deprecated - moved to Result)

Call the right LTI service to send a new grade up to the server. update our local cached copy of the server_grade and the date retrieved. This routine pulls the key and secret from the LTIX session to avoid crossing cross tenant boundaries.

Send a grade applying the due date logic and only increasing grades (Deprecated - moved to Result)

Puts messages in the session for a redirect.

signParameters - Look up the key and secret and call the underlying code in LTI

Send settings to the LMS using the simple JSON approach

Send a Caliper Body to the correct URL using the key and secret

This is not yet a standard or production - it uses the Canvas extension only.

Send a JSON Body to a URL after looking up the key and secret

ltiLinkUrl - Returns true if we can return LTI Links for this launch

getKeySecretForLaunch - Retrieve a Key/Secret for a Launch

curPageUrl - Returns the URL to the currently executing script with query string

This is useful when we want to do OAuth where we need the exact incoming path but our host, protocol, and port might be messed up by a proxy or CDN.

URL Result http://x.com/data http://x.com/data http://x.com/data/index.php http://x.com/data/index.php http://x.com/data/index.php?y=1 http://x.com/data/index.php?y=1

curPageUrlNoQuery - Returns the URL to the currently executing query without query string

URL Result http://x.com/data http://x.com/data http://x.com/data/keys http://x.com/data/keys http://x.com/data/keys?x=1 http://x.com/data/keys

removeQueryString - Drop a query string from a url

curPageUrlFolder - Returns the URL to the folder currently executing

This is useful when rest-style files want to link back to "index.php" Note - this will not go up to a parent.

URL Result http://x.com/data/ http://x.com/data/ http://x.com/data/keys http://x.com/data/

curPageUrlScript - Returns the URL to the currently executing script

This is useful when we want to make a URL to another script at this location. Often we use this with str_replace().

URL                              Result
http://x.com/data                http://x.com/data/index.php
http://x.com/data/index.php      http://x.com/data/index.php
http://x.com/data/index.php?y=1  http://x.com/data/index.php

 http://stackoverflow.com/questions/279966/php-self-vs-path-info-vs-script-name-vs-request-uri

 http://example.com/bob
 REQUEST_URI = /bob
 PHP_SELF = /bob/index.php

curPageUrlBase - Returns the protocol, host, and port for the current URL

This is useful when we are running behind a proxy like ngrok or CloudFlare. These proxies will accept with the http or https version of the URL but our web server will likely only se the incoming request as http. So we need to fall back to $CFG->wwwroot and reconstruct the right URL from there. Since the wwwroot might have some of the request URI, like

http://tsugi.ngrok.com/tsugi

We need to parse the wwwroot and put things back together.

URL Result http://x.com/data http://x.com http://x.com/data/index.php http://x.com http://x.com/data/index.php?y=1 http://x.com

getCoreLaunchData - Get the launch data common across launch types

getLaunchData - Get the launch data for a normal LTI 1.x launch

getLaunchData - Get the launch data for am LTI ContentItem launch

getLaunchData - Get the launch data for am LTI ContentItem launch

getLaunchContent - Get the launch data for am LTI ContentItem launch

We are aborting this request. If this is a launch, redirect back

Update the login_at fields as appropriate

populateRoster

If the LTI Extension: Context Memberships Service is supported in the launch, get the memberships information and insert the information into lti_user and lti_membership

Compute the kid has value from a public key

Retrieve the context and link ids for a previous installation of the tool, such as if it were imported from another site during a site import. Returns false, if not.