ILIAS  release_8 Revision v8.24
class.ilLTIConsumerResultService.php
Go to the documentation of this file.
1<?php
2
3declare(strict_types=1);
4/******************************************************************************
5 *
6 * This file is part of ILIAS, a powerful learning management system.
7 *
8 * ILIAS is licensed with the GPL-3.0, you should have received a copy
9 * of said license along with the source code.
10 *
11 * If this is not the case or you just want to try ILIAS, you'll find
12 * us at:
13 * https://www.ilias.de
14 * https://github.com/ILIAS-eLearning
15 *
16 *****************************************************************************/
25class ilLTIConsumerResultService
26{
30 protected ?ilLTIConsumerResult $result = null;
31
35 protected int $availability = 0;
36
40 protected float $mastery_score = 1;
41
45 protected array $fields = array();
46
50 protected string $message_ref_id = '';
54 protected string $operation = '';
55
56
57 public function getMasteryScore(): float
58 {
59 return $this->mastery_score;
60 }
61
62 public function setMasteryScore(float $mastery_score): void
63 {
64 $this->mastery_score = $mastery_score;
65 }
66
67 public function getAvailability(): int
68 {
69 return $this->availability;
70 }
71
72 public function setAvailability(int $availability): void
73 {
74 $this->availability = $availability;
75 }
76
77 public function isAvailable(): bool
78 {
79 if ($this->availability == 0) {
80 return false;
81 }
82 return true;
83 }
84
88 public function handleRequest(): void
89 {
90 try {
91 // get the request as xml
92 $xml = simplexml_load_file('php://input');
93 $this->message_ref_id = (string) $xml->imsx_POXHeader->imsx_POXRequestHeaderInfo->imsx_messageIdentifier;
94 $request = current($xml->imsx_POXBody->children());
95 $this->operation = str_replace('Request', '', $request->getName());
96
97 $token = ilCmiXapiAuthToken::getInstanceByToken((string) $request->resultRecord->sourcedGUID->sourcedId);
98
99 $this->result = ilLTIConsumerResult::getByKeys($token->getObjId(), $token->getUsrId(), false);
100 if (empty($this->result)) {
101 $this->respondUnauthorized("lti_consumer_results_id not found!");
102 return;
103 }
104
105
106 // check the object status
107 $this->readProperties($this->result->obj_id);
108
109 if (!$this->isAvailable()) {
110 $this->respondUnsupported();
111 return;
112 }
113
114 // Verify the signature
115 $this->readFields($this->result->obj_id);
116 $result = $this->checkSignature($this->fields['KEY'], $this->fields['SECRET']);
117 if ($result instanceof Exception) {
118 $this->respondUnauthorized($result->getMessage());
119 return;
120 }
121
122 // Dispatch the operation
123 switch ($this->operation) {
124 case 'readResult':
125 $this->readResult($request);
126 break;
127
128 case 'replaceResult':
129 $this->replaceResult($request);
130 $this->updateLP();
131 break;
132
133 case 'deleteResult':
134 $this->deleteResult($request);
135 $this->updateLP();
136 break;
137
138 default:
139 $this->respondUnknown();
140 break;
141 }
142 } catch (Exception $exception) {
143 $this->respondBadRequest($exception->getMessage());
144 }
145 }
146
150 protected function readResult(\SimpleXMLElement $request): void
151 {
152 $response = $this->loadResponse('readResult.xml');
153 $response = str_replace('{message_id}', md5((string) rand(0, 999_999_999)), $response);
154 $response = str_replace('{message_ref_id}', $this->message_ref_id, $response);
155 $response = str_replace('{operation}', $this->operation, $response);
156 $response = str_replace('{result}', (string) $this->result->result, $response);
157
158 header('Content-type: application/xml');
159 echo $response;
160 }
161
165 protected function replaceResult(\SimpleXMLElement $request): void
166 {
167 $result = (string) $request->resultRecord->result->resultScore->textString;
168 if (!is_numeric($result)) {
169 $code = "failure";
170 $severity = "status";
171 $description = "The result is not a number.";
172 } elseif ($result < 0 or $result > 1) {
173 $code = "failure";
174 $severity = "status";
175 $description = "The result is out of range from 0 to 1.";
176 } else {
177 $this->result->result = (float) $result;
178 $this->result->save();
179
180 if ($result >= $this->getMasteryScore()) {
181 $lp_status = ilLPStatus::LP_STATUS_COMPLETED_NUM;
182 } else {
183 $lp_status = ilLPStatus::LP_STATUS_IN_PROGRESS_NUM;
184 }
185 $lp_percentage = (int) round(100 * $result);
186
187// Mantis #37080
188 ilLPStatus::writeStatus($this->result->obj_id, $this->result->usr_id, $lp_status, $lp_percentage, true);
189
190 $code = "success";
191 $severity = "status";
192 $description = sprintf("Score for %s is now %s", $this->result->id, $this->result->result);
193 }
194
195 $response = $this->loadResponse('replaceResult.xml');
196 $response = str_replace('{message_id}', md5((string) rand(0, 999_999_999)), $response);
197 $response = str_replace('{message_ref_id}', $this->message_ref_id, $response);
198 $response = str_replace('{operation}', $this->operation, $response);
199 $response = str_replace('{code}', $code, $response);
200 $response = str_replace('{severity}', $severity, $response);
201 $response = str_replace('{description}', $description, $response);
202
203 header('Content-type: application/xml');
204 echo $response;
205 }
206
210 protected function deleteResult(\SimpleXMLElement $request): void
211 {
212 $this->result->result = null;
213 $this->result->save();
214
215 $lp_status = ilLPStatus::LP_STATUS_IN_PROGRESS_NUM;
216 $lp_percentage = 0;
217 ilLPStatus::writeStatus($this->result->obj_id, $this->result->usr_id, $lp_status, $lp_percentage, true);
218
219 $code = "success";
220 $severity = "status";
221
222 $response = $this->loadResponse('deleteResult.xml');
223 $response = str_replace('{message_id}', md5((string) rand(0, 999_999_999)), $response);
224 $response = str_replace('{message_ref_id}', $this->message_ref_id, $response);
225 $response = str_replace('{operation}', $this->operation, $response);
226 $response = str_replace('{code}', $code, $response);
227 $response = str_replace('{severity}', $severity, $response);
228
229 header('Content-type: application/xml');
230 echo $response;
231 }
232
233
239 protected function loadResponse($a_name): string
240 {
241 return file_get_contents('./Modules/LTIConsumer/responses/' . $a_name);
242 }
243
244
249 protected function respondUnsupported(): void
250 {
251 $response = $this->loadResponse('unsupported.xml');
252 $response = str_replace('{message_id}', md5((string) rand(0, 999_999_999)), $response);
253 $response = str_replace('{message_ref_id}', $this->message_ref_id, $response);
254 $response = str_replace('{operation}', $this->operation, $response);
255
256 header('Content-type: application/xml');
257 echo $response;
258 }
259
263 protected function respondUnknown(): void
264 {
265 $response = $this->loadResponse('unknown.xml');
266 $response = str_replace('{message_id}', md5((string) rand(0, 999_999_999)), $response);
267 $response = str_replace('{message_ref_id}', $this->message_ref_id, $response);
268 $response = str_replace('{operation}', $this->operation, $response);
269
270 header('Content-type: application/xml');
271 echo $response;
272 }
273
277 protected function respondBadRequest(?string $message = null): void
278 {
279 header('HTTP/1.1 400 Bad Request');
280 header('Content-type: text/plain');
281 if (isset($message)) {
282 echo $message;
283 } else {
284 echo 'This is not a well-formed LTI Basic Outcomes Service request.';
285 }
286 }
287
292 protected function respondUnauthorized(?string $message = null): void
293 {
294 header('HTTP/1.1 401 Unauthorized');
295 header('Content-type: text/plain');
296 if (isset($message)) {
297 echo $message;
298 } else {
299 echo 'This request could not be authorized.';
300 }
301 }
302
306 public function readProperties(int $a_obj_id): void
307 {
308 global $DIC;
309
310 $query = "
311 SELECT lti_ext_provider.availability, lti_consumer_settings.mastery_score
312 FROM lti_ext_provider, lti_consumer_settings
313 WHERE lti_ext_provider.id = lti_consumer_settings.provider_id
314 AND lti_consumer_settings.obj_id = %s
315 ";
316
317 $res = $DIC->database()->queryF($query, array('integer'), array($a_obj_id));
318
319 if ($row = $DIC->database()->fetchAssoc($res)) {
320 //$this->properties = $row;
321 $this->setAvailability((int) $row['availability']);
322 $this->setMasteryScore((float) $row['mastery_score']);
323 }
324 }
325
329 private function readFields(int $a_obj_id): void
330 {
331 global $DIC;
332
333 $query = "
334 SELECT lti_ext_provider.provider_key, lti_ext_provider.provider_secret, lti_consumer_settings.launch_key, lti_consumer_settings.launch_secret
335 FROM lti_ext_provider, lti_consumer_settings
336 WHERE lti_ext_provider.id = lti_consumer_settings.provider_id
337 AND lti_consumer_settings.obj_id = %s
338 ";
339
340 $res = $DIC->database()->queryF($query, array('integer'), array($a_obj_id));
341
342 while ($row = $DIC->database()->fetchAssoc($res)) {
343 if (strlen($row["launch_key"]) > 0) {
344 $this->fields["KEY"] = $row["launch_key"];
345 } else {
346 $this->fields["KEY"] = $row["provider_key"];
347 }
348 if (strlen($row["launch_key"]) > 0) {
349 $this->fields["SECRET"] = $row["launch_secret"];
350 } else {
351 $this->fields["SECRET"] = $row["provider_secret"];
352 }
353 }
354 }
355
360 private function checkSignature(string $a_key, string $a_secret)
361 {
362 $store = new TrivialOAuthDataStore();
363 $store->add_consumer($a_key, $a_secret);
364
365 $server = new \ILIAS\LTIOAuth\OAuthServer($store);
366 $method = new \ILIAS\LTIOAuth\OAuthSignatureMethod_HMAC_SHA1();
367 $server->add_signature_method($method);
368
369 $request = \ILIAS\LTIOAuth\OAuthRequest::from_request();
370 try {
371 $server->verify_request($request);
372 } catch (Exception $e) {
373 return $e;
374 }
375 return true;
376 }
377
378 protected function updateLP(): void
379 {
380 if (!($this->result instanceof ilLTIConsumerResult)) {
381 return;
382 }
383
384 ilLPStatusWrapper::_updateStatus($this->result->getObjId(), $this->result->getUsrId());
385 }
386}
TrivialOAuthDataStore
A Trivial memory-based store - no support for tokens.
Definition: TrivialOAuthDataStore.php:9
ilCmiXapiAuthToken\getInstanceByToken
static getInstanceByToken(string $token)
Definition: class.ilCmiXapiAuthToken.php:291
ilLPStatusWrapper\_updateStatus
static _updateStatus(int $a_obj_id, int $a_usr_id, ?object $a_obj=null, bool $a_percentage=false, bool $a_force_raise=false)
Definition: class.ilLPStatusWrapper.php:282
ilLPStatus\writeStatus
static writeStatus(int $a_obj_id, int $a_user_id, int $a_status, int $a_percentage=0, bool $a_force_per=false, ?int &$a_old_status=self::LP_STATUS_NOT_ATTEMPTED_NUM)
Write status for user and object.
Definition: class.ilLPStatus.php:426
ilLPStatus\LP_STATUS_COMPLETED_NUM
const LP_STATUS_COMPLETED_NUM
Definition: class.ilLPStatus.php:44
ilLPStatus\LP_STATUS_IN_PROGRESS_NUM
const LP_STATUS_IN_PROGRESS_NUM
Definition: class.ilLPStatus.php:43
ilLTIConsumerResultService\readFields
readFields(int $a_obj_id)
Read the LTI Consumer object fields.
Definition: class.ilLTIConsumerResultService.php:329
ilLTIConsumerResultService\checkSignature
checkSignature(string $a_key, string $a_secret)
Check the reqest signature.
Definition: class.ilLTIConsumerResultService.php:360
ilLTIConsumerResultService\readProperties
readProperties(int $a_obj_id)
Read the LTI Consumer object properties.
Definition: class.ilLTIConsumerResultService.php:306
ilLTIConsumerResultService\handleRequest
handleRequest()
Handle an incoming request from the LTI tool provider.
Definition: class.ilLTIConsumerResultService.php:88
ilLTIConsumerResultService\respondBadRequest
respondBadRequest(?string $message=null)
Send a "bad request" response.
Definition: class.ilLTIConsumerResultService.php:277
ilLTIConsumerResultService\respondUnsupported
respondUnsupported()
Send a response that the operation is not supported This depends on the status of the object.
Definition: class.ilLTIConsumerResultService.php:249
ilLTIConsumerResultService\respondUnauthorized
respondUnauthorized(?string $message=null)
Send an "unauthorized" response.
Definition: class.ilLTIConsumerResultService.php:292
ilLTIConsumerResultService\loadResponse
loadResponse($a_name)
Load the XML template for the response.
Definition: class.ilLTIConsumerResultService.php:239
ilLTIConsumerResultService\replaceResult
replaceResult(\SimpleXMLElement $request)
Replace a stored result.
Definition: class.ilLTIConsumerResultService.php:165
ilLTIConsumerResultService\readResult
readResult(\SimpleXMLElement $request)
Read a stored result.
Definition: class.ilLTIConsumerResultService.php:150
ilLTIConsumerResultService\respondUnknown
respondUnknown()
Send a "unknown operation" response.
Definition: class.ilLTIConsumerResultService.php:263
ilLTIConsumerResultService\deleteResult
deleteResult(\SimpleXMLElement $request)
Delete a stored result.
Definition: class.ilLTIConsumerResultService.php:210
ilLTIConsumerResult\getByKeys
static getByKeys(int $a_obj_id, int $a_usr_id, ?bool $a_create=false)
Get a result by object and user key.
Definition: class.ilLTIConsumerResult.php:75
ilLTIConsumerResult\save
save()
Save a result object.
Definition: class.ilLTIConsumerResult.php:115
if
if(!file_exists(getcwd() . '/ilias.ini.php'))
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: confirmReg.php:20
$server
$server
Definition: dummy_client.php:22
$DIC
global $DIC
Definition: feed.php:28
fields
$errors fields
Definition: imgupload.php:67
$res
$res
Definition: ltiservices.php:69
$store
$store
Definition: metadata.php:107
$xml
$xml
Definition: metadata.php:351
$query
$query
Definition: proxy_ylocal.php:13
$response
$response
Definition: proxy_ylocal.php:39
$message
$message
Definition: xapiexit.php:32
$token
$token
Definition: xapitoken.php:70