Version history

This library is based on the PHP LTI Tool Provider classes and the PHP LTI Tool Provider library.

Version	Date	Description
3.1.0	13-Mar-19	First updated release
3.1.1	3-Apr-19	Move HTTPMessage class to Http\HttpMessage (old class is deprecated). Fix PHP 7 issue with parsing XML. Remove leftover test code.
3.1.2	3-Apr-19	Update domnodeToArray method.
3.2.0	8-May-20	Add Result and Score services Add Names and Role Provisioning service Add support for OAuth 1 connections security update Add sourcedid and username properties to User object Fix bug in checking JSON-LD contexts Add timeout to Curl HTTP requests
3.2.1	11-Jun-20	Improved logging options Fix processing of share keys Other minor bug fixes
3.3.0	25-Jun-20	Added support for Line Item service Enhancements to ApiHook classes Other minor bug fixes
4.0.0	26-Jun-20	Add support for LTI 1.3 Switch to new LTI terminology of Platform and Tool Remove support for consumer keys longer than 255 characters
4.0.1	3-Jul-20	Miscellaneous bug fixes
4.0.2	22-Jul-20	Fixed bug with login initiation requests using HTTP GET Correct date format used in data connector for MS SQL Server Try retreiving public key from URL if stored value fails Save LTI user ID for all learners Leeway used when checking timestamps in JWTs is now configurable Tries to request access token with single scope if request for multiple scopes is declined Update isAdmin check for LTI 1.3 format Other minor bug fixes and general code tidy
4.0.3	17-Aug-20	Improved handling of service requests, espcially for older LTI services when using the new security model Corrected the mapping of the LIS sourcedid parameters in a JWT
4.1.0	26-Sep-20	Improved handling or credentials, especially for messages being sent to a platform Improved mapping of content-item (deep linking) messages between LTI versions Added a client for the Web Token JWT Framework library More lenient treatment of messages which do not fully comply with the LTI specification Added support for the resultData Outcomes extension Added experimental support for encrypting the content of JWTs
4.2.0	26-Nov-20	Miscellaneous bug fixes and code tidying Added support for the LTI 1.3 dynamic registration process available in Moodle 3.10+
4.2.1	4-Jan-21	Add support for Sakai memberships extension service Miscellaneous bug fixes and code tidying
4.3.0	5-Jan-21	Enhanced support for use by Platforms
4.3.1	16-Feb-21	Add error messages for invalid JWT claims
4.4.0	17-Feb-21	Add support for Course Groups service - see Context->getGroups and updated Context->getMemberships methods
4.4.1	26-Apr-21	Update Content-item/Deep linking handling Add callback option for messages sent to platforms Add isLtiMessage function Update MySQLi data connector to use bound parameters Bug fixes: fix check for memberships; do not include target_link_uri claim for messages from tool; ensure JWT payload is an object
4.5.0	3-Aug-21	Add support for ContentItemUpdateRequest message, LTI Assignment content item, and Proctoring services Add logging for form submissions
4.5.1	27-Sep-21	Add support for Course Groups service from ResourceLink object Improve SQL error logging Minor bug fixes
4.5.2	13-Oct-21	Fix error in obtaining a platform's family code which can impact checks for API hooks
4.5.3	14-Oct-21	Ignore additional query parameters in initiate login requests which use GET
4.5.4	26-Oct-21	Minor bug fixes
4.6.0	3-Dec-21	Add support for making service requests for single pages with access to relative links included in the response Fix issue when platforms enforce a page limit when none has been requested Improve support for Course Groups service (order of parameters to Service\Groups->get method changed) Add support for obsolete link-level membership service endpoint Improved error logging for OAuth-signed messages Constructor for DataConnector class has been changed to protected - always use its static getDataConnector method instead
4.6.1	5-Dec-21	Add default limit property to relevant service classes Bug fix
4.6.2	5-Jan-22	Minor bug and documentation fixes
4.6.3	20-Jan-22	Update UserResult->getId for users not associated with a resource link Update to latest release of Firebase/php-jwt library Minor bug fixes
4.6.4	23-Feb-22	Fix bug with handling public keys in PEM format in Firebase JWT client Enhance JWT clients Enhance handling of Content items
4.6.5	5-Mar-22	Remove erroneous GROUP BY clauses in SQL for data connectors
4.7.0	3-Apr-22	Fix bug with checking state value on LTI 1.3 messages Add support for groups to belong to more than one groupset (so set element of a group may now be an array of strings rather than just a string) Correct value of iss claim in client_assertion JWT when requesting an access token Add option to allow use of HTTP GET for LTI 1.3 authentication requests Improve mapping between JWT claims and OAuth1 message parameters (uses "lti1p1_" prefix for any "https://purl.imsglobal.org/spec/lti/claim/lti1p1" claims; added "target_link_uri" and "unmapped_claims" parameters)
4.7.1	4-Apr-22	Fix bug with format of JWT claim using FirebaseClient
4.7.2	12-May-22	Fix mapping of LTI 1.3 claim for Basic Outcomes service Add check for Course Groups service in getMemberships method Added checks for required properties of optional message claims Fix bug with updating date of last access for a platform Fix handling of groups belonging to more than one group in Moodle API hook Deprecated CanvasApiToolProvider class (use CanvasApiTool instead) Fix signing of extension service requests with LTI 1.3
4.7.3	8-Jun-22	Ignore namespace in XML service responses Fix bug with supported messages in platform configurations Add support for username passed by Brightspace Allow Context to be passed to UserResult->getId method Add HTTP version override option to CurlClient Improve logging for PDO database connections
4.8.0	27-Jun-22	Added check for blocked third-party cookies Added option to generate warnings about any additional errors identified Added support for user's middle name Other code improvements
4.9.0	30-Sep-22	Ensure Memberships service saves all learners Registration access token is optional Added support for using Memcache to handle nonce values
4.10.0	26-Nov-22	Add workaround for Anthology Learn bug in Names and Role Provisioning services Add support for draft "OIDC Login with LTI Client Side postMessages" specification Add support for Firebase PHP-JWT 6.0.0 Fix bug with saving learners when no lis_result_sourcedid is provided Retain Moodle groupings with no groups Add middle name to Assessment Platform verified claims Add support for submission review message Make life of launch state values a platform property Fix support for LTI 1.3 TeachingAssistant role URI Add new core role methods to Tool object: isInstructor, isContentDeveloper, isTeachingAssistant, isManager, isMember, isOfficer, isMentor
4.10.1	28-Nov-22	Allow capabilities postMessages to be served from the parent window rather than the one passed to the tool (as a workaround for the current implementation in Anthology Learn)
4.10.2	31-May-23	Miscellaneous bug fixes Change default lti_message_hint to none Add support for X_ORIGINAL_HOST header Allow tools to disable use of platform storage Add check for invalid context and resource link ID values Improve method for parsing roles
4.10.3	13-Jun-23	Miscellaneous bug fixes Updates to avoid deprecation warnings with PHP 8.1+ Corrections to documentation comments
5.0.0	31-Jul-23	Updated for PHP 8.1 - see Updating page for backward incompatible changes
5.0.1	21-Oct-23	Allow resourceLink to be null for a UserResult object Fix bug when error occurs with call to Result service in ResourceLink->doOutcomesService Fix tests for missing parameters with LtiSubmissionReviewRequest message Do not enable LTI 2 platforms by default Correct return type for Tool::findService method Avoid creation of platform record when LTI 2 not supported by tool Fix data type errors Use ServiceDefinition class for ToolProxy service Set default alg value when parsing a key with Firebase JWT client
5.0.2	8-Jan-24	Miscellaneous fixes for PHP 8.1 related issues Allow full URL for icon in tool registration