ILIAS  trunk Revision v11.0_alpha-1702-gfd3ecb7f852
All Data Structures Namespaces Files Functions Variables Enumerations Enumerator Modules Pages
class.ilLTIConsumerResultService.php
Go to the documentation of this file.
1 <?php
2 
19 declare(strict_types=1);
28 class ilLTIConsumerResultService
29 {
33  protected ?ilLTIConsumerResult $result = null;
34 
38  protected int $availability = 0;
39 
43  protected float $mastery_score = 1;
44 
48  protected array $fields = array();
49 
53  protected string $message_ref_id = '';
57  protected string $operation = '';
58 
59 
60  public function getMasteryScore(): float
61  {
62  return $this->mastery_score;
63  }
64 
65  public function setMasteryScore(float $mastery_score): void
66  {
67  $this->mastery_score = $mastery_score;
68  }
69 
70  public function getAvailability(): int
71  {
72  return $this->availability;
73  }
74 
75  public function setAvailability(int $availability): void
76  {
77  $this->availability = $availability;
78  }
79 
80  public function isAvailable(): bool
81  {
82  if ($this->availability == 0) {
83  return false;
84  }
85  return true;
86  }
87 
91  public function handleRequest(): void
92  {
93  try {
94  // get the request as xml
95  $xml = simplexml_load_file('php://input');
96  $this->message_ref_id = (string) $xml->imsx_POXHeader->imsx_POXRequestHeaderInfo->imsx_messageIdentifier;
97  $request = current($xml->imsx_POXBody->children());
98  $this->operation = str_replace('Request', '', $request->getName());
99 
100  $token = ilCmiXapiAuthToken::getInstanceByToken((string) $request->resultRecord->sourcedGUID->sourcedId);
101 
102  $this->result = ilLTIConsumerResult::getByKeys($token->getObjId(), $token->getUsrId(), false);
103  if (empty($this->result)) {
104  $this->respondUnauthorized("lti_consumer_results_id not found!");
105  return;
106  }
107 
108 
109  // check the object status
110  $this->readProperties($this->result->obj_id);
111 
112  if (!$this->isAvailable()) {
113  $this->respondUnsupported();
114  return;
115  }
116 
117  // Verify the signature
118  $this->readFields($this->result->obj_id);
119  $result = $this->checkSignature($this->fields['KEY'], $this->fields['SECRET']);
120  if ($result instanceof Exception) {
121  $this->respondUnauthorized($result->getMessage());
122  return;
123  }
124 
125  // Dispatch the operation
126  switch ($this->operation) {
127  case 'readResult':
128  $this->readResult($request);
129  break;
130 
131  case 'replaceResult':
132  $this->replaceResult($request);
133  $this->updateLP();
134  break;
135 
136  case 'deleteResult':
137  $this->deleteResult($request);
138  $this->updateLP();
139  break;
140 
141  default:
142  $this->respondUnknown();
143  break;
144  }
145  } catch (Exception $exception) {
146  $this->respondBadRequest($exception->getMessage());
147  }
148  }
149 
153  protected function readResult(\SimpleXMLElement $request): void
154  {
155  $response = $this->loadResponse('readResult.xml');
156  $response = str_replace('{message_id}', md5((string) rand(0, 999_999_999)), $response);
157  $response = str_replace('{message_ref_id}', $this->message_ref_id, $response);
158  $response = str_replace('{operation}', $this->operation, $response);
159  $response = str_replace('{result}', (string) $this->result->result, $response);
160 
161  header('Content-type: application/xml');
162  echo $response;
163  }
164 
168  protected function replaceResult(\SimpleXMLElement $request): void
169  {
170  $result = (string) $request->resultRecord->result->resultScore->textString;
171  if (!is_numeric($result)) {
172  $code = "failure";
173  $severity = "status";
174  $description = "The result is not a number.";
175  } elseif ($result < 0 or $result > 1) {
176  $code = "failure";
177  $severity = "status";
178  $description = "The result is out of range from 0 to 1.";
179  } else {
180  $this->result->result = (float) $result;
181  $this->result->save();
182 
183  if ($result >= $this->getMasteryScore()) {
184  $lp_status = ilLPStatus::LP_STATUS_COMPLETED_NUM;
185  } else {
186  $lp_status = ilLPStatus::LP_STATUS_IN_PROGRESS_NUM;
187  }
188  $lp_percentage = (int) round(100 * $result);
189 
190  // Mantis #37080
191  ilLPStatus::writeStatus($this->result->obj_id, $this->result->usr_id, $lp_status, $lp_percentage, true);
192 
193  $code = "success";
194  $severity = "status";
195  $description = sprintf("Score for %s is now %s", $this->result->id, $this->result->result);
196  }
197 
198  $response = $this->loadResponse('replaceResult.xml');
199  $response = str_replace('{message_id}', md5((string) rand(0, 999_999_999)), $response);
200  $response = str_replace('{message_ref_id}', $this->message_ref_id, $response);
201  $response = str_replace('{operation}', $this->operation, $response);
202  $response = str_replace('{code}', $code, $response);
203  $response = str_replace('{severity}', $severity, $response);
204  $response = str_replace('{description}', $description, $response);
205 
206  header('Content-type: application/xml');
207  echo $response;
208  }
209 
213  protected function deleteResult(\SimpleXMLElement $request): void
214  {
215  $this->result->result = null;
216  $this->result->save();
217 
218  $lp_status = ilLPStatus::LP_STATUS_IN_PROGRESS_NUM;
219  $lp_percentage = 0;
220  ilLPStatus::writeStatus($this->result->obj_id, $this->result->usr_id, $lp_status, $lp_percentage, true);
221 
222  $code = "success";
223  $severity = "status";
224 
225  $response = $this->loadResponse('deleteResult.xml');
226  $response = str_replace('{message_id}', md5((string) rand(0, 999_999_999)), $response);
227  $response = str_replace('{message_ref_id}', $this->message_ref_id, $response);
228  $response = str_replace('{operation}', $this->operation, $response);
229  $response = str_replace('{code}', $code, $response);
230  $response = str_replace('{severity}', $severity, $response);
231 
232  header('Content-type: application/xml');
233  echo $response;
234  }
235 
236 
242  protected function loadResponse($a_name): string
243  {
244  return file_get_contents('./components/ILIAS/LTIConsumer/responses/' . $a_name);
245  }
246 
247 
252  protected function respondUnsupported(): void
253  {
254  $response = $this->loadResponse('unsupported.xml');
255  $response = str_replace('{message_id}', md5((string) rand(0, 999_999_999)), $response);
256  $response = str_replace('{message_ref_id}', $this->message_ref_id, $response);
257  $response = str_replace('{operation}', $this->operation, $response);
258 
259  header('Content-type: application/xml');
260  echo $response;
261  }
262 
266  protected function respondUnknown(): void
267  {
268  $response = $this->loadResponse('unknown.xml');
269  $response = str_replace('{message_id}', md5((string) rand(0, 999_999_999)), $response);
270  $response = str_replace('{message_ref_id}', $this->message_ref_id, $response);
271  $response = str_replace('{operation}', $this->operation, $response);
272 
273  header('Content-type: application/xml');
274  echo $response;
275  }
276 
280  protected function respondBadRequest(?string $message = null): void
281  {
282  header('HTTP/1.1 400 Bad Request');
283  header('Content-type: text/plain');
284  if (isset($message)) {
285  echo $message;
286  } else {
287  echo 'This is not a well-formed LTI Basic Outcomes Service request.';
288  }
289  }
290 
295  protected function respondUnauthorized(?string $message = null): void
296  {
297  header('HTTP/1.1 401 Unauthorized');
298  header('Content-type: text/plain');
299  if (isset($message)) {
300  echo $message;
301  } else {
302  echo 'This request could not be authorized.';
303  }
304  }
305 
309  public function readProperties(int $a_obj_id): void
310  {
311  global $DIC;
312 
313  $query = "
314  SELECT lti_ext_provider.availability, lti_consumer_settings.mastery_score
315  FROM lti_ext_provider, lti_consumer_settings
316  WHERE lti_ext_provider.id = lti_consumer_settings.provider_id
317  AND lti_consumer_settings.obj_id = %s
318  ";
319 
320  $res = $DIC->database()->queryF($query, array('integer'), array($a_obj_id));
321 
322  if ($row = $DIC->database()->fetchAssoc($res)) {
323  //$this->properties = $row;
324  $this->setAvailability((int) $row['availability']);
325  $this->setMasteryScore((float) $row['mastery_score']);
326  }
327  }
328 
332  private function readFields(int $a_obj_id): void
333  {
334  global $DIC;
335 
336  $query = "
337  SELECT lti_ext_provider.provider_key, lti_ext_provider.provider_secret, lti_consumer_settings.launch_key, lti_consumer_settings.launch_secret
338  FROM lti_ext_provider, lti_consumer_settings
339  WHERE lti_ext_provider.id = lti_consumer_settings.provider_id
340  AND lti_consumer_settings.obj_id = %s
341  ";
342 
343  $res = $DIC->database()->queryF($query, array('integer'), array($a_obj_id));
344 
345  while ($row = $DIC->database()->fetchAssoc($res)) {
346  if (strlen($row["launch_key"]) > 0) {
347  $this->fields["KEY"] = $row["launch_key"];
348  } else {
349  $this->fields["KEY"] = $row["provider_key"];
350  }
351  if (strlen($row["launch_key"]) > 0) {
352  $this->fields["SECRET"] = $row["launch_secret"];
353  } else {
354  $this->fields["SECRET"] = $row["provider_secret"];
355  }
356  }
357  }
358 
363  private function checkSignature(string $a_key, string $a_secret)
364  {
365  $store = new TrivialOAuthDataStore();
366  $store->add_consumer($a_key, $a_secret);
367 
368  $server = new \ILIAS\LTIOAuth\OAuthServer($store);
369  $method = new \ILIAS\LTIOAuth\OAuthSignatureMethod_HMAC_SHA1();
370  $server->add_signature_method($method);
371 
372  $request = \ILIAS\LTIOAuth\OAuthRequest::from_request();
373  try {
374  $server->verify_request($request);
375  } catch (Exception $e) {
376  return $e;
377  }
378  return true;
379  }
380 
381  protected function updateLP(): void
382  {
383  if (!($this->result instanceof ilLTIConsumerResult)) {
384  return;
385  }
386 
387  ilLPStatusWrapper::_updateStatus($this->result->getObjId(), $this->result->getUsrId());
388  }
389 }
ilLPStatus\LP_STATUS_COMPLETED_NUM
const LP_STATUS_COMPLETED_NUM
Definition: class.ilLPStatus.php:44
ilLTIConsumerResultService\readFields
readFields(int $a_obj_id)
Read the LTI Consumer object fields.
Definition: class.ilLTIConsumerResultService.php:332
ilLTIConsumerResultService\respondUnknown
respondUnknown()
Send a "unknown operation" response.
Definition: class.ilLTIConsumerResultService.php:266
$res
$res
Definition: ltiservices.php:66
ilLTIConsumerResultService\respondBadRequest
respondBadRequest(?string $message=null)
Send a "bad request" response.
Definition: class.ilLTIConsumerResultService.php:280
ilLTIConsumerResultService\checkSignature
checkSignature(string $a_key, string $a_secret)
Check the reqest signature.
Definition: class.ilLTIConsumerResultService.php:363
ilCmiXapiAuthToken\getInstanceByToken
static getInstanceByToken(string $token)
Definition: class.ilCmiXapiAuthToken.php:291
ilLTIConsumerResultService\deleteResult
deleteResult(\SimpleXMLElement $request)
Delete a stored result.
Definition: class.ilLTIConsumerResultService.php:213
if
if(!file_exists('../ilias.ini.php'))
Definition: sessioncheck.php:23
ilLPStatus\LP_STATUS_IN_PROGRESS_NUM
const LP_STATUS_IN_PROGRESS_NUM
Definition: class.ilLPStatus.php:43
$response
$response
Definition: xapitoken.php:93
ilLTIConsumerResultService\respondUnauthorized
respondUnauthorized(?string $message=null)
Send an "unauthorized" response.
Definition: class.ilLTIConsumerResultService.php:295
ilLTIConsumerResultService\readProperties
readProperties(int $a_obj_id)
Read the LTI Consumer object properties.
Definition: class.ilLTIConsumerResultService.php:309
ilLTIConsumerResult\save
save()
Save a result object.
Definition: class.ilLTIConsumerResult.php:115
null
while($session_entry=$r->fetchRow(ilDBConstants::FETCHMODE_ASSOC)) return null
Definition: shib_logout.php:142
$token
$token
Definition: xapitoken.php:70
ilLTIConsumerResultService\handleRequest
handleRequest()
Handle an incoming request from the LTI tool provider.
Definition: class.ilLTIConsumerResultService.php:91
ilLTIConsumerResultService\respondUnsupported
respondUnsupported()
Send a response that the operation is not supported This depends on the status of the object...
Definition: class.ilLTIConsumerResultService.php:252
$DIC
global $DIC
Definition: shib_login.php:22
ilLTIConsumerResult\getByKeys
static getByKeys(int $a_obj_id, int $a_usr_id, ?bool $a_create=false)
Get a result by object and user key.
Definition: class.ilLTIConsumerResult.php:75
ilLTIConsumerResultService\loadResponse
loadResponse($a_name)
Load the XML template for the response.
Definition: class.ilLTIConsumerResultService.php:242
TrivialOAuthDataStore
A Trivial memory-based store - no support for tokens.
Definition: TrivialOAuthDataStore.php:24
ilLPStatus\writeStatus
static writeStatus(int $a_obj_id, int $a_user_id, int $a_status, int $a_percentage=0, bool $a_force_per=false, ?int &$a_old_status=self::LP_STATUS_NOT_ATTEMPTED_NUM)
Write status for user and object.
Definition: class.ilLPStatus.php:436
$message
$message
Definition: xapiexit.php:31
$server
$server
Definition: shib_login.php:24
ILIAS\UI\examples\Symbol\Glyph\Header\header
header()
expected output: > ILIAS shows the rendered Component.
Definition: header.php:29
ilLTIConsumerResultService\replaceResult
replaceResult(\SimpleXMLElement $request)
Replace a stored result.
Definition: class.ilLTIConsumerResultService.php:168
ilLPStatusWrapper\_updateStatus
static _updateStatus(int $a_obj_id, int $a_usr_id, ?object $a_obj=null, bool $a_percentage=false, bool $a_force_raise=false)
Definition: class.ilLPStatusWrapper.php:296
ilLTIConsumerResultService\readResult
readResult(\SimpleXMLElement $request)
Read a stored result.
Definition: class.ilLTIConsumerResultService.php:153