public function doBltiHandshake() { //first obtain the details of the LTI configuration they chose $instanceFromDB = LtiConfigurations::find($this->property('ltiInstance')); $approver = $this->property('approver'); $arr = $this->getApproverOptions(); $approverRole = $arr[$approver]; if (!isset($_SESSION)) { session_start(); } $_SESSION['baseUrl'] = Config::get('app.url', 'backend'); $_SESSION['courseID'] = \Input::get('custom_canvas_course_id'); $_SESSION['userID'] = \Input::get('custom_canvas_user_id'); $_SESSION['domain'] = \Input::get('custom_canvas_api_domain'); //TODO: make sure this parameter below works with all other LMSs $_SESSION['lms'] = \Input::get('tool_consumer_info_product_family_code'); //check to see if user is an Instructor $rolesStr = \Input::get('roles'); $consumerKey = $instanceFromDB['ConsumerKey']; $clientId = $instanceFromDB['DeveloperId']; //Check to see if the lti handshake passes $context = new Blti($consumerKey, false, false); if ($context->valid) { // query DB to see if user has token, if yes, go to LTI. $userCheck = User::where('course_id', $_SESSION['courseID'])->first(); if (!$userCheck) { //if no user is found, redirect to canvas permission page if (stristr($rolesStr, $approverRole)) { //As per my discussion with Jared, we will use the instructor's token only. This is the token that will be stored in the DB //and the one that will be used to make all requests. We will NOT store student's tokens. //TODO: take this redirectUri out into some parameter somewhere... $redirectUri = "{$_SESSION['baseUrl']}saveUserInfo?lti={$this->property('ltiInstance')}"; $url = "https://{$_SESSION['domain']}/login/oauth2/auth?client_id={$clientId}&response_type=code&redirect_uri={$redirectUri}"; $this->redirect($url); } else { echo "A(n) {$approverRole} must authorize this course. Please contact your instructor."; return; } } else { //set the professor's token $_SESSION['userToken'] = $userCheck->encrypted_token; //get the timezone $roots = new Roots(); $course = $roots->getCourse(); $account_id = $course->account_id; $account = $roots->getAccount($account_id); $_SESSION['timezone'] = new \DateTimeZone($account->default_time_zone); } } else { echo 'There is a problem. Please notify your instructor'; } }
public function onRun() { $config = Configuration::find($this->property('devConfig')); if (!isset($_SESSION)) { session_start(); } $_SESSION['userID'] = $config->User_id; $_SESSION['userToken'] = \Crypt::encrypt($config->Token); $_SESSION['courseID'] = $config->Course_id; $_SESSION['domain'] = $config->Domain; $_SESSION['lms'] = $config->Lms; //get the timezone $roots = new Roots(); $course = $roots->getCourse(); $account_id = $course->account_id; $account = $roots->getAccount($account_id); $_SESSION['timezone'] = new \DateTimeZone($account->default_time_zone); }
public function doBltiHandshake() { //first obtain the details of the LTI configuration they chose $dbHelper = new DbHelper(); $instanceFromDB = LtiConfigurations::find($this->property('ltiInstance')); $approver = $this->property('approver'); $arr = $this->getApproverOptions(); $approverRole = $arr[$approver]; if (!isset($_SESSION)) { session_start(); } $_SESSION['baseUrl'] = Config::get('app.url', 'backend'); $_SESSION['courseID'] = \Input::get('custom_canvas_course_id'); $_SESSION['userID'] = \Input::get('custom_canvas_user_id'); $_SESSION['domain'] = \Input::get('custom_canvas_api_domain'); //TODO: make sure this parameter below works with all other LMSs $_SESSION['lms'] = \Input::get('tool_consumer_info_product_family_code'); //check to see if user is an Instructor $rolesStr = \Input::get('roles'); $consumerKey = $instanceFromDB['ConsumerKey']; $clientId = $instanceFromDB['DeveloperId']; //Check to see if the lti handshake passes $context = new Blti($consumerKey, false, false); if ($context->valid) { // query DB to see if user has token, if yes, go to LTI. $userCheck = $dbHelper->getCourseApprover($_SESSION['courseID']); if (!$userCheck) { //if no user is found, redirect to canvas permission page if (stristr($rolesStr, $approverRole)) { //As per my discussion with Jared, we will use the instructor's token only. This is the token that will be stored in the DB //and the one that will be used to make all requests. We will NOT store student's tokens. //TODO: take this redirectUri out into some parameter somewhere... $redirectUri = "{$_SESSION['baseUrl']}saveUserInfo?lti={$this->property('ltiInstance')}"; $url = "https://{$_SESSION['domain']}/login/oauth2/auth?client_id={$clientId}&response_type=code&redirect_uri={$redirectUri}"; $this->redirect($url); } else { echo "A(n) {$approverRole} must authorize this course. Please contact your instructor."; return; } } else { //set the professor's token $_SESSION['userToken'] = $userCheck->encrypted_token; //get the timezone $roots = new Roots(); $course = $roots->getCourse(); $account_id = $course->account_id; $account = $roots->getAccount($account_id); $courseId = $_SESSION['courseID']; $_SESSION['timezone'] = new \DateTimeZone($account->default_time_zone); //to maintain the users table synchronized with Canvas, everytime a student comes in we'll check to make sure they're in the DB. //If they're not, we will pull all the students from Canvas and refresh our users table. $dbHelper = new DbHelper(); $user = $dbHelper->getUserInCourse($courseId, $_SESSION['userID']); if (is_null($user)) { //get all students from Canvas $roots = new Roots(); $roots->getStudentsInCourse(); } //Also, every so often (every 12 hrs?) we will check to make sure that students who have dropped the class are deleted from the users_course table //Failing to do so will make it so that when we request their submissions along with other students' submissions, the entire // call returns with an Unauthorized error message $approver = $dbHelper->getCourseApprover($courseId); $now = Carbon::now(); $updatedDate = $approver->updated_at; $diff = $updatedDate->diffInHours($now, false); if ($diff > 24) { $allStudentsDb = $dbHelper->getUsersInCourseWithRole($_SESSION['courseID'], 'Learner'); $allStudentsFromCanvas = $roots->getStudentsInCourse(); foreach ($allStudentsDb as $dbStudent) { $filteredItems = array_values(array_filter($allStudentsFromCanvas, function ($elem) use($dbStudent) { return intval($elem->user_id) === intval($dbStudent->user_id); })); if (count($filteredItems) < 1) { $dbHelper->deleteUserFromRole($courseId, $dbStudent->user_id, 'Learner'); } } //update the approver $approver->updated_at = $now; $approver->save(); } } } else { echo 'There is a problem. Please notify your instructor'; } }