PageRenderTime 45ms CodeModel.GetById 20ms RepoModel.GetById 1ms app.codeStats 0ms

/oauth/lti/common/tool_consumer_outcome.php

https://github.com/supungs/AContent
PHP | 132 lines | 106 code | 20 blank | 6 comment | 26 complexity | cb3a28a7a248437a7319e1724437848e MD5 | raw file
Possible License(s): LGPL-2.0, LGPL-2.1, MPL-2.0-no-copyleft-exception, MIT, AGPL-1.0
  1. <?php
  2. if (version_compare(PHP_VERSION, '5.3.0') >= 0) {
  3. error_reporting(E_ALL & ~E_NOTICE & ~E_DEPRECATED);
  4. } else {
  5. error_reporting(E_ALL & ~E_WARNING & ~E_NOTICE);
  6. }
  7. $old_error_handler = set_error_handler("myErrorHandler");
  8. function myErrorHandler($errno, $errstr, $errfile, $errline)
  9. {
  10. // echo("YO ". $errorno . $errstr . "\n");
  11. if ( strpos($errstr, 'deprecated') !== false ) return true;
  12. return false;
  13. }
  14. ini_set("display_errors", 1);
  15. if ( !isset ( $_REQUEST['b64'] ) ) {
  16. die("Missing b64 parameter");
  17. }
  18. $b64 = $_REQUEST['b64'];
  19. session_id(md5($b64));
  20. session_start();
  21. require_once("../util/lti_util.php");
  22. // For my application, We only allow application/xml
  23. $request_headers = OAuthUtil::get_headers();
  24. $hct = $request_headers['Content-Type'];
  25. if ( ! isset($hct) ) $hct = $request_headers['Content-type'];
  26. if (strpos($hct,'application/xml') === false ) {
  27. header('Content-Type: text/plain');
  28. // print_r($request_headers);
  29. die("Must be content type xml, found ".$hct);
  30. }
  31. header('Content-Type: application/xml; charset=utf-8');
  32. // Get skeleton response
  33. $response = getPOXResponse();
  34. // Pull out the key and secret from the parameter
  35. $b64dec = base64_decode($b64);
  36. $b64 = explode(":::", $b64dec);
  37. $oauth_consumer_key = $b64[0];
  38. $oauth_consumer_secret = $b64[1];
  39. if ( strlen($oauth_consumer_key) < 1 || strlen($oauth_consumer_secret) < 1 ) {
  40. echo(sprintf($response,uniqid(),'failure', "Missing key/secret B64=$b64dec B64key=$oauth_consumer_key secret=$oauth_consumer_secret",$message_ref,""));
  41. exit();
  42. }
  43. $header_key = getOAuthKeyFromHeaders();
  44. if ( $header_key != $oauth_consumer_key ) {
  45. echo(sprintf($response,uniqid(),'failure', "B64key=$oauth_consumer_key HDR=$header_key",$message_ref,""));
  46. exit();
  47. }
  48. try {
  49. $body = handleOAuthBodyPOST($oauth_consumer_key, $oauth_consumer_secret);
  50. $xml = new SimpleXMLElement($body);
  51. $imsx_header = $xml->imsx_POXHeader->children();
  52. $parms = $imsx_header->children();
  53. $message_ref = (string) $parms->imsx_messageIdentifier;
  54. $imsx_body = $xml->imsx_POXBody->children();
  55. $operation = $imsx_body->getName();
  56. $parms = $imsx_body->children();
  57. } catch (Exception $e) {
  58. global $LastOAuthBodyBaseString;
  59. global $LastOAuthBodyHashInfo;
  60. $retval = sprintf($response,uniqid(),'failure', $e->getMessage().
  61. " B64key=$oauth_consumer_key HDRkey=$header_key secret=$oauth_consumer_secret",uniqid(),"") .
  62. "<!--\n".
  63. "Base String:\n".$LastOAuthBodyBaseString."\n".
  64. "Hash Info:\n".$LastOAuthBodyHashInfo."\n-->\n";
  65. echo($retval);
  66. exit();
  67. }
  68. $sourcedid = (string) $parms->resultRecord->sourcedGUID->sourcedId;
  69. if ( !isset($sourcedid) && strlen($coursedid) > 0 ) {
  70. echo(sprintf($response,uniqid(),'failure', "Missing required lis_result_sourcedid",$message_ref,""));
  71. exit();
  72. }
  73. $gradebook = $_SESSION['cert_gradebook'];
  74. if ( !isset($gradebook) ) $gradebook = Array();
  75. $top_tag = str_replace("Request","Response",$operation);
  76. $body_tag = "\n<".$top_tag."/>";
  77. if ( $operation == "replaceResultRequest" ) {
  78. $score = (string) $parms->resultRecord->result->resultScore->textString;
  79. $fscore = (float) $score;
  80. if ( ! is_numeric($score) ) {
  81. echo(sprintf($response,uniqid(),'failure', "Score must be numeric",$message_ref,$body_tag));
  82. exit();
  83. }
  84. $fscore = (float) $score;
  85. if ( $fscore < 0.0 || $fscore > 1.0 ) {
  86. echo(sprintf($response,uniqid(),'failure', "Score not between 0.0 and 1.0",$message_ref,$body_tag));
  87. exit();
  88. }
  89. echo(sprintf($response,uniqid(),'success', "Score for $sourcedid is now $score",$message_ref,$body_tag));
  90. $gradebook[$sourcedid] = $score;
  91. } else if ( $operation == "readResultRequest" ) {
  92. $score = $gradebook[$sourcedid];
  93. $body = '
  94. <readResultResponse>
  95. <result>
  96. <resultScore>
  97. <language>en</language>
  98. <textString>%s</textString>
  99. </resultScore>
  100. </result>
  101. </readResultResponse>';
  102. $body = sprintf($body,$score);
  103. echo(sprintf($response,uniqid(),'success', "Score read successfully",$message_ref,$body));
  104. } else if ( $operation == "deleteResultRequest" ) {
  105. unset( $gradebook[$sourcedid]);
  106. echo(sprintf($response,uniqid(),'success', "Score deleted",$message_ref,$body_tag));
  107. } else {
  108. echo(sprintf($response,uniqid(),'unsupported', "Operation not supported - $operation",$message_ref,""));
  109. }
  110. $_SESSION['cert_gradebook'] = $gradebook;
  111. // print_r($gradebook);
  112. ?>