ILIAS  release_8 Revision v8.19
All Data Structures Namespaces Files Functions Variables Modules Pages
class.ilLTIConsumerResultService.php
Go to the documentation of this file.
1 <?php
2 
3 declare(strict_types=1);
4 /******************************************************************************
5  *
6  * This file is part of ILIAS, a powerful learning management system.
7  *
8  * ILIAS is licensed with the GPL-3.0, you should have received a copy
9  * of said license along with the source code.
10  *
11  * If this is not the case or you just want to try ILIAS, you'll find
12  * us at:
13  * https://www.ilias.de
14  * https://github.com/ILIAS-eLearning
15  *
16  *****************************************************************************/
25 class ilLTIConsumerResultService
26 {
30  protected ?ilLTIConsumerResult $result = null;
31 
35  protected int $availability = 0;
36 
40  protected float $mastery_score = 1;
41 
45  protected array $fields = array();
46 
50  protected string $message_ref_id = '';
54  protected string $operation = '';
55 
56 
57  public function getMasteryScore(): float
58  {
59  return $this->mastery_score;
60  }
61 
62  public function setMasteryScore(float $mastery_score): void
63  {
64  $this->mastery_score = $mastery_score;
65  }
66 
67  public function getAvailability(): int
68  {
69  return $this->availability;
70  }
71 
72  public function setAvailability(int $availability): void
73  {
74  $this->availability = $availability;
75  }
76 
77  public function isAvailable(): bool
78  {
79  if ($this->availability == 0) {
80  return false;
81  }
82  return true;
83  }
84 
88  public function handleRequest(): void
89  {
90  try {
91  // get the request as xml
92  $xml = simplexml_load_file('php://input');
93  $this->message_ref_id = (string) $xml->imsx_POXHeader->imsx_POXRequestHeaderInfo->imsx_messageIdentifier;
94  $request = current($xml->imsx_POXBody->children());
95  $this->operation = str_replace('Request', '', $request->getName());
96 
97  $token = ilCmiXapiAuthToken::getInstanceByToken((string) $request->resultRecord->sourcedGUID->sourcedId);
98 
99  $this->result = ilLTIConsumerResult::getByKeys($token->getObjId(), $token->getUsrId(), false);
100  if (empty($this->result)) {
101  $this->respondUnauthorized("lti_consumer_results_id not found!");
102  return;
103  }
104 
105 
106  // check the object status
107  $this->readProperties($this->result->obj_id);
108 
109  if (!$this->isAvailable()) {
110  $this->respondUnsupported();
111  return;
112  }
113 
114  // Verify the signature
115  $this->readFields($this->result->obj_id);
116  $result = $this->checkSignature($this->fields['KEY'], $this->fields['SECRET']);
117  if ($result instanceof Exception) {
118  $this->respondUnauthorized($result->getMessage());
119  return;
120  }
121 
122  // Dispatch the operation
123  switch ($this->operation) {
124  case 'readResult':
125  $this->readResult($request);
126  break;
127 
128  case 'replaceResult':
129  $this->replaceResult($request);
130  $this->updateLP();
131  break;
132 
133  case 'deleteResult':
134  $this->deleteResult($request);
135  $this->updateLP();
136  break;
137 
138  default:
139  $this->respondUnknown();
140  break;
141  }
142  } catch (Exception $exception) {
143  $this->respondBadRequest($exception->getMessage());
144  }
145  }
146 
150  protected function readResult(\SimpleXMLElement $request): void
151  {
152  $response = $this->loadResponse('readResult.xml');
153  $response = str_replace('{message_id}', md5((string) rand(0, 999_999_999)), $response);
154  $response = str_replace('{message_ref_id}', $this->message_ref_id, $response);
155  $response = str_replace('{operation}', $this->operation, $response);
156  $response = str_replace('{result}', (string) $this->result->result, $response);
157 
158  header('Content-type: application/xml');
159  echo $response;
160  }
161 
165  protected function replaceResult(\SimpleXMLElement $request): void
166  {
167  $result = (string) $request->resultRecord->result->resultScore->textString;
168  if (!is_numeric($result)) {
169  $code = "failure";
170  $severity = "status";
171  $description = "The result is not a number.";
172  } elseif ($result < 0 or $result > 1) {
173  $code = "failure";
174  $severity = "status";
175  $description = "The result is out of range from 0 to 1.";
176  } else {
177  $this->result->result = (float) $result;
178  $this->result->save();
179 
180  if ($result >= $this->getMasteryScore()) {
181  $lp_status = ilLPStatus::LP_STATUS_COMPLETED_NUM;
182  } else {
183  $lp_status = ilLPStatus::LP_STATUS_IN_PROGRESS_NUM;
184  }
185  $lp_percentage = (int) round(100 * $result);
186 
187 // Mantis #37080
188  ilLPStatus::writeStatus($this->result->obj_id, $this->result->usr_id, $lp_status, $lp_percentage, true);
189 
190  $code = "success";
191  $severity = "status";
192  $description = sprintf("Score for %s is now %s", $this->result->id, $this->result->result);
193  }
194 
195  $response = $this->loadResponse('replaceResult.xml');
196  $response = str_replace('{message_id}', md5((string) rand(0, 999_999_999)), $response);
197  $response = str_replace('{message_ref_id}', $this->message_ref_id, $response);
198  $response = str_replace('{operation}', $this->operation, $response);
199  $response = str_replace('{code}', $code, $response);
200  $response = str_replace('{severity}', $severity, $response);
201  $response = str_replace('{description}', $description, $response);
202 
203  header('Content-type: application/xml');
204  echo $response;
205  }
206 
210  protected function deleteResult(\SimpleXMLElement $request): void
211  {
212  $this->result->result = null;
213  $this->result->save();
214 
215  $lp_status = ilLPStatus::LP_STATUS_IN_PROGRESS_NUM;
216  $lp_percentage = 0;
217  ilLPStatus::writeStatus($this->result->obj_id, $this->result->usr_id, $lp_status, $lp_percentage, true);
218 
219  $code = "success";
220  $severity = "status";
221 
222  $response = $this->loadResponse('deleteResult.xml');
223  $response = str_replace('{message_id}', md5((string) rand(0, 999_999_999)), $response);
224  $response = str_replace('{message_ref_id}', $this->message_ref_id, $response);
225  $response = str_replace('{operation}', $this->operation, $response);
226  $response = str_replace('{code}', $code, $response);
227  $response = str_replace('{severity}', $severity, $response);
228 
229  header('Content-type: application/xml');
230  echo $response;
231  }
232 
233 
239  protected function loadResponse($a_name): string
240  {
241  return file_get_contents('./Modules/LTIConsumer/responses/' . $a_name);
242  }
243 
244 
249  protected function respondUnsupported(): void
250  {
251  $response = $this->loadResponse('unsupported.xml');
252  $response = str_replace('{message_id}', md5((string) rand(0, 999_999_999)), $response);
253  $response = str_replace('{message_ref_id}', $this->message_ref_id, $response);
254  $response = str_replace('{operation}', $this->operation, $response);
255 
256  header('Content-type: application/xml');
257  echo $response;
258  }
259 
263  protected function respondUnknown(): void
264  {
265  $response = $this->loadResponse('unknown.xml');
266  $response = str_replace('{message_id}', md5((string) rand(0, 999_999_999)), $response);
267  $response = str_replace('{message_ref_id}', $this->message_ref_id, $response);
268  $response = str_replace('{operation}', $this->operation, $response);
269 
270  header('Content-type: application/xml');
271  echo $response;
272  }
273 
277  protected function respondBadRequest(?string $message = null): void
278  {
279  header('HTTP/1.1 400 Bad Request');
280  header('Content-type: text/plain');
281  if (isset($message)) {
282  echo $message;
283  } else {
284  echo 'This is not a well-formed LTI Basic Outcomes Service request.';
285  }
286  }
287 
292  protected function respondUnauthorized(?string $message = null): void
293  {
294  header('HTTP/1.1 401 Unauthorized');
295  header('Content-type: text/plain');
296  if (isset($message)) {
297  echo $message;
298  } else {
299  echo 'This request could not be authorized.';
300  }
301  }
302 
306  public function readProperties(int $a_obj_id): void
307  {
308  global $DIC;
309 
310  $query = "
311  SELECT lti_ext_provider.availability, lti_consumer_settings.mastery_score
312  FROM lti_ext_provider, lti_consumer_settings
313  WHERE lti_ext_provider.id = lti_consumer_settings.provider_id
314  AND lti_consumer_settings.obj_id = %s
315  ";
316 
317  $res = $DIC->database()->queryF($query, array('integer'), array($a_obj_id));
318 
319  if ($row = $DIC->database()->fetchAssoc($res)) {
320  //$this->properties = $row;
321  $this->setAvailability((int) $row['availability']);
322  $this->setMasteryScore((float) $row['mastery_score']);
323  }
324  }
325 
329  private function readFields(int $a_obj_id): void
330  {
331  global $DIC;
332 
333  $query = "
334  SELECT lti_ext_provider.provider_key, lti_ext_provider.provider_secret, lti_consumer_settings.launch_key, lti_consumer_settings.launch_secret
335  FROM lti_ext_provider, lti_consumer_settings
336  WHERE lti_ext_provider.id = lti_consumer_settings.provider_id
337  AND lti_consumer_settings.obj_id = %s
338  ";
339 
340  $res = $DIC->database()->queryF($query, array('integer'), array($a_obj_id));
341 
342  while ($row = $DIC->database()->fetchAssoc($res)) {
343  if (strlen($row["launch_key"]) > 0) {
344  $this->fields["KEY"] = $row["launch_key"];
345  } else {
346  $this->fields["KEY"] = $row["provider_key"];
347  }
348  if (strlen($row["launch_key"]) > 0) {
349  $this->fields["SECRET"] = $row["launch_secret"];
350  } else {
351  $this->fields["SECRET"] = $row["provider_secret"];
352  }
353  }
354  }
355 
360  private function checkSignature(string $a_key, string $a_secret)
361  {
362  $store = new TrivialOAuthDataStore();
363  $store->add_consumer($a_key, $a_secret);
364 
365  $server = new \ILIAS\LTIOAuth\OAuthServer($store);
366  $method = new \ILIAS\LTIOAuth\OAuthSignatureMethod_HMAC_SHA1();
367  $server->add_signature_method($method);
368 
369  $request = \ILIAS\LTIOAuth\OAuthRequest::from_request();
370  try {
371  $server->verify_request($request);
372  } catch (Exception $e) {
373  return $e;
374  }
375  return true;
376  }
377 
378  protected function updateLP(): void
379  {
380  if (!($this->result instanceof ilLTIConsumerResult)) {
381  return;
382  }
383 
384  ilLPStatusWrapper::_updateStatus($this->result->getObjId(), $this->result->getUsrId());
385  }
386 }
ilLPStatus\LP_STATUS_COMPLETED_NUM
const LP_STATUS_COMPLETED_NUM
Definition: class.ilLPStatus.php:44
$store
$store
Definition: metadata.php:107
ilLTIConsumerResultService\readFields
readFields(int $a_obj_id)
Read the LTI Consumer object fields.
Definition: class.ilLTIConsumerResultService.php:329
ilLTIConsumerResultService\respondUnknown
respondUnknown()
Send a "unknown operation" response.
Definition: class.ilLTIConsumerResultService.php:263
$res
$res
Definition: ltiservices.php:69
ilLTIConsumerResultService\respondBadRequest
respondBadRequest(?string $message=null)
Send a "bad request" response.
Definition: class.ilLTIConsumerResultService.php:277
ilLTIConsumerResultService\checkSignature
checkSignature(string $a_key, string $a_secret)
Check the reqest signature.
Definition: class.ilLTIConsumerResultService.php:360
fields
$errors fields
Definition: imgupload.php:67
ilCmiXapiAuthToken\getInstanceByToken
static getInstanceByToken(string $token)
Definition: class.ilCmiXapiAuthToken.php:291
ilLTIConsumerResultService\deleteResult
deleteResult(\SimpleXMLElement $request)
Delete a stored result.
Definition: class.ilLTIConsumerResultService.php:210
ilLPStatus\LP_STATUS_IN_PROGRESS_NUM
const LP_STATUS_IN_PROGRESS_NUM
Definition: class.ilLPStatus.php:43
ilLTIConsumerResultService\respondUnauthorized
respondUnauthorized(?string $message=null)
Send an "unauthorized" response.
Definition: class.ilLTIConsumerResultService.php:292
ilLTIConsumerResultService\readProperties
readProperties(int $a_obj_id)
Read the LTI Consumer object properties.
Definition: class.ilLTIConsumerResultService.php:306
ilLTIConsumerResult\save
save()
Save a result object.
Definition: class.ilLTIConsumerResult.php:115
$DIC
global $DIC
Definition: feed.php:28
if
if(!file_exists(getcwd() . '/ilias.ini.php'))
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: confirmReg.php:20
$token
$token
Definition: xapitoken.php:70
ilLTIConsumerResultService\handleRequest
handleRequest()
Handle an incoming request from the LTI tool provider.
Definition: class.ilLTIConsumerResultService.php:88
ilLTIConsumerResultService\respondUnsupported
respondUnsupported()
Send a response that the operation is not supported This depends on the status of the object...
Definition: class.ilLTIConsumerResultService.php:249
$xml
$xml
Definition: metadata.php:351
$query
$query
Definition: proxy_ylocal.php:13
ilLTIConsumerResult\getByKeys
static getByKeys(int $a_obj_id, int $a_usr_id, ?bool $a_create=false)
Get a result by object and user key.
Definition: class.ilLTIConsumerResult.php:75
ilLTIConsumerResultService\loadResponse
loadResponse($a_name)
Load the XML template for the response.
Definition: class.ilLTIConsumerResultService.php:239
TrivialOAuthDataStore
A Trivial memory-based store - no support for tokens.
Definition: TrivialOAuthDataStore.php:8
$server
$server
Definition: dummy_client.php:22
ilLPStatus\writeStatus
static writeStatus(int $a_obj_id, int $a_user_id, int $a_status, int $a_percentage=0, bool $a_force_per=false, ?int &$a_old_status=self::LP_STATUS_NOT_ATTEMPTED_NUM)
Write status for user and object.
Definition: class.ilLPStatus.php:426
$message
$message
Definition: xapiexit.php:32
$response
$response
Definition: proxy_ylocal.php:39
ilLTIConsumerResultService\replaceResult
replaceResult(\SimpleXMLElement $request)
Replace a stored result.
Definition: class.ilLTIConsumerResultService.php:165
ilLPStatusWrapper\_updateStatus
static _updateStatus(int $a_obj_id, int $a_usr_id, ?object $a_obj=null, bool $a_percentage=false, bool $a_force_raise=false)
Definition: class.ilLPStatusWrapper.php:282
ilLTIConsumerResultService\readResult
readResult(\SimpleXMLElement $request)
Read a stored result.
Definition: class.ilLTIConsumerResultService.php:150