public function saveUserInfo()
{
if (!isset($_SESSION)) {
session_start();
}
$code = \Input::get('code');
$lti = \Input::get('lti');
$instanceFromDB = LtiConfigurations::find($lti);
$clientId = $instanceFromDB['DeveloperId'];
$developerSecret = $instanceFromDB['DeveloperSecret'];
$opts = array('http' => array('method' => 'POST'));
$context = stream_context_create($opts);
$url = "https://{$_SESSION['domain']}/login/oauth2/token?client_id={$clientId}&client_secret={$developerSecret}&code={$code}";
$userTokenJSON = file_get_contents($url, false, $context, -1, 40000);
$userToken = json_decode($userTokenJSON);
$actualToken = $userToken->access_token;
$encryptedToken = \Crypt::encrypt($actualToken);
$_SESSION['userToken'] = $encryptedToken;
//store encrypted token in the database
$courseId = $_SESSION['courseID'];
$userId = $_SESSION['userID'];
$user = new User();
$user->user_id = $userId;
$user->course_id = $courseId;
$user->encrypted_token = $encryptedToken;
$user->save();
echo "App has been approved. Please reload this page";
}
public function doBltiHandshake()
{
//first obtain the details of the LTI configuration they chose
$instanceFromDB = LtiConfigurations::find($this->property('ltiInstance'));
$approver = $this->property('approver');
$arr = $this->getApproverOptions();
$approverRole = $arr[$approver];
if (!isset($_SESSION)) {
session_start();
}
$_SESSION['baseUrl'] = Config::get('app.url', 'backend');
$_SESSION['courseID'] = \Input::get('custom_canvas_course_id');
$_SESSION['userID'] = \Input::get('custom_canvas_user_id');
$_SESSION['domain'] = \Input::get('custom_canvas_api_domain');
//TODO: make sure this parameter below works with all other LMSs
$_SESSION['lms'] = \Input::get('tool_consumer_info_product_family_code');
//check to see if user is an Instructor
$rolesStr = \Input::get('roles');
$consumerKey = $instanceFromDB['ConsumerKey'];
$clientId = $instanceFromDB['DeveloperId'];
//Check to see if the lti handshake passes
$context = new Blti($consumerKey, false, false);
if ($context->valid) {
// query DB to see if user has token, if yes, go to LTI.
$userCheck = User::where('course_id', $_SESSION['courseID'])->first();
if (!$userCheck) {
//if no user is found, redirect to canvas permission page
if (stristr($rolesStr, $approverRole)) {
//As per my discussion with Jared, we will use the instructor's token only. This is the token that will be stored in the DB
//and the one that will be used to make all requests. We will NOT store student's tokens.
//TODO: take this redirectUri out into some parameter somewhere...
$redirectUri = "{$_SESSION['baseUrl']}saveUserInfo?lti={$this->property('ltiInstance')}";
$url = "https://{$_SESSION['domain']}/login/oauth2/auth?client_id={$clientId}&response_type=code&redirect_uri={$redirectUri}";
$this->redirect($url);
} else {
echo "A(n) {$approverRole} must authorize this course. Please contact your instructor.";
return;
}
} else {
//set the professor's token
$_SESSION['userToken'] = $userCheck->encrypted_token;
//get the timezone
$roots = new Roots();
$course = $roots->getCourse();
$account_id = $course->account_id;
$account = $roots->getAccount($account_id);
$_SESSION['timezone'] = new \DateTimeZone($account->default_time_zone);
}
} else {
echo 'There is a problem. Please notify your instructor';
}
}
private function saveUser($userId, $name, $sortableName, $avatar = null)
{
$user = User::firstOrNew(array('user_id' => $userId));
$user->user_id = $userId;
$user->name = $name;
$user->sortable_name = $sortableName;
if (!is_null($avatar)) {
$user->avatar = $avatar;
}
$user->save();
return $user;
}
private function processStudentsInCourse($data, $courseId)
{
foreach ($data as $row) {
$student = User::firstOrNew(array('user_id' => $row->id, 'course_id' => $courseId));
return $student;
}
}
public function getUser($courseId, $userId)
{
$user = User::where(array('user_id' => $userId, 'course_id' => $courseId))->first();
return $user;
}
