Index: lams_central/src/java/org/lamsfoundation/lams/authoring/web/AuthoringController.java =================================================================== diff -u -r29a37489a63e5a95f42a5ef5fd8a7daeb65c53c5 -rc975a1230b65f2245c5c77ba413afe97a2816df9 --- lams_central/src/java/org/lamsfoundation/lams/authoring/web/AuthoringController.java (.../AuthoringController.java) (revision 29a37489a63e5a95f42a5ef5fd8a7daeb65c53c5) +++ lams_central/src/java/org/lamsfoundation/lams/authoring/web/AuthoringController.java (.../AuthoringController.java) (revision c975a1230b65f2245c5c77ba413afe97a2816df9) @@ -46,7 +46,7 @@ import org.lamsfoundation.lams.integration.ExtCourseClassMap; import org.lamsfoundation.lams.integration.ExtServer; import org.lamsfoundation.lams.integration.service.IIntegrationService; -import org.lamsfoundation.lams.integration.util.LoginRequestDispatcher; +import org.lamsfoundation.lams.integration.util.IntegrationConstants; import org.lamsfoundation.lams.learningdesign.Activity; import org.lamsfoundation.lams.learningdesign.BranchingActivity; import org.lamsfoundation.lams.learningdesign.LearningDesign; @@ -316,8 +316,8 @@ Integer organisationID = WebUtil.readIntParam(request, AttributeNames.PARAM_ORGANISATION_ID, true); if (organisationID == null) { // if organisation ID is not set explicitly, derived it from external course - String serverID = request.getParameter(LoginRequestDispatcher.PARAM_SERVER_ID); - String courseID = request.getParameter(LoginRequestDispatcher.PARAM_COURSE_ID); + String serverID = request.getParameter(IntegrationConstants.PARAM_SERVER_ID); + String courseID = request.getParameter(IntegrationConstants.PARAM_COURSE_ID); ExtServer extServer = integrationService.getExtServer(serverID); ExtCourseClassMap orgMap = integrationService.getExtCourseClassMap(extServer.getSid(), courseID); organisationID = orgMap.getOrganisation().getOrganisationId(); Index: lams_central/src/java/org/lamsfoundation/lams/rest/RestServlet.java =================================================================== diff -u -r33829c670fd8c90447d62ea3300498a103905e7a -rc975a1230b65f2245c5c77ba413afe97a2816df9 --- lams_central/src/java/org/lamsfoundation/lams/rest/RestServlet.java (.../RestServlet.java) (revision 33829c670fd8c90447d62ea3300498a103905e7a) +++ lams_central/src/java/org/lamsfoundation/lams/rest/RestServlet.java (.../RestServlet.java) (revision c975a1230b65f2245c5c77ba413afe97a2816df9) @@ -41,7 +41,7 @@ import org.lamsfoundation.lams.integration.security.AuthenticationException; import org.lamsfoundation.lams.integration.security.Authenticator; import org.lamsfoundation.lams.integration.service.IIntegrationService; -import org.lamsfoundation.lams.integration.util.LoginRequestDispatcher; +import org.lamsfoundation.lams.integration.util.IntegrationConstants; import org.lamsfoundation.lams.tool.dao.IToolDAO; import org.lamsfoundation.lams.tool.service.ILamsCoreToolService; import org.lamsfoundation.lams.usermanagement.User; @@ -92,12 +92,12 @@ private UserDTO authenticate(JsonNode authenticationJSON) { User user = null; try { - String serverName = authenticationJSON.get(LoginRequestDispatcher.PARAM_SERVER_ID).asText(); + String serverName = authenticationJSON.get(IntegrationConstants.PARAM_SERVER_ID).asText(); ExtServer extServer = integrationService.getExtServer(serverName); - String userName = authenticationJSON.get(LoginRequestDispatcher.PARAM_USER_ID).asText(); - String method = authenticationJSON.get(LoginRequestDispatcher.PARAM_METHOD).asText().toLowerCase(); - String timestamp = authenticationJSON.get(LoginRequestDispatcher.PARAM_TIMESTAMP).asText(); - String hash = authenticationJSON.get(LoginRequestDispatcher.PARAM_HASH).asText(); + String userName = authenticationJSON.get(IntegrationConstants.PARAM_USER_ID).asText(); + String method = authenticationJSON.get(IntegrationConstants.PARAM_METHOD).asText().toLowerCase(); + String timestamp = authenticationJSON.get(IntegrationConstants.PARAM_TIMESTAMP).asText(); + String hash = authenticationJSON.get(IntegrationConstants.PARAM_HASH).asText(); // Throws AuthenticationException if it fails Authenticator.authenticateLoginRequest(extServer, timestamp, userName, method, null, hash); Index: lams_central/src/java/org/lamsfoundation/lams/web/GradebookServlet.java =================================================================== diff -u -ra5bb8ab1bbc5f6732acef6132286e89c80f2e8f3 -rc975a1230b65f2245c5c77ba413afe97a2816df9 --- lams_central/src/java/org/lamsfoundation/lams/web/GradebookServlet.java (.../GradebookServlet.java) (revision a5bb8ab1bbc5f6732acef6132286e89c80f2e8f3) +++ lams_central/src/java/org/lamsfoundation/lams/web/GradebookServlet.java (.../GradebookServlet.java) (revision c975a1230b65f2245c5c77ba413afe97a2816df9) @@ -42,7 +42,7 @@ import org.lamsfoundation.lams.integration.security.AuthenticationException; import org.lamsfoundation.lams.integration.security.Authenticator; import org.lamsfoundation.lams.integration.service.IntegrationService; -import org.lamsfoundation.lams.integration.util.LoginRequestDispatcher; +import org.lamsfoundation.lams.integration.util.IntegrationConstants; import org.lamsfoundation.lams.usermanagement.Role; import org.lamsfoundation.lams.usermanagement.service.IUserManagementService; import org.lamsfoundation.lams.util.CentralConstants; @@ -96,16 +96,16 @@ public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { HttpSession hses = request.getSession(true); - String username = request.getParameter(LoginRequestDispatcher.PARAM_USER_ID); - String serverId = request.getParameter(LoginRequestDispatcher.PARAM_SERVER_ID); - String timestamp = request.getParameter(LoginRequestDispatcher.PARAM_TIMESTAMP); - String hash = request.getParameter(LoginRequestDispatcher.PARAM_HASH); - String countryIsoCode = request.getParameter(LoginRequestDispatcher.PARAM_COUNTRY); - String langIsoCode = request.getParameter(LoginRequestDispatcher.PARAM_LANGUAGE); - String extCourseId = request.getParameter(LoginRequestDispatcher.PARAM_COURSE_ID); - String lessonId = request.getParameter(LoginRequestDispatcher.PARAM_LESSON_ID); + String username = request.getParameter(IntegrationConstants.PARAM_USER_ID); + String serverId = request.getParameter(IntegrationConstants.PARAM_SERVER_ID); + String timestamp = request.getParameter(IntegrationConstants.PARAM_TIMESTAMP); + String hash = request.getParameter(IntegrationConstants.PARAM_HASH); + String countryIsoCode = request.getParameter(IntegrationConstants.PARAM_COUNTRY); + String langIsoCode = request.getParameter(IntegrationConstants.PARAM_LANGUAGE); + String extCourseId = request.getParameter(IntegrationConstants.PARAM_COURSE_ID); + String lessonId = request.getParameter(IntegrationConstants.PARAM_LESSON_ID); String courseName = request.getParameter(CentralConstants.PARAM_COURSE_NAME); - String method = request.getParameter(LoginRequestDispatcher.PARAM_METHOD); + String method = request.getParameter(IntegrationConstants.PARAM_METHOD); // either lesson ID or course ID is required; if both provided, only lesson ID is used if ((username == null) || (serverId == null) || (timestamp == null) || (hash == null) @@ -117,8 +117,8 @@ // if request comes from LoginRequest, method parameter was meaningful there // if it's a direct call, it can be anything Authenticator.authenticate(extServer, timestamp, username, method, hash); - boolean isTeacher = StringUtils.equals(method, LoginRequestDispatcher.METHOD_AUTHOR) - || StringUtils.equals(method, LoginRequestDispatcher.METHOD_MONITOR); + boolean isTeacher = StringUtils.equals(method, IntegrationConstants.METHOD_AUTHOR) + || StringUtils.equals(method, IntegrationConstants.METHOD_MONITOR); if (lessonId == null) { String gradebookServletURL = isTeacher ? GRADEBOOK_MONITOR_ORGANISATION_URL Index: lams_central/src/java/org/lamsfoundation/lams/web/LoginRequestLtiServlet.java =================================================================== diff -u -r6b58638c62c43fc5b43bc67402d77b347311bc16 -rc975a1230b65f2245c5c77ba413afe97a2816df9 --- lams_central/src/java/org/lamsfoundation/lams/web/LoginRequestLtiServlet.java (.../LoginRequestLtiServlet.java) (revision 6b58638c62c43fc5b43bc67402d77b347311bc16) +++ lams_central/src/java/org/lamsfoundation/lams/web/LoginRequestLtiServlet.java (.../LoginRequestLtiServlet.java) (revision c975a1230b65f2245c5c77ba413afe97a2816df9) @@ -41,7 +41,7 @@ import org.lamsfoundation.lams.integration.ExtServer; import org.lamsfoundation.lams.integration.ExtServerLessonMap; import org.lamsfoundation.lams.integration.service.IntegrationService; -import org.lamsfoundation.lams.integration.util.LoginRequestDispatcher; +import org.lamsfoundation.lams.integration.util.IntegrationConstants; import org.lamsfoundation.lams.integration.util.LtiUtils; import org.lamsfoundation.lams.util.CentralConstants; import org.lamsfoundation.lams.util.HashUtil; @@ -151,8 +151,8 @@ boolean isCustomMonitorRole = LtiUtils.isToolConsumerCustomRole(roles, extServer.getLtiToolConsumerMonitorRoles()); String method = LtiUtils.isStaff(roles, extServer) || LtiUtils.isAdmin(roles) || isCustomMonitorRole - ? LoginRequestDispatcher.METHOD_AUTHOR - : LoginRequestDispatcher.METHOD_LEARNER_STRICT_AUTHENTICATION; + ? IntegrationConstants.METHOD_AUTHOR + : IntegrationConstants.METHOD_LEARNER_STRICT_AUTHENTICATION; //provide empty lessonId in case of learner accesses LTI link before teacher authored it String lessonId = lesson == null ? "" : lesson.getLessonId().toString(); @@ -163,13 +163,13 @@ // regular case: [ts + uid + method + serverID + serverKey] String plaintext = timestamp.toLowerCase().trim() + extUsername.toLowerCase().trim() + method.toLowerCase().trim() - + (LoginRequestDispatcher.METHOD_LEARNER_STRICT_AUTHENTICATION.equals(method) ? lessonId : "") + + (IntegrationConstants.METHOD_LEARNER_STRICT_AUTHENTICATION.equals(method) ? lessonId : "") + consumerKey.toLowerCase().trim() + secret.toLowerCase().trim(); String hash = HashUtil.sha1(plaintext); // constructing redirectUrl by getting request.getQueryString() for POST requests String redirectUrl = "lti.do"; - redirectUrl = WebUtil.appendParameterToURL(redirectUrl, "_" + LoginRequestDispatcher.PARAM_METHOD, method); + redirectUrl = WebUtil.appendParameterToURL(redirectUrl, "_" + IntegrationConstants.PARAM_METHOD, method); for (Enumeration e = request.getParameterNames(); e.hasMoreElements();) { String paramName = e.nextElement(); @@ -183,22 +183,22 @@ } String url = "LoginRequest"; - url = WebUtil.appendParameterToURL(url, LoginRequestDispatcher.PARAM_USER_ID, + url = WebUtil.appendParameterToURL(url, IntegrationConstants.PARAM_USER_ID, URLEncoder.encode(extUsername, "UTF8")); - url = WebUtil.appendParameterToURL(url, LoginRequestDispatcher.PARAM_METHOD, method); - url = WebUtil.appendParameterToURL(url, LoginRequestDispatcher.PARAM_TIMESTAMP, timestamp); - url = WebUtil.appendParameterToURL(url, LoginRequestDispatcher.PARAM_SERVER_ID, consumerKey); - url = WebUtil.appendParameterToURL(url, LoginRequestDispatcher.PARAM_HASH, hash); - url = WebUtil.appendParameterToURL(url, LoginRequestDispatcher.PARAM_COURSE_ID, contextId); + url = WebUtil.appendParameterToURL(url, IntegrationConstants.PARAM_METHOD, method); + url = WebUtil.appendParameterToURL(url, IntegrationConstants.PARAM_TIMESTAMP, timestamp); + url = WebUtil.appendParameterToURL(url, IntegrationConstants.PARAM_SERVER_ID, consumerKey); + url = WebUtil.appendParameterToURL(url, IntegrationConstants.PARAM_HASH, hash); + url = WebUtil.appendParameterToURL(url, IntegrationConstants.PARAM_COURSE_ID, contextId); url = WebUtil.appendParameterToURL(url, CentralConstants.PARAM_COURSE_NAME, contextLabel); - url = WebUtil.appendParameterToURL(url, LoginRequestDispatcher.PARAM_COUNTRY, countryIsoCode); - url = WebUtil.appendParameterToURL(url, LoginRequestDispatcher.PARAM_LANGUAGE, langIsoCode); - url = WebUtil.appendParameterToURL(url, LoginRequestDispatcher.PARAM_FIRST_NAME, + url = WebUtil.appendParameterToURL(url, IntegrationConstants.PARAM_COUNTRY, countryIsoCode); + url = WebUtil.appendParameterToURL(url, IntegrationConstants.PARAM_LANGUAGE, langIsoCode); + url = WebUtil.appendParameterToURL(url, IntegrationConstants.PARAM_FIRST_NAME, URLEncoder.encode(firstName, "UTF-8")); - url = WebUtil.appendParameterToURL(url, LoginRequestDispatcher.PARAM_LAST_NAME, + url = WebUtil.appendParameterToURL(url, IntegrationConstants.PARAM_LAST_NAME, URLEncoder.encode(lastName, "UTF-8")); - url = WebUtil.appendParameterToURL(url, LoginRequestDispatcher.PARAM_LESSON_ID, lessonId); - url = WebUtil.appendParameterToURL(url, LoginRequestDispatcher.PARAM_EMAIL, email); + url = WebUtil.appendParameterToURL(url, IntegrationConstants.PARAM_LESSON_ID, lessonId); + url = WebUtil.appendParameterToURL(url, IntegrationConstants.PARAM_EMAIL, email); url = WebUtil.appendParameterToURL(url, "redirectURL", URLEncoder.encode(redirectUrl, "UTF-8")); response.sendRedirect(response.encodeRedirectURL(url)); } Index: lams_central/src/java/org/lamsfoundation/lams/web/LoginRequestServlet.java =================================================================== diff -u -r33829c670fd8c90447d62ea3300498a103905e7a -rc975a1230b65f2245c5c77ba413afe97a2816df9 --- lams_central/src/java/org/lamsfoundation/lams/web/LoginRequestServlet.java (.../LoginRequestServlet.java) (revision 33829c670fd8c90447d62ea3300498a103905e7a) +++ lams_central/src/java/org/lamsfoundation/lams/web/LoginRequestServlet.java (.../LoginRequestServlet.java) (revision c975a1230b65f2245c5c77ba413afe97a2816df9) @@ -30,6 +30,7 @@ import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; +import org.apache.commons.lang.StringUtils; import org.apache.log4j.Logger; import org.lamsfoundation.lams.integration.ExtCourseClassMap; import org.lamsfoundation.lams.integration.ExtServer; @@ -40,7 +41,8 @@ import org.lamsfoundation.lams.integration.security.Authenticator; import org.lamsfoundation.lams.integration.security.RandomPasswordGenerator; import org.lamsfoundation.lams.integration.service.IntegrationService; -import org.lamsfoundation.lams.integration.util.LoginRequestDispatcher; +import org.lamsfoundation.lams.integration.util.IntegrationConstants; +import org.lamsfoundation.lams.lesson.service.ILessonService; import org.lamsfoundation.lams.security.UniversalLoginModule; import org.lamsfoundation.lams.usermanagement.User; import org.lamsfoundation.lams.usermanagement.dto.UserDTO; @@ -49,7 +51,6 @@ import org.lamsfoundation.lams.web.util.AttributeNames; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.context.support.SpringBeanAutowiringSupport; -import org.springframework.web.context.support.WebApplicationContextUtils; /** * The LoginRequestServlet handles login request by an integrated external system. This servlet checks for the UserId, @@ -60,9 +61,21 @@ @SuppressWarnings("serial") public class LoginRequestServlet extends HttpServlet { private static Logger log = Logger.getLogger(LoginRequestServlet.class); + + private static final String URL_DEFAULT = "/index.jsp"; + private static final String URL_AUTHOR = "/home/author.do"; + + private static final String URL_LEARNER = "/home/learner.do?lessonID="; + + private static final String URL_MONITOR = "/home/monitorLesson.do?lessonID="; + + private static final String URL_GRADEBOOK = "/services/Gradebook?"; + @Autowired private IntegrationService integrationService; + @Autowired + private ILessonService lessonService; /* * Request Spring to lookup the applicationContext tied to the current ServletContext and inject service beans @@ -89,26 +102,27 @@ * if an error occurred */ @Override - public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { + public void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException { HttpSession hses = request.getSession(true); - String extUsername = request.getParameter(LoginRequestDispatcher.PARAM_USER_ID); - String serverId = request.getParameter(LoginRequestDispatcher.PARAM_SERVER_ID); - String extCourseId = request.getParameter(LoginRequestDispatcher.PARAM_COURSE_ID); - String timestamp = request.getParameter(LoginRequestDispatcher.PARAM_TIMESTAMP); - String hash = request.getParameter(LoginRequestDispatcher.PARAM_HASH); - String method = request.getParameter(LoginRequestDispatcher.PARAM_METHOD); - String country = request.getParameter(LoginRequestDispatcher.PARAM_COUNTRY); - String locale = request.getParameter(LoginRequestDispatcher.PARAM_LANGUAGE); + String extUsername = request.getParameter(IntegrationConstants.PARAM_USER_ID); + String serverId = request.getParameter(IntegrationConstants.PARAM_SERVER_ID); + String extCourseId = request.getParameter(IntegrationConstants.PARAM_COURSE_ID); + String timestamp = request.getParameter(IntegrationConstants.PARAM_TIMESTAMP); + String hash = request.getParameter(IntegrationConstants.PARAM_HASH); + String method = request.getParameter(IntegrationConstants.PARAM_METHOD); + String country = request.getParameter(IntegrationConstants.PARAM_COUNTRY); + String locale = request.getParameter(IntegrationConstants.PARAM_LANGUAGE); String courseName = request.getParameter(CentralConstants.PARAM_COURSE_NAME); String usePrefix = request.getParameter(CentralConstants.PARAM_USE_PREFIX); boolean isUpdateUserDetails = WebUtil.readBooleanParam(request, - LoginRequestDispatcher.PARAM_IS_UPDATE_USER_DETAILS, false); + IntegrationConstants.PARAM_IS_UPDATE_USER_DETAILS, false); + String lessonId = request.getParameter(IntegrationConstants.PARAM_LESSON_ID); // implicit login params - String firstName = request.getParameter(LoginRequestDispatcher.PARAM_FIRST_NAME); - String lastName = request.getParameter(LoginRequestDispatcher.PARAM_LAST_NAME); - String email = request.getParameter(LoginRequestDispatcher.PARAM_EMAIL); + String firstName = request.getParameter(IntegrationConstants.PARAM_FIRST_NAME); + String lastName = request.getParameter(IntegrationConstants.PARAM_LAST_NAME); + String email = request.getParameter(IntegrationConstants.PARAM_EMAIL); if ((extUsername == null) || (method == null) || (serverId == null) || (timestamp == null) || (hash == null)) { response.sendError(HttpServletResponse.SC_BAD_REQUEST, "Login Failed - login parameters missing"); @@ -136,9 +150,9 @@ } // in case of request for learner with strict authentication check cache should also contain lsid - String lsId = request.getParameter(LoginRequestDispatcher.PARAM_LESSON_ID); - if ((LoginRequestDispatcher.METHOD_LEARNER_STRICT_AUTHENTICATION.equals(method) - || LoginRequestDispatcher.METHOD_MONITOR.equals(method)) && lsId == null) { + String lsId = request.getParameter(IntegrationConstants.PARAM_LESSON_ID); + if ((IntegrationConstants.METHOD_LEARNER_STRICT_AUTHENTICATION.equals(method) + || IntegrationConstants.METHOD_MONITOR.equals(method)) && lsId == null) { response.sendError(HttpServletResponse.SC_BAD_REQUEST, "Login Failed - lsId parameter missing"); return; } @@ -160,33 +174,49 @@ integrationService.getExtCourseClassMap(extServer, userMap, extCourseId, courseName, method, prefix); } - + User user = userMap.getUser(); + if (user == null) { + String error = "Unable to add user to lesson class as user is missing from the user map"; + log.error(error); + throw new UserInfoFetchException(error); + } + + //adds users to the lesson with respective roles + if (StringUtils.isNotEmpty(lessonId)) { + if (IntegrationConstants.METHOD_LEARNER.equals(method) + || IntegrationConstants.METHOD_LEARNER_STRICT_AUTHENTICATION.equals(method)) { + lessonService.addLearner(Long.parseLong(lessonId), user.getUserId()); + + } else if (IntegrationConstants.METHOD_MONITOR.equals(method) + || IntegrationConstants.METHOD_AUTHOR.equals(method)) { + lessonService.addStaffMember(Long.parseLong(lessonId), user.getUserId()); + } + } + String login = user.getLogin(); UserDTO loggedInUserDTO = (UserDTO) hses.getAttribute(AttributeNames.USER); String loggedInLogin = loggedInUserDTO == null ? null : loggedInUserDTO.getLogin(); // for checking if requested role is the same as already assigned - String role = method.equals(LoginRequestDispatcher.METHOD_LEARNER_STRICT_AUTHENTICATION) - ? LoginRequestDispatcher.METHOD_LEARNER + String role = method.equals(IntegrationConstants.METHOD_LEARNER_STRICT_AUTHENTICATION) + ? IntegrationConstants.METHOD_LEARNER : method; + // check if there is a redirect URL parameter already + String requestUrl = LoginRequestServlet.getRequestURL(request); if ((loggedInLogin != null) && loggedInLogin.equals(login) && request.isUserInRole(role)) { - String url = LoginRequestDispatcher.getRequestURL(request); - response.sendRedirect(response.encodeRedirectURL(url)); + response.sendRedirect(response.encodeRedirectURL(requestUrl)); return; } - // check if there is a redirect URL parameter already; besides, LoginRequestDispatcher.getRequestURL() method also adds - // users to the lesson with respective roles - String redirectURL = WebUtil.getBaseServerURL() + LoginRequestDispatcher.getRequestURL(request); - redirectURL = URLEncoder.encode(redirectURL, "UTF-8"); - // login.jsp knows what to do with these hses.setAttribute("login", login); String token = "#LAMS" + RandomPasswordGenerator.nextPassword(10); hses.setAttribute("password", token); // notify the login module that the user has been authenticated correctly UniversalLoginModule.setAuthenticationToken(token); + String redirectURL = WebUtil.getBaseServerURL() + requestUrl; + redirectURL = URLEncoder.encode(redirectURL, "UTF-8"); response.sendRedirect("login.jsp?redirectURL=" + redirectURL); } catch (AuthenticationException e) { log.error("Authentication error: ", e); @@ -220,4 +250,62 @@ public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { doGet(request, response); } + + /** + * If there is a redirectURL parameter then this becomes the redirect, otherwise it + * fetches the method parameter from HttpServletRequest and builds the redirect url. + */ + private static String getRequestURL(HttpServletRequest request) { + String method = request.getParameter(IntegrationConstants.PARAM_METHOD); + String lessonId = request.getParameter(IntegrationConstants.PARAM_LESSON_ID); + String mode = request.getParameter(IntegrationConstants.PARAM_MODE); + + // get the location from an explicit parameter if it exists + String redirect = request.getParameter("redirectURL"); + if (redirect != null) { + return request.getContextPath() + "/" + redirect; + } + + if (IntegrationConstants.MODE_GRADEBOOK.equals(mode)) { + return request.getContextPath() + URL_GRADEBOOK + request.getQueryString(); + } + /** AUTHOR * */ + else if (IntegrationConstants.METHOD_AUTHOR.equals(method)) { + String authorUrl = request.getContextPath() + URL_AUTHOR; + + // append the extra parameters if they are present in the request + String ldID = request.getParameter(IntegrationConstants.PARAM_LEARNING_DESIGN_ID); + if (ldID != null) { + authorUrl = WebUtil.appendParameterToURL(authorUrl, "learningDesignID", ldID); + } + + // Custom CSV string to be used for tool adapters + String customCSV = request.getParameter(IntegrationConstants.PARAM_CUSTOM_CSV); + if (customCSV != null) { + authorUrl = WebUtil.appendParameterToURL(authorUrl, IntegrationConstants.PARAM_CUSTOM_CSV, customCSV); + } + + String extLmsId = request.getParameter(IntegrationConstants.PARAM_SERVER_ID); + if (extLmsId != null) { + authorUrl = WebUtil.appendParameterToURL(authorUrl, IntegrationConstants.PARAM_EXT_LMS_ID, extLmsId); + } + + return authorUrl; + } + /** MONITOR * */ + else if (IntegrationConstants.METHOD_MONITOR.equals(method) && lessonId != null) { + return request.getContextPath() + URL_MONITOR + lessonId; + } + /** LEARNER * */ + else if ((IntegrationConstants.METHOD_LEARNER.equals(method) + || IntegrationConstants.METHOD_LEARNER_STRICT_AUTHENTICATION.equals(method)) && lessonId != null) { + String url = request.getContextPath() + URL_LEARNER + lessonId; + if (mode != null) { + url += "&" + IntegrationConstants.PARAM_MODE + "=" + mode; + } + return url; + } else { + return request.getContextPath() + URL_DEFAULT; + } + } } Index: lams_central/src/java/org/lamsfoundation/lams/web/OrganisationGroupServlet.java =================================================================== diff -u -r33829c670fd8c90447d62ea3300498a103905e7a -rc975a1230b65f2245c5c77ba413afe97a2816df9 --- lams_central/src/java/org/lamsfoundation/lams/web/OrganisationGroupServlet.java (.../OrganisationGroupServlet.java) (revision 33829c670fd8c90447d62ea3300498a103905e7a) +++ lams_central/src/java/org/lamsfoundation/lams/web/OrganisationGroupServlet.java (.../OrganisationGroupServlet.java) (revision c975a1230b65f2245c5c77ba413afe97a2816df9) @@ -43,7 +43,7 @@ import org.lamsfoundation.lams.integration.security.AuthenticationException; import org.lamsfoundation.lams.integration.security.Authenticator; import org.lamsfoundation.lams.integration.service.IntegrationService; -import org.lamsfoundation.lams.integration.util.LoginRequestDispatcher; +import org.lamsfoundation.lams.integration.util.IntegrationConstants; import org.lamsfoundation.lams.usermanagement.Organisation; import org.lamsfoundation.lams.usermanagement.OrganisationGroup; import org.lamsfoundation.lams.usermanagement.OrganisationGrouping; @@ -108,7 +108,7 @@ // get local user and organisation ExtUserUseridMap userMap = integrationService.getExtUserUseridMap(extServer, username); ExtCourseClassMap orgMap = integrationService.getExtCourseClassMap(extServer, userMap, courseId, null, - LoginRequestDispatcher.METHOD_MONITOR); + IntegrationConstants.METHOD_MONITOR); user = userMap.getUser(); organisation = orgMap.getOrganisation(); Index: lams_central/src/java/org/lamsfoundation/lams/web/controller/LtiController.java =================================================================== diff -u -r5926b5cb145649a9f978ab4c14146169684a849c -rc975a1230b65f2245c5c77ba413afe97a2816df9 --- lams_central/src/java/org/lamsfoundation/lams/web/controller/LtiController.java (.../LtiController.java) (revision 5926b5cb145649a9f978ab4c14146169684a849c) +++ lams_central/src/java/org/lamsfoundation/lams/web/controller/LtiController.java (.../LtiController.java) (revision c975a1230b65f2245c5c77ba413afe97a2816df9) @@ -34,7 +34,7 @@ import org.lamsfoundation.lams.integration.UserInfoFetchException; import org.lamsfoundation.lams.integration.UserInfoValidationException; import org.lamsfoundation.lams.integration.service.IIntegrationService; -import org.lamsfoundation.lams.integration.util.LoginRequestDispatcher; +import org.lamsfoundation.lams.integration.util.IntegrationConstants; import org.lamsfoundation.lams.integration.util.LtiUtils; import org.lamsfoundation.lams.lesson.LearnerProgress; import org.lamsfoundation.lams.lesson.Lesson; @@ -166,8 +166,8 @@ } //check if learner tries to access the link that hasn't been authored by teacher yet - String method = request.getParameter("_" + LoginRequestDispatcher.PARAM_METHOD); - if (LoginRequestDispatcher.METHOD_LEARNER_STRICT_AUTHENTICATION.equals(method) && extLessonMap == null) { + String method = request.getParameter("_" + IntegrationConstants.PARAM_METHOD); + if (IntegrationConstants.METHOD_LEARNER_STRICT_AUTHENTICATION.equals(method) && extLessonMap == null) { String roles = request.getParameter(BasicLTIConstants.ROLES); //try to detect monitor with custom roles not supported by LTI specification String messageKey = roles.contains("Instructor") || roles.contains("Admin") ? "message.teacher.role.not.recognized" Index: lams_central/src/java/org/lamsfoundation/lams/webservice/xml/LearningDesignRepositoryServlet.java =================================================================== diff -u -r33829c670fd8c90447d62ea3300498a103905e7a -rc975a1230b65f2245c5c77ba413afe97a2816df9 --- lams_central/src/java/org/lamsfoundation/lams/webservice/xml/LearningDesignRepositoryServlet.java (.../LearningDesignRepositoryServlet.java) (revision 33829c670fd8c90447d62ea3300498a103905e7a) +++ lams_central/src/java/org/lamsfoundation/lams/webservice/xml/LearningDesignRepositoryServlet.java (.../LearningDesignRepositoryServlet.java) (revision c975a1230b65f2245c5c77ba413afe97a2816df9) @@ -34,7 +34,7 @@ import org.lamsfoundation.lams.integration.security.AuthenticationException; import org.lamsfoundation.lams.integration.security.Authenticator; import org.lamsfoundation.lams.integration.service.IntegrationService; -import org.lamsfoundation.lams.integration.util.LoginRequestDispatcher; +import org.lamsfoundation.lams.integration.util.IntegrationConstants; import org.lamsfoundation.lams.learningdesign.service.ExportToolContentException; import org.lamsfoundation.lams.learningdesign.service.IExportToolContentService; import org.lamsfoundation.lams.usermanagement.WorkspaceFolder; @@ -247,9 +247,9 @@ String usePrefix = request.getParameter(CentralConstants.PARAM_USE_PREFIX); final boolean isUpdateUserDetails = false; - String firstName = request.getParameter(LoginRequestDispatcher.PARAM_FIRST_NAME); - String lastName = request.getParameter(LoginRequestDispatcher.PARAM_LAST_NAME); - String email = request.getParameter(LoginRequestDispatcher.PARAM_EMAIL); + String firstName = request.getParameter(IntegrationConstants.PARAM_FIRST_NAME); + String lastName = request.getParameter(IntegrationConstants.PARAM_LAST_NAME); + String email = request.getParameter(IntegrationConstants.PARAM_EMAIL); if ((serverId == null) || (datetime == null) || (hashValue == null) || (username == null) || (courseId == null) || (country == null) || (locale == null)) { @@ -338,7 +338,7 @@ // create group for external course if necessary integrationService.getExtCourseClassMap(extServer, userMap, courseId, courseName, - LoginRequestDispatcher.METHOD_AUTHOR); + IntegrationConstants.METHOD_AUTHOR); Integer userId = userMap.getUser().getUserId(); String contentTree = buildContentTree(userId, mode).toString(); @@ -388,7 +388,7 @@ // create group for external course if necessary integrationService.getExtCourseClassMap(extServer, userMap, courseId, courseName, - LoginRequestDispatcher.METHOD_AUTHOR); + IntegrationConstants.METHOD_AUTHOR); Integer userId = userMap.getUser().getUserId(); return userId; } Index: lams_central/src/java/org/lamsfoundation/lams/webservice/xml/LessonManagerServlet.java =================================================================== diff -u -r5926b5cb145649a9f978ab4c14146169684a849c -rc975a1230b65f2245c5c77ba413afe97a2816df9 --- lams_central/src/java/org/lamsfoundation/lams/webservice/xml/LessonManagerServlet.java (.../LessonManagerServlet.java) (revision 5926b5cb145649a9f978ab4c14146169684a849c) +++ lams_central/src/java/org/lamsfoundation/lams/webservice/xml/LessonManagerServlet.java (.../LessonManagerServlet.java) (revision c975a1230b65f2245c5c77ba413afe97a2816df9) @@ -43,7 +43,7 @@ import org.lamsfoundation.lams.integration.security.AuthenticationException; import org.lamsfoundation.lams.integration.security.Authenticator; import org.lamsfoundation.lams.integration.service.IntegrationService; -import org.lamsfoundation.lams.integration.util.LoginRequestDispatcher; +import org.lamsfoundation.lams.integration.util.IntegrationConstants; import org.lamsfoundation.lams.learningdesign.Activity; import org.lamsfoundation.lams.learningdesign.ActivityEvaluation; import org.lamsfoundation.lams.learningdesign.ToolActivity; @@ -257,9 +257,9 @@ element = getAllStudentProgress(document, serverId, datetime, hashValue, username, lsId, courseId); } else if (method.equals(CentralConstants.METHOD_SINGLE_STUDENT_PROGRESS)) { - String firstName = request.getParameter(LoginRequestDispatcher.PARAM_FIRST_NAME); - String lastName = request.getParameter(LoginRequestDispatcher.PARAM_LAST_NAME); - String email = request.getParameter(LoginRequestDispatcher.PARAM_EMAIL); + String firstName = request.getParameter(IntegrationConstants.PARAM_FIRST_NAME); + String lastName = request.getParameter(IntegrationConstants.PARAM_LAST_NAME); + String email = request.getParameter(IntegrationConstants.PARAM_EMAIL); lsId = Long.parseLong(lsIdStr); element = getSingleStudentProgress(document, serverId, datetime, hashValue, username, firstName, @@ -400,7 +400,7 @@ Authenticator.authenticate(extServer, datetime, username, hashValue); ExtUserUseridMap userMap = integrationService.getExtUserUseridMap(extServer, username); ExtCourseClassMap orgMap = integrationService.getExtCourseClassMap(extServer, userMap, courseId, null, - LoginRequestDispatcher.METHOD_MONITOR); + IntegrationConstants.METHOD_MONITOR); User user = userMap.getUser(); Organisation organisation = orgMap.getOrganisation(); @@ -435,7 +435,7 @@ Authenticator.authenticate(extServer, datetime, username, hashValue); ExtUserUseridMap userMap = integrationService.getExtUserUseridMap(extServer, username); ExtCourseClassMap orgMap = integrationService.getExtCourseClassMap(extServer, userMap, courseId, null, - LoginRequestDispatcher.METHOD_MONITOR); + IntegrationConstants.METHOD_MONITOR); // 1. init lesson Lesson lesson = monitoringService.initializeLesson(title, desc, ldId, orgMap.getOrganisation().getOrganisationId(), userMap.getUser().getUserId(), customCSV, false, @@ -466,7 +466,7 @@ Integer creatorId = userMap.getUser().getUserId(); ExtCourseClassMap orgMap = integrationService.getExtCourseClassMap(extServer, userMap, courseId, null, - LoginRequestDispatcher.METHOD_MONITOR); + IntegrationConstants.METHOD_MONITOR); if (orgMap == null) { log.debug("No course exists for: " + courseId + ". Can't delete any lessons."); throw new Exception("Course with courseId: " + courseId + " could not be found"); @@ -747,7 +747,7 @@ Authenticator.authenticate(extServer, datetime, username, hashValue); ExtUserUseridMap userMap = integrationService.getExtUserUseridMap(extServer, username); ExtCourseClassMap orgMap = integrationService.getExtCourseClassMap(extServer, userMap, courseId, null, - LoginRequestDispatcher.METHOD_MONITOR); + IntegrationConstants.METHOD_MONITOR); Integer userId = userMap.getUser().getUserId(); // 1. init lesson @@ -926,9 +926,9 @@ } if (StringUtils.isNotBlank(userName)) { -// integrationService.addExtUserToLesson(extServer, LoginRequestDispatcher.METHOD_LEARNER, lessonId, +// integrationService.addExtUserToLesson(extServer, IntegrationConstants.METHOD_LEARNER, lessonId, // userName, firstName, lastName, email, courseId, countryIsoCode, langIsoCode); - integrationService.addExtUserToCourseAndLesson(extServer, LoginRequestDispatcher.METHOD_LEARNER, lessonId, + integrationService.addExtUserToCourseAndLesson(extServer, IntegrationConstants.METHOD_LEARNER, lessonId, userName, firstName, lastName, email, courseId, country, locale); } i++; @@ -946,7 +946,7 @@ } if (StringUtils.isNotBlank(userName)) { - integrationService.addExtUserToCourseAndLesson(extServer, LoginRequestDispatcher.METHOD_MONITOR, lessonId, + integrationService.addExtUserToCourseAndLesson(extServer, IntegrationConstants.METHOD_MONITOR, lessonId, userName, firstName, lastName, email, courseId, country, locale); } i++; @@ -1479,7 +1479,7 @@ ExtUserUseridMap userMap = integrationService.getExistingExtUserUseridMap(extServer, username); ExtCourseClassMap orgMap = integrationService.getExtCourseClassMap(extServer, userMap, courseID, null, - LoginRequestDispatcher.METHOD_MONITOR); + IntegrationConstants.METHOD_MONITOR); Organisation organisation = orgMap.getOrganisation(); Map map = lessonService.getLessonsByOrgAndUserWithCompletedFlag( Index: lams_common/src/java/org/lamsfoundation/lams/integration/service/IntegrationService.java =================================================================== diff -u -r5926b5cb145649a9f978ab4c14146169684a849c -rc975a1230b65f2245c5c77ba413afe97a2816df9 --- lams_common/src/java/org/lamsfoundation/lams/integration/service/IntegrationService.java (.../IntegrationService.java) (revision 5926b5cb145649a9f978ab4c14146169684a849c) +++ lams_common/src/java/org/lamsfoundation/lams/integration/service/IntegrationService.java (.../IntegrationService.java) (revision c975a1230b65f2245c5c77ba413afe97a2816df9) @@ -67,7 +67,7 @@ import org.lamsfoundation.lams.integration.dto.ExtGroupDTO; import org.lamsfoundation.lams.integration.security.RandomPasswordGenerator; import org.lamsfoundation.lams.integration.util.GroupInfoFetchException; -import org.lamsfoundation.lams.integration.util.LoginRequestDispatcher; +import org.lamsfoundation.lams.integration.util.IntegrationConstants; import org.lamsfoundation.lams.integration.util.LtiUtils; import org.lamsfoundation.lams.lesson.Lesson; import org.lamsfoundation.lams.lesson.service.ILessonService; @@ -243,10 +243,10 @@ } Integer[] roles; - if (StringUtils.equals(method, LoginRequestDispatcher.METHOD_AUTHOR)) { + if (StringUtils.equals(method, IntegrationConstants.METHOD_AUTHOR)) { roles = new Integer[] { Role.ROLE_AUTHOR, Role.ROLE_MONITOR, Role.ROLE_LEARNER }; - } else if (StringUtils.equals(method, LoginRequestDispatcher.METHOD_MONITOR)) { + } else if (StringUtils.equals(method, IntegrationConstants.METHOD_MONITOR)) { roles = new Integer[] { Role.ROLE_MONITOR }; } else { @@ -839,7 +839,7 @@ Integer userId = extUserUseridMap.getUser().getUserId(); //add user to organisation if it's not there - updateUserRoles(user, organisation, LoginRequestDispatcher.METHOD_LEARNER); + updateUserRoles(user, organisation, IntegrationConstants.METHOD_LEARNER); //check if user belong to the lesson. and if not - add it if (!lesson.getLessonClass().getLearnersGroup().hasLearner(user)) { @@ -917,9 +917,9 @@ throw new UserInfoFetchException(error); } - if (LoginRequestDispatcher.METHOD_LEARNER.equals(method)) { + if (IntegrationConstants.METHOD_LEARNER.equals(method)) { lessonService.addLearner(lesssonId, user.getUserId()); - } else if (LoginRequestDispatcher.METHOD_MONITOR.equals(method)) { + } else if (IntegrationConstants.METHOD_MONITOR.equals(method)) { lessonService.addStaffMember(lesssonId, user.getUserId()); } @@ -1036,8 +1036,8 @@ roles += role + ","; } String method = LtiUtils.isStaff(roles, extServer) || LtiUtils.isAdmin(roles) - ? LoginRequestDispatcher.METHOD_MONITOR - : LoginRequestDispatcher.METHOD_LEARNER; + ? IntegrationConstants.METHOD_MONITOR + : IntegrationConstants.METHOD_LEARNER; //empty lessonId means we need to only add users to the course. Otherwise we add them to course AND lesson ExtUserUseridMap extUser = lessonId == null Index: lams_common/src/java/org/lamsfoundation/lams/integration/util/IntegrationConstants.java =================================================================== diff -u --- lams_common/src/java/org/lamsfoundation/lams/integration/util/IntegrationConstants.java (revision 0) +++ lams_common/src/java/org/lamsfoundation/lams/integration/util/IntegrationConstants.java (revision c975a1230b65f2245c5c77ba413afe97a2816df9) @@ -0,0 +1,71 @@ +/** + * Copyright (C) 2005 LAMS Foundation (http://lamsfoundation.org) + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 + * USA + * + * http://www.gnu.org/licenses/gpl.txt + */ +package org.lamsfoundation.lams.integration.util; + +public class IntegrationConstants { + + public static final String PARAM_USER_ID = "uid"; + + public static final String PARAM_SERVER_ID = "sid"; + + public static final String PARAM_TIMESTAMP = "ts"; + + public static final String PARAM_HASH = "hash"; + + public static final String PARAM_METHOD = "method"; + + public static final String PARAM_COURSE_ID = "courseid"; + + public static final String PARAM_COUNTRY = "country"; + + public static final String PARAM_LANGUAGE = "lang"; + + public static final String PARAM_IS_UPDATE_USER_DETAILS = "isUpdateUserDetails"; + + public static final String PARAM_FIRST_NAME = "firstName"; + + public static final String PARAM_LAST_NAME = "lastName"; + + public static final String PARAM_EMAIL = "email"; + + public static final String PARAM_CUSTOM_CSV = "customCSV"; + + public static final String PARAM_EXT_LMS_ID = "extlmsid"; + + public static final String PARAM_MODE = "mode"; + + public static final String MODE_GRADEBOOK = "gradebook"; + + public static final String METHOD_AUTHOR = "author"; + + public static final String METHOD_MONITOR = "monitor"; + + public static final String METHOD_LEARNER = "learner"; + + // the same as METHOD_LEARNER but additionally requires hash to contain lsId in order to prevent users tampering + // with lesson id parameter + public static final String METHOD_LEARNER_STRICT_AUTHENTICATION = "learnerStrictAuth"; + + public static final String PARAM_LEARNING_DESIGN_ID = "ldId"; + + public static final String PARAM_LESSON_ID = "lsid"; + +} Fisheye: Tag c975a1230b65f2245c5c77ba413afe97a2816df9 refers to a dead (removed) revision in file `lams_common/src/java/org/lamsfoundation/lams/integration/util/LoginRequestDispatcher.java'. Fisheye: No comparison available. Pass `N' to diff?