Exemplos de is_lti_request em PHP

Exemplo n.º 1

Arquivo: auto.php Projeto: KumarNT100/pythonlearn

<?php

require_once "setup.php";
// Load up the LTI Support code
require_once 'util/lti_util.php';
session_start();
header('Content-Type: text/html; charset=utf-8');
// Why not?
$oauth_consumer_key = "12345";
$oauth_consumer_secret = "secret";
if (!is_lti_request()) {
    // Initialize, no secret, pull from session, and do not redirect
    $context = new BLTI(false, true, false);
    if (isset($_SESSION['oauth_consumer_key']) && isset($_SESSION['oauth_consumer_secret'])) {
        $oauth_consumer_key = $_SESSION['oauth_consumer_key'];
        $oauth_consumer_secret = $_SESSION['oauth_consumer_secret'];
    }
} else {
    if (isset($_POST['oauth_consumer_key'])) {
        $oauth_comsumer_key = $_POST['oauth_consumer_key'];
        require_once 'keys.php';
        if (isset($LTI_KEYS[$oauth_consumer_key])) {
            $oauth_consumer_secret = $LTI_KEYS[$oauth_consumer_key];
        }
    }
    // Initialize, all secrets are 'secret', set session, and do not redirect
    $context = new BLTI($oauth_consumer_secret, true, false);
    if (!$context->valid) {
        echo "<h1>Error: Incorrect LTI secret</h1>";
        return;
    }

Exemplo n.º 2

Arquivo: lti_util.php Projeto: philsawa/sakai

 function __construct($parm = false, $usesession = true, $doredirect = true)
 {
     // If this request is not an LTI Launch, either
     // give up or try to retrieve the context from session
     if (!is_lti_request()) {
         $this->message = 'Request is missing LTI information';
         if ($usesession === false) {
             return;
         }
         if (strlen(session_id()) > 0) {
             $row = $_SESSION['_lti_row'];
             if (isset($row)) {
                 $this->row = $row;
             }
             $context_id = $_SESSION['_lti_context_id'];
             if (isset($context_id)) {
                 $this->context_id = $context_id;
             }
             $info = $_SESSION['_lti_context'];
             if (isset($info)) {
                 $this->info = $info;
                 $this->valid = true;
                 return;
             }
             $this->message = "Could not find context in session";
             return;
         }
         $this->message = "Session not available";
         return;
     }
     // Insure we have a valid launch
     if (empty($_REQUEST["oauth_consumer_key"])) {
         $this->message = "Missing oauth_consumer_key in request";
         return;
     }
     $oauth_consumer_key = $_REQUEST["oauth_consumer_key"];
     // Find the secret - either form the parameter as a string or
     // look it up in a database from parameters we are given
     $secret = false;
     $row = false;
     if (is_string($parm)) {
         $secret = $parm;
     } else {
         if (!is_array($parm)) {
             $this->message = "Constructor requires a secret or database information.";
             return;
         } else {
             $sql = 'SELECT * FROM ' . $parm['table'] . ' WHERE ' . ($parm['key_column'] ? $parm['key_column'] : 'oauth_consumer_key') . '=' . "'" . mysql_real_escape_string($oauth_consumer_key) . "'";
             $result = mysql_query($sql);
             $num_rows = mysql_num_rows($result);
             if ($num_rows != 1) {
                 $this->message = "Your consumer is not authorized oauth_consumer_key=" . $oauth_consumer_key;
                 return;
             } else {
                 while ($row = mysql_fetch_assoc($result)) {
                     $secret = $row[$parms['secret_column'] ? $parms['secret_column'] : 'secret'];
                     $context_id = $row[$parms['context_column'] ? $parms['context_column'] : 'context_id'];
                     if ($context_id) {
                         $this->context_id = $context_id;
                     }
                     $this->row = $row;
                     break;
                 }
                 if (!is_string($secret)) {
                     $this->message = "Could not retrieve secret oauth_consumer_key=" . $oauth_consumer_key;
                     return;
                 }
             }
         }
     }
     // Verify the message signature
     $store = new TrivialOAuthDataStore();
     $store->add_consumer($oauth_consumer_key, $secret);
     $server = new OAuthServer($store);
     $request = OAuthRequest::from_request();
     $method = new OAuthSignatureMethod_HMAC_SHA1();
     $server->add_signature_method($method);
     $method = new OAuthSignatureMethod_HMAC_SHA256();
     $server->add_signature_method($method);
     $this->basestring = $request->get_signature_base_string();
     try {
         $server->verify_request($request);
         $this->valid = true;
     } catch (Exception $e) {
         $this->message = $e->getMessage();
         return;
     }
     // Store the launch information in the session for later
     $newinfo = array();
     foreach ($_POST as $key => $value) {
         if (get_magic_quotes_gpc()) {
             $value = stripslashes($value);
         }
         if ($key == "basiclti_submit") {
             continue;
         }
         if (strpos($key, "oauth_") === false) {
             $newinfo[$key] = $value;
             continue;
         }
         if ($key == "oauth_consumer_key") {
             $newinfo[$key] = $value;
             continue;
         }
     }
     $this->info = $newinfo;
     if ($usesession == true and strlen(session_id()) > 0) {
         $_SESSION['_lti_context'] = $this->info;
         unset($_SESSION['_lti_row']);
         unset($_SESSION['_lti_context_id']);
         if ($this->row) {
             $_SESSION['_lti_row'] = $this->row;
         }
         if ($this->context_id) {
             $_SESSION['_lti_context_id'] = $this->context_id;
         }
     }
     if ($this->valid && $doredirect) {
         $this->redirect();
         $this->complete = true;
     }
 }

Exemplo n.º 3

Arquivo: UoN_LTI.php Projeto: jak786/xerteonlinetoolkits

 /**
  * Function to initilise the lti class
  * @param bool $usesession
  * @param bool $doredirect
  * @return
  */
 public function init_lti($usesession = true, $doredirect = false)
 {
     if (!isset($_REQUEST["lti_message_type"])) {
         $_REQUEST["lti_message_type"] = '';
     }
     if (!isset($_REQUEST["lti_version"])) {
         $_REQUEST["lti_version"] = '';
     }
     if (!isset($_REQUEST["resource_link_id"])) {
         $_REQUEST["resource_link_id"] = '';
     }
     // If this request is not an LTI Launch, either
     // give up or try to retrieve the context from session
     if (!is_lti_request()) {
         if ($usesession === false) {
             return;
         }
         if (strlen(session_id()) > 0) {
             if (isset($_SESSION['_lti_row'])) {
                 $row = $_SESSION['_lti_row'];
             }
             if (isset($row)) {
                 $this->row = $row;
             }
             if (isset($_SESSION['_lti_context_id'])) {
                 $context_id = $_SESSION['_lti_context_id'];
             }
             if (isset($context_id)) {
                 $this->context_id = $context_id;
             }
             if (isset($_SESSION['_lti_context'])) {
                 $info = $_SESSION['_lti_context'];
             }
             if (isset($info)) {
                 $this->info = $info;
                 $this->valid = true;
                 return;
             }
             $this->message = "Could not find context in session";
             return;
         }
         $this->message = "Session not available";
         return;
     }
     // Insure we have a valid launch
     if (empty($_REQUEST["oauth_consumer_key"])) {
         $this->message = "Missing oauth_consumer_key in request";
         return;
     }
     $oauth_consumer_key = $_REQUEST["oauth_consumer_key"];
     // Find the secret - either form the parameter as a string or
     // look it up in a database from parameters we are given
     $secret = false;
     $row = false;
     if (is_string($this->parm)) {
         $secret = $this->parm;
     } else {
         if (!is_array($this->parm)) {
             $this->message = "Constructor requires a secret or database information.";
             return;
         } else {
             if ($this->parm['dbtype'] == 'mysql') {
                 $sql = 'SELECT * FROM ' . ($this->parm['table'] ? $this->parm['table'] : 'lti_keys') . ' WHERE ' . ($this->parm['key_column'] ? $this->parm['key_column'] : 'oauth_consumer_key') . '=' . "'" . mysql_real_escape_string($oauth_consumer_key) . "'";
                 $result = mysql_query($sql);
                 $num_rows = mysql_num_rows($result);
                 if ($num_rows != 1) {
                     $this->message = "Your consumer is not authorized oauth_consumer_key=" . $oauth_consumer_key;
                     return;
                 } else {
                     while ($row = mysql_fetch_assoc($result)) {
                         $secret = $row[$this->parms['secret_column'] ? $this->parms['secret_column'] : 'secret'];
                         $context_id = $row[$this->parms['context_column'] ? $this->parms['context_column'] : 'context_id'];
                         if ($context_id) {
                             $this->context_id = $context_id;
                         }
                         $this->row = $row;
                         break;
                     }
                     if (!is_string($secret)) {
                         $this->message = "Could not retrieve secret oauth_consumer_key=" . $oauth_consumer_key;
                         return;
                     }
                 }
             } elseif ($this->parm['dbtype'] == 'mysqli') {
                 if ($this->db->error) {
                     try {
                         throw new Exception("0MySQL error {$mysqli->error} <br> Query:<br> {$query}", $msqli->errno);
                     } catch (Exception $e) {
                         echo "Error No: " . $e->getCode() . " - " . $e->getMessage() . "<br >";
                         echo nl2br($e->getTraceAsString());
                     }
                 }
                 $stmt = $this->db->prepare("SELECT secret,context_id,name FROM " . $this->parm['table_prefix'] . "lti_keys WHERE oauth_consumer_key=? AND `deleted` IS NULL");
                 $db = $this->db;
                 if ($db->error) {
                     try {
                         throw new Exception("0MySQL error {$db->error} <br> Query:<br> ", $db->errno);
                     } catch (Exception $e) {
                         echo "Error No: " . $e->getCode() . " - " . $e->getMessage() . "<br >";
                         echo nl2br($e->getTraceAsString());
                         exit;
                     }
                 }
                 $stmt->bind_param('s', $oauth_consumer_key);
                 $stmt->execute();
                 $stmt->store_result();
                 $stmt->bind_result($rsecret, $rcontext_id, $rname);
                 $stmt->fetch();
                 $secret = $rsecret;
                 $name = $rname;
                 if (isset($rcontext_id)) {
                     $this->context_id = $rcontext_id;
                 }
                 $stmt->close();
                 if (!is_string($secret)) {
                     $this->message = "Could not retrieve secret oauth_consumer_key=" . $oauth_consumer_key;
                     return;
                 }
             }
         }
     }
     // Verify the message signature
     $store = new TrivialOAuthDataStore();
     $store->add_consumer($oauth_consumer_key, $secret);
     $server = new OAuthServer($store);
     $method = new OAuthSignatureMethod_HMAC_SHA1();
     $server->add_signature_method($method);
     $request = OAuthRequest::from_request();
     $this->basestring = $request->get_signature_base_string();
     try {
         $server->verify_request($request);
         $this->valid = true;
     } catch (Exception $e) {
         $this->message = $e->getMessage();
         return;
     }
     // Store the launch information in the session for later
     $newinfo = array();
     foreach ($_POST as $key => $value) {
         if ($key == "basiclti_submit") {
             continue;
         }
         if (strpos($key, "oauth_") === false) {
             $newinfo[$key] = $value;
             continue;
         }
         if ($key == "oauth_consumer_key") {
             $newinfo[$key] = $value;
             continue;
         }
     }
     $newinfo['oauth_consumer_secret'] = $secret;
     $this->info = $newinfo;
     if ($usesession == true and strlen(session_id()) > 0) {
         $_SESSION['_lti_context'] = $this->info;
         unset($_SESSION['_lti_row']);
         unset($_SESSION['_lti_context_id']);
         if ($this->row) {
             $_SESSION['_lti_row'] = $this->row;
         }
         if ($this->context_id) {
             $_SESSION['_lti_context_id'] = $this->context_id;
         }
     }
     if ($this->valid && $doredirect) {
         $this->redirect();
         $this->complete = true;
     }
 }