mirror_php/moodle
1
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-01-17 21:49:15 +01:00
Code Issues Projects Releases Wiki Activity

MDL-81409 enrol_lti: fixes to dynamic registration to support Blackboard

Browse Source 
The following fixes resolve issues when used with Blackboard Learn:
- Set registration request Content-Type header to application/json
- Make registration_token optional, per the spec:
https://www.imsglobal.org/node/200666#step-1-registration-initiation-request
- Conditionally create the deployment since it's optional in
lti-tool-configuration:
https://www.imsglobal.org/node/200666#lti-configuration-0
- Remove empty custom_parameters property, since that's optional too:
https://www.imsglobal.org/node/200666#lti-configuration-0
- Remove overly-strict validation on registration_token. This was
validating the param as a JWT, but since the spec has stabilised, this
is not always the case. It's a Bearer token that's opaque to the tool
(i.e. it's just passed back unmodified), so while it could be validated
against RFC6750, it's simplest to just remove the validation entirely.
- change targetOrigin of the postMessage to '*' as per the spec:
https://www.imsglobal.org/node/200666#step-4-registration-completed-and-activation
This commit is contained in:
Jake Dallimore 2024-04-03 14:04:52 +08:00
parent c895def59b
commit 334ec98980
No known key found for this signature in database
1 changed files with 14 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
enrol/lti/register.php
View File

@ -52,11 +52,8 @@ $PAGE->set_pagelayout('popup');
// URL to the platform's OpenID configuration.
$openidconfigurl = required_param('openid_configuration', PARAM_URL);
// Token generated by the platform, which must be sent back in registration request.
$regtoken = required_param('registration_token', PARAM_RAW);
if (!preg_match('/[a-zA-Z0-9-_.]+/', $regtoken)) { // 0 on no match, FALSE on error.
throw new coding_exception('Invalid registration_token.');
}
// Token generated by the platform, which must be sent back in registration request. This is opaque to the tool.
$regtoken = optional_param('registration_token', null, PARAM_RAW);
// Moodle-specific token used to secure the dynamic registration URL.
$token = required_param('token', PARAM_ALPHANUM);
@ -122,7 +119,6 @@ $regrequest = (object) [
'https://purl.imsglobal.org/spec/lti-tool-configuration' => [
'domain' => $parsed['host'],
'target_link_uri' => $CFG->wwwroot . '/enrol/lti/launch.php',
'custom_parameters' => [],
'claims' => [
'iss',
'sub',
@ -157,7 +153,10 @@ $regrequest = (object) [
]
];
$curl->setHeader(['Authorization: Bearer ' . $regtoken]);
if (!is_null($regtoken)) {
$curl->setHeader(['Authorization: Bearer ' . $regtoken]);
}
$curl->setHeader('Content-Type: application/json');
$regrequest = json_encode($regrequest);
$regresponse = $curl->post($regendpoint, $regrequest);
$errno = $curl->get_errno();
@ -184,12 +183,16 @@ if ($regresponse) {
$draftreg->complete_registration();
$appreg = $appregrepo->save($draftreg);
$deployment = $appreg->add_tool_deployment($toolconfig->deployment_id, $toolconfig->deployment_id);
$deploymentrepo = new deployment_repository();
$deploymentrepo->save($deployment);
// Deployment id is optional.
// If this isn't provided by the platform at this time, it must be manually set in Site admin before launches can happen.
if (!empty($toolconfig->deployment_id)) {
$deployment = $appreg->add_tool_deployment($toolconfig->deployment_id, $toolconfig->deployment_id);
$deploymentrepo = new deployment_repository();
$deploymentrepo->save($deployment);
}
}
}
echo "<script>
(window.opener || window.parent).postMessage({subject: 'org.imsglobal.lti.close'}, '$openidconfig->issuer');
(window.opener || window.parent).postMessage({subject: 'org.imsglobal.lti.close'}, '*');
</script>";