MDL-38419: External tool - when force SSL checked, URLs get corrupted
[moodle.git] / mod / lti / locallib.php
CommitLineData
b9b2e7bb 1<?php
61eb12d4
CS
2// This file is part of Moodle - http://moodle.org/
3//
4// Moodle is free software: you can redistribute it and/or modify
5// it under the terms of the GNU General Public License as published by
6// the Free Software Foundation, either version 3 of the License, or
7// (at your option) any later version.
8//
9// Moodle is distributed in the hope that it will be useful,
10// but WITHOUT ANY WARRANTY; without even the implied warranty of
11// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12// GNU General Public License for more details.
13//
14// You should have received a copy of the GNU General Public License
15// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
16//
b9b2e7bb
CS
17// This file is part of BasicLTI4Moodle
18//
19// BasicLTI4Moodle is an IMS BasicLTI (Basic Learning Tools for Interoperability)
20// consumer for Moodle 1.9 and Moodle 2.0. BasicLTI is a IMS Standard that allows web
21// based learning tools to be easily integrated in LMS as native ones. The IMS BasicLTI
22// specification is part of the IMS standard Common Cartridge 1.1 Sakai and other main LMS
23// are already supporting or going to support BasicLTI. This project Implements the consumer
24// for Moodle. Moodle is a Free Open source Learning Management System by Martin Dougiamas.
25// BasicLTI4Moodle is a project iniciated and leaded by Ludo(Marc Alier) and Jordi Piguillem
26// at the GESSI research group at UPC.
27// SimpleLTI consumer for Moodle is an implementation of the early specification of LTI
28// by Charles Severance (Dr Chuck) htp://dr-chuck.com , developed by Jordi Piguillem in a
29// Google Summer of Code 2008 project co-mentored by Charles Severance and Marc Alier.
30//
31// BasicLTI4Moodle is copyright 2009 by Marc Alier Forment, Jordi Piguillem and Nikolas Galanis
32// of the Universitat Politecnica de Catalunya http://www.upc.edu
33// Contact info: Marc Alier Forment granludo @ gmail.com or marc.alier @ upc.edu
b9b2e7bb
CS
34
35/**
61eb12d4 36 * This file contains the library of functions and constants for the lti module
b9b2e7bb 37 *
61eb12d4
CS
38 * @package mod
39 * @subpackage lti
40 * @copyright 2009 Marc Alier, Jordi Piguillem, Nikolas Galanis
b9b2e7bb 41 * marc.alier@upc.edu
61eb12d4
CS
42 * @copyright 2009 Universitat Politecnica de Catalunya http://www.upc.edu
43 * @author Marc Alier
44 * @author Jordi Piguillem
45 * @author Nikolas Galanis
8f45215d 46 * @author Chris Scribner
61eb12d4 47 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
b9b2e7bb
CS
48 */
49
50defined('MOODLE_INTERNAL') || die;
51
fabd4fcf 52// TODO: Switch to core oauthlib once implemented - MDL-30149
795dff01
CS
53use moodle\mod\lti as lti;
54
b9b2e7bb
CS
55require_once($CFG->dirroot.'/mod/lti/OAuth.php');
56
57define('LTI_URL_DOMAIN_REGEX', '/(?:https?:\/\/)?(?:www\.)?([^\/]+)(?:\/|$)/i');
58
59define('LTI_LAUNCH_CONTAINER_DEFAULT', 1);
60define('LTI_LAUNCH_CONTAINER_EMBED', 2);
61define('LTI_LAUNCH_CONTAINER_EMBED_NO_BLOCKS', 3);
62define('LTI_LAUNCH_CONTAINER_WINDOW', 4);
cca9d3f7 63define('LTI_LAUNCH_CONTAINER_REPLACE_MOODLE_WINDOW', 5);
b9b2e7bb
CS
64
65define('LTI_TOOL_STATE_ANY', 0);
66define('LTI_TOOL_STATE_CONFIGURED', 1);
67define('LTI_TOOL_STATE_PENDING', 2);
68define('LTI_TOOL_STATE_REJECTED', 3);
69
70define('LTI_SETTING_NEVER', 0);
71define('LTI_SETTING_ALWAYS', 1);
5e078d62 72define('LTI_SETTING_DELEGATE', 2);
b9b2e7bb
CS
73
74/**
75 * Prints a Basic LTI activity
76 *
77 * $param int $basicltiid Basic LTI activity id
78 */
67ddf847 79function lti_view($instance) {
b9b2e7bb
CS
80 global $PAGE, $CFG;
81
ea04a9f9 82 if (empty($instance->typeid)) {
606ab1a1 83 $tool = lti_get_tool_by_url_match($instance->toolurl, $instance->course);
ea04a9f9 84 if ($tool) {
b9b2e7bb
CS
85 $typeid = $tool->id;
86 } else {
87 $typeid = null;
88 }
89 } else {
90 $typeid = $instance->typeid;
91 }
e27cb316 92
ea04a9f9 93 if ($typeid) {
b9b2e7bb
CS
94 $typeconfig = lti_get_type_config($typeid);
95 } else {
96 //There is no admin configuration for this tool. Use configuration in the lti instance record plus some defaults.
97 $typeconfig = (array)$instance;
e27cb316 98
b9b2e7bb
CS
99 $typeconfig['sendname'] = $instance->instructorchoicesendname;
100 $typeconfig['sendemailaddr'] = $instance->instructorchoicesendemailaddr;
101 $typeconfig['customparameters'] = $instance->instructorcustomparameters;
f4f711d7
CS
102 $typeconfig['acceptgrades'] = $instance->instructorchoiceacceptgrades;
103 $typeconfig['allowroster'] = $instance->instructorchoiceallowroster;
d8d04121 104 $typeconfig['forcessl'] = '0';
b9b2e7bb 105 }
e27cb316 106
b9b2e7bb 107 //Default the organizationid if not specified
ea04a9f9 108 if (empty($typeconfig['organizationid'])) {
b9b2e7bb 109 $urlparts = parse_url($CFG->wwwroot);
e27cb316 110
b9b2e7bb
CS
111 $typeconfig['organizationid'] = $urlparts['host'];
112 }
e27cb316 113
ea04a9f9 114 if (!empty($instance->resourcekey)) {
3dd9ca24 115 $key = $instance->resourcekey;
ea04a9f9 116 } else if (!empty($typeconfig['resourcekey'])) {
3dd9ca24
CS
117 $key = $typeconfig['resourcekey'];
118 } else {
119 $key = '';
120 }
121
ea04a9f9 122 if (!empty($instance->password)) {
3dd9ca24 123 $secret = $instance->password;
ea04a9f9 124 } else if (!empty($typeconfig['password'])) {
3dd9ca24
CS
125 $secret = $typeconfig['password'];
126 } else {
127 $secret = '';
128 }
e27cb316 129
b9b2e7bb 130 $endpoint = !empty($instance->toolurl) ? $instance->toolurl : $typeconfig['toolurl'];
d8d04121 131 $endpoint = trim($endpoint);
e27cb316 132
d8d04121 133 //If the current request is using SSL and a secure tool URL is specified, use it
ea04a9f9 134 if (lti_request_is_using_ssl() && !empty($instance->securetoolurl)) {
d8d04121
CS
135 $endpoint = trim($instance->securetoolurl);
136 }
e27cb316 137
d8d04121 138 //If SSL is forced, use the secure tool url if specified. Otherwise, make sure https is on the normal launch URL.
ea04a9f9
EL
139 if ($typeconfig['forcessl'] == '1') {
140 if (!empty($instance->securetoolurl)) {
d8d04121
CS
141 $endpoint = trim($instance->securetoolurl);
142 }
e27cb316 143
d8d04121
CS
144 $endpoint = lti_ensure_url_is_https($endpoint);
145 } else {
ea04a9f9 146 if (!strstr($endpoint, '://')) {
d8d04121
CS
147 $endpoint = 'http://' . $endpoint;
148 }
f17f4959 149 }
e27cb316 150
d8d04121
CS
151 $orgid = $typeconfig['organizationid'];
152
b9b2e7bb
CS
153 $course = $PAGE->course;
154 $requestparams = lti_build_request($instance, $typeconfig, $course);
155
3dd9ca24 156 $launchcontainer = lti_get_launch_container($instance, $typeconfig);
c4d80efe 157 $returnurlparams = array('course' => $course->id, 'launch_container' => $launchcontainer, 'instanceid' => $instance->id);
e27cb316 158
3dd9ca24
CS
159 if ( $orgid ) {
160 $requestparams["tool_consumer_instance_guid"] = $orgid;
161 }
e27cb316 162
ea04a9f9 163 if (empty($key) || empty($secret)) {
9d57ad17 164 $returnurlparams['unsigned'] = '1';
1706e83b 165 }
6d6bd5f1
EL
166
167 // Add the return URL. We send the launch container along to help us avoid frames-within-frames when the user returns.
1706e83b
CS
168 $url = new moodle_url('/mod/lti/return.php', $returnurlparams);
169 $returnurl = $url->out(false);
e27cb316 170
1706e83b
CS
171 if ($typeconfig['forcessl'] == '1') {
172 $returnurl = lti_ensure_url_is_https($returnurl);
9d57ad17 173 }
6d6bd5f1 174
1706e83b 175 $requestparams['launch_presentation_return_url'] = $returnurl;
e27cb316 176
ea04a9f9 177 if (!empty($key) && !empty($secret)) {
3dd9ca24
CS
178 $parms = lti_sign_parameters($requestparams, $endpoint, "POST", $key, $secret);
179 } else {
180 //If no key and secret, do the launch unsigned.
181 $parms = $requestparams;
3dd9ca24 182 }
e27cb316 183
b9b2e7bb 184 $debuglaunch = ( $instance->debuglaunch == 1 );
e27cb316 185
dbb0fec9 186 $content = lti_post_launch_html($parms, $endpoint, $debuglaunch);
e27cb316 187
b9b2e7bb
CS
188 echo $content;
189}
190
ea04a9f9 191function lti_build_sourcedid($instanceid, $userid, $launchid = null, $servicesalt) {
996b0fd9 192 $data = new stdClass();
e27cb316 193
996b0fd9
CS
194 $data->instanceid = $instanceid;
195 $data->userid = $userid;
ea04a9f9 196 if (!empty($launchid)) {
f4f711d7
CS
197 $data->launchid = $launchid;
198 } else {
199 $data->launchid = mt_rand();
200 }
996b0fd9
CS
201
202 $json = json_encode($data);
203
204 $hash = hash('sha256', $json . $servicesalt, false);
205
206 $container = new stdClass();
207 $container->data = $data;
208 $container->hash = $hash;
209
210 return $container;
211}
212
b9b2e7bb
CS
213/**
214 * This function builds the request that must be sent to the tool producer
215 *
216 * @param object $instance Basic LTI instance object
217 * @param object $typeconfig Basic LTI tool configuration
218 * @param object $course Course object
219 *
220 * @return array $request Request details
221 */
222function lti_build_request($instance, $typeconfig, $course) {
223 global $USER, $CFG;
224
ea04a9f9 225 if (empty($instance->cmid)) {
16cac566
CS
226 $instance->cmid = 0;
227 }
e27cb316 228
1d4f052e 229 $role = lti_get_ims_role($USER, $instance->cmid, $instance->course);
b9b2e7bb 230
b9b2e7bb 231 $requestparams = array(
34eb0501
CS
232 'resource_link_id' => $instance->id,
233 'resource_link_title' => $instance->name,
234 'resource_link_description' => $instance->intro,
235 'user_id' => $USER->id,
236 'roles' => $role,
237 'context_id' => $course->id,
238 'context_label' => $course->shortname,
239 'context_title' => $course->fullname,
2a457227 240 'launch_presentation_locale' => current_language()
b9b2e7bb
CS
241 );
242
b9b2e7bb 243 $placementsecret = $instance->servicesalt;
e27cb316 244
b9b2e7bb 245 if ( isset($placementsecret) ) {
f4f711d7 246 $sourcedid = json_encode(lti_build_sourcedid($instance->id, $USER->id, null, $placementsecret));
b9b2e7bb
CS
247 }
248
249 if ( isset($placementsecret) &&
5e078d62
CS
250 ( $typeconfig['acceptgrades'] == LTI_SETTING_ALWAYS ||
251 ( $typeconfig['acceptgrades'] == LTI_SETTING_DELEGATE && $instance->instructorchoiceacceptgrades == LTI_SETTING_ALWAYS ) ) ) {
34eb0501 252 $requestparams['lis_result_sourcedid'] = $sourcedid;
e27cb316 253
34eb0501
CS
254 //Add outcome service URL
255 $serviceurl = new moodle_url('/mod/lti/service.php');
256 $serviceurl = $serviceurl->out();
feeb5294 257
ea04a9f9 258 if ($typeconfig['forcessl'] == '1') {
d8d04121
CS
259 $serviceurl = lti_ensure_url_is_https($serviceurl);
260 }
feeb5294 261
34eb0501 262 $requestparams['lis_outcome_service_url'] = $serviceurl;
b9b2e7bb
CS
263 }
264
b9b2e7bb 265 // Send user's name and email data if appropriate
5e078d62
CS
266 if ( $typeconfig['sendname'] == LTI_SETTING_ALWAYS ||
267 ( $typeconfig['sendname'] == LTI_SETTING_DELEGATE && $instance->instructorchoicesendname == LTI_SETTING_ALWAYS ) ) {
34eb0501
CS
268 $requestparams['lis_person_name_given'] = $USER->firstname;
269 $requestparams['lis_person_name_family'] = $USER->lastname;
270 $requestparams['lis_person_name_full'] = $USER->firstname." ".$USER->lastname;
b9b2e7bb
CS
271 }
272
5e078d62
CS
273 if ( $typeconfig['sendemailaddr'] == LTI_SETTING_ALWAYS ||
274 ( $typeconfig['sendemailaddr'] == LTI_SETTING_DELEGATE && $instance->instructorchoicesendemailaddr == LTI_SETTING_ALWAYS ) ) {
34eb0501 275 $requestparams['lis_person_contact_email_primary'] = $USER->email;
b9b2e7bb
CS
276 }
277
278 // Concatenate the custom parameters from the administrator and the instructor
279 // Instructor parameters are only taken into consideration if the administrator
280 // has giver permission
281 $customstr = $typeconfig['customparameters'];
282 $instructorcustomstr = $instance->instructorcustomparameters;
283 $custom = array();
284 $instructorcustom = array();
285 if ($customstr) {
dbb0fec9 286 $custom = lti_split_custom_parameters($customstr);
b9b2e7bb 287 }
e91be4ff 288 if (isset($typeconfig['allowinstructorcustom']) && $typeconfig['allowinstructorcustom'] == LTI_SETTING_NEVER) {
b9b2e7bb
CS
289 $requestparams = array_merge($custom, $requestparams);
290 } else {
291 if ($instructorcustomstr) {
dbb0fec9 292 $instructorcustom = lti_split_custom_parameters($instructorcustomstr);
b9b2e7bb
CS
293 }
294 foreach ($instructorcustom as $key => $val) {
ea04a9f9
EL
295 // Ignore the instructor's parameter
296 if (!array_key_exists($key, $custom)) {
b9b2e7bb
CS
297 $custom[$key] = $val;
298 }
299 }
300 $requestparams = array_merge($custom, $requestparams);
301 }
302
3dd9ca24
CS
303 // Make sure we let the tool know what LMS they are being called from
304 $requestparams["ext_lms"] = "moodle-2";
34eb0501
CS
305 $requestparams['tool_consumer_info_product_family_code'] = 'moodle';
306 $requestparams['tool_consumer_info_version'] = strval($CFG->version);
3dd9ca24
CS
307
308 // Add oauth_callback to be compliant with the 1.0A spec
34eb0501 309 $requestparams['oauth_callback'] = 'about:blank';
3dd9ca24 310
558be8fc
CS
311 //The submit button needs to be part of the signature as it gets posted with the form.
312 //This needs to be here to support launching without javascript.
3dd9ca24 313 $submittext = get_string('press_to_submit', 'lti');
34eb0501 314 $requestparams['ext_submit'] = $submittext;
e27cb316 315
34eb0501
CS
316 $requestparams['lti_version'] = 'LTI-1p0';
317 $requestparams['lti_message_type'] = 'basic-lti-launch-request';
e27cb316 318
b9b2e7bb
CS
319 return $requestparams;
320}
321
ea04a9f9 322function lti_get_tool_table($tools, $id) {
99938034 323 global $CFG, $OUTPUT, $USER;
795dff01 324 $html = '';
e27cb316 325
795dff01
CS
326 $typename = get_string('typename', 'lti');
327 $baseurl = get_string('baseurl', 'lti');
328 $action = get_string('action', 'lti');
329 $createdon = get_string('createdon', 'lti');
e27cb316 330
ea04a9f9 331 if ($id == 'lti_configured') {
795dff01
CS
332 $html .= '<div><a style="margin-top:.25em" href="'.$CFG->wwwroot.'/mod/lti/typessettings.php?action=add&amp;sesskey='.$USER->sesskey.'">'.get_string('addtype', 'lti').'</a></div>';
333 }
e27cb316 334
795dff01 335 if (!empty($tools)) {
5de15b83
CS
336 $html .= "
337 <div id=\"{$id}_container\" style=\"margin-top:.5em;margin-bottom:.5em\">
338 <table id=\"{$id}_tools\">
795dff01
CS
339 <thead>
340 <tr>
341 <th>$typename</th>
342 <th>$baseurl</th>
343 <th>$createdon</th>
344 <th>$action</th>
345 </tr>
346 </thead>
5de15b83 347 ";
e27cb316 348
795dff01
CS
349 foreach ($tools as $type) {
350 $date = userdate($type->timecreated);
351 $accept = get_string('accept', 'lti');
352 $update = get_string('update', 'lti');
353 $delete = get_string('delete', 'lti');
e27cb316 354
baf41e4b
FM
355 $baseurl = new moodle_url('/mod/lti/typessettings.php', array(
356 'action' => 'accept',
357 'id' => $type->id,
358 'sesskey' => sesskey(),
359 'tab' => $id
360 ));
361
362 $accepthtml = $OUTPUT->action_icon($baseurl,
363 new pix_icon('t/check', $accept, '', array('class' => 'iconsmall')), null,
364 array('title' => $accept, 'class' => 'editing_accept'));
795dff01
CS
365
366 $deleteaction = 'delete';
e27cb316 367
ea04a9f9 368 if ($type->state == LTI_TOOL_STATE_CONFIGURED) {
795dff01
CS
369 $accepthtml = '';
370 }
e27cb316 371
ea04a9f9 372 if ($type->state != LTI_TOOL_STATE_REJECTED) {
795dff01
CS
373 $deleteaction = 'reject';
374 $delete = get_string('reject', 'lti');
375 }
e27cb316 376
baf41e4b
FM
377 $updateurl = clone($baseurl);
378 $updateurl->param('action', 'update');
379 $updatehtml = $OUTPUT->action_icon($updateurl,
380 new pix_icon('t/edit', $accept, '', array('class' => 'iconsmall')), null,
381 array('title' => $update, 'class' => 'editing_update'));
382
383 $deleteurl = clone($baseurl);
384 $deleteurl->param('action', $deleteaction);
385 $deletehtml = $OUTPUT->action_icon($deleteurl,
386 new pix_icon('t/delete', $accept, '', array('class' => 'iconsmall')), null,
387 array('title' => $delete, 'class' => 'editing_delete'));
5de15b83 388 $html .= "
795dff01
CS
389 <tr>
390 <td>
391 {$type->name}
392 </td>
393 <td>
394 {$type->baseurl}
395 </td>
396 <td>
397 {$date}
398 </td>
5de15b83 399 <td align=\"center\">
baf41e4b 400 {$accepthtml}{$updatehtml}{$deletehtml}
795dff01
CS
401 </td>
402 </tr>
5de15b83 403 ";
795dff01
CS
404 }
405 $html .= '</table></div>';
406 } else {
407 $html .= get_string('no_' . $id, 'lti');
408 }
e27cb316 409
795dff01
CS
410 return $html;
411}
412
b9b2e7bb
CS
413/**
414 * Splits the custom parameters field to the various parameters
415 *
416 * @param string $customstr String containing the parameters
417 *
418 * @return Array of custom parameters
419 */
dbb0fec9 420function lti_split_custom_parameters($customstr) {
b9b2e7bb
CS
421 $lines = preg_split("/[\n;]/", $customstr);
422 $retval = array();
423 foreach ($lines as $line) {
424 $pos = strpos($line, "=");
425 if ( $pos === false || $pos < 1 ) {
426 continue;
427 }
f8311def
PS
428 $key = trim(textlib::substr($line, 0, $pos));
429 $val = trim(textlib::substr($line, $pos+1, strlen($line)));
dbb0fec9 430 $key = lti_map_keyname($key);
b9b2e7bb
CS
431 $retval['custom_'.$key] = $val;
432 }
433 return $retval;
434}
435
436/**
437 * Used for building the names of the different custom parameters
438 *
439 * @param string $key Parameter name
440 *
441 * @return string Processed name
442 */
dbb0fec9 443function lti_map_keyname($key) {
b9b2e7bb 444 $newkey = "";
f8311def 445 $key = textlib::strtolower(trim($key));
b9b2e7bb
CS
446 foreach (str_split($key) as $ch) {
447 if ( ($ch >= 'a' && $ch <= 'z') || ($ch >= '0' && $ch <= '9') ) {
448 $newkey .= $ch;
449 } else {
450 $newkey .= '_';
451 }
452 }
453 return $newkey;
454}
455
456/**
16cac566 457 * Gets the IMS role string for the specified user and LTI course module.
e27cb316 458 *
16cac566
CS
459 * @param mixed $user User object or user id
460 * @param int $cmid The course module id of the LTI activity
461 * @return string A role string suitable for passing with an LTI launch
b9b2e7bb 462 */
1d4f052e 463function lti_get_ims_role($user, $cmid, $courseid) {
16cac566 464 $roles = array();
e27cb316 465
ea04a9f9 466 if (empty($cmid)) {
1d4f052e
CS
467 //If no cmid is passed, check if the user is a teacher in the course
468 //This allows other modules to programmatically "fake" a launch without
469 //a real LTI instance
c288a3db 470 $coursecontext = context_course::instance($courseid);
e27cb316 471
ea04a9f9 472 if (has_capability('moodle/course:manageactivities', $coursecontext)) {
1d4f052e
CS
473 array_push($roles, 'Instructor');
474 } else {
475 array_push($roles, 'Learner');
476 }
16cac566 477 } else {
c288a3db 478 $context = context_module::instance($cmid);
1d4f052e 479
ea04a9f9 480 if (has_capability('mod/lti:manage', $context)) {
1d4f052e
CS
481 array_push($roles, 'Instructor');
482 } else {
483 array_push($roles, 'Learner');
484 }
b9b2e7bb 485 }
1d4f052e 486
ea04a9f9 487 if (is_siteadmin($user)) {
16cac566 488 array_push($roles, 'urn:lti:sysrole:ims/lis/Administrator');
b9b2e7bb 489 }
e27cb316 490
16cac566 491 return join(',', $roles);
b9b2e7bb
CS
492}
493
494/**
495 * Returns configuration details for the tool
496 *
497 * @param int $typeid Basic LTI tool typeid
498 *
499 * @return array Tool Configuration
500 */
501function lti_get_type_config($typeid) {
502 global $DB;
503
5f136255
EL
504 $query = "SELECT name, value
505 FROM {lti_types_config}
506 WHERE typeid = :typeid1
507 UNION ALL
508 SELECT 'toolurl' AS name, baseurl AS value
509 FROM {lti_types}
510 WHERE id = :typeid2";
e27cb316 511
b9b2e7bb 512 $typeconfig = array();
f17f4959 513 $configs = $DB->get_records_sql($query, array('typeid1' => $typeid, 'typeid2' => $typeid));
e27cb316 514
b9b2e7bb
CS
515 if (!empty($configs)) {
516 foreach ($configs as $config) {
517 $typeconfig[$config->name] = $config->value;
518 }
519 }
e27cb316 520
b9b2e7bb
CS
521 return $typeconfig;
522}
523
ea04a9f9 524function lti_get_tools_by_url($url, $state, $courseid = null) {
b9b2e7bb 525 $domain = lti_get_domain_from_url($url);
e27cb316 526
996b0fd9 527 return lti_get_tools_by_domain($domain, $state, $courseid);
b9b2e7bb
CS
528}
529
ea04a9f9 530function lti_get_tools_by_domain($domain, $state = null, $courseid = null) {
b9b2e7bb 531 global $DB, $SITE;
e27cb316 532
b9b2e7bb 533 $filters = array('tooldomain' => $domain);
e27cb316 534
b9b2e7bb
CS
535 $statefilter = '';
536 $coursefilter = '';
e27cb316 537
ea04a9f9 538 if ($state) {
b9b2e7bb
CS
539 $statefilter = 'AND state = :state';
540 }
e27cb316 541
ea04a9f9 542 if ($courseid && $courseid != $SITE->id) {
b9b2e7bb
CS
543 $coursefilter = 'OR course = :courseid';
544 }
e27cb316 545
5f136255
EL
546 $query = "SELECT *
547 FROM {lti_types}
548 WHERE tooldomain = :tooldomain
549 AND (course = :siteid $coursefilter)
550 $statefilter";
e27cb316 551
b9b2e7bb 552 return $DB->get_records_sql($query, array(
e27cb316
CS
553 'courseid' => $courseid,
554 'siteid' => $SITE->id,
555 'tooldomain' => $domain,
b9b2e7bb
CS
556 'state' => $state
557 ));
558}
559
560/**
561 * Returns all basicLTI tools configured by the administrator
562 *
563 */
6831c7cd 564function lti_filter_get_types($course) {
b9b2e7bb
CS
565 global $DB;
566
ea04a9f9 567 if (!empty($course)) {
6831c7cd
CS
568 $filter = array('course' => $course);
569 } else {
570 $filter = array();
571 }
e27cb316 572
6831c7cd 573 return $DB->get_records('lti_types', $filter);
b9b2e7bb
CS
574}
575
d81a603e
MN
576/**
577 * Given an array of tools, filter them based on their state
578 *
579 * @param array $tools An array of lti_types records
580 * @param int $state One of the LTI_TOOL_STATE_* constants
581 * @return array
582 */
583function lti_filter_tool_types(array $tools, $state) {
584 $return = array();
585 foreach ($tools as $key => $tool) {
586 if ($tool->state == $state) {
587 $return[$key] = $tool;
588 }
589 }
590 return $return;
591}
592
ea04a9f9 593function lti_get_types_for_add_instance() {
996b0fd9 594 global $DB, $SITE, $COURSE;
e27cb316 595
5f136255
EL
596 $query = "SELECT *
597 FROM {lti_types}
598 WHERE coursevisible = 1
599 AND (course = :siteid OR course = :courseid)
600 AND state = :active";
e27cb316 601
606ab1a1 602 $admintypes = $DB->get_records_sql($query, array('siteid' => $SITE->id, 'courseid' => $COURSE->id, 'active' => LTI_TOOL_STATE_CONFIGURED));
e27cb316 603
b9b2e7bb 604 $types = array();
996b0fd9 605 $types[0] = (object)array('name' => get_string('automatic', 'lti'), 'course' => $SITE->id);
e27cb316 606
ea04a9f9 607 foreach ($admintypes as $type) {
16e8f130 608 $types[$type->id] = $type;
b9b2e7bb 609 }
e27cb316 610
b9b2e7bb
CS
611 return $types;
612}
613
ea04a9f9 614function lti_get_domain_from_url($url) {
b9b2e7bb 615 $matches = array();
e27cb316 616
ea04a9f9 617 if (preg_match(LTI_URL_DOMAIN_REGEX, $url, $matches)) {
b9b2e7bb
CS
618 return $matches[1];
619 }
620}
621
ea04a9f9 622function lti_get_tool_by_url_match($url, $courseid = null, $state = LTI_TOOL_STATE_CONFIGURED) {
b69dc429 623 $possibletools = lti_get_tools_by_url($url, $state, $courseid);
e27cb316 624
7023b65e 625 return lti_get_best_tool_by_url($url, $possibletools, $courseid);
b9b2e7bb
CS
626}
627
ea04a9f9 628function lti_get_url_thumbprint($url) {
b9b2e7bb 629 $urlparts = parse_url(strtolower($url));
ea04a9f9 630 if (!isset($urlparts['path'])) {
b9b2e7bb
CS
631 $urlparts['path'] = '';
632 }
e27cb316 633
ea04a9f9 634 if (!isset($urlparts['host'])) {
d8d04121
CS
635 $urlparts['host'] = '';
636 }
e27cb316 637
ea04a9f9 638 if (substr($urlparts['host'], 0, 4) === 'www.') {
d8d04121 639 $urlparts['host'] = substr($urlparts['host'], 4);
b9b2e7bb 640 }
e27cb316 641
b9b2e7bb
CS
642 return $urllower = $urlparts['host'] . '/' . $urlparts['path'];
643}
644
ea04a9f9
EL
645function lti_get_best_tool_by_url($url, $tools, $courseid = null) {
646 if (count($tools) === 0) {
b9b2e7bb
CS
647 return null;
648 }
e27cb316 649
b9b2e7bb 650 $urllower = lti_get_url_thumbprint($url);
e27cb316 651
ea04a9f9 652 foreach ($tools as $tool) {
b9b2e7bb 653 $tool->_matchscore = 0;
e27cb316 654
b9b2e7bb 655 $toolbaseurllower = lti_get_url_thumbprint($tool->baseurl);
e27cb316 656
ea04a9f9 657 if ($urllower === $toolbaseurllower) {
7023b65e 658 //100 points for exact thumbprint match
b9b2e7bb 659 $tool->_matchscore += 100;
ea04a9f9 660 } else if (substr($urllower, 0, strlen($toolbaseurllower)) === $toolbaseurllower) {
7023b65e 661 //50 points if tool thumbprint starts with the base URL thumbprint
b9b2e7bb
CS
662 $tool->_matchscore += 50;
663 }
e27cb316 664
7023b65e 665 //Prefer course tools over site tools
ea04a9f9 666 if (!empty($courseid)) {
4c598b13 667 //Minus 10 points for not matching the course id (global tools)
ea04a9f9 668 if ($tool->course != $courseid) {
7023b65e
CS
669 $tool->_matchscore -= 10;
670 }
671 }
b9b2e7bb 672 }
e27cb316 673
ea04a9f9
EL
674 $bestmatch = array_reduce($tools, function($value, $tool) {
675 if ($tool->_matchscore > $value->_matchscore) {
b9b2e7bb
CS
676 return $tool;
677 } else {
678 return $value;
679 }
e27cb316 680
b9b2e7bb 681 }, (object)array('_matchscore' => -1));
e27cb316 682
b9b2e7bb 683 //None of the tools are suitable for this URL
ea04a9f9 684 if ($bestmatch->_matchscore <= 0) {
b9b2e7bb
CS
685 return null;
686 }
e27cb316 687
b9b2e7bb
CS
688 return $bestmatch;
689}
690
ea04a9f9 691function lti_get_shared_secrets_by_key($key) {
020eea1b 692 global $DB;
e27cb316 693
020eea1b
CS
694 //Look up the shared secret for the specified key in both the types_config table (for configured tools)
695 //And in the lti resource table for ad-hoc tools
5f136255
EL
696 $query = "SELECT t2.value
697 FROM {lti_types_config} t1
698 JOIN {lti_types_config} t2 ON t1.typeid = t2.typeid
699 JOIN {lti_types} type ON t2.typeid = type.id
700 WHERE t1.name = 'resourcekey'
701 AND t1.value = :key1
702 AND t2.name = 'password'
703 AND type.state = :configured
704 UNION
705 SELECT password AS value
706 FROM {lti}
707 WHERE resourcekey = :key2";
e27cb316 708
feb30fd8 709 $sharedsecrets = $DB->get_records_sql($query, array('configured' => LTI_TOOL_STATE_CONFIGURED, 'key1' => $key, 'key2' => $key));
e27cb316 710
ea04a9f9 711 $values = array_map(function($item) {
020eea1b
CS
712 return $item->value;
713 }, $sharedsecrets);
e27cb316 714
020eea1b
CS
715 //There should really only be one shared secret per key. But, we can't prevent
716 //more than one getting entered. For instance, if the same key is used for two tool providers.
717 return $values;
718}
719
b9b2e7bb
CS
720/**
721 * Delete a Basic LTI configuration
722 *
723 * @param int $id Configuration id
724 */
725function lti_delete_type($id) {
726 global $DB;
727
728 //We should probably just copy the launch URL to the tool instances in this case... using a single query
729 /*
730 $instances = $DB->get_records('lti', array('typeid' => $id));
731 foreach ($instances as $instance) {
732 $instance->typeid = 0;
733 $DB->update_record('lti', $instance);
734 }*/
735
736 $DB->delete_records('lti_types', array('id' => $id));
737 $DB->delete_records('lti_types_config', array('typeid' => $id));
738}
739
ea04a9f9 740function lti_set_state_for_type($id, $state) {
b9b2e7bb 741 global $DB;
e27cb316 742
b9b2e7bb
CS
743 $DB->update_record('lti_types', array('id' => $id, 'state' => $state));
744}
745
746/**
747 * Transforms a basic LTI object to an array
748 *
749 * @param object $ltiobject Basic LTI object
750 *
751 * @return array Basic LTI configuration details
752 */
753function lti_get_config($ltiobject) {
754 $typeconfig = array();
755 $typeconfig = (array)$ltiobject;
756 $additionalconfig = lti_get_type_config($ltiobject->typeid);
757 $typeconfig = array_merge($typeconfig, $additionalconfig);
758 return $typeconfig;
759}
760
761/**
762 *
763 * Generates some of the tool configuration based on the instance details
764 *
765 * @param int $id
766 *
767 * @return Instance configuration
768 *
769 */
770function lti_get_type_config_from_instance($id) {
771 global $DB;
772
773 $instance = $DB->get_record('lti', array('id' => $id));
774 $config = lti_get_config($instance);
775
776 $type = new stdClass();
777 $type->lti_fix = $id;
778 if (isset($config['toolurl'])) {
779 $type->lti_toolurl = $config['toolurl'];
780 }
781 if (isset($config['instructorchoicesendname'])) {
782 $type->lti_sendname = $config['instructorchoicesendname'];
783 }
784 if (isset($config['instructorchoicesendemailaddr'])) {
785 $type->lti_sendemailaddr = $config['instructorchoicesendemailaddr'];
786 }
787 if (isset($config['instructorchoiceacceptgrades'])) {
788 $type->lti_acceptgrades = $config['instructorchoiceacceptgrades'];
789 }
790 if (isset($config['instructorchoiceallowroster'])) {
791 $type->lti_allowroster = $config['instructorchoiceallowroster'];
792 }
793
794 if (isset($config['instructorcustomparameters'])) {
795 $type->lti_allowsetting = $config['instructorcustomparameters'];
796 }
797 return $type;
798}
799
800/**
801 * Generates some of the tool configuration based on the admin configuration details
802 *
803 * @param int $id
804 *
805 * @return Configuration details
806 */
807function lti_get_type_type_config($id) {
808 global $DB;
809
810 $basicltitype = $DB->get_record('lti_types', array('id' => $id));
811 $config = lti_get_type_config($id);
812
036e84c3 813 $type = new stdClass();
5f72d102 814
b9b2e7bb 815 $type->lti_typename = $basicltitype->name;
e27cb316 816
6831c7cd 817 $type->typeid = $basicltitype->id;
e27cb316 818
b9b2e7bb 819 $type->lti_toolurl = $basicltitype->baseurl;
e27cb316 820
b9b2e7bb
CS
821 if (isset($config['resourcekey'])) {
822 $type->lti_resourcekey = $config['resourcekey'];
823 }
824 if (isset($config['password'])) {
825 $type->lti_password = $config['password'];
826 }
827
828 if (isset($config['sendname'])) {
829 $type->lti_sendname = $config['sendname'];
830 }
ea04a9f9 831 if (isset($config['instructorchoicesendname'])) {
b9b2e7bb
CS
832 $type->lti_instructorchoicesendname = $config['instructorchoicesendname'];
833 }
ea04a9f9 834 if (isset($config['sendemailaddr'])) {
b9b2e7bb
CS
835 $type->lti_sendemailaddr = $config['sendemailaddr'];
836 }
ea04a9f9 837 if (isset($config['instructorchoicesendemailaddr'])) {
b9b2e7bb
CS
838 $type->lti_instructorchoicesendemailaddr = $config['instructorchoicesendemailaddr'];
839 }
ea04a9f9 840 if (isset($config['acceptgrades'])) {
b9b2e7bb
CS
841 $type->lti_acceptgrades = $config['acceptgrades'];
842 }
ea04a9f9 843 if (isset($config['instructorchoiceacceptgrades'])) {
b9b2e7bb
CS
844 $type->lti_instructorchoiceacceptgrades = $config['instructorchoiceacceptgrades'];
845 }
ea04a9f9 846 if (isset($config['allowroster'])) {
b9b2e7bb
CS
847 $type->lti_allowroster = $config['allowroster'];
848 }
ea04a9f9 849 if (isset($config['instructorchoiceallowroster'])) {
b9b2e7bb
CS
850 $type->lti_instructorchoiceallowroster = $config['instructorchoiceallowroster'];
851 }
852
853 if (isset($config['customparameters'])) {
854 $type->lti_customparameters = $config['customparameters'];
855 }
856
ea04a9f9 857 if (isset($config['forcessl'])) {
d8d04121
CS
858 $type->lti_forcessl = $config['forcessl'];
859 }
e27cb316 860
b9b2e7bb
CS
861 if (isset($config['organizationid'])) {
862 $type->lti_organizationid = $config['organizationid'];
863 }
864 if (isset($config['organizationurl'])) {
865 $type->lti_organizationurl = $config['organizationurl'];
866 }
867 if (isset($config['organizationdescr'])) {
868 $type->lti_organizationdescr = $config['organizationdescr'];
869 }
870 if (isset($config['launchcontainer'])) {
871 $type->lti_launchcontainer = $config['launchcontainer'];
872 }
e27cb316 873
b9b2e7bb
CS
874 if (isset($config['coursevisible'])) {
875 $type->lti_coursevisible = $config['coursevisible'];
876 }
e27cb316 877
b9b2e7bb
CS
878 if (isset($config['debuglaunch'])) {
879 $type->lti_debuglaunch = $config['debuglaunch'];
880 }
e27cb316 881
b9b2e7bb 882 if (isset($config['module_class_type'])) {
036e84c3 883 $type->lti_module_class_type = $config['module_class_type'];
b9b2e7bb
CS
884 }
885
886 return $type;
887}
888
ea04a9f9 889function lti_prepare_type_for_save($type, $config) {
b9b2e7bb
CS
890 $type->baseurl = $config->lti_toolurl;
891 $type->tooldomain = lti_get_domain_from_url($config->lti_toolurl);
892 $type->name = $config->lti_typename;
e27cb316 893
b9b2e7bb
CS
894 $type->coursevisible = !empty($config->lti_coursevisible) ? $config->lti_coursevisible : 0;
895 $config->lti_coursevisible = $type->coursevisible;
e27cb316 896
d8d04121
CS
897 $type->forcessl = !empty($config->lti_forcessl) ? $config->lti_forcessl : 0;
898 $config->lti_forcessl = $type->forcessl;
e27cb316 899
b9b2e7bb 900 $type->timemodified = time();
e27cb316 901
b9b2e7bb
CS
902 unset ($config->lti_typename);
903 unset ($config->lti_toolurl);
904}
905
ea04a9f9 906function lti_update_type($type, $config) {
b9b2e7bb 907 global $DB;
e27cb316 908
b9b2e7bb 909 lti_prepare_type_for_save($type, $config);
e27cb316 910
b9b2e7bb
CS
911 if ($DB->update_record('lti_types', $type)) {
912 foreach ($config as $key => $value) {
913 if (substr($key, 0, 4)=='lti_' && !is_null($value)) {
914 $record = new StdClass();
915 $record->typeid = $type->id;
916 $record->name = substr($key, 4);
917 $record->value = $value;
e27cb316 918
b9b2e7bb
CS
919 lti_update_config($record);
920 }
921 }
922 }
923}
924
ea04a9f9 925function lti_add_type($type, $config) {
b9b2e7bb 926 global $USER, $SITE, $DB;
e27cb316 927
b9b2e7bb 928 lti_prepare_type_for_save($type, $config);
e27cb316 929
ea04a9f9 930 if (!isset($type->state)) {
b9b2e7bb
CS
931 $type->state = LTI_TOOL_STATE_PENDING;
932 }
e27cb316 933
ea04a9f9 934 if (!isset($type->timecreated)) {
b9b2e7bb
CS
935 $type->timecreated = time();
936 }
e27cb316 937
ea04a9f9 938 if (!isset($type->createdby)) {
b9b2e7bb
CS
939 $type->createdby = $USER->id;
940 }
e27cb316 941
ea04a9f9 942 if (!isset($type->course)) {
b9b2e7bb
CS
943 $type->course = $SITE->id;
944 }
e27cb316 945
b9b2e7bb 946 //Create a salt value to be used for signing passed data to extension services
6831c7cd
CS
947 //The outcome service uses the service salt on the instance. This can be used
948 //for communication with services not related to a specific LTI instance.
b9b2e7bb
CS
949 $config->lti_servicesalt = uniqid('', true);
950
951 $id = $DB->insert_record('lti_types', $type);
952
953 if ($id) {
954 foreach ($config as $key => $value) {
955 if (substr($key, 0, 4)=='lti_' && !is_null($value)) {
956 $record = new StdClass();
957 $record->typeid = $id;
958 $record->name = substr($key, 4);
959 $record->value = $value;
960
961 lti_add_config($record);
962 }
963 }
964 }
e27cb316 965
996b0fd9 966 return $id;
b9b2e7bb
CS
967}
968
969/**
970 * Add a tool configuration in the database
971 *
972 * @param $config Tool configuration
973 *
974 * @return int Record id number
975 */
976function lti_add_config($config) {
977 global $DB;
978
979 return $DB->insert_record('lti_types_config', $config);
980}
981
982/**
983 * Updates a tool configuration in the database
984 *
985 * @param $config Tool configuration
986 *
987 * @return Record id number
988 */
989function lti_update_config($config) {
990 global $DB;
991
992 $return = true;
993 $old = $DB->get_record('lti_types_config', array('typeid' => $config->typeid, 'name' => $config->name));
e27cb316 994
b9b2e7bb
CS
995 if ($old) {
996 $config->id = $old->id;
997 $return = $DB->update_record('lti_types_config', $config);
998 } else {
999 $return = $DB->insert_record('lti_types_config', $config);
1000 }
1001 return $return;
1002}
1003
1004/**
1005 * Signs the petition to launch the external tool using OAuth
1006 *
1007 * @param $oldparms Parameters to be passed for signing
1008 * @param $endpoint url of the external tool
1009 * @param $method Method for sending the parameters (e.g. POST)
1010 * @param $oauth_consumoer_key Key
1011 * @param $oauth_consumoer_secret Secret
1012 * @param $submittext The text for the submit button
1013 * @param $orgid LMS name
1014 * @param $orgdesc LMS key
1015 */
3dd9ca24
CS
1016function lti_sign_parameters($oldparms, $endpoint, $method, $oauthconsumerkey, $oauthconsumersecret) {
1017 //global $lastbasestring;
b9b2e7bb 1018 $parms = $oldparms;
b9b2e7bb
CS
1019
1020 $testtoken = '';
e27cb316 1021
fabd4fcf 1022 // TODO: Switch to core oauthlib once implemented - MDL-30149
795dff01
CS
1023 $hmacmethod = new lti\OAuthSignatureMethod_HMAC_SHA1();
1024 $testconsumer = new lti\OAuthConsumer($oauthconsumerkey, $oauthconsumersecret, null);
795dff01 1025 $accreq = lti\OAuthRequest::from_consumer_and_token($testconsumer, $testtoken, $method, $endpoint, $parms);
b9b2e7bb
CS
1026 $accreq->sign_request($hmacmethod, $testconsumer, $testtoken);
1027
1028 // Pass this back up "out of band" for debugging
3dd9ca24 1029 //$lastbasestring = $accreq->get_signature_base_string();
b9b2e7bb
CS
1030
1031 $newparms = $accreq->get_parameters();
1032
1033 return $newparms;
1034}
1035
1036/**
1037 * Posts the launch petition HTML
1038 *
1039 * @param $newparms Signed parameters
1040 * @param $endpoint URL of the external tool
1041 * @param $debug Debug (true/false)
1042 */
dbb0fec9 1043function lti_post_launch_html($newparms, $endpoint, $debug=false) {
b9b2e7bb 1044 $r = "<form action=\"".$endpoint."\" name=\"ltiLaunchForm\" id=\"ltiLaunchForm\" method=\"post\" encType=\"application/x-www-form-urlencoded\">\n";
e27cb316 1045
b9b2e7bb
CS
1046 $submittext = $newparms['ext_submit'];
1047
1048 // Contruct html for the launch parameters
1049 foreach ($newparms as $key => $value) {
1050 $key = htmlspecialchars($key);
1051 $value = htmlspecialchars($value);
1052 if ( $key == "ext_submit" ) {
1053 $r .= "<input type=\"submit\" name=\"";
1054 } else {
1055 $r .= "<input type=\"hidden\" name=\"";
1056 }
1057 $r .= $key;
1058 $r .= "\" value=\"";
1059 $r .= $value;
1060 $r .= "\"/>\n";
1061 }
1062
1063 if ( $debug ) {
1064 $r .= "<script language=\"javascript\"> \n";
1065 $r .= " //<![CDATA[ \n";
1066 $r .= "function basicltiDebugToggle() {\n";
1067 $r .= " var ele = document.getElementById(\"basicltiDebug\");\n";
ea04a9f9 1068 $r .= " if (ele.style.display == \"block\") {\n";
b9b2e7bb
CS
1069 $r .= " ele.style.display = \"none\";\n";
1070 $r .= " }\n";
1071 $r .= " else {\n";
1072 $r .= " ele.style.display = \"block\";\n";
1073 $r .= " }\n";
1074 $r .= "} \n";
1075 $r .= " //]]> \n";
1076 $r .= "</script>\n";
1077 $r .= "<a id=\"displayText\" href=\"javascript:basicltiDebugToggle();\">";
1078 $r .= get_string("toggle_debug_data", "lti")."</a>\n";
1079 $r .= "<div id=\"basicltiDebug\" style=\"display:none\">\n";
1080 $r .= "<b>".get_string("basiclti_endpoint", "lti")."</b><br/>\n";
1081 $r .= $endpoint . "<br/>\n&nbsp;<br/>\n";
1082 $r .= "<b>".get_string("basiclti_parameters", "lti")."</b><br/>\n";
1083 foreach ($newparms as $key => $value) {
1084 $key = htmlspecialchars($key);
1085 $value = htmlspecialchars($value);
1086 $r .= "$key = $value<br/>\n";
1087 }
1088 $r .= "&nbsp;<br/>\n";
3dd9ca24 1089 //$r .= "<p><b>".get_string("basiclti_base_string", "lti")."</b><br/>\n".$lastbasestring."</p>\n";
b9b2e7bb
CS
1090 $r .= "</div>\n";
1091 }
1092 $r .= "</form>\n";
1093
1094 if ( ! $debug ) {
1095 $ext_submit = "ext_submit";
1096 $ext_submit_text = $submittext;
1097 $r .= " <script type=\"text/javascript\"> \n" .
1098 " //<![CDATA[ \n" .
1099 " document.getElementById(\"ltiLaunchForm\").style.display = \"none\";\n" .
1100 " nei = document.createElement('input');\n" .
1101 " nei.setAttribute('type', 'hidden');\n" .
1102 " nei.setAttribute('name', '".$ext_submit."');\n" .
1103 " nei.setAttribute('value', '".$ext_submit_text."');\n" .
1104 " document.getElementById(\"ltiLaunchForm\").appendChild(nei);\n" .
1105 " document.ltiLaunchForm.submit(); \n" .
1106 " //]]> \n" .
1107 " </script> \n";
1108 }
1109 return $r;
1110}
1111
ea04a9f9 1112function lti_get_type($typeid) {
996b0fd9 1113 global $DB;
e27cb316 1114
996b0fd9 1115 return $DB->get_record('lti_types', array('id' => $typeid));
57d1dffd
CS
1116}
1117
ea04a9f9
EL
1118function lti_get_launch_container($lti, $toolconfig) {
1119 if (empty($lti->launchcontainer)) {
e27cb316
CS
1120 $lti->launchcontainer = LTI_LAUNCH_CONTAINER_DEFAULT;
1121 }
1122
ea04a9f9
EL
1123 if ($lti->launchcontainer == LTI_LAUNCH_CONTAINER_DEFAULT) {
1124 if (isset($toolconfig['launchcontainer'])) {
c4d80efe
CS
1125 $launchcontainer = $toolconfig['launchcontainer'];
1126 }
1127 } else {
1128 $launchcontainer = $lti->launchcontainer;
1129 }
e27cb316 1130
ea04a9f9 1131 if (empty($launchcontainer) || $launchcontainer == LTI_LAUNCH_CONTAINER_DEFAULT) {
c4d80efe
CS
1132 $launchcontainer = LTI_LAUNCH_CONTAINER_EMBED_NO_BLOCKS;
1133 }
57d1dffd
CS
1134
1135 $devicetype = get_device_type();
1136
1137 //Scrolling within the object element doesn't work on iOS or Android
1138 //Opening the popup window also had some issues in testing
1139 //For mobile devices, always take up the entire screen to ensure the best experience
ea04a9f9 1140 if ($devicetype === 'mobile' || $devicetype === 'tablet' ) {
57d1dffd
CS
1141 $launchcontainer = LTI_LAUNCH_CONTAINER_REPLACE_MOODLE_WINDOW;
1142 }
e27cb316 1143
57d1dffd 1144 return $launchcontainer;
d8d04121
CS
1145}
1146
1147function lti_request_is_using_ssl() {
33dca156
PS
1148 global $CFG;
1149 return (stripos($CFG->httpswwwroot, 'https://') === 0);
d8d04121
CS
1150}
1151
ea04a9f9
EL
1152function lti_ensure_url_is_https($url) {
1153 if (!strstr($url, '://')) {
d8d04121
CS
1154 $url = 'https://' . $url;
1155 } else {
1156 //If the URL starts with http, replace with https
ea04a9f9 1157 if (stripos($url, 'http://') === 0) {
adc23cc9 1158 $url = 'https://' . substr($url, 7);
d8d04121
CS
1159 }
1160 }
e27cb316 1161
d8d04121 1162 return $url;
61eb12d4 1163}