public static function parse_parameters($input)
{
if (!isset($input) || !$input) {
return array();
}
$pairs = split('&', $input);
$parsed_parameters = array();
foreach ($pairs as $pair) {
$split = split('=', $pair, 2);
$parameter = OAuthUtil::urldecode_rfc3986($split[0]);
$value = isset($split[1]) ? OAuthUtil::urldecode_rfc3986($split[1]) : '';
if (isset($parsed_parameters[$parameter])) {
// We have already recieved parameter(s) with this name, so add to the list
// of parameters with this name
if (is_scalar($parsed_parameters[$parameter])) {
// This is the first duplicate, so transform scalar (string) into an array
// so we can add the duplicates
$parsed_parameters[$parameter] = array($parsed_parameters[$parameter]);
}
$parsed_parameters[$parameter][] = $value;
} else {
$parsed_parameters[$parameter] = $value;
}
}
return $parsed_parameters;
}
public static function split_header($header, $only_allow_oauth_parameters = true)
{
$params = array();
if (preg_match_all('/(' . ($only_allow_oauth_parameters ? 'oauth_' : '') . '[a-z_-]*)=(:?"([^"]*)"|([^,]*))/', $header, $matches)) {
foreach ($matches[1] as $i => $h) {
$params[$h] = OAuthUtil::urldecode_rfc3986(empty($matches[3][$i]) ? $matches[4][$i] : $matches[3][$i]);
}
if (isset($params['realm'])) {
unset($params['realm']);
}
}
return $params;
}
public function testUrldecode()
{
// Tests taken from
// http://wiki.oauth.net/TestCases ("Parameter Encoding")
$this->assertEquals('abcABC123', OAuthUtil::urldecode_rfc3986('abcABC123'));
$this->assertEquals('-._~', OAuthUtil::urldecode_rfc3986('-._~'));
$this->assertEquals('%', OAuthUtil::urldecode_rfc3986('%25'));
$this->assertEquals('+', OAuthUtil::urldecode_rfc3986('%2B'));
$this->assertEquals("\n", OAuthUtil::urldecode_rfc3986('%0A'));
$this->assertEquals(' ', OAuthUtil::urldecode_rfc3986('%20'));
$this->assertEquals("", OAuthUtil::urldecode_rfc3986('%7F'));
//$this->assertEquals("\x00\x80", OAuthUtil::urldecode_rfc3986('%C2%80'));
//$this->assertEquals("\x30\x01", OAuthUtil::urldecode_rfc3986('%E3%80%81'));
// Last two checks disabled because of lack of UTF-8 support, or lack
// of knowledge from me (morten.fangel) on how to use it properly..
}
function lti_parse_request_OLD($wp)
{
if (!is_basic_lti_request()) {
$good_message_type = $_REQUEST[LTI_MESSAGE_TYPE] == LTI_MESSAGE_TYPE_VALUE;
$good_lti_version = $_REQUEST[LTI_VERSION] == LTI_VERSION_VALUE;
$resource_link_id = $_REQUEST[RESOURCE_LINK_ID];
if ($good_message_type && $good_lti_version && !isset($resource_link_id)) {
$launch_presentation_return_url = $_REQUEST[LAUNCH_PRESENTATION_URL];
if (isset($launch_presentation_return_url)) {
header('Location: ' . $launch_presentation_return_url);
exit;
}
}
return;
}
// See if we get a context, do not set session, do not redirect
$secret = lti_get_secret_from_consumer_key();
$context = new bltiUocWrapper(false, false, null, $secret);
if (!$context->valid) {
//var_dump($_POST);
echo "<hr>OAuthUtil::urldecode_rfc3986('%2B') " . OAuthUtil::urldecode_rfc3986('%2B') . "<br>";
echo "<hr>OAuthUtil::urldecode_rfc3986('%5C') " . OAuthUtil::urldecode_rfc3986('%5C') . "<br>";
wp_die("BASIC LTI Authentication Failed, not valid request (make sure that consumer is authorized and secret is correct) " . $context->message);
return;
}
$error = is_lti_error_data($context);
if ($error !== FALSE) {
$launch_presentation_return_url = $_REQUEST[LAUNCH_PRESENTATION_URL];
if (isset($launch_presentation_return_url)) {
$error = '<p>' . $error . '</p><p>Return to site <a href="' . $launch_presentation_return_url . '">' . $launch_presentation_return_url . '</a></p>';
}
wp_die($error, '');
}
$blogType = new blogTypeLoader($context);
if ($blogType->error < 0) {
wp_die("BASIC LTI loading Types Aula Failed " . $blogType->error_miss);
return;
}
// Set up the user...
$userkey = getUserkeyLTI($context);
$userkey = apply_filters('pre_user_login', $userkey);
$userkey = trim($userkey);
if (empty($userkey)) {
wp_die('<p>Empty username</p><p>Cannot create a user without username</p>');
}
$uinfo = get_user_by('login', $userkey);
if (isset($uinfo) && $uinfo != false) {
// og LTI: set the user_login and user_nicename to the same value,
// , because we want the wordpress-login cookie to have the username
// otherwise caching won't work properly!
$ret_id = wp_insert_user(array('ID' => $uinfo->ID, 'user_login' => $userkey, 'user_nicename' => $userkey, 'first_name' => $context->getUserFirstName(), 'last_name' => $context->getUserLastName(), 'user_email' => $context->getUserEmail(), 'user_url' => 'http://b', 'display_name' => $context->getUserName(), 'role' => get_option('default_role')));
//error_log("og old role is set");
if (is_object($ret_id) && isset($ret_id->errors)) {
$msg = '';
foreach ($ret_id->errors as $key => $error) {
$msg .= "<p><b>{$key}</b> ";
foreach ($error as $erroMsg) {
$msg .= "<p> {$erroMsg}</p>";
}
$msg .= "</p>";
}
wp_die($msg);
}
} else {
// new user!!!!
$ret_id = wp_insert_user(array('user_login' => $userkey, 'user_nicename' => $context->getUserName(), 'first_name' => $context->getUserFirstName(), 'last_name' => $context->getUserLastName(), 'user_email' => $context->getUserEmail(), 'user_url' => 'http://c', 'display_name' => $context->getUserName()));
if (is_object($ret_id) && isset($ret_id->errors)) {
$msg = '';
foreach ($ret_id->errors as $key => $error) {
$msg .= "<p><b>{$key}</b> ";
foreach ($error as $erroMsg) {
$msg .= "<p> {$erroMsg}</p>";
}
$msg .= "</p>";
}
wp_die($msg);
}
$uinfo = get_user_by('login', $userkey);
}
//Eliminem del blog Principal (si no es admin) http://jira.uoc.edu/jira/browse/BLOGA-218
if (!$is_admin) {
$user = new WP_User($uinfo->ID);
$user->remove_all_caps();
}
$_SERVER['REMOTE_USER'] = $userkey;
$password = md5($uinfo->user_pass);
// User is now authorized; force WordPress to use the generated password
//login, set cookies, and set current user
wp_authenticate($userkey, $password);
wp_set_auth_cookie($user->ID, false);
wp_set_current_user($user->ID, $userkey);
$siteUrl = substr(get_option("siteurl"), 7);
// - "http://"
$siteUrlArray = explode("/", $siteUrl);
$domain = $siteUrlArray[0];
unset($siteUrlArray[0]);
//error_log("og LTI domain: ". $domain);
$course = $blogType->getCoursePath($context, $siteUrlArray, $domain);
if (isset($context->info[RESOURCE_LINK_ID]) && $context->info[RESOURCE_LINK_ID]) {
$course .= '-' . $context->info[RESOURCE_LINK_ID];
}
$course = sanitize_user($course, true);
//Bug wordpress doesn't get stye sheet if has a dot
$course = str_replace('.', '_', $course);
$path_base = "/" . implode("/", $siteUrlArray) . "/" . $course;
$path_base = str_replace('//', '/', $path_base);
$path = $path_base . "/";
$path = str_replace('//', '/', $path);
$blog_created = false;
$overwrite_plugins_theme = isset($context->info[OVERWRITE_PLUGINS_THEME]) ? $context->info[OVERWRITE_PLUGINS_THEME] == 1 : false;
$overwrite_roles = isset($context->info[OVERWRITE_ROLES]) ? $context->info[OVERWRITE_ROLES] == 1 : false;
$blog_id = domain_exists($domain, $path);
$blog_is_new = false;
if (!isset($blog_id)) {
$title = __("Blog ") . $blogType->getCourseName($context);
$blog_is_new = true;
$meta = $blogType->getMetaBlog($context);
$old_site_language = get_site_option('WPLANG');
$blogType->setLanguage($context);
$blog_id = wpmu_create_blog($domain, $path, $title, $user_id, $meta);
update_site_option('WPLANG', $old_site_language);
$blogType->checkErrorCreatingBlog($blog_id, $path);
$blog_created = true;
}
// Connect the user to the blog
if (isset($blog_id)) {
switch_to_blog($blog_id);
ob_start();
if ($overwrite_plugins_theme || $blog_created) {
$blogType->loadPlugins();
$blogType->changeTheme();
}
//Agafem el rol anterior
$old_role = null;
if (!$blog_created && !$overwrite_roles) {
$old_role_array = get_usermeta($user->id, 'wp_' . $blog_id . '_capabilities');
if (count($old_role_array) > 0) {
foreach ($old_role_array as $key => $value) {
if ($value == true) {
$old_role = $key;
}
}
}
}
remove_user_from_blog($uinfo->ID, $blog_id);
$obj = new stdClass();
$obj->blog_id = $blog_id;
$obj->userkey = $userkey;
$obj->path_base = $path_base;
$obj->domain = $domain;
$obj->context = $context;
$obj->uinfoID = $uinfo->ID;
$obj->blog_is_new = $blog_is_new;
if ($overwrite_roles || $old_role == null) {
$obj->role = $blogType->roleMapping($context->info[FIELD_ROLE_UOC_CAMPUS], $context->info);
} else {
$obj->role = $old_role;
}
$blogType->postActions($obj);
add_user_to_blog($blog_id, $uinfo->ID, $obj->role);
//Si posem el restore_current_blog ens va al principi
// restore_current_blog();
ob_end_clean();
}
$redirecturl = get_option("siteurl");
//error_log("og LTI redirect URL: ".$redirecturl);
$redirecturl = str_replace("http://", "https://", $redirecturl);
//error_log("og LTI new redirect URL: ".$redirecturl);
wp_redirect($redirecturl);
exit;
}
/**
* util function for turning the Authorization: header into
* parameters, has to do some unescaping
*/
private static function split_header($header)
{
/*{{{*/
$pattern = '/(([-_a-z]*)=("([^"]*)"|([^,]*)),?)/';
$offset = 0;
$params = array();
while (preg_match($pattern, $header, $matches, PREG_OFFSET_CAPTURE, $offset) > 0) {
$match = $matches[0];
$header_name = $matches[2][0];
$header_content = isset($matches[5]) ? $matches[5][0] : $matches[4][0];
$params[$header_name] = OAuthUtil::urldecode_rfc3986($header_content);
$offset = $match[1] + strlen($match[0]);
}
if (isset($params['realm'])) {
unset($params['realm']);
}
return $params;
}
public static function parse_parameters($input)
{
if (!isset($input) || !$input) {
return array();
}
$pairs = explode('&', $input);
$parsed_parameters = array();
foreach ($pairs as $pair) {
$split = explode('=', $pair, 2);
// Addition - KH
// only accept parameters prefixed with 'oauth', this allows additional GET parameters to be used by the script
if (!preg_match("/^oauth_/i", $split[0])) {
continue;
}
$parameter = OAuthUtil::urldecode_rfc3986($split[0]);
$value = isset($split[1]) ? OAuthUtil::urldecode_rfc3986($split[1]) : '';
if (isset($parsed_parameters[$parameter])) {
// We have already recieved parameter(s) with this name, so add to the list
// of parameters with this name
if (is_scalar($parsed_parameters[$parameter])) {
// This is the first duplicate, so transform scalar (string) into an array
// so we can add the duplicates
$parsed_parameters[$parameter] = array($parsed_parameters[$parameter]);
}
$parsed_parameters[$parameter][] = $value;
} else {
$parsed_parameters[$parameter] = $value;
}
}
return $parsed_parameters;
}
public static function parse_parameters($input)
{
if (!isset($input) || !$input) {
return array();
}
$pairs = explode('&', $input);
$parsed_parameters = array();
foreach ($pairs as $pair) {
$split = explode('=', $pair, 2);
$parameter = OAuthUtil::urldecode_rfc3986($split[0]);
$value = isset($split[1]) ? OAuthUtil::urldecode_rfc3986($split[1]) : '';
if (isset($parsed_parameters[$parameter])) {
if (is_scalar($parsed_parameters[$parameter])) {
$parsed_parameters[$parameter] = array($parsed_parameters[$parameter]);
}
$parsed_parameters[$parameter][] = $value;
} else {
$parsed_parameters[$parameter] = $value;
}
}
return $parsed_parameters;
}
static function split_header($header, $only_allow_oauth_parameters = true) {
$pattern = '/(([-_a-z]*)=("([^"]*)"|([^,]*)),?)/';
$offset = 0;
$params = array();
while (preg_match($pattern, $header, $matches, PREG_OFFSET_CAPTURE, $offset) > 0) {
$match = $matches[0];
$header_name = $matches[2][0];
$header_content = (isset($matches[5])) ? $matches[5][0] : $matches[4][0];
if (preg_match('/^oauth_/', $header_name) || !$only_allow_oauth_parameters) {
$params[$header_name] = OAuthUtil::urldecode_rfc3986($header_content);
}
$offset = $match[1] + strlen($match[0]);
}
if (isset($params['realm'])) {
unset($params['realm']);
}
return $params;
}
public static function parse_parameters($input)
{
//var_dump($input);
if (!isset($input) || !$input) {
return array();
}
if (substr($input, 0, 5) == '<?xml') {
return (array) @simplexml_load_string($input);
}
if (preg_match('/^[\\{\\[]/', $input)) {
return @json_decode($input, true);
}
$pairs = explode('&', $input);
$parsed_parameters = array();
foreach ($pairs as $pair) {
$split = explode('=', $pair, 2);
$parameter = trim(OAuthUtil::urldecode_rfc3986($split[0]));
$value = isset($split[1]) ? OAuthUtil::urldecode_rfc3986($split[1]) : '';
if (isset($parsed_parameters[$parameter])) {
// We have already recieved parameter(s) with this name, so add to the list
// of parameters with this name
if (is_scalar($parsed_parameters[$parameter])) {
// This is the first duplicate, so transform scalar (string) into an array
// so we can add the duplicates
$parsed_parameters[$parameter] = array($parsed_parameters[$parameter]);
}
$parsed_parameters[$parameter][] = $value;
} else {
$parsed_parameters[$parameter] = $value;
}
}
return $parsed_parameters;
}
public static function parse_parameters($input)
{
if (!isset($input) || !$input) {
return array();
}
$pairs = explode('&', $input);
$parsed_parameters = array();
foreach ($pairs as $pair) {
$split = explode('=', $pair, 2);
$parameter = OAuthUtil::urldecode_rfc3986($split[0]);
$value = isset($split[1]) ? OAuthUtil::urldecode_rfc3986($split[1]) : '';
// if we received an empty parameter (can happen with sth like "...php?&key=v..."
// which we do not send with our signedrequests, we omit it from the signature
// as well
if (!$parameter) {
continue;
}
if (isset($parsed_parameters[$parameter])) {
// We have already recieved parameter(s) with this name, so add to the list
// of parameters with this name
if (is_scalar($parsed_parameters[$parameter])) {
// This is the first duplicate, so transform scalar (string) into an array
// so we can add the duplicates
$parsed_parameters[$parameter] = array($parsed_parameters[$parameter]);
}
$parsed_parameters[$parameter][] = $value;
} else {
$parsed_parameters[$parameter] = $value;
}
}
return $parsed_parameters;
}
