public function check_tool_proxy($toolproxyguid, $body = null) {
$ok = false;
$toolproxy = null;
$h = lti\OAuthUtil::get_headers();
$consumerkey = lti\get_oauth_key_from_headers();
if (is_null($toolproxyguid)) {
$toolproxyguid = $consumerkey;
}
if (!is_null($toolproxyguid)) {
$toolproxy = lti_get_tool_proxy_from_guid($toolproxyguid);
if ($toolproxy !== false) {
if (!$this->is_unsigned() && ($toolproxy->guid == $consumerkey)) {
$ok = $this->check_signature($toolproxy->guid, $toolproxy->secret, $body);
} else {
$ok = $this->is_unsigned();
}
}
}
if ($ok) {
$this->toolproxy = $toolproxy;
}
return $ok;
}
* @copyright Copyright (c) 2011 Moodlerooms Inc. (http://www.moodlerooms.com)
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
* @author Chris Scribner
*/
define('NO_DEBUG_DISPLAY', true);
define('NO_MOODLE_COOKIES', true);
require_once dirname(__FILE__) . "/../../config.php";
require_once $CFG->dirroot . '/mod/lti/locallib.php';
require_once $CFG->dirroot . '/mod/lti/servicelib.php';
// TODO: Switch to core oauthlib once implemented - MDL-30149.
use moodle\mod\lti;
$rawbody = file_get_contents("php://input");
if (lti_should_log_request($rawbody)) {
lti_log_request($rawbody);
}
foreach (lti\OAuthUtil::get_headers() as $name => $value) {
if ($name === 'Authorization') {
// TODO: Switch to core oauthlib once implemented - MDL-30149.
$oauthparams = lti\OAuthUtil::split_header($value);
$consumerkey = $oauthparams['oauth_consumer_key'];
break;
}
}
if (empty($consumerkey)) {
throw new Exception('Consumer key is missing.');
}
$sharedsecret = lti_verify_message($consumerkey, lti_get_shared_secrets_by_key($consumerkey), $rawbody);
if ($sharedsecret === false) {
throw new Exception('Message signature not valid');
}
// TODO MDL-46023 Replace this code with a call to the new library.