Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

Updating SSL settings & configuration for the LTI plugin.

  • Loading branch information...
commit d8d04121680072425ee5b64b80cd5ca068f377f9 1 parent 55e89ad
scriby authored October 19, 2011
9  mod/lti/edit_form.php
@@ -68,7 +68,6 @@ function definition() {
68 68
         $mform->addElement('text', 'lti_toolurl', get_string('toolurl', 'lti'), array('size'=>'64'));
69 69
         $mform->setType('lti_toolurl', PARAM_TEXT);
70 70
         $mform->addHelpButton('lti_toolurl', 'toolurl', 'lti');
71  
-        
72 71
         $mform->addRule('lti_toolurl', null, 'required', null, 'client');
73 72
 
74 73
         $mform->addElement('text', 'lti_resourcekey', get_string('resourcekey_admin', 'lti'));
@@ -130,6 +129,10 @@ function definition() {
130 129
         $mform->setDefault('lti_allowroster', '2');
131 130
         $mform->addHelpButton('lti_allowroster', 'share_roster_admin', 'lti');
132 131
 
  132
+        $mform->addElement('checkbox', 'lti_forcessl',' ', ' ' . get_string('force_ssl', 'lti'), $options);
  133
+        $mform->setDefault('lti_forcessl', '0');
  134
+        
  135
+        $mform->addHelpButton('lti_forcessl', 'force_ssl', 'lti');
133 136
           
134 137
         if(!empty($this->_customdata->isadmin)){
135 138
             //-------------------------------------------------------------------------------
@@ -143,11 +146,11 @@ function definition() {
143 146
 
144 147
             $mform->addElement('text', 'lti_organizationid', get_string('organizationid', 'lti'));
145 148
             $mform->setType('lti_organizationid', PARAM_TEXT);
146  
-    //        $mform->addHelpButton('lti_organizationid', 'organizationid', 'lti');
  149
+            $mform->addHelpButton('lti_organizationid', 'organizationid', 'lti');
147 150
 
148 151
             $mform->addElement('text', 'lti_organizationurl', get_string('organizationurl', 'lti'));
149 152
             $mform->setType('lti_organizationurl', PARAM_TEXT);
150  
-    //        $mform->addHelpButton('lti_organizationurl', 'organizationurl', 'lti');
  153
+            $mform->addHelpButton('lti_organizationurl', 'organizationurl', 'lti');
151 154
         }
152 155
         
153 156
         /* Suppress this for now - Chuck
42  mod/lti/lang/en/lti.php
@@ -189,12 +189,15 @@
189 189
 $string['no_lti_pending'] = 'There are no pending External Tools.';
190 190
 $string['no_lti_rejected'] = 'There are no rejected External Tools.';
191 191
 $string['accept_grades_admin'] = 'Accept grades from the tool';
  192
+$string['force_ssl'] = 'Force SSL';
  193
+$string['lti_administration'] = 'LTI Administration';
192 194
 
193 195
 //New instructor strings
194 196
 $string['display_name'] = 'Display activity name when launched';
195 197
 $string['display_description'] = 'Display activity description when launched';
196 198
 $string['external_tool_type'] = 'External tool type';
197 199
 $string['launch_url'] = 'Launch URL';
  200
+$string['secure_launch_url'] = 'Secure Launch URL';
198 201
 $string['share_name'] = 'Share launcher\'s name with the tool';
199 202
 $string['share_email'] = 'Share launcher\'s email with the tool';
200 203
 $string['accept_grades'] = 'Accept grades from the tool';
@@ -216,6 +219,7 @@
216 219
 $string['tool_config_not_found'] = 'Tool configuration not found for this URL.';
217 220
 
218 221
 $string['icon_url'] = 'Icon URL';
  222
+$string['secure_icon_url'] = 'Secure Icon URL';
219 223
 
220 224
 $string['return_to_course'] = 'Click <a href="{$a->link}" target="_top">here</a> to return to the course.';
221 225
 
@@ -293,6 +297,24 @@
293 297
 into the tool provider's system, and not go to a specific resource, this will likely be the case.
294 298
 HTML;
295 299
 
  300
+$string['secure_launch_url_help'] = <<<HTML
  301
+Similar to Launch URL, but used instead of the launch url if high security is required. Moodle will use the
  302
+secure launch URL instead of the launch URL if the Moodle site is accessed through SSL, or if the tool configuration
  303
+is set to always launch through SSL.
  304
+    
  305
+The Launch URL may also be set to an https address to force launching through SSL, and this field may be left blank.
  306
+HTML;
  307
+
  308
+$string['icon_url_help'] = <<<HTML
  309
+The icon URL allows the icon that shows up in the course listing for this activity to be modified. Instead of using the default
  310
+LTI icon, an icon which conveys the type of activity may be specified.
  311
+HTML;
  312
+
  313
+$string['secure_icon_url_help'] = <<<HTML
  314
+Similar to the icon URL, but used if the user accessing Moodle securely through SSL. The main purpose for this field is to prevent
  315
+the browser from warning the user if the underlying page was accessed over SSL, but requesting to show an unsecure image.
  316
+HTML;
  317
+
296 318
 $string['launchinpopup_help'] = <<<HTML
297 319
 The launch container affects the display of the tool when launched from the course. Some launch containers provide more screen
298 320
 real estate to the tool, and others provide a more integrated feel with the Moodle environemnt.
@@ -579,3 +601,23 @@
579 601
     </li>
580 602
 </ul>
581 603
 HTML;
  604
+
  605
+$string['force_ssl_help'] = <<<HTML
  606
+Selecting this option forces all launches to this tool provider to use SSL.
  607
+
  608
+In addition, all web service requests from the tool provider will use SSL.
  609
+
  610
+If using this option, confirm that this Moodle site and the tool provider support SSL.
  611
+HTML;
  612
+
  613
+$string['organizationid_help'] = <<<HTML
  614
+A unique identifier for this Moodle instance. Typically, the DNS name of the organization is used.
  615
+
  616
+If this field is left blank, the host name of this Moodle site will be used as the default value.
  617
+HTML;
  618
+
  619
+$string['organizationurl_help'] = <<<HTML
  620
+The base URL of this Moodle instance.
  621
+    
  622
+If this field is left blank, a default value will be used based on the site configuration.
  623
+HTML;
12  mod/lti/lib.php
@@ -166,12 +166,18 @@ function lti_delete_instance($id) {
166 166
 function lti_get_coursemodule_info($coursemodule){
167 167
     global $DB;
168 168
     
169  
-    $lti = $DB->get_record('lti', array('id' => $coursemodule->instance), 'icon');
  169
+    $lti = $DB->get_record('lti', array('id' => $coursemodule->instance), 'icon, secureicon');
170 170
 
171 171
     $info = new stdClass();
172 172
     
173  
-    if(!empty($lti->icon)){
174  
-        $info->icon = $lti->icon;
  173
+    //We want to use the right icon based on whether the current page is being requested over http or https.
  174
+    //There's a potential problem here as the icon URLs are cached in the modinfo field and won't be updated for each request.
  175
+    if(lti_request_is_using_ssl() && !empty($lti->secureicon)){
  176
+        $info->icon = $lti->secureicon;
  177
+    } else {
  178
+        if(!empty($lti->icon)){
  179
+            $info->icon = $lti->icon;
  180
+        }
175 181
     }
176 182
     
177 183
     return $info;
77  mod/lti/locallib.php
@@ -98,6 +98,7 @@ function lti_view($instance) {
98 98
         $typeconfig['customparameters'] = $instance->instructorcustomparameters;
99 99
         $typeconfig['acceptgrades'] = $instance->instructorchoiceacceptgrades;
100 100
         $typeconfig['allowroster'] = $instance->instructorchoiceallowroster;
  101
+        $typeconfig['forcessl'] = '0';
101 102
     }
102 103
     
103 104
     //Default the organizationid if not specified
@@ -124,17 +125,28 @@ function lti_view($instance) {
124 125
     }
125 126
     
126 127
     $endpoint = !empty($instance->toolurl) ? $instance->toolurl : $typeconfig['toolurl'];
127  
-    $endpiont = trim($endpoint);
  128
+    $endpoint = trim($endpoint);
128 129
     
129  
-    $orgid = $typeconfig['organizationid'];
130  
-    /* Suppress this for now - Chuck
131  
-    $orgdesc = $typeconfig['organizationdescr'];
132  
-    */
133  
-
134  
-    if(!strstr($endpoint, '://')){
135  
-        $endpoint = 'http://' . $endpoint;
  130
+    //If the current request is using SSL and a secure tool URL is specified, use it
  131
+    if(lti_request_is_using_ssl() && !empty($instance->securetoolurl)){
  132
+        $endpoint = trim($instance->securetoolurl);
  133
+    }
  134
+    
  135
+    //If SSL is forced, use the secure tool url if specified. Otherwise, make sure https is on the normal launch URL.
  136
+    if($typeconfig['forcessl'] == '1'){
  137
+        if(!empty($instance->securetoolurl)){
  138
+            $endpoint = trim($instance->securetoolurl);
  139
+        }
  140
+        
  141
+        $endpoint = lti_ensure_url_is_https($endpoint);
  142
+    } else {
  143
+        if(!strstr($endpoint, '://')){
  144
+            $endpoint = 'http://' . $endpoint;
  145
+        }
136 146
     }
137 147
     
  148
+    $orgid = $typeconfig['organizationid'];
  149
+
138 150
     $course = $PAGE->course;
139 151
     $requestparams = lti_build_request($instance, $typeconfig, $course);
140 152
 
@@ -150,7 +162,13 @@ function lti_view($instance) {
150 162
         
151 163
         //Add the return URL. We send the launch container along to help us avoid frames-within-frames when the user returns
152 164
         $url = new moodle_url('/mod/lti/return.php', $returnurlparams);
153  
-        $requestparams['launch_presentation_return_url'] = $url->out(false);    
  165
+        $returnurl = $url->out(false);
  166
+        
  167
+        if($typeconfig['forcessl'] == '1'){
  168
+            $returnurl = lti_ensure_url_is_https($returnurl);
  169
+        }
  170
+        
  171
+        $requestparams['launch_presentation_return_url'] = $returnurl;
154 172
     }
155 173
     
156 174
     if(!empty($key) && !empty($secret)){
@@ -234,7 +252,13 @@ function lti_build_request($instance, $typeconfig, $course) {
234 252
          ( $typeconfig['acceptgrades'] == LTI_SETTING_ALWAYS ||
235 253
          ( $typeconfig['acceptgrades'] == LTI_SETTING_DELEGATE && $instance->instructorchoiceacceptgrades == LTI_SETTING_ALWAYS ) ) ) {
236 254
         $requestparams["lis_result_sourcedid"] = $sourcedid;
237  
-        $requestparams["ext_ims_lis_basic_outcome_url"] = $CFG->wwwroot.'/mod/lti/service.php';
  255
+        
  256
+        $serviceurl = $CFG->wwwroot . '/mod/lti/service.php';
  257
+        if($typeconfig['forcessl'] == '1'){
  258
+            $serviceurl = lti_ensure_url_is_https($serviceurl);
  259
+        }
  260
+        
  261
+        $requestparams["ext_ims_lis_basic_outcome_url"] = $serviceurl;
238 262
     }
239 263
 
240 264
     /*if ( isset($placementsecret) &&
@@ -605,8 +629,12 @@ function lti_get_url_thumbprint($url){
605 629
         $urlparts['path'] = '';
606 630
     }
607 631
     
608  
-    if(substr($urlparts['host'], 0, 3) === 'www'){
609  
-        $urllparts['host'] = substr($urlparts['host'], 3);
  632
+    if(!isset($urlparts['host'])){
  633
+        $urlparts['host'] = '';
  634
+    }
  635
+    
  636
+    if(substr($urlparts['host'], 0, 4) === 'www.'){
  637
+        $urlparts['host'] = substr($urlparts['host'], 4);
610 638
     }
611 639
     
612 640
     return $urllower = $urlparts['host'] . '/' . $urlparts['path'];
@@ -859,6 +887,10 @@ function lti_get_type_type_config($id) {
859 887
         $type->lti_customparameters = $config['customparameters'];
860 888
     }
861 889
 
  890
+    if(isset($config['forcessl'])){
  891
+        $type->lti_forcessl = $config['forcessl'];
  892
+    }
  893
+    
862 894
     if (isset($config['organizationid'])) {
863 895
         $type->lti_organizationid = $config['organizationid'];
864 896
     }
@@ -895,6 +927,9 @@ function lti_prepare_type_for_save($type, $config){
895 927
     $type->coursevisible = !empty($config->lti_coursevisible) ? $config->lti_coursevisible : 0;
896 928
     $config->lti_coursevisible = $type->coursevisible;
897 929
     
  930
+    $type->forcessl = !empty($config->lti_forcessl) ? $config->lti_forcessl : 0;
  931
+    $config->lti_forcessl = $type->forcessl;
  932
+    
898 933
     $type->timemodified = time();
899 934
     
900 935
     unset ($config->lti_typename);
@@ -1138,4 +1173,22 @@ function lti_get_launch_container($lti, $toolconfig){
1138 1173
     }
1139 1174
     
1140 1175
     return $launchcontainer;
  1176
+}
  1177
+
  1178
+function lti_request_is_using_ssl() {
  1179
+    global $ME;
  1180
+    return (stripos($ME, 'https://') === 0);
  1181
+}
  1182
+
  1183
+function lti_ensure_url_is_https($url){
  1184
+    if(!strstr($url, '://')){
  1185
+        $url = 'https://' . $url;
  1186
+    } else {
  1187
+        //If the URL starts with http, replace with https
  1188
+        if(stripos($url, 'http://') === 0){
  1189
+            $url = 'https://' . substr($url, 8);
  1190
+        }
  1191
+    }
  1192
+    
  1193
+    return $url;
1141 1194
 }
22  mod/lti/mod_form.js
@@ -16,9 +16,14 @@
16 16
 
17 17
             this.addOptGroups();
18 18
 
  19
+            var updateToolMatches = function(){
  20
+                self.updateAutomaticToolMatch(Y.one('#id_toolurl'));
  21
+                self.updateAutomaticToolMatch(Y.one('#id_securetoolurl'));
  22
+            };
  23
+
19 24
             var typeSelector = Y.one('#id_typeid');
20 25
             typeSelector.on('change', function(e){
21  
-                self.updateAutomaticToolMatch();
  26
+                updateToolMatches();
22 27
                 
23 28
                 self.toggleEditButtons();
24 29
             });
@@ -29,6 +34,7 @@
29 34
             
30 35
             var textAreas = new Y.NodeList([
31 36
                 Y.one('#id_toolurl'),
  37
+                Y.one('#id_securetoolurl'),
32 38
                 Y.one('#id_resourcekey'),
33 39
                 Y.one('#id_password')
34 40
             ]);
@@ -39,27 +45,29 @@
39 45
 
40 46
                 //If no more changes within 2 seconds, look up the matching tool URL
41 47
                 debounce = setTimeout(function(){
42  
-                    self.updateAutomaticToolMatch();
  48
+                    updateToolMatches();
43 49
                 }, 2000);
44 50
             });
45 51
             
46  
-            self.updateAutomaticToolMatch();
  52
+            updateToolMatches();
47 53
         },
48 54
 
49 55
         clearToolCache: function(){
50 56
             this.urlCache = {};
51 57
         },
52 58
 
53  
-        updateAutomaticToolMatch: function(){
  59
+        updateAutomaticToolMatch: function(field){
54 60
             var self = this;
55 61
             
56  
-            var toolurl = Y.one('#id_toolurl');
  62
+            var toolurl = field;
57 63
             var typeSelector = Y.one('#id_typeid');
58  
-            var automatchToolDisplay = Y.one('#lti_automatch_tool');
  64
+            
  65
+            var id = field.get('id') + '_lti_automatch_tool';
  66
+            var automatchToolDisplay = Y.one('#' + id);
59 67
 
60 68
             if(!automatchToolDisplay){
61 69
                 automatchToolDisplay = Y.Node.create('<span />')
62  
-                                        .set('id', 'lti_automatch_tool')
  70
+                                        .set('id', id)
63 71
                                         .setStyle('padding-left', '1em');
64 72
                                         
65 73
                 toolurl.insert(automatchToolDisplay, 'after');
13  mod/lti/mod_form.php
@@ -97,6 +97,11 @@ function definition() {
97 97
         $mform->setType('toolurl', PARAM_TEXT);
98 98
         $mform->addHelpButton('toolurl', 'launch_url', 'lti');
99 99
         
  100
+        $mform->addElement('text', 'securetoolurl', get_string('secure_launch_url', 'lti'), array('size'=>'64'));
  101
+        $mform->setType('securetoolurl', PARAM_TEXT);
  102
+        $mform->setAdvanced('securetoolurl');
  103
+        $mform->addHelpButton('securetoolurl', 'secure_launch_url', 'lti');
  104
+        
100 105
         $launchoptions=array();
101 106
         $launchoptions[LTI_LAUNCH_CONTAINER_DEFAULT] = get_string('default', 'lti');
102 107
         $launchoptions[LTI_LAUNCH_CONTAINER_EMBED] = get_string('embed', 'lti');
@@ -125,7 +130,12 @@ function definition() {
125 130
         $mform->addElement('text', 'icon', get_string('icon_url', 'lti'), array('size'=>'64'));
126 131
         $mform->setType('icon', PARAM_TEXT);
127 132
         $mform->setAdvanced('icon');
128  
-        //$mform->addHelpButton('icon', 'icon', 'lti');
  133
+        $mform->addHelpButton('icon', 'icon_url', 'lti');
  134
+        
  135
+        $mform->addElement('text', 'secureicon', get_string('secure_icon_url', 'lti'), array('size'=>'64'));
  136
+        $mform->setType('secureicon', PARAM_TEXT);
  137
+        $mform->setAdvanced('secureicon');
  138
+        $mform->addHelpButton('secureicon', 'secure_icon_url', 'lti');
129 139
         
130 140
 //-------------------------------------------------------------------------------
131 141
         // Add privacy preferences fieldset where users choose whether to send their data
@@ -217,6 +227,7 @@ function definition() {
217 227
     function definition_after_data() {
218 228
         parent::definition_after_data();
219 229
        
  230
+        //$mform =& $this->_form;
220 231
     }
221 232
 
222 233
     /**
4  mod/lti/typessettings.php
@@ -125,7 +125,7 @@
125 125
     $PAGE->set_title($settingspage->visiblename);
126 126
     $PAGE->set_heading($settingspage->visiblename);
127 127
 
128  
-    $PAGE->navbar->add('Basic LTI Administration', $CFG->wwwroot.'/admin/settings.php?section=modsettinglti');
  128
+    $PAGE->navbar->add(get_string('lti_administration', 'lti'), $CFG->wwwroot.'/admin/settings.php?section=modsettinglti');
129 129
 
130 130
     echo $OUTPUT->header();
131 131
 
@@ -168,7 +168,7 @@
168 168
 
169 169
     $PAGE->set_title("$SITE->shortname: " . get_string('toolsetup', 'lti'));
170 170
 
171  
-    $PAGE->navbar->add('Basic LTI Administration', $CFG->wwwroot.'/admin/settings.php?section=modsettinglti');
  171
+    $PAGE->navbar->add(get_string('lti_administration', 'lti'), $CFG->wwwroot.'/admin/settings.php?section=modsettinglti');
172 172
 
173 173
     echo $OUTPUT->header();
174 174
 

0 notes on commit d8d0412

Please sign in to comment.
Something went wrong with that request. Please try again.