require_once 'common.inc.php';
/* this file handles the entire OAuth API token negotiation for a user token --
update it to include a better explanation, pertinent to your app, for why the
user is about to be asked to log into Canvas in the middle of Canvas */
try {
$oauth = new OAuthNegotiator();
} catch (OAuthNegotiator_Exception $e) {
}
if (isset($_REQUEST['oauth'])) {
switch ($_REQUEST['oauth']) {
case 'request':
$smarty->assign('content', '<h1>Token Request</h1>
<p>This application requires access to the Canvas APIs. Canvas is about to ask you to give permission for this.</p>
<p><a href="' . $_SERVER['PHP_SELF'] . '?oauth=process">Click to continue</a></p>');
$smarty->display();
exit;
case 'process':
$oauth = new OAuthNegotiator('https://' . $toolProvider->user->getResourceLink()->settings['custom_canvas_api_domain'] . '/login/oauth2', (string) $secrets->oauth->id, (string) $secrets->oauth->key, "{$_SERVER['PHP_SELF']}?oauth=complete", (string) $secrets->app->name);
break;
case 'complete':
$user = new UserAPIToken($_SESSION['user_consumer_key'], $_SESSION['user_id'], $sql);
$user->setToken($oauth->getToken());
$user->setAPIUrl("{$metadata['CANVAS_INSTANCE_URL']}/api/v1");
$_SESSION['apiToken'] = $user->getToken();
$_SESSION['apiUrl'] = $user->getAPIUrl();
$_SESSION['isUserToken'] = true;
header("Location: {$metadata['APP_URL']}/app.php");
exit;
}
}
/**
* Obtain a Canvas API token, if needed.
*
* @param scalar $step optional Where are we in the API token negotiation workflow? (defaults to API_DECISION_NEEDED_STEP -- the beginning)
* @param boolean $skip optional Skip this step (defaults to FALSE)
*
* @throws CanvasAPIviaLTI_Installer_Exception If $step is not a pre-defined *_STEP constant
**/
public static function acquireAPIToken($step = self::API_DECISION_NEEDED_STEP, $skip = false)
{
global $secrets;
// FIXME grown-ups don't program like this
global $metadata;
// FIXME grown-ups don't program like this
global $smarty;
// FIXME grown-ups don't program like this
if ($skip) {
if (isset($metadata['CANVAS_API_TOKEN']) || isset($metadata['CANVAS_API_USER'])) {
$api = new CanvasPest("{$metadata['CANVAS_INSTANCE_URL']}/login/oauth2", $metadata['CANVAS_API_TOKEN']);
$api->delete('token');
unset($metadata['CANVAS_API_TOKEN']);
unset($metadata['CANVAS_API_USER']);
$smarty->addMessage('Existing admin Canvas API token information expunged', 'There was already an administrative access token stored in your
application metadata, and it has now been expunged.');
} else {
$smarty->addMessage('No admin Canvas API token acquired', 'An administrative API token has not been acquired. Users will be asked to
acquire their own API tokens on their first use of the LTI.');
}
} else {
switch ($step) {
case self::API_DECISION_NEEDED_STEP:
$smarty->assign('content', '
<form action="' . $metadata['APP_URL'] . '/admin/oauth.php" method="post">
<label for="url"> Canvas Instance URL <input type="text" name="url" id="url" placeholder="' . $metadata['CANVAS_INSTANCE_URL_PLACEHOLDER'] . '" value="' . (isset($metadata['CANVAS_INSTANCE_URL']) ? $metadata['CANVAS_INSTANCE_URL'] : '') . '" /></label>
<label for="token"> API Access Token <input type="text" name="token" id="token" placeholder="Leave blank to acquire a token interactively" /></label>
<input type="hidden" name="skip" value="0" />
<input type="hidden" name="step" value="' . self::API_DECISION_ENTERED_STEP . '" />
<input type="submit" value="Use administrative token" />
</form>
or
<form action="' . $_SERVER['PHP_SELF'] . '" method="post">
<input type="hidden" name="skip" value="1" />
<input type="hidden" name="step" value="' . self::API_DECISION_ENTERED_STEP . '" />
<input type="submit" value="Require users to acquire individual tokens" />
</form>
');
$smarty->display();
exit;
case self::API_DECISION_ENTERED_STEP:
$oauth = new OAuthNegotiator();
if ($oauth->isAPIToken()) {
$metadata['CANVAS_API_TOKEN'] = $oauth->getToken();
$smarty->addMessage('Admin Canvas API token acquired', 'An administrative API access token has been acquired and stored in your application metadata.', NotificationMessage::GOOD);
}
/* clear the processed step */
unset($_REQUEST['step']);
break;
case self::API_TOKEN_PROVIDED_STEP:
$smarty->addMessage('Admin Canvas API token provided', 'You provided an API access token and it has been stored in your application metadata.');
break;
default:
throw new CanvasAPIviaLTI_Installer_Exception("Unknown step ({$step}) in obtaining API token.", CanvasAPIviaLTI_Installer_Exception::API_STEP_MISMATCH);
}
}
}
