Search moodle.org's
Developer Documentation
Developer Documentation
See Release Notes
Long Term Support Release
- Bug fixes for general core bugs in 4.1.x will end 13 November 2023 (12 months).
- Bug fixes for security issues in 4.1.x will end 10 November 2025 (36 months).
- PHP version: minimum PHP 7.4.0 Note: minimum PHP version has increased since Moodle 4.0. PHP 8.0.x is supported too.
/enrol/lti/ -> login.php (source)
1 <?php 2 // This file is part of Moodle - http://moodle.org/ 3 // 4 // Moodle is free software: you can redistribute it and/or modify 5 // it under the terms of the GNU General Public License as published by 6 // the Free Software Foundation, either version 3 of the License, or 7 // (at your option) any later version. 8 // 9 // Moodle is distributed in the hope that it will be useful, 10 // but WITHOUT ANY WARRANTY; without even the implied warranty of 11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 // GNU General Public License for more details. 13 // 14 // You should have received a copy of the GNU General Public License 15 // along with Moodle. If not, see <http://www.gnu.org/licenses/>. 16 17 /** 18 * LTI 1.3 login endpoint. 19 * 20 * See: http://www.imsglobal.org/spec/security/v1p0/#step-1-third-party-initiated-login 21 * 22 * This must support both POST and GET methods, as per the spec. 23 * 24 * @package enrol_lti 25 * @copyright 2021 Jake Dallimore <jrhdallimore@gmail.com 26 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later 27 */ 28 29 use enrol_lti\local\ltiadvantage\lib\issuer_database; 30 use enrol_lti\local\ltiadvantage\lib\launch_cache_session; 31 use enrol_lti\local\ltiadvantage\repository\application_registration_repository; 32 use enrol_lti\local\ltiadvantage\repository\deployment_repository; 33 use Packback\Lti1p3\ImsStorage\ImsCookie; 34 use Packback\Lti1p3\LtiOidcLogin; 35 36 require_once(__DIR__."/../../config.php"); 37 38 // Required fields for OIDC 3rd party initiated login. 39 // See http://www.imsglobal.org/spec/security/v1p0/#step-1-third-party-initiated-login. 40 // Validate these here, despite further validation in the LTI 1.3 library. 41 $iss = required_param('iss', PARAM_URL); // Issuer URI of the calling platform. 42 $loginhint = required_param('login_hint', PARAM_INT); // Platform ID for the person to login. 43 $targetlinkuri = required_param('target_link_uri', PARAM_URL); // The took launch URL. 44 45 // Optional lti_message_hint. See https://www.imsglobal.org/spec/lti/v1p3#additional-login-parameters-0. 46 // If found, this must be returned unmodified to the platform. 47 $ltimessagehint = optional_param('lti_message_hint', null, PARAM_RAW); 48 49 // The target_link_uri param should contain the endpoint that will be executed at the end of the OIDC login process. 50 // In Moodle, this will either be: 51 // - enrol/lti/launch.php endpoint (for regular resource link launches) or 52 // - enrol/lti/launch_deeplink.php endpoint (for deep linking launches) 53 // Thus, the target_link_uri signifies intent to perform a certain launch type. It can be used to generate the 54 // redirect_uri param for the auth request but must first be verified, as it is unsigned data at this stage. 55 // See here: https://www.imsglobal.org/spec/lti/v1p3/impl#verify-the-target_link_uri. 56 // 57 // Also note that final redirection to the resource (after the login process is complete) should rely on the 58 // https://purl.imsglobal.org/spec/lti/claim/target_link_uri claim instead of the target_link_uri value provided here. 59 // See here: http://www.imsglobal.org/spec/lti/v1p3/#target-link-uri. 60 $validuris = [ 61 (new moodle_url('/enrol/lti/launch.php'))->out(false), // Resource link launches. 62 (new moodle_url('/enrol/lti/launch_deeplink.php'))->out(false) // Deep linking launches. 63 ]; 64 65 // This code verifies the target_link_uri. Only two values are permitted (see endpoints listed above). 66 if (!in_array($targetlinkuri, $validuris)) { 67 $msg = 'The target_link_uri param must match one of the redirect URIs set during tool registration.'; 68 throw new coding_exception($msg); 69 } 70 71 // Because client_id is optional, this endpoint receives a param 'id', a unique id generated when creating the registration. 72 // A registration can thus be located by either the tuple {iss, client_id} (if client_id is provided), or by the tuple {iss, id}, 73 // (if client_id is not provided). See https://www.imsglobal.org/spec/lti/v1p3/#client_id-login-parameter. 74 global $_REQUEST; 75 if (empty($_REQUEST['client_id']) && !empty($_REQUEST['id'])) { 76 $_REQUEST['client_id'] = $_REQUEST['id']; 77 } 78 79 // Now, do the OIDC login. 80 LtiOidcLogin::new( 81 new issuer_database(new application_registration_repository(), new deployment_repository()), 82 new launch_cache_session(), 83 new ImsCookie() 84 ) 85 ->doOidcLoginRedirect($targetlinkuri) 86 ->doRedirect();
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
