public function doBltiHandshake()
{
//first obtain the details of the LTI configuration they chose
$instanceFromDB = LtiConfigurations::find($this->property('ltiInstance'));
$approver = $this->property('approver');
$arr = $this->getApproverOptions();
$approverRole = $arr[$approver];
if (!isset($_SESSION)) {
session_start();
}
$_SESSION['baseUrl'] = Config::get('app.url', 'backend');
$_SESSION['courseID'] = \Input::get('custom_canvas_course_id');
$_SESSION['userID'] = \Input::get('custom_canvas_user_id');
$_SESSION['domain'] = \Input::get('custom_canvas_api_domain');
//TODO: make sure this parameter below works with all other LMSs
$_SESSION['lms'] = \Input::get('tool_consumer_info_product_family_code');
//check to see if user is an Instructor
$rolesStr = \Input::get('roles');
$consumerKey = $instanceFromDB['ConsumerKey'];
$clientId = $instanceFromDB['DeveloperId'];
//Check to see if the lti handshake passes
$context = new Blti($consumerKey, false, false);
if ($context->valid) {
// query DB to see if user has token, if yes, go to LTI.
$userCheck = User::where('course_id', $_SESSION['courseID'])->first();
if (!$userCheck) {
//if no user is found, redirect to canvas permission page
if (stristr($rolesStr, $approverRole)) {
//As per my discussion with Jared, we will use the instructor's token only. This is the token that will be stored in the DB
//and the one that will be used to make all requests. We will NOT store student's tokens.
//TODO: take this redirectUri out into some parameter somewhere...
$redirectUri = "{$_SESSION['baseUrl']}saveUserInfo?lti={$this->property('ltiInstance')}";
$url = "https://{$_SESSION['domain']}/login/oauth2/auth?client_id={$clientId}&response_type=code&redirect_uri={$redirectUri}";
$this->redirect($url);
} else {
echo "A(n) {$approverRole} must authorize this course. Please contact your instructor.";
return;
}
} else {
//set the professor's token
$_SESSION['userToken'] = $userCheck->encrypted_token;
//get the timezone
$roots = new Roots();
$course = $roots->getCourse();
$account_id = $course->account_id;
$account = $roots->getAccount($account_id);
$_SESSION['timezone'] = new \DateTimeZone($account->default_time_zone);
}
} else {
echo 'There is a problem. Please notify your instructor';
}
}
public function onRun()
{
$config = Configuration::find($this->property('devConfig'));
if (!isset($_SESSION)) {
session_start();
}
$_SESSION['userID'] = $config->User_id;
$_SESSION['userToken'] = \Crypt::encrypt($config->Token);
$_SESSION['courseID'] = $config->Course_id;
$_SESSION['domain'] = $config->Domain;
$_SESSION['lms'] = $config->Lms;
//get the timezone
$roots = new Roots();
$course = $roots->getCourse();
$account_id = $course->account_id;
$account = $roots->getAccount($account_id);
$_SESSION['timezone'] = new \DateTimeZone($account->default_time_zone);
}
public function doBltiHandshake()
{
//first obtain the details of the LTI configuration they chose
$dbHelper = new DbHelper();
$instanceFromDB = LtiConfigurations::find($this->property('ltiInstance'));
$approver = $this->property('approver');
$arr = $this->getApproverOptions();
$approverRole = $arr[$approver];
if (!isset($_SESSION)) {
session_start();
}
$_SESSION['baseUrl'] = Config::get('app.url', 'backend');
$_SESSION['courseID'] = \Input::get('custom_canvas_course_id');
$_SESSION['userID'] = \Input::get('custom_canvas_user_id');
$_SESSION['domain'] = \Input::get('custom_canvas_api_domain');
//TODO: make sure this parameter below works with all other LMSs
$_SESSION['lms'] = \Input::get('tool_consumer_info_product_family_code');
//check to see if user is an Instructor
$rolesStr = \Input::get('roles');
$consumerKey = $instanceFromDB['ConsumerKey'];
$clientId = $instanceFromDB['DeveloperId'];
//Check to see if the lti handshake passes
$context = new Blti($consumerKey, false, false);
if ($context->valid) {
// query DB to see if user has token, if yes, go to LTI.
$userCheck = $dbHelper->getCourseApprover($_SESSION['courseID']);
if (!$userCheck) {
//if no user is found, redirect to canvas permission page
if (stristr($rolesStr, $approverRole)) {
//As per my discussion with Jared, we will use the instructor's token only. This is the token that will be stored in the DB
//and the one that will be used to make all requests. We will NOT store student's tokens.
//TODO: take this redirectUri out into some parameter somewhere...
$redirectUri = "{$_SESSION['baseUrl']}saveUserInfo?lti={$this->property('ltiInstance')}";
$url = "https://{$_SESSION['domain']}/login/oauth2/auth?client_id={$clientId}&response_type=code&redirect_uri={$redirectUri}";
$this->redirect($url);
} else {
echo "A(n) {$approverRole} must authorize this course. Please contact your instructor.";
return;
}
} else {
//set the professor's token
$_SESSION['userToken'] = $userCheck->encrypted_token;
//get the timezone
$roots = new Roots();
$course = $roots->getCourse();
$account_id = $course->account_id;
$account = $roots->getAccount($account_id);
$courseId = $_SESSION['courseID'];
$_SESSION['timezone'] = new \DateTimeZone($account->default_time_zone);
//to maintain the users table synchronized with Canvas, everytime a student comes in we'll check to make sure they're in the DB.
//If they're not, we will pull all the students from Canvas and refresh our users table.
$dbHelper = new DbHelper();
$user = $dbHelper->getUserInCourse($courseId, $_SESSION['userID']);
if (is_null($user)) {
//get all students from Canvas
$roots = new Roots();
$roots->getStudentsInCourse();
}
//Also, every so often (every 12 hrs?) we will check to make sure that students who have dropped the class are deleted from the users_course table
//Failing to do so will make it so that when we request their submissions along with other students' submissions, the entire
// call returns with an Unauthorized error message
$approver = $dbHelper->getCourseApprover($courseId);
$now = Carbon::now();
$updatedDate = $approver->updated_at;
$diff = $updatedDate->diffInHours($now, false);
if ($diff > 24) {
$allStudentsDb = $dbHelper->getUsersInCourseWithRole($_SESSION['courseID'], 'Learner');
$allStudentsFromCanvas = $roots->getStudentsInCourse();
foreach ($allStudentsDb as $dbStudent) {
$filteredItems = array_values(array_filter($allStudentsFromCanvas, function ($elem) use($dbStudent) {
return intval($elem->user_id) === intval($dbStudent->user_id);
}));
if (count($filteredItems) < 1) {
$dbHelper->deleteUserFromRole($courseId, $dbStudent->user_id, 'Learner');
}
}
//update the approver
$approver->updated_at = $now;
$approver->save();
}
}
} else {
echo 'There is a problem. Please notify your instructor';
}
}
