Code Coverage for /home/runner/work/tao-community/tao-community/taoLti/controller/ToolModule.php

	Code Coverage
	Lines			Functions and Methods				Classes and Traits
Total	0.00% covered (danger)	0.00%	0 / 53	0.00% covered (danger)	0.00%	0 / 3	CRAP	0.00% covered (danger)	0.00%	0 / 1
ToolModule	0.00% covered (danger)	0.00%	0 / 53	0.00% covered (danger)	0.00%	0 / 3	132	0.00% covered (danger)	0.00%	0 / 1
launch	0.00% covered (danger)	0.00%	0 / 45	0.00% covered (danger)	0.00%	0 / 1	56
run		n/a	0 / 0		n/a	0 / 0	0
logLti	0.00% covered (danger)	0.00%	0 / 4	0.00% covered (danger)	0.00%	0 / 1	12
getValidatedLtiMessagePayload	0.00% covered (danger)	0.00%	0 / 4	0.00% covered (danger)	0.00%	0 / 1	2

1	<?php
2
3	/**
4	* This program is free software; you can redistribute it and/or
5	* modify it under the terms of the GNU General Public License
6	* as published by the Free Software Foundation; under version 2
7	* of the License (non-upgradable).
8	*
9	* This program is distributed in the hope that it will be useful,
10	* but WITHOUT ANY WARRANTY; without even the implied warranty of
11	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12	* GNU General Public License for more details.
13	*
14	* You should have received a copy of the GNU General Public License
15	* along with this program; if not, write to the Free Software
16	* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17	*
18	* Copyright (c) 2013-2019 (original work) Open Assessment Technologies SA (under the project TAO-PRODUCT);
19	*
20	*/
21
22	namespace oat\taoLti\controller;
23
24	use common_Exception;
25	use common_exception_Error;
26	use common_exception_IsAjaxAction;
27	use common_http_Request;
28	use common_session_SessionManager as SessionManager;
29	use OAT\Library\Lti1p3Core\Message\Payload\LtiMessagePayloadInterface;
30	use oat\tao\model\oauth\OauthService;
31	use oat\taoLti\models\classes\Tool\Validation\Lti1p3Validator;
32	use tao_helpers_Request;
33	use common_Logger;
34	use common_user_auth_AuthFailedException;
35	use InterruptedActionException;
36	use oat\taoLti\models\classes\CookieVerifyService;
37	use oat\taoLti\models\classes\LaunchData\Validator\LtiValidatorService;
38	use oat\taoLti\models\classes\LtiException;
39	use oat\taoLti\models\classes\LtiLaunchData;
40	use oat\taoLti\models\classes\LtiMessages\LtiErrorMessage;
41	use oat\taoLti\models\classes\LtiService;
42	use ResolverException;
43	use tao_models_classes_accessControl_AclProxy;
44	use tao_models_classes_oauth_Exception;
45
46	/**
47	* An abstract tool controller to be extended by the concrete tools
48	*
49	* @package taoLti
50	*/
51	abstract class ToolModule extends LtiModule
52	{
53	/**
54	* Entrypoint of every tool
55	*
56	* @throws LtiException
57	* @throws ResolverException
58	* @throws common_Exception
59	* @throws common_exception_Error
60	* @throws InterruptedActionException
61	*/
62	public function launch()
63	{
64	SessionManager::endSession();
65
66	try {
67	$request = common_http_Request::currentRequest();
68	$ltiLaunchData = LtiLaunchData::fromRequest($request);
69	$this->logLti($ltiLaunchData->getVariables());
70	/** @var LtiValidatorService $validator */
71	$validator = $this->getServiceLocator()->get(LtiValidatorService::SERVICE_ID);
72	$validator->validateLaunchData($ltiLaunchData);
73
74	LtiService::singleton()->startLtiSession($request);
75
76
77	/** @var CookieVerifyService $cookieService */
78	$cookieService = $this->getServiceManager()->get(CookieVerifyService::SERVICE_ID);
79	if ($cookieService->isVerifyCookieRequired()) {
80	if (tao_models_classes_accessControl_AclProxy::hasAccess('verifyCookie', 'CookieUtils', 'taoLti')) {
81	$cookieRedirect = _url(
82	'verifyCookie',
83	'CookieUtils',
84	'taoLti',
85	[
86	'session' => session_id(),
87	'redirect' => urlencode(_url('run', null, null, $_GET)),
88	]
89	);
90	$this->redirect($cookieRedirect);
91	} else {
92	throw new LtiException(
93	__('You are not authorized to use this system'),
94	LtiErrorMessage::ERROR_UNAUTHORIZED
95	);
96	}
97	} else {
98	$this->forward('run', null, null, $_GET);
99	}
100	} catch (common_user_auth_AuthFailedException $e) {
101	$lockoutService = $this->getServiceLocator()->get(OauthService::SERVICE_ID)
102	->getSubService(OauthService::OPTION_LOCKOUT_SERVICE);
103	$lockoutService->logFailedAttempt();
104	common_Logger::i($e->getMessage());
105	throw new LtiException(
106	__('The LTI connection could not be established'),
107	LtiErrorMessage::ERROR_UNAUTHORIZED
108	);
109	} catch (LtiException $e) {
110	common_Logger::i($e->__toString());
111
112	if (tao_helpers_Request::isAjax()) {
113	throw new common_exception_IsAjaxAction(__CLASS__ . '::' . __FUNCTION__);
114	}
115	throw $e;
116	} catch (tao_models_classes_oauth_Exception $e) {
117	common_Logger::i($e->getMessage());
118	throw new LtiException(
119	__('The LTI connection could not be established'),
120	LtiErrorMessage::ERROR_UNAUTHORIZED
121	);
122	}
123	}
124
125	/**
126	* run() contains the actual tool's controller
127	*/
128	abstract public function run();
129
130
131	/**
132	* Logging LTI launch params
133	* @param $variables
134	*/
135	protected function logLti($variables)
136	{
137	foreach ($variables as $key => $value) {
138	if (strpos($key, 'oauth_') === 0) {
139	unset($variables[$key]);
140	}
141	}
142	$this->logInfo('LTI_LAUNCH_PARAMS:' . json_encode($variables));
143	}
144
145	protected function getValidatedLtiMessagePayload(): LtiMessagePayloadInterface
146	{
147	return $this->getServiceLocator()
148	->getContainer()
149	->get(Lti1p3Validator::class)
150	->getValidatedPayload($this->getPsrRequest());
151	}
152	}