ILIAS  trunk Revision v11.0_alpha-1689-g66c127b4ae8
All Data Structures Namespaces Files Functions Variables Enumerations Enumerator Modules Pages
class.ilLTIConsumerContentGUI.php
Go to the documentation of this file.
1 <?php
2 
19 declare(strict_types=1);
20 
30 class ilLTIConsumerContentGUI
31 {
32  public const CMD_LAUNCH = 'launch';
33  public const CMD_SHOW_EMBEDDED = 'showEmbedded';
34 
35  protected ilObjLTIConsumer $object;
36 
37  protected ilCmiXapiUser $cmixUser;
38 
39  private \ILIAS\DI\Container $dic;
40 
41  private ilLanguage $lng;
42 
43  private ilObjUser $user;
44 
45  public function __construct(ilObjLTIConsumer $object)
46  {
47  global $DIC;
48  $this->dic = $DIC;
49  $this->lng = $DIC->language();
50  $this->user = $DIC->user();
51  $this->object = $object;
52  }
53 
57  public function executeCommand(): void
58  {
59  global $DIC; /* @var \ILIAS\DI\Container $DIC */
60 
61  if ($this->object->getProvider()->getAvailability() == ilLTIConsumeProvider::AVAILABILITY_NONE) {
62  throw new ilLtiConsumerException('access denied!');
63  }
64  $command = $DIC->ctrl()->getCmd(self::CMD_LAUNCH);
65  $this->{$command}();
66  }
67 
72  protected function launch(): void
73  {
74  if ($this->object->getProvider()->getLtiVersion() == "LTI-1p0") {
75  if ($this->object->isLaunchMethodEmbedded()) {
76  $tpl = new ilTemplate('tpl.lti_content.html', true, true, 'components/ILIAS/LTIConsumer');
77  $tpl->setVariable("EMBEDDED_IFRAME_SRC", $this->dic->ctrl()->getLinkTarget(
78  $this,
79  self::CMD_SHOW_EMBEDDED
80  ));
81  $this->dic->ui()->mainTemplate()->setContent($tpl->get());
82  } else {
83  $this->dic->toolbar()->addText($this->getStartButtonTxt11());
84  }
85  } else {
86  if ($this->object->isLaunchMethodEmbedded() && (ilSession::get('lti13_login_data') == null)) {
87  $tpl = new ilTemplate('tpl.lti_content.html', true, true, 'components/ILIAS/LTIConsumer');
88  $tpl->setVariable("EMBEDDED_IFRAME_SRC", $this->dic->ctrl()->getLinkTarget(
89  $this,
90  self::CMD_SHOW_EMBEDDED
91  ));
92  $this->dic->ui()->mainTemplate()->setContent($tpl->get());
93  } else {
94  if (ilSession::get('lti13_login_data') != null) {
95  $form = $this->getLoginLTI13Form();
96  if ($form == null) {
97  // $this->dic->ui()->mainTemplate()->setOnScreenMessage('failure', 'initialLogin Error: ' . $err, true);
98  $this->dic->ui()->mainTemplate()->setOnScreenMessage('failure', 'initialLogin Error: ', true);
99  } else {
100  $response = $this->dic->http()->response()->withBody(ILIAS\Filesystem\Stream\Streams::ofString($form));
101  $this->dic->http()->saveResponse($response);
102  $this->dic->http()->sendResponse();
103  $this->dic->http()->close();
104  }
105  } else {
106  $this->dic->toolbar()->addText($this->getStartButtonTxt13());
107  }
108  }
109  }
110  }
111 
112  protected function getLoginLTI13Form(): ?string
113  {
114  $loginData = ilSession::get('lti13_login_data');
115  ilSession::clear('lti13_login_data');
116  $err = $this->validateLTI13InitalLogin($loginData);
117  if ($err !== null) {
118  return null;
119  } else {
120  $this->initCmixUser();
121  $params = $this->getLaunchParametersLTI13($loginData['redirect_uri'], $this->object->getProvider()->getClientId(), $this->object->getProvider()->getId(), $loginData['nonce']);
122  if (isset($loginData['state'])) {
123  $params['state'] = $loginData['state'];
124  }
125  ilSession::clear('lti_message_hint');
126  $r = '<form action="' . $loginData['redirect_uri'] . "\" name=\"ltiAuthForm\" id=\"ltiAuthForm\" " .
127  "method=\"post\" enctype=\"application/x-www-form-urlencoded\">\n";
128  if (!empty($params)) {
129  foreach ($params as $key => $value) {
130  $key = htmlspecialchars($key);
131  $value = htmlspecialchars($value);
132  $r .= " <input type=\"hidden\" name=\"{$key}\" value=\"{$value}\"/>\n";
133  }
134  }
135  $r .= "</form>\n";
136  $r .= "<script type=\"text/javascript\">\n" .
137  "//<![CDATA[\n" .
138  "document.ltiAuthForm.submit();\n" .
139  "//]]>\n" .
140  "</script>\n";
141  return $r;
142  }
143  return null;
144  }
145 
146  protected function getStartButtonTxt11(): string
147  {
148  if ($this->object->getOfflineStatus() ||
149  $this->object->isLaunchMethodEmbedded() ||
150  $this->object->getProvider()->getAvailability() == ilLTIConsumeProvider::AVAILABILITY_NONE) {
151  return "";
152  }
153 
154  $cmixUser = new ilCmiXapiUser(
155  $this->object->getId(),
156  $this->user->getId(),
157  $this->object->getProvider()->getPrivacyIdent()
158  );
159  $user_ident = $cmixUser->getUsrIdent();
160  if ($user_ident == '' || $user_ident == null) {
161  $user_ident = ilCmiXapiUser::getIdent($this->object->getProvider()->getPrivacyIdent(), $this->dic->user());
162  $cmixUser->setUsrIdent($user_ident);
163  $cmixUser->save();
164  }
165  $ilLTIConsumerLaunch = new ilLTIConsumerLaunch($this->object->getRefId());
166  $context = $ilLTIConsumerLaunch->getContext();
167  $contextType = $ilLTIConsumerLaunch::getLTIContextType($context["type"]);
168  $contextId = $context["id"];
169  $contextTitle = $context["title"];
170 
171  $token = ilCmiXapiAuthToken::fillToken(
172  $this->dic->user()->getId(),
173  $this->object->getRefId(),
174  $this->object->getId()
175  );
176 
177  $returnUrl = !$this->object->isLaunchMethodOwnWin() ? '' : str_replace(
178  '&amp;',
179  '&',
180  ilObjLTIConsumer::getIliasHttpPath() . "/" . $this->dic->ctrl()->getLinkTarget($this, "", "", false)
181  );
182 
183  $launchParameters = $this->object->buildLaunchParameters(
184  $cmixUser,
185  $token,
186  $contextType,
187  $contextId,
188  $contextTitle,
189  $returnUrl
190  );
191 
192  $target = $this->object->getLaunchMethod() == "newWin" ? "_blank" : "_self";
193  $button = '<input class="btn btn-default ilPre" type="button" onClick="ltilaunch()" value = "' . $this->lng->txt("show_content") . '" />';
194  $output = '<form id="lti_launch_form" name="lti_launch_form" action="' . $this->object->getProvider()->getProviderUrl() . '" method="post" target="' . $target . '" encType="application/x-www-form-urlencoded">';
195  foreach ($launchParameters as $field => $value) {
196  $output .= sprintf('<input type="hidden" name="%s" value="%s" />', $field, $value) . "\n";
197  }
198  $output .= $button;
199  $output .= '</form>';
200  $output .= '<span id ="lti_launched" style="display:none">' . $this->lng->txt("launched") . '</span>';
201  $output .= '<script type="text/javascript">
202  function ltilaunch() {
203  document.lti_launch_form.submit();
204  document.getElementById("lti_launch_form").style.display = "none";
205  document.getElementById("lti_launched").style.display = "inline";
206  }</script>';
207  return($output);
208  }
209 
210  protected function getStartButtonTxt13(): string
211  {
212  if ($this->object->getOfflineStatus() ||
213  $this->object->isLaunchMethodEmbedded() ||
214  $this->object->getProvider()->getAvailability() == ilLTIConsumeProvider::AVAILABILITY_NONE) {
215  return "";
216  }
217  $this->initCmixUser();
218  $user_ident = $this->cmixUser->getUsrIdent();
219  $ilLTIConsumerLaunch = new ilLTIConsumerLaunch($this->object->getRefId());
220  $context = $ilLTIConsumerLaunch->getContext();
221  $contextType = $ilLTIConsumerLaunch::getLTIContextType($context["type"]);
222  $contextId = $context["id"];
223  $contextTitle = $context["title"];
224 
225  $token = ilCmiXapiAuthToken::fillToken(
226  $this->dic->user()->getId(),
227  $this->object->getRefId(),
228  $this->object->getId()
229  );
230 
231  $returnUrl = !$this->object->isLaunchMethodOwnWin() ? '' : str_replace(
232  '&amp;',
233  '&',
234  ilObjLTIConsumer::getIliasHttpPath() . "/" . $this->dic->ctrl()->getLinkTarget($this, "", "", false)
235  );
236 
237  $target = $this->object->getLaunchMethod() == "newWin" ? "_blank" : "_self";
238  $button = '<input class="btn btn-default ilPre" type="button" onClick="ltilaunch()" value = "' . $this->lng->txt("show_content") . '" />';
239  $ltiMessageHint = (string) $this->object->getRefId() . ":" . CLIENT_ID;
240  ilSession::set('lti_message_hint', $ltiMessageHint);
241  $output = '<form id="lti_launch_form" name="lti_launch_form" action="' . $this->object->getProvider()->getInitiateLogin() . '" method="post" target="' . $target . '" encType="application/x-www-form-urlencoded">';
242  $output .= sprintf('<input type="hidden" name="%s" value="%s" />', 'iss', ilObjLTIConsumer::getIliasHttpPath()) . "\n";
243  $output .= sprintf('<input type="hidden" name="%s" value="%s" />', 'target_link_uri', $this->object->getProvider()->getProviderUrl()) . "\n";
244  $output .= sprintf('<input type="hidden" name="%s" value="%s" />', 'login_hint', $user_ident) . "\n";
245  $output .= sprintf('<input type="hidden" name="%s" value="%s" />', 'lti_message_hint', $ltiMessageHint) . "\n";
246  $output .= sprintf('<input type="hidden" name="%s" value="%s" />', 'client_id', $this->object->getProvider()->getClientId()) . "\n";
247  $output .= sprintf('<input type="hidden" name="%s" value="%s" />', 'lti_deployment_id', $this->object->getProvider()->getId()) . "\n";
248  $output .= $button;
249  $output .= '</form>';
250  $output .= '<span id ="lti_launched" style="display:none">' . $this->lng->txt("launched") . '</span>';
251  $output .= '<script type="text/javascript">
252  function ltilaunch() {
253  document.lti_launch_form.submit();
254  document.getElementById("lti_launch_form").style.display = "none";
255  document.getElementById("lti_launched").style.display = "inline";
256  }</script>';
257  return($output);
258  }
259 
260  // TODO: merge with getStartButtonTxt13 (paramter)
261  protected function getEmbeddedAutoStartFormular(): string
262  {
263  $this->initCmixUser();
264  $user_ident = $this->cmixUser->getUsrIdent();
265  $ilLTIConsumerLaunch = new ilLTIConsumerLaunch($this->object->getRefId());
266  $context = $ilLTIConsumerLaunch->getContext();
267  $contextType = $ilLTIConsumerLaunch::getLTIContextType($context["type"]);
268  $contextId = $context["id"];
269  $contextTitle = $context["title"];
270 
271  $target = "_self";
272  $output = '';
273  $ltiMessageHint = (string) $this->object->getRefId() . ":" . CLIENT_ID;
274  ilSession::set('lti_message_hint', $ltiMessageHint);
275  $output = '<form id="lti_launch_form" name="lti_launch_form" action="' . $this->object->getProvider()->getInitiateLogin() . '" method="post" target="' . $target . '" encType="application/x-www-form-urlencoded">';
276  $output .= sprintf('<input type="hidden" name="%s" value="%s" />', 'iss', ilObjLTIConsumer::getIliasHttpPath()) . "\n";
277  $output .= sprintf('<input type="hidden" name="%s" value="%s" />', 'target_link_uri', $this->object->getProvider()->getProviderUrl()) . "\n";
278  $output .= sprintf('<input type="hidden" name="%s" value="%s" />', 'login_hint', $user_ident) . "\n";
279  $output .= sprintf('<input type="hidden" name="%s" value="%s" />', 'lti_message_hint', $ltiMessageHint) . "\n";
280  $output .= sprintf('<input type="hidden" name="%s" value="%s" />', 'client_id', $this->object->getProvider()->getClientId()) . "\n";
281  $output .= sprintf('<input type="hidden" name="%s" value="%s" />', 'lti_deployment_id', $this->object->getProvider()->getId()) . "\n";
282  $output .= '</form>';
283 
284  $output .= "<script type=\"text/javascript\">\n" .
285  "//<![CDATA[\n" .
286  "document.lti_launch_form.submit();\n" .
287  "//]]>\n" .
288  "</script>\n";
289 
290  return($output);
291  }
292 
293 
297  protected function showEmbedded(): void
298  {
299  if ($this->object->getProvider()->getLtiVersion() == "LTI-1p0") {
300  $this->initCmixUser();
301  $tpl = new ilTemplate('tpl.lti_embedded.html', true, true, 'components/ILIAS/LTIConsumer');
302  foreach ($this->getLaunchParameters() as $field => $value) {
303  $tpl->setCurrentBlock('launch_parameter');
304  $tpl->setVariable('LAUNCH_PARAMETER', $field);
305  $tpl->setVariable('LAUNCH_PARAM_VALUE', $value);
306  $tpl->parseCurrentBlock();
307  }
308 
309  $v = DEVMODE ? '?vers=' . time() : '?vers=' . ILIAS_VERSION_NUMERIC;
310  $tpl->setVariable("DELOS_CSS_HREF", 'templates/default/delos.css' . $v);
311  $tpl->setVariable("JQUERY_SRC", 'public/node_modules/jquery/dist/jquery.js' . $v);
312 
313  $tpl->setVariable("LOADER_ICON_SRC", ilUtil::getImagePath("media/loader.svg"));
314  $tpl->setVariable('LAUNCH_URL', $this->object->getProvider()->getProviderUrl());
315 
316  #$DIC->ui()->mainTemplate()->getStandardTemplate();
317  #$DIC->ui()->mainTemplate()->setContent($tpl->get());
318 
319  echo $tpl->get();
320  exit; //TODO: no exit
321  } else {
322  $response = $this->dic->http()->response()->withBody(ILIAS\Filesystem\Stream\Streams::ofString($this->getEmbeddedAutoStartFormular()));
323  $this->dic->http()->saveResponse($response);
324  $this->dic->http()->sendResponse();
325  $this->dic->http()->close();
326  }
327  }
328 
329  protected function getLaunchParameters(): array
330  {
331  $ilLTIConsumerLaunch = new ilLTIConsumerLaunch($this->object->getRefId());
332  $launchContext = $ilLTIConsumerLaunch->getContext();
333 
334  $launchContextType = ilLTIConsumerLaunch::getLTIContextType($launchContext["type"]);
335  $launchContextId = $launchContext["id"];
336  $launchContextTitle = $launchContext["title"];
337 
338  $token = ilCmiXapiAuthToken::fillToken(
339  $this->dic->user()->getId(),
340  $this->object->getRefId(),
341  $this->object->getId()
342  );
343 
344  return $this->object->buildLaunchParameters(
345  $this->cmixUser,
346  $token,
347  $launchContextType,
348  $launchContextId,
349  $launchContextTitle
350  );
351  }
352 
353  protected function getLaunchParametersLTI13(string $endpoint, string $clientId, int $deploymentId, string $nonce): ?array
354  {
355  $ilLTIConsumerLaunch = new ilLTIConsumerLaunch($this->object->getRefId());
356  $launchContext = $ilLTIConsumerLaunch->getContext();
357 
358  $launchContextType = ilLTIConsumerLaunch::getLTIContextType($launchContext["type"]);
359  $launchContextId = $launchContext["id"];
360  $launchContextTitle = $launchContext["title"];
361 
362  $cmixUser = $this->cmixUser;
363  return $this->object->buildLaunchParametersLTI13(
364  $cmixUser,
365  $endpoint,
366  $clientId,
367  $deploymentId,
368  $nonce,
369  $launchContextType,
370  $launchContextId,
371  $launchContextTitle
372  );
373  }
374 
375  public static function isEmbeddedLaunchRequest(): bool
376  {
377  global $DIC; /* @var \ILIAS\DI\Container $DIC */
378 
379  if ($DIC->ctrl()->getNextClass() != strtolower(self::class)) {
380  return false;
381  }
382 
383  if ($DIC->ctrl()->getCmd() != self::CMD_SHOW_EMBEDDED) {
384  return false;
385  }
386 
387  return true;
388  }
389 
390  protected function initCmixUser(): void
391  {
392  $this->cmixUser = new ilCmiXapiUser($this->object->getId(), $this->dic->user()->getId(), $this->object->getProvider()->getPrivacyIdent());
393  $user_ident = $this->cmixUser->getUsrIdent();
394  if ($user_ident == '' || $user_ident == null) {
395  $user_ident = ilCmiXapiUser::getIdent($this->object->getProvider()->getPrivacyIdent(), $this->dic->user());
396  $this->cmixUser->setUsrIdent($user_ident);
397  $this->cmixUser->save();
398  }
399  }
400 
401  private function validateLTI13InitalLogin(array $loginData): ?string
402  {
403  $scope = $loginData['scope'];
404  $responsetype = $loginData['response_type'];
405  $clientid = $loginData['client_id'];
406  $redirecturi = $loginData['redirect_uri'];
407  $loginhint = $loginData['login_hint'];
408  $ltimessagehint = $loginData['lti_message_hint'];
409  $state = $loginData['state'];
410  $responsemode = $loginData['response_mode'];
411  $nonce = $loginData['nonce'];
412  $prompt = $loginData['prompt'];
413 
414  $ok = !empty($scope) && !empty($responsetype) && !empty($clientid) &&
415  !empty($redirecturi) && !empty($loginhint) &&
416  !empty($nonce) && (ilSession::get('lti_message_hint') != null);
417 
418  if (!$ok) {
419  $error = 'invalid_request';
420  }
421  if ($ok && ($scope !== 'openid')) {
422  $ok = false;
423  $error = 'invalid_scope';
424  }
425  if ($ok && ($responsetype !== 'id_token')) {
426  $ok = false;
427  $error = 'unsupported_response_type';
428  }
429  if ($ok) {
430  list($ref_id, $ilias_client_id) = explode(':', ilSession::get('lti_message_hint'), 2);
431  if ((int) $this->object->getRefId() !== (int) $ref_id) {
432  $ok = false;
433  $error = 'invalid_request';
434  }
435  if ($this->object->getProvider()->getClientId() !== $clientid) {
436  $ok = false;
437  $error = 'unauthorized_client';
438  }
439  }
440 
441  if ($ok) {
442  $cmixUser = new ilCmiXapiUser(
443  $this->object->getId(),
444  $this->user->getId(),
445  $this->object->getProvider()->getPrivacyIdent()
446  );
447  $user_ident = $cmixUser->getUsrIdent();
448  // required?
449  if ($user_ident == '' || $user_ident == null) {
450  $user_ident = ilCmiXapiUser::getIdent($this->object->getProvider()->getPrivacyIdent(), $this->dic->user());
451  $cmixUser->setUsrIdent($user_ident);
452  $cmixUser->save();
453  }
454 
455  if ((string) $loginhint !== $user_ident) {
456  $ok = false;
457  $error = 'access_denied';
458  }
459  }
460  $uris = array_map("trim", explode(",", $this->object->getProvider()->getRedirectionUris()));
461  if (!in_array($redirecturi, $uris)) {
462  $ok = false;
463  $error = 'invalid_request';
464  }
465 
466  if ($ok) {
467  if (isset($responsemode)) {
468  $ok = ($responsemode === 'form_post');
469  if (!$ok) {
470  $error = 'invalid_request';
471  $desc = 'Invalid response_mode';
472  }
473  } else {
474  $ok = false;
475  $error = 'invalid_request';
476  $desc = 'Missing response_mode';
477  }
478  }
479  if ($ok && !empty($prompt) && ($prompt !== 'none')) {
480  $ok = false;
481  $error = 'invalid_request';
482  $desc = 'Invalid prompt';
483  }
484  if ($ok) {
485  return null;
486  } else {
487  return $error;
488  }
489  }
490 
491  // TODO: request_wrapper?
492 
498  protected function getRequestValue(string $key, $default = null)
499  {
500  global $DIC;
501  if (isset($DIC->http()->request()->getQueryParams()[$key])) {
502  return $DIC->http()->request()->getQueryParams()[$key];
503  }
504 
505  if (isset($DIC->http()->request()->getParsedBody()[$key])) {
506  return $DIC->http()->request()->getParsedBody()[$key];
507  }
508 
509  return $default ?? null;
510  }
511 }
ilSession\get
static get(string $a_var)
Definition: class.ilSession.php:401
$scope
$scope
Definition: ltiregstart.php:47
$context
$context
Definition: webdav.php:31
ilLTIConsumerContentGUI\getRequestValue
getRequestValue(string $key, $default=null)
Definition: class.ilLTIConsumerContentGUI.php:498
$params
if(! $DIC->user() ->getId()||!ilLTIConsumerAccess::hasCustomProviderCreationAccess()) $params
Definition: ltiregstart.php:31
ILIAS
Interface Observer Contains several chained tasks and infos about them.
Definition: AccessControl.php:21
array_map
ilLTIConsumerContentGUI\getLaunchParametersLTI13
getLaunchParametersLTI13(string $endpoint, string $clientId, int $deploymentId, string $nonce)
Definition: class.ilLTIConsumerContentGUI.php:353
$clientId
$clientId
Definition: ltiregend.php:25
$response
$response
Definition: xapitoken.php:93
ilLTIConsumerLaunch\getContext
getContext(?array $a_valid_types=array('crs', 'grp', 'cat', 'root'))
get info about the context in which the link is used The most outer matching course or group is used ...
Definition: class.ilLTIConsumerLaunch.php:52
ilCmiXapiAuthToken\fillToken
static fillToken(int $usrId, int $refId, int $objId, int $lrsTypeId=0)
Definition: class.ilCmiXapiAuthToken.php:254
ilCmiXapiUser\getIdent
static getIdent(int $userIdentMode, ilObjUser $user)
Definition: class.ilCmiXapiUser.php:269
null
while($session_entry=$r->fetchRow(ilDBConstants::FETCHMODE_ASSOC)) return null
Definition: shib_logout.php:142
ILIAS_VERSION_NUMERIC
const ILIAS_VERSION_NUMERIC
Definition: ilias_version.php:30
$ref_id
$ref_id
Definition: ltiauth.php:65
$token
$token
Definition: xapitoken.php:70
CLIENT_ID
const CLIENT_ID
Definition: constants.php:41
ilCmiXapiUser\setUsrIdent
setUsrIdent(string $usrIdent)
Definition: class.ilCmiXapiUser.php:106
$DIC
global $DIC
Definition: shib_login.php:22
ilLTIConsumerContentGUI\__construct
__construct(ilObjLTIConsumer $object)
Definition: class.ilLTIConsumerContentGUI.php:45
ilUtil\getImagePath
static getImagePath(string $image_name, string $module_path="", string $mode="output", bool $offline=false)
get image path (for images located in a template directory)
Definition: class.ilUtil.php:66
$ltiMessageHint
$ltiMessageHint
Definition: ltiauth.php:49
ilLTIConsumerLaunch\getLTIContextType
static getLTIContextType(string $a_type)
Definition: class.ilLTIConsumerLaunch.php:83
exit
exit
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: zoneinfo_generator.php:19
ilSession\clear
static clear(string $a_var)
Definition: class.ilSession.php:414
ilSession\set
static set(string $a_var, $a_val)
Set a value.
Definition: class.ilSession.php:393
$r
$r
Definition: shib_logout.php:140