Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Updating SSL settings & configuration for the LTI plugin.

  • Loading branch information...
commit d8d04121680072425ee5b64b80cd5ca068f377f9 1 parent 55e89ad
@scriby scriby authored
View
9 mod/lti/edit_form.php
@@ -68,7 +68,6 @@ function definition() {
$mform->addElement('text', 'lti_toolurl', get_string('toolurl', 'lti'), array('size'=>'64'));
$mform->setType('lti_toolurl', PARAM_TEXT);
$mform->addHelpButton('lti_toolurl', 'toolurl', 'lti');
-
$mform->addRule('lti_toolurl', null, 'required', null, 'client');
$mform->addElement('text', 'lti_resourcekey', get_string('resourcekey_admin', 'lti'));
@@ -130,6 +129,10 @@ function definition() {
$mform->setDefault('lti_allowroster', '2');
$mform->addHelpButton('lti_allowroster', 'share_roster_admin', 'lti');
+ $mform->addElement('checkbox', 'lti_forcessl',' ', ' ' . get_string('force_ssl', 'lti'), $options);
+ $mform->setDefault('lti_forcessl', '0');
+
+ $mform->addHelpButton('lti_forcessl', 'force_ssl', 'lti');
if(!empty($this->_customdata->isadmin)){
//-------------------------------------------------------------------------------
@@ -143,11 +146,11 @@ function definition() {
$mform->addElement('text', 'lti_organizationid', get_string('organizationid', 'lti'));
$mform->setType('lti_organizationid', PARAM_TEXT);
- // $mform->addHelpButton('lti_organizationid', 'organizationid', 'lti');
+ $mform->addHelpButton('lti_organizationid', 'organizationid', 'lti');
$mform->addElement('text', 'lti_organizationurl', get_string('organizationurl', 'lti'));
$mform->setType('lti_organizationurl', PARAM_TEXT);
- // $mform->addHelpButton('lti_organizationurl', 'organizationurl', 'lti');
+ $mform->addHelpButton('lti_organizationurl', 'organizationurl', 'lti');
}
/* Suppress this for now - Chuck
View
42 mod/lti/lang/en/lti.php
@@ -189,12 +189,15 @@
$string['no_lti_pending'] = 'There are no pending External Tools.';
$string['no_lti_rejected'] = 'There are no rejected External Tools.';
$string['accept_grades_admin'] = 'Accept grades from the tool';
+$string['force_ssl'] = 'Force SSL';
+$string['lti_administration'] = 'LTI Administration';
//New instructor strings
$string['display_name'] = 'Display activity name when launched';
$string['display_description'] = 'Display activity description when launched';
$string['external_tool_type'] = 'External tool type';
$string['launch_url'] = 'Launch URL';
+$string['secure_launch_url'] = 'Secure Launch URL';
$string['share_name'] = 'Share launcher\'s name with the tool';
$string['share_email'] = 'Share launcher\'s email with the tool';
$string['accept_grades'] = 'Accept grades from the tool';
@@ -216,6 +219,7 @@
$string['tool_config_not_found'] = 'Tool configuration not found for this URL.';
$string['icon_url'] = 'Icon URL';
+$string['secure_icon_url'] = 'Secure Icon URL';
$string['return_to_course'] = 'Click <a href="{$a->link}" target="_top">here</a> to return to the course.';
@@ -293,6 +297,24 @@
into the tool provider's system, and not go to a specific resource, this will likely be the case.
HTML;
+$string['secure_launch_url_help'] = <<<HTML
+Similar to Launch URL, but used instead of the launch url if high security is required. Moodle will use the
+secure launch URL instead of the launch URL if the Moodle site is accessed through SSL, or if the tool configuration
+is set to always launch through SSL.
+
+The Launch URL may also be set to an https address to force launching through SSL, and this field may be left blank.
+HTML;
+
+$string['icon_url_help'] = <<<HTML
+The icon URL allows the icon that shows up in the course listing for this activity to be modified. Instead of using the default
+LTI icon, an icon which conveys the type of activity may be specified.
+HTML;
+
+$string['secure_icon_url_help'] = <<<HTML
+Similar to the icon URL, but used if the user accessing Moodle securely through SSL. The main purpose for this field is to prevent
+the browser from warning the user if the underlying page was accessed over SSL, but requesting to show an unsecure image.
+HTML;
+
$string['launchinpopup_help'] = <<<HTML
The launch container affects the display of the tool when launched from the course. Some launch containers provide more screen
real estate to the tool, and others provide a more integrated feel with the Moodle environemnt.
@@ -579,3 +601,23 @@
</li>
</ul>
HTML;
+
+$string['force_ssl_help'] = <<<HTML
+Selecting this option forces all launches to this tool provider to use SSL.
+
+In addition, all web service requests from the tool provider will use SSL.
+
+If using this option, confirm that this Moodle site and the tool provider support SSL.
+HTML;
+
+$string['organizationid_help'] = <<<HTML
+A unique identifier for this Moodle instance. Typically, the DNS name of the organization is used.
+
+If this field is left blank, the host name of this Moodle site will be used as the default value.
+HTML;
+
+$string['organizationurl_help'] = <<<HTML
+The base URL of this Moodle instance.
+
+If this field is left blank, a default value will be used based on the site configuration.
+HTML;
View
12 mod/lti/lib.php
@@ -166,12 +166,18 @@ function lti_delete_instance($id) {
function lti_get_coursemodule_info($coursemodule){
global $DB;
- $lti = $DB->get_record('lti', array('id' => $coursemodule->instance), 'icon');
+ $lti = $DB->get_record('lti', array('id' => $coursemodule->instance), 'icon, secureicon');
$info = new stdClass();
- if(!empty($lti->icon)){
- $info->icon = $lti->icon;
+ //We want to use the right icon based on whether the current page is being requested over http or https.
+ //There's a potential problem here as the icon URLs are cached in the modinfo field and won't be updated for each request.
+ if(lti_request_is_using_ssl() && !empty($lti->secureicon)){
+ $info->icon = $lti->secureicon;
+ } else {
+ if(!empty($lti->icon)){
+ $info->icon = $lti->icon;
+ }
}
return $info;
View
77 mod/lti/locallib.php
@@ -98,6 +98,7 @@ function lti_view($instance) {
$typeconfig['customparameters'] = $instance->instructorcustomparameters;
$typeconfig['acceptgrades'] = $instance->instructorchoiceacceptgrades;
$typeconfig['allowroster'] = $instance->instructorchoiceallowroster;
+ $typeconfig['forcessl'] = '0';
}
//Default the organizationid if not specified
@@ -124,17 +125,28 @@ function lti_view($instance) {
}
$endpoint = !empty($instance->toolurl) ? $instance->toolurl : $typeconfig['toolurl'];
- $endpiont = trim($endpoint);
+ $endpoint = trim($endpoint);
- $orgid = $typeconfig['organizationid'];
- /* Suppress this for now - Chuck
- $orgdesc = $typeconfig['organizationdescr'];
- */
-
- if(!strstr($endpoint, '://')){
- $endpoint = 'http://' . $endpoint;
+ //If the current request is using SSL and a secure tool URL is specified, use it
+ if(lti_request_is_using_ssl() && !empty($instance->securetoolurl)){
+ $endpoint = trim($instance->securetoolurl);
+ }
+
+ //If SSL is forced, use the secure tool url if specified. Otherwise, make sure https is on the normal launch URL.
+ if($typeconfig['forcessl'] == '1'){
+ if(!empty($instance->securetoolurl)){
+ $endpoint = trim($instance->securetoolurl);
+ }
+
+ $endpoint = lti_ensure_url_is_https($endpoint);
+ } else {
+ if(!strstr($endpoint, '://')){
+ $endpoint = 'http://' . $endpoint;
+ }
}
+ $orgid = $typeconfig['organizationid'];
+
$course = $PAGE->course;
$requestparams = lti_build_request($instance, $typeconfig, $course);
@@ -150,7 +162,13 @@ function lti_view($instance) {
//Add the return URL. We send the launch container along to help us avoid frames-within-frames when the user returns
$url = new moodle_url('/mod/lti/return.php', $returnurlparams);
- $requestparams['launch_presentation_return_url'] = $url->out(false);
+ $returnurl = $url->out(false);
+
+ if($typeconfig['forcessl'] == '1'){
+ $returnurl = lti_ensure_url_is_https($returnurl);
+ }
+
+ $requestparams['launch_presentation_return_url'] = $returnurl;
}
if(!empty($key) && !empty($secret)){
@@ -234,7 +252,13 @@ function lti_build_request($instance, $typeconfig, $course) {
( $typeconfig['acceptgrades'] == LTI_SETTING_ALWAYS ||
( $typeconfig['acceptgrades'] == LTI_SETTING_DELEGATE && $instance->instructorchoiceacceptgrades == LTI_SETTING_ALWAYS ) ) ) {
$requestparams["lis_result_sourcedid"] = $sourcedid;
- $requestparams["ext_ims_lis_basic_outcome_url"] = $CFG->wwwroot.'/mod/lti/service.php';
+
+ $serviceurl = $CFG->wwwroot . '/mod/lti/service.php';
+ if($typeconfig['forcessl'] == '1'){
+ $serviceurl = lti_ensure_url_is_https($serviceurl);
+ }
+
+ $requestparams["ext_ims_lis_basic_outcome_url"] = $serviceurl;
}
/*if ( isset($placementsecret) &&
@@ -605,8 +629,12 @@ function lti_get_url_thumbprint($url){
$urlparts['path'] = '';
}
- if(substr($urlparts['host'], 0, 3) === 'www'){
- $urllparts['host'] = substr($urlparts['host'], 3);
+ if(!isset($urlparts['host'])){
+ $urlparts['host'] = '';
+ }
+
+ if(substr($urlparts['host'], 0, 4) === 'www.'){
+ $urlparts['host'] = substr($urlparts['host'], 4);
}
return $urllower = $urlparts['host'] . '/' . $urlparts['path'];
@@ -859,6 +887,10 @@ function lti_get_type_type_config($id) {
$type->lti_customparameters = $config['customparameters'];
}
+ if(isset($config['forcessl'])){
+ $type->lti_forcessl = $config['forcessl'];
+ }
+
if (isset($config['organizationid'])) {
$type->lti_organizationid = $config['organizationid'];
}
@@ -895,6 +927,9 @@ function lti_prepare_type_for_save($type, $config){
$type->coursevisible = !empty($config->lti_coursevisible) ? $config->lti_coursevisible : 0;
$config->lti_coursevisible = $type->coursevisible;
+ $type->forcessl = !empty($config->lti_forcessl) ? $config->lti_forcessl : 0;
+ $config->lti_forcessl = $type->forcessl;
+
$type->timemodified = time();
unset ($config->lti_typename);
@@ -1138,4 +1173,22 @@ function lti_get_launch_container($lti, $toolconfig){
}
return $launchcontainer;
+}
+
+function lti_request_is_using_ssl() {
+ global $ME;
+ return (stripos($ME, 'https://') === 0);
+}
+
+function lti_ensure_url_is_https($url){
+ if(!strstr($url, '://')){
+ $url = 'https://' . $url;
+ } else {
+ //If the URL starts with http, replace with https
+ if(stripos($url, 'http://') === 0){
+ $url = 'https://' . substr($url, 8);
+ }
+ }
+
+ return $url;
}
View
22 mod/lti/mod_form.js
@@ -16,9 +16,14 @@
this.addOptGroups();
+ var updateToolMatches = function(){
+ self.updateAutomaticToolMatch(Y.one('#id_toolurl'));
+ self.updateAutomaticToolMatch(Y.one('#id_securetoolurl'));
+ };
+
var typeSelector = Y.one('#id_typeid');
typeSelector.on('change', function(e){
- self.updateAutomaticToolMatch();
+ updateToolMatches();
self.toggleEditButtons();
});
@@ -29,6 +34,7 @@
var textAreas = new Y.NodeList([
Y.one('#id_toolurl'),
+ Y.one('#id_securetoolurl'),
Y.one('#id_resourcekey'),
Y.one('#id_password')
]);
@@ -39,27 +45,29 @@
//If no more changes within 2 seconds, look up the matching tool URL
debounce = setTimeout(function(){
- self.updateAutomaticToolMatch();
+ updateToolMatches();
}, 2000);
});
- self.updateAutomaticToolMatch();
+ updateToolMatches();
},
clearToolCache: function(){
this.urlCache = {};
},
- updateAutomaticToolMatch: function(){
+ updateAutomaticToolMatch: function(field){
var self = this;
- var toolurl = Y.one('#id_toolurl');
+ var toolurl = field;
var typeSelector = Y.one('#id_typeid');
- var automatchToolDisplay = Y.one('#lti_automatch_tool');
+
+ var id = field.get('id') + '_lti_automatch_tool';
+ var automatchToolDisplay = Y.one('#' + id);
if(!automatchToolDisplay){
automatchToolDisplay = Y.Node.create('<span />')
- .set('id', 'lti_automatch_tool')
+ .set('id', id)
.setStyle('padding-left', '1em');
toolurl.insert(automatchToolDisplay, 'after');
View
13 mod/lti/mod_form.php
@@ -97,6 +97,11 @@ function definition() {
$mform->setType('toolurl', PARAM_TEXT);
$mform->addHelpButton('toolurl', 'launch_url', 'lti');
+ $mform->addElement('text', 'securetoolurl', get_string('secure_launch_url', 'lti'), array('size'=>'64'));
+ $mform->setType('securetoolurl', PARAM_TEXT);
+ $mform->setAdvanced('securetoolurl');
+ $mform->addHelpButton('securetoolurl', 'secure_launch_url', 'lti');
+
$launchoptions=array();
$launchoptions[LTI_LAUNCH_CONTAINER_DEFAULT] = get_string('default', 'lti');
$launchoptions[LTI_LAUNCH_CONTAINER_EMBED] = get_string('embed', 'lti');
@@ -125,7 +130,12 @@ function definition() {
$mform->addElement('text', 'icon', get_string('icon_url', 'lti'), array('size'=>'64'));
$mform->setType('icon', PARAM_TEXT);
$mform->setAdvanced('icon');
- //$mform->addHelpButton('icon', 'icon', 'lti');
+ $mform->addHelpButton('icon', 'icon_url', 'lti');
+
+ $mform->addElement('text', 'secureicon', get_string('secure_icon_url', 'lti'), array('size'=>'64'));
+ $mform->setType('secureicon', PARAM_TEXT);
+ $mform->setAdvanced('secureicon');
+ $mform->addHelpButton('secureicon', 'secure_icon_url', 'lti');
//-------------------------------------------------------------------------------
// Add privacy preferences fieldset where users choose whether to send their data
@@ -217,6 +227,7 @@ function definition() {
function definition_after_data() {
parent::definition_after_data();
+ //$mform =& $this->_form;
}
/**
View
4 mod/lti/typessettings.php
@@ -125,7 +125,7 @@
$PAGE->set_title($settingspage->visiblename);
$PAGE->set_heading($settingspage->visiblename);
- $PAGE->navbar->add('Basic LTI Administration', $CFG->wwwroot.'/admin/settings.php?section=modsettinglti');
+ $PAGE->navbar->add(get_string('lti_administration', 'lti'), $CFG->wwwroot.'/admin/settings.php?section=modsettinglti');
echo $OUTPUT->header();
@@ -168,7 +168,7 @@
$PAGE->set_title("$SITE->shortname: " . get_string('toolsetup', 'lti'));
- $PAGE->navbar->add('Basic LTI Administration', $CFG->wwwroot.'/admin/settings.php?section=modsettinglti');
+ $PAGE->navbar->add(get_string('lti_administration', 'lti'), $CFG->wwwroot.'/admin/settings.php?section=modsettinglti');
echo $OUTPUT->header();
Please sign in to comment.
Something went wrong with that request. Please try again.