/**
* Handle launch requests, which start the application running
**/
public function onLaunch()
{
global $metadata;
// FIXME grown-ups don't program like this
global $sql;
// FIXME grown-ups don't program like this
/* is this user in a role that can use this app? */
if ($this->user->isLearner() || $this->user->isStaff()) {
/* set up any needed session variables */
$_SESSION['consumer_key'] = $this->consumer->getKey();
$_SESSION['resource_id'] = $this->resource_link->getId();
$_SESSION['user_consumer_key'] = $this->user->getResourceLink()->getConsumer()->getKey();
$_SESSION['user_id'] = $this->user->getId();
$_SESSION['isStudent'] = $this->user->isLearner();
$_SESSION['isContentItem'] = FALSE;
/* do we have an admin API access token? */
$haveToken = true;
if (empty($metadata['CANVAS_API_TOKEN'])) {
/* ...if not, do we have a user API access token for this user? */
$userToken = new UserAPIToken($_SESSION['user_consumer_key'], $_SESSION['user_id'], $sql);
if (empty($userToken->getToken())) {
/* ...if this user has no token, let's start by getting one */
$haveToken = false;
$this->redirectURL = "{$metadata['APP_URL']}/lti/token_request.php?oauth=request";
} else {
/* ...but if the user does have a token, rock on! */
$_SESSION['isUserToken'] = true;
$_SESSION['apiToken'] = $userToken->getToken();
//$_SESSION['apiUrl'] = $userToken->getAPIUrl();
}
} else {
/* ...if we have an admin API token, rock on! */
$_SESSION['isUserToken'] = false;
$_SESSION['apiToken'] = $metadata['CANVAS_API_TOKEN'];
//$_SESSION['apiUrl'] = $metadata['CANVAS_API_URL'];
}
$_SESSION['apiUrl'] = 'https://' . $this->user->getResourceLink()->settings['custom_canvas_api_domain'] . '/api/v1';
/* pass control off to the app */
if ($haveToken) {
$this->redirectURL = "{$metadata['APP_URL']}/app.php?lti-request=launch";
}
/* ...otherwise set an appropriate error message and fail */
} else {
$this->reason = 'Invalid role';
$this->isOK = false;
}
}
require_once 'common.inc.php';
/* this file handles the entire OAuth API token negotiation for a user token --
update it to include a better explanation, pertinent to your app, for why the
user is about to be asked to log into Canvas in the middle of Canvas */
try {
$oauth = new OAuthNegotiator();
} catch (OAuthNegotiator_Exception $e) {
}
if (isset($_REQUEST['oauth'])) {
switch ($_REQUEST['oauth']) {
case 'request':
$smarty->assign('content', '<h1>Token Request</h1>
<p>This application requires access to the Canvas APIs. Canvas is about to ask you to give permission for this.</p>
<p><a href="' . $_SERVER['PHP_SELF'] . '?oauth=process">Click to continue</a></p>');
$smarty->display();
exit;
case 'process':
$oauth = new OAuthNegotiator('https://' . $toolProvider->user->getResourceLink()->settings['custom_canvas_api_domain'] . '/login/oauth2', (string) $secrets->oauth->id, (string) $secrets->oauth->key, "{$_SERVER['PHP_SELF']}?oauth=complete", (string) $secrets->app->name);
break;
case 'complete':
$user = new UserAPIToken($_SESSION['user_consumer_key'], $_SESSION['user_id'], $sql);
$user->setToken($oauth->getToken());
$user->setAPIUrl("{$metadata['CANVAS_INSTANCE_URL']}/api/v1");
$_SESSION['apiToken'] = $user->getToken();
$_SESSION['apiUrl'] = $user->getAPIUrl();
$_SESSION['isUserToken'] = true;
header("Location: {$metadata['APP_URL']}/app.php");
exit;
}
}