Collaboration diagram for XapiProxy\XapiProxyRequest:

Public Member Functions
	__construct ()

	handle ()

Private Member Functions
	handleStatementsRequest ($request)

	handleGetStatementsRequest ($request)

	handlePostPutStatementsRequest ($request)

	handleActivitiesRequest ($request)

	handleActivitiesProfileRequest ($request)

	handleActivitiesStateRequest ($request)

	handleAgentsRequest ($request)

	handleAgentsProfileRequest ($request)

	handleAboutRequest ($request)

	handleProxy ($request, $fakePostBody=null)

	createProxyRequest ($request, $uri, $auth, $body)

	msg ($msg)

Private Attributes
	$dic

	$xapiproxy

	$request

	$xapiProxyResponse

	$cmdPart2plus = ""

	$checkGetStatements = true

Detailed Description

Definition at line 10 of file XapiProxyRequest.php.

Constructor & Destructor Documentation

◆ __construct()

XapiProxy\XapiProxyRequest::__construct ( )

Definition at line 19 of file XapiProxyRequest.php.

        {
            $this->dic = $GLOBALS['DIC'];
            $this->xapiproxy = $this->dic['xapiproxy'];
            $this->request = $this->dic->http()->request();
        }

References $GLOBALS.

Member Function Documentation

◆ createProxyRequest()

XapiProxy\XapiProxyRequest::createProxyRequest	(	$request,
		$uri,
		$auth,
		$body
	)

private

Definition at line 296 of file XapiProxyRequest.php.

        {
            $headers = array(
                'Cache-Control' => 'no-cache, no-store, must-revalidate',
                'Authorization' => $auth
            );
    
            if ($request->hasHeader('X-Experience-API-Version')) {
                $headers['X-Experience-API-Version'] = $request->getHeader('X-Experience-API-Version');
            }
    
            if ($request->hasHeader('Referrer')) {
                $headers['Referrer'] = $request->getHeader('Referrer');
            }
    
            if ($request->hasHeader('Content-Type')) {
                $headers['Content-Type'] = $request->getHeader('Content-Type');
            }
    
            if ($request->hasHeader('Origin')) {
                $headers['Origin'] = $request->getHeader('Origin');
            }
    
            if ($request->hasHeader('Content-Length')) {
                $contentLength = $request->getHeader('Content-Length');
                if (is_array($contentLength) && $contentLength[0] === '') {
                    $contentLength = array(0);
                } elseif ($contentLength === '') {
                    $contentLength = array(0);
                }
                $headers['Content-Length'] = $contentLength;
            }
    
            if ($request->hasHeader('Connection')) {
                $headers['Connection'] = $request->getHeader('Connection');
            }
 
            //$this->xapiproxy->log()->debug($this->msg($body));
 
            $req = new Request(strtoupper($request->getMethod()), $uri, $headers, $body);
    
            return $req;
        }

References $auth, and XapiProxy\$req.

◆ handle()

XapiProxy\XapiProxyRequest::handle ( )

Definition at line 26 of file XapiProxyRequest.php.

        {
            $this->xapiProxyResponse = $this->xapiproxy->getXapiProxyResponse();
            $request = $this->dic->http()->request();
            $cmdParts = $this->xapiproxy->cmdParts();
            $this->xapiproxy->log()->debug($this->msg(var_export($cmdParts, true)));
            if (count($cmdParts) === 5) {
                $cmd = $cmdParts[3];
                if ($cmd === "statements") {
                    $this->handleStatementsRequest($request);
                } elseif ($cmd === "activities") {
                    $this->handleActivitiesRequest($request);
                } elseif ($cmd === "activities/profile") {
                    $this->handleActivitiesProfileRequest($request);
                } elseif ($cmd === "activities/state") {
                    $this->handleActivitiesStateRequest($request);
                } elseif ($cmd === "agents") {
                    $this->handleAgentsRequest($request);
                } elseif ($cmd === "agents/profile") {
                    $this->handleAgentsProfileRequest($request);
                } elseif ($cmd === "about") {
                    $this->handleAboutRequest($request);
                } else {
                    $this->xapiproxy->log()->debug($this->msg("Wrong xApi Query: " . $request->getUri()));
                    $this->xapiProxyResponse->exitBadRequest();
                }
            } else {
                $this->xapiproxy->log()->error($this->msg("Wrong xApi Query: " . $request->getUri()));
                $this->xapiProxyResponse->exitBadRequest();
            }
        }

◆ handleAboutRequest()

XapiProxy\XapiProxyRequest::handleAboutRequest ( $request )

private

Definition at line 193 of file XapiProxyRequest.php.

        {
            $this->xapiproxy->log()->debug($this->msg("handleAboutRequest (" . $this->xapiproxy->method() . "): " . $request->getUri()));
            $this->handleProxy($request);
        }

◆ handleActivitiesProfileRequest()

XapiProxy\XapiProxyRequest::handleActivitiesProfileRequest ( $request )

private

Definition at line 169 of file XapiProxyRequest.php.

        {
            $this->xapiproxy->log()->debug($this->msg("handleActivitiesProfileRequest (" . $this->xapiproxy->method() . "): " . $request->getUri()));
            $this->handleProxy($request);
        }

◆ handleActivitiesRequest()

XapiProxy\XapiProxyRequest::handleActivitiesRequest ( $request )

private

Definition at line 161 of file XapiProxyRequest.php.

        {
//            $this->xapiproxy->log()->debug($this->msg("blocked handleActivitiesRequest (" . $this->xapiproxy->method() . "): " . $request->getUri()));
//            $this->xapiProxyResponse->exitBadRequest();
            $this->xapiproxy->log()->debug($this->msg("handleActivitiesRequest (" . $this->xapiproxy->method() . "): " . $request->getUri()));
            $this->handleProxy($request);
        }

◆ handleActivitiesStateRequest()

XapiProxy\XapiProxyRequest::handleActivitiesStateRequest ( $request )

private

Definition at line 175 of file XapiProxyRequest.php.

        {
            $this->xapiproxy->log()->debug($this->msg("handleActivitiesStateRequest (" . $this->xapiproxy->method() . "): " . $request->getUri()));
            $this->handleProxy($request);
        }

◆ handleAgentsProfileRequest()

XapiProxy\XapiProxyRequest::handleAgentsProfileRequest ( $request )

private

Definition at line 187 of file XapiProxyRequest.php.

        {
            $this->xapiproxy->log()->debug($this->msg("handleAgentsProfileRequest (" . $this->xapiproxy->method() . "): " . $request->getUri()));
            $this->handleProxy($request);
        }

◆ handleAgentsRequest()

XapiProxy\XapiProxyRequest::handleAgentsRequest ( $request )

private

Definition at line 181 of file XapiProxyRequest.php.

        {
            $this->xapiproxy->log()->debug($this->msg("blocked handleAgentsRequest (" . $this->xapiproxy->method() . "): " . $request->getUri()));
            $this->xapiProxyResponse->exitBadRequest();
        }

◆ handleGetStatementsRequest()

XapiProxy\XapiProxyRequest::handleGetStatementsRequest ( $request )

private

Definition at line 71 of file XapiProxyRequest.php.

        {
            if ($this->xapiproxy->cmdParts()[4] == "") {
                $this->xapiproxy->log()->warning($this->msg("unfiltered get statements requests are not allowed for security reasons"));
                $this->xapiProxyResponse->exitBadRequest();
            }
            $this->xapiproxy->log()->debug($this->msg("handleGetStatementsRequest: " . $request->getUri()));
 
            try {
                $badRequest = false;
                if ($this->checkGetStatements) {
                    $authToken = \ilCmiXapiAuthToken::getInstanceByToken($this->xapiproxy->token());
                    $obj = \ilObjCmiXapi::getInstance($authToken->getRefId(), true);
                    $access = \ilCmiXapiAccess::getInstance($obj);
                    if (isset($_GET['statementId'])) {
                        $this->xapiproxy->log()->debug($this->msg("single statementId requests can not be secured. It is not allowed to append any additional parameter like registration or activity (tested in LL7)"));
                    // single statementId can not be handled. it is not allowed to append a registration on single statement requests (tested in LL7)
                    } else {
                        if (isset($_GET['activity'])) {
                            // ToDo: how this can be verified? the object only knows the top activityId
                        } else {
                            $this->xapiproxy->log()->debug($this->msg("add activity: " . $obj->getActivityId()));
                            $this->cmdPart2plus .= "&activity=" . $obj->getActivityId() . "&related_activities=true";
                        }
                        if (!$access->hasOutcomesAccess($authToken->getUsrId())) {
                            // ToCheck
                            /*
                            if (!$access->hasStatementsAccess()) {
                                $this->xapiproxy->log()->warning($this->msg("statements access is not enabled"));
                                $this->xapiProxyResponse->exitBadRequest();
                            }
                            */
                            if ($obj->getContentType() == \ilObjCmiXapi::CONT_TYPE_CMI5) {
                                $regUserObject = \ilCmiXapiUser::getCMI5RegistrationFromAuthToken($authToken);
                            } else {
                                $regUserObject = \ilCmiXapiUser::getRegistrationFromAuthToken($authToken);
                            }
                            if (isset($_GET['registration'])) {
                                $regParam = $_GET['registration'];
                                if ($regParam != $regUserObject) {
                                    $this->xapiproxy->log()->debug($this->msg("wrong registration: " . $regParam . " != " . $regUserObject));
                                    $badRequest = true;
                                }
                            } else { // add registration
                                $this->xapiproxy->log()->debug($this->msg("add registration: " . $regUserObject));
                                $this->cmdPart2plus .= "&registration=" . $regUserObject;
                            }
                        }
                    }
                }
                if ($badRequest) {
                    $this->xapiProxyResponse->exitBadRequest();
                } else {
                    $this->handleProxy($request);
                }
            } catch (\Exception $e) {
                $this->xapiproxy->log()->error($this->msg($e->getMessage()));
            }
        }

References $_GET, Vendor\Package\$e, ilObjCmiXapi\CONT_TYPE_CMI5, ilCmiXapiUser\getCMI5RegistrationFromAuthToken(), ilObjCmiXapi\getInstance(), ilCmiXapiAccess\getInstance(), ilCmiXapiAuthToken\getInstanceByToken(), and ilCmiXapiUser\getRegistrationFromAuthToken().

Here is the call graph for this function:

◆ handlePostPutStatementsRequest()

XapiProxy\XapiProxyRequest::handlePostPutStatementsRequest ( $request )

private

Definition at line 131 of file XapiProxyRequest.php.

        {
            $this->xapiproxy->log()->debug($this->msg("handlePostPutStatementsRequest: " . $request->getUri()));
            $body = $request->getBody()->getContents();
            if (empty($body)) {
                $this->xapiproxy->log()->warning($this->msg("empty body in handlePostPutRequest"));
                $this->handleProxy($request);
            } else {
                try {
                    $this->xapiproxy->log()->debug($this->msg("process statements"));
                    $retArr = $this->xapiproxy->processStatements($request, $body);
                    if (is_array($retArr)) {
                        $body = json_encode($retArr[0]); // new body with allowed statements
                        $fakePostBody = $retArr[1]; // fake post php array of ALL statments as if all statements were processed
                    }
                } catch (\Exception $e) {
                    $this->xapiproxy->log()->error($this->msg($e->getMessage()));
                    $this->xapiProxyResponse->exitProxyError();
                }
                try {
                    $body = $this->xapiproxy->modifyBody($body);
                    $req = new Request($request->getMethod(), $request->getUri(), $request->getHeaders(), $body);
                    $this->handleProxy($req, $fakePostBody);
                } catch (\Exception $e) {
                    $this->xapiproxy->log()->error($this->msg($e->getMessage()));
                    $this->handleProxy($request, $fakePostBody);
                }
            }
        }

References Vendor\Package\$e, and XapiProxy\$req.

◆ handleProxy()

XapiProxy\XapiProxyRequest::handleProxy	(	$request,
		$fakePostBody = `null`
	)

private

Definition at line 199 of file XapiProxyRequest.php.

        {
            $endpointDefault = $this->xapiproxy->getDefaultLrsEndpoint();
            $endpointFallback = $this->xapiproxy->getFallbackLrsEndpoint();
        
            $this->xapiproxy->log()->debug($this->msg("endpointDefault: " . $endpointDefault));
            $this->xapiproxy->log()->debug($this->msg("endpointFallback: " . $endpointFallback));
            
            $keyDefault = $this->xapiproxy->getDefaultLrsKey();
            $secretDefault = $this->xapiproxy->getDefaultLrsSecret();
            $authDefault = 'Basic ' . base64_encode($keyDefault . ':' . $secretDefault);
        
            $hasFallback = ($endpointFallback === "") ? false : true;
        
            if ($hasFallback) {
                $keyFallback = $this->xapiproxy->getFallbackLrsKey();
                $secretFallback = $this->xapiproxy->getFallbackLrsSecret();
                $authFallback = 'Basic ' . base64_encode($keyFallback . ':' . $secretFallback);
            }
            
            $req_opts = array(
                RequestOptions::VERIFY => true,
                RequestOptions::CONNECT_TIMEOUT => 10,
                RequestOptions::HTTP_ERRORS => false
            );
            $cmd = $this->xapiproxy->cmdParts()[2] . $this->cmdPart2plus;
            $upstreamDefault = $endpointDefault . $cmd;
            $uriDefault = new Uri($upstreamDefault);
            $body = $request->getBody()->getContents();
            $reqDefault = $this->createProxyRequest($request, $uriDefault, $authDefault, $body);
            
            if ($hasFallback) {
                $upstreamFallback = $endpointFallback . $cmd;
                $uriFallback = new Uri($upstreamFallback);
                $reqFallback = $this->createProxyRequest($request, $uriFallback, $authFallback, $body);
            }
 
            $httpclient = new Client();
            if ($hasFallback) {
                $promises = [
                    'default' => $httpclient->sendAsync($reqDefault, $req_opts),
                    'fallback' => $httpclient->sendAsync($reqFallback, $req_opts)
                ];
                
                // this would throw first ConnectionException
                // $responses = Promise\unwrap($promises);
                try {
                    $responses = Promise\Utils::settle($promises)->wait();
                } catch (\Exception $e) {
                    $this->xapiproxy->log()->error($this->msg($e->getMessage()));
                }
               
                $defaultOk = $this->xapiProxyResponse->checkResponse($responses['default'], $endpointDefault);
                $fallbackOk = $this->xapiProxyResponse->checkResponse($responses['fallback'], $endpointFallback);
                
                if ($defaultOk) {
                    try {
                        $this->xapiProxyResponse->handleResponse($reqDefault, $responses['default']['value'], $fakePostBody);
                    } catch (\Exception $e) {
                        $this->xapiproxy->error($this->msg("XAPI exception from Default LRS: " . $endpointDefault . " (sent HTTP 500 to client): " . $e->getMessage()));
                        $this->xapiProxyResponse->exitProxyError();
                    }
                } elseif ($fallbackOk) {
                    try {
                        $this->xapiProxyResponse->handleResponse($reqFallback, $responses['fallback']['value'], $fakePostBody);
                    } catch (\Exception $e) {
                        $this->xapiproxy->error($this->msg("XAPI exception from Default LRS: " . $endpointDefault . " (sent HTTP 500 to client): " . $e->getMessage()));
                        $this->xapiProxyResponse->exitProxyError();
                    }
                } else {
                    $this->xapiProxyResponse->exitResponseError();
                }
            } else {
                $promises = [
                    'default' => $httpclient->sendAsync($reqDefault, $req_opts)
                ];
                // this would throw first ConnectionException
                // $responses = Promise\unwrap($promises);
                try {
                    $responses = Promise\Utils::settle($promises)->wait();
                } catch (\Exception $e) {
                    $this->xapiproxy->log()->error($this->msg($e->getMessage()));
                }
                if ($this->xapiProxyResponse->checkResponse($responses['default'], $endpointDefault)) {
                    try {
                        $this->xapiProxyResponse->handleResponse($reqDefault, $responses['default']['value'], $fakePostBody);
                    } catch (\Exception $e) {
                        $this->xapiproxy->error($this->msg("XAPI exception from Default LRS: " . $endpointDefault . " (sent HTTP 500 to client): " . $e->getMessage()));
                        $this->xapiProxyResponse->exitProxyError();
                    }
                } else {
                    $this->xapiProxyResponse->exitResponseError();
                }
            }
        }

References Vendor\Package\$e.

◆ handleStatementsRequest()

XapiProxy\XapiProxyRequest::handleStatementsRequest ( $request )

private

Definition at line 58 of file XapiProxyRequest.php.

        {
            $this->xapiproxy->log()->debug($this->msg("handleStatementsRequest (" . $this->xapiproxy->method() . "): " . $request->getUri()));
            $method = $this->xapiproxy->method();
            if ($method === "post" || $method === "put") {
                $this->handlePostPutStatementsRequest($request);
            } elseif ($method === "get") {
                $this->handleGetStatementsRequest($request);
            } else {
                $this->xapiProxyResponse->exitBadRequest();
            }
        }

◆ msg()

XapiProxy\XapiProxyRequest::msg ( $msg )

private

Definition at line 340 of file XapiProxyRequest.php.

        {
            return $this->xapiproxy->msg($msg);
        }

Field Documentation

◆ $checkGetStatements

XapiProxy\XapiProxyRequest::$checkGetStatements = true

private

Definition at line 17 of file XapiProxyRequest.php.

◆ $cmdPart2plus

XapiProxy\XapiProxyRequest::$cmdPart2plus = ""

private

Definition at line 16 of file XapiProxyRequest.php.

◆ $dic

XapiProxy\XapiProxyRequest::$dic

private

Definition at line 12 of file XapiProxyRequest.php.

◆ $request

XapiProxy\XapiProxyRequest::$request

private

Definition at line 14 of file XapiProxyRequest.php.

◆ $xapiproxy

XapiProxy\XapiProxyRequest::$xapiproxy

private

Definition at line 13 of file XapiProxyRequest.php.

◆ $xapiProxyResponse

XapiProxy\XapiProxyRequest::$xapiProxyResponse

private

Definition at line 15 of file XapiProxyRequest.php.

The documentation for this class was generated from the following file:

Modules/CmiXapi/classes/XapiProxy/XapiProxyRequest.php

Public Member Functions

Private Member Functions

Private Attributes

Detailed Description

Constructor & Destructor Documentation

◆ __construct()

Member Function Documentation

◆ createProxyRequest()

◆ handle()

◆ handleAboutRequest()

◆ handleActivitiesProfileRequest()

◆ handleActivitiesRequest()

◆ handleActivitiesStateRequest()

◆ handleAgentsProfileRequest()

◆ handleAgentsRequest()

◆ handleGetStatementsRequest()

◆ handlePostPutStatementsRequest()

◆ handleProxy()

◆ handleStatementsRequest()

◆ msg()

Field Documentation

◆ $checkGetStatements

◆ $cmdPart2plus

◆ $dic

◆ $request

◆ $xapiproxy

◆ $xapiProxyResponse