Code Coverage |
||||||||||
Lines |
Functions and Methods |
Classes and Traits |
||||||||
Total | |
0.00% |
0 / 188 |
|
0.00% |
0 / 1 |
CRAP | |
0.00% |
0 / 1 |
LtiServiceProvider | |
0.00% |
0 / 188 |
|
0.00% |
0 / 1 |
2 | |
0.00% |
0 / 1 |
__invoke | |
0.00% |
0 / 188 |
|
0.00% |
0 / 1 |
2 |
1 | <?php |
2 | |
3 | /** |
4 | * This program is free software; you can redistribute it and/or |
5 | * modify it under the terms of the GNU General Public License |
6 | * as published by the Free Software Foundation; under version 2 |
7 | * of the License (non-upgradable). |
8 | * |
9 | * This program is distributed in the hope that it will be useful, |
10 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
11 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
12 | * GNU General Public License for more details. |
13 | * |
14 | * You should have received a copy of the GNU General Public License |
15 | * along with this program; if not, write to the Free Software |
16 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. |
17 | * |
18 | * Copyright (c) 2021-2022 (original work) Open Assessment Technologies SA; |
19 | */ |
20 | |
21 | declare(strict_types=1); |
22 | |
23 | namespace oat\taoLti\models\classes\ServiceProvider; |
24 | |
25 | use GuzzleHttp\ClientInterface; |
26 | use League\OAuth2\Server\Entities\ScopeEntityInterface; |
27 | use League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface; |
28 | use League\OAuth2\Server\Repositories\ClientRepositoryInterface; |
29 | use League\OAuth2\Server\Repositories\ScopeRepositoryInterface; |
30 | use oat\generis\model\DependencyInjection\ContainerServiceProviderInterface; |
31 | use oat\generis\model\DependencyInjection\ServiceOptions; |
32 | use oat\generis\persistence\PersistenceManager; |
33 | use OAT\Library\Lti1p3Ags\Factory\Score\ScoreFactory; |
34 | use OAT\Library\Lti1p3Ags\Factory\Score\ScoreFactoryInterface; |
35 | use OAT\Library\Lti1p3Ags\Service\Score\Client\ScoreServiceClient; |
36 | use OAT\Library\Lti1p3Ags\Service\Score\ScoreServiceInterface; |
37 | use OAT\Library\Lti1p3Core\Registration\RegistrationRepositoryInterface; |
38 | use OAT\Library\Lti1p3Core\Security\Jwks\Fetcher\JwksFetcher; |
39 | use OAT\Library\Lti1p3Core\Security\Jwks\Fetcher\JwksFetcherInterface; |
40 | use OAT\Library\Lti1p3Core\Security\OAuth2\Entity\Scope; |
41 | use OAT\Library\Lti1p3Core\Security\OAuth2\Factory\AuthorizationServerFactory; |
42 | use OAT\Library\Lti1p3Core\Security\OAuth2\Repository\AccessTokenRepository; |
43 | use OAT\Library\Lti1p3Core\Security\OAuth2\Repository\ClientRepository; |
44 | use OAT\Library\Lti1p3Core\Security\OAuth2\Repository\ScopeRepository; |
45 | use OAT\Library\Lti1p3Core\Service\Client\LtiServiceClient; |
46 | use OAT\Library\Lti1p3Core\Service\Client\LtiServiceClientInterface; |
47 | use oat\oatbox\cache\factory\CacheItemPoolFactory; |
48 | use oat\oatbox\cache\ItemPoolSimpleCacheAdapter; |
49 | use oat\oatbox\log\LoggerService; |
50 | use oat\oatbox\session\SessionService; |
51 | use oat\tao\model\DynamicConfig\DynamicConfigProviderInterface; |
52 | use oat\tao\model\accessControl\RoleBasedContextRestrictAccess; |
53 | use oat\tao\model\menu\SectionVisibilityByRoleFilter; |
54 | use oat\taoLti\models\classes\Client\LtiClientFactory; |
55 | use oat\taoLti\models\classes\DynamicConfig\LtiConfigProvider; |
56 | use oat\taoLti\models\classes\LtiAgs\LtiAgsScoreService; |
57 | use oat\taoLti\models\classes\LtiAgs\LtiAgsScoreServiceInterface; |
58 | use oat\taoLti\models\classes\LtiRoles; |
59 | use oat\taoLti\models\classes\Platform\Repository\DefaultToolConfig; |
60 | use oat\taoLti\models\classes\Platform\Repository\Lti1p3RegistrationRepository; |
61 | use oat\taoLti\models\classes\Platform\Repository\Lti1p3RegistrationSnapshotRepository; |
62 | use oat\taoLti\models\classes\Platform\Repository\LtiPlatformFactory; |
63 | use oat\taoLti\models\classes\Platform\Service\UpdatePlatformRegistrationSnapshotListener; |
64 | use oat\taoLti\models\classes\Security\DataAccess\Repository\CachedPlatformKeyChainRepository; |
65 | use oat\taoLti\models\classes\Security\DataAccess\Repository\PlatformKeyChainRepository; |
66 | use oat\taoLti\models\classes\Tool\Service\AuthoringLtiRoleService; |
67 | use oat\taoLti\models\classes\Tool\Validation\AuthoringToolValidator; |
68 | use oat\taoLti\models\classes\Tool\Validation\Lti1p3Validator; |
69 | use Psr\Cache\CacheItemPoolInterface; |
70 | use Symfony\Component\DependencyInjection\Loader\Configurator\ContainerConfigurator; |
71 | |
72 | use function Symfony\Component\DependencyInjection\Loader\Configurator\env; |
73 | use function Symfony\Component\DependencyInjection\Loader\Configurator\inline_service; |
74 | use function Symfony\Component\DependencyInjection\Loader\Configurator\param; |
75 | use function Symfony\Component\DependencyInjection\Loader\Configurator\service; |
76 | |
77 | class LtiServiceProvider implements ContainerServiceProviderInterface |
78 | { |
79 | private const PORTAL_ACCESS_ROLES = [ |
80 | LtiRoles::CONTEXT_LTI1P3_ADMINISTRATOR_SUB_DEVELOPER, |
81 | LtiRoles::CONTEXT_LTI1P3_CONTENT_DEVELOPER, |
82 | LtiRoles::CONTEXT_LTI1P3_CONTENT_DEVELOPER_SUB_CONTENT_DEVELOPER, |
83 | LtiRoles::CONTEXT_LTI1P3_CONTENT_DEVELOPER_SUB_CONTENT_EXPERT, |
84 | LTIRoles::CONTEXT_INSTITUTION_LTI1P3_ADMINISTRATOR, |
85 | LtiRoles::CONTEXT_LTI1P3_INSTRUCTOR |
86 | ]; |
87 | public function __invoke(ContainerConfigurator $configurator): void |
88 | { |
89 | $services = $configurator->services(); |
90 | $parameters = $configurator->parameters(); |
91 | |
92 | $parameters->set( |
93 | 'defaultScope', |
94 | $_ENV['LTI_DEFAULT_SCOPE'] ?? 'https://purl.imsglobal.org/spec/lti-bo/scope/basicoutcome' |
95 | ); |
96 | |
97 | $parameters->set( |
98 | 'rolesAllowed', |
99 | self::PORTAL_ACCESS_ROLES |
100 | ); |
101 | |
102 | $parameters->set( |
103 | 'restrictedRolesForSectionMap', |
104 | [ |
105 | 'help' => self::PORTAL_ACCESS_ROLES, |
106 | 'settings_my_password' => self::PORTAL_ACCESS_ROLES, |
107 | 'settings_my_settings' => self::PORTAL_ACCESS_ROLES |
108 | ] |
109 | ); |
110 | |
111 | $services |
112 | ->set(LtiClientFactory::class) |
113 | ->args( |
114 | [ |
115 | service(ServiceOptions::class), |
116 | ] |
117 | ); |
118 | |
119 | $services |
120 | ->set(JwksFetcherInterface::class, JwksFetcher::class) |
121 | ->public() |
122 | ->args( |
123 | [ |
124 | service(ItemPoolSimpleCacheAdapter::class), |
125 | null, |
126 | null, |
127 | service(LoggerService::SERVICE_ID), |
128 | ] |
129 | ); |
130 | |
131 | $services |
132 | ->set(ClientRepositoryInterface::class, ClientRepository::class) |
133 | ->public() |
134 | ->args( |
135 | [ |
136 | service(Lti1p3RegistrationRepository::class), |
137 | service(JwksFetcherInterface::class), |
138 | service(LoggerService::SERVICE_ID), |
139 | ] |
140 | ); |
141 | |
142 | $services |
143 | ->set(AccessTokenRepositoryInterface::class, AccessTokenRepository::class) |
144 | ->public() |
145 | ->args( |
146 | [ |
147 | service(ItemPoolSimpleCacheAdapter::class), |
148 | service(LoggerService::SERVICE_ID), |
149 | ] |
150 | ); |
151 | |
152 | $services |
153 | ->set(ScopeEntityInterface::class, Scope::class) |
154 | ->public() |
155 | ->args( |
156 | [ |
157 | param('defaultScope'), |
158 | ] |
159 | ); |
160 | |
161 | $services |
162 | ->set(ScopeRepositoryInterface::class, ScopeRepository::class) |
163 | ->public() |
164 | ->args( |
165 | [ |
166 | [service(ScopeEntityInterface::class)], |
167 | ] |
168 | ); |
169 | |
170 | $services |
171 | ->set(AuthorizationServerFactory::class, AuthorizationServerFactory::class) |
172 | ->public() |
173 | ->args( |
174 | [ |
175 | service(ClientRepositoryInterface::class), |
176 | service(AccessTokenRepositoryInterface::class), |
177 | service(ScopeRepositoryInterface::class), |
178 | env('LTI_AUTHORIZATION_SERVER_FACTORY_ENCRYPTION_KEY'), |
179 | ] |
180 | ); |
181 | |
182 | $services |
183 | ->set(LtiServiceClientInterface::class, LtiServiceClient::class) |
184 | ->args( |
185 | [ |
186 | inline_service(CacheItemPoolInterface::class) |
187 | ->factory([service(CacheItemPoolFactory::class), 'create']) |
188 | ->args([[]]), |
189 | inline_service(ClientInterface::class) |
190 | ->factory([service(LtiClientFactory::class), 'create']), |
191 | ] |
192 | ); |
193 | |
194 | $services |
195 | ->set(ScoreServiceInterface::class, ScoreServiceClient::class) |
196 | ->public() |
197 | ->args( |
198 | [ |
199 | service(LtiServiceClientInterface::class), |
200 | ] |
201 | ); |
202 | |
203 | $services |
204 | ->set(ScoreFactoryInterface::class, ScoreFactory::class) |
205 | ->public(); |
206 | |
207 | $services |
208 | ->set(LtiAgsScoreServiceInterface::class, LtiAgsScoreService::class) |
209 | ->public() |
210 | ->args( |
211 | [ |
212 | service(ScoreServiceInterface::class), |
213 | service(ScoreFactoryInterface::class), |
214 | ] |
215 | ); |
216 | |
217 | $services |
218 | ->set(RegistrationRepositoryInterface::class, Lti1p3RegistrationSnapshotRepository::class) |
219 | ->public() |
220 | ->args( |
221 | [ |
222 | service(PersistenceManager::SERVICE_ID), |
223 | service(CachedPlatformKeyChainRepository::class), |
224 | service(PlatformKeyChainRepository::class), |
225 | inline_service(DefaultToolConfig::class)->arg('$baseUri', ROOT_URL), |
226 | 'default' |
227 | ] |
228 | ); |
229 | |
230 | $services |
231 | ->set(UpdatePlatformRegistrationSnapshotListener::class, UpdatePlatformRegistrationSnapshotListener::class) |
232 | ->public() |
233 | ->args( |
234 | [ |
235 | service(RegistrationRepositoryInterface::class), |
236 | service(LtiPlatformFactory::class) |
237 | ] |
238 | ); |
239 | |
240 | $services |
241 | ->set(Lti1p3Validator::class, Lti1p3Validator::class) |
242 | ->public() |
243 | ->args( |
244 | [ |
245 | service(RegistrationRepositoryInterface::class), |
246 | service(ItemPoolSimpleCacheAdapter::class) |
247 | ] |
248 | ); |
249 | |
250 | |
251 | $services |
252 | ->set(AuthoringToolValidator::class, AuthoringToolValidator::class) |
253 | ->public() |
254 | ->args( |
255 | [ |
256 | service(RegistrationRepositoryInterface::class), |
257 | ] |
258 | ); |
259 | |
260 | $services |
261 | ->set(Lti1p3Validator::class . 'Authoring', Lti1p3Validator::class) |
262 | ->public() |
263 | ->args( |
264 | [ |
265 | service(RegistrationRepositoryInterface::class), |
266 | service(ItemPoolSimpleCacheAdapter::class), |
267 | service(AuthoringToolValidator::class), |
268 | ] |
269 | ); |
270 | |
271 | $services |
272 | ->set(AuthoringLtiRoleService::class, AuthoringLtiRoleService::class) |
273 | ->public() |
274 | ->args( |
275 | [ |
276 | param('rolesAllowed') |
277 | ] |
278 | ); |
279 | |
280 | $services |
281 | ->get(RoleBasedContextRestrictAccess::class) |
282 | ->arg('$restrictedRoles', [ |
283 | 'ltiAuthoringLaunchRestrictRoles' => param('rolesAllowed') |
284 | ]); |
285 | |
286 | $services->set(SectionVisibilityByRoleFilter::class, SectionVisibilityByRoleFilter::class) |
287 | ->public() |
288 | ->args([param('restrictedRolesForSectionMap')]); |
289 | |
290 | $services |
291 | ->set(LtiConfigProvider::class) |
292 | ->decorate(DynamicConfigProviderInterface::class) |
293 | ->public() |
294 | ->args( |
295 | [ |
296 | service(LtiConfigProvider::class . '.inner'), |
297 | service(SessionService::SERVICE_ID), |
298 | service(LoggerService::SERVICE_ID), |
299 | ] |
300 | ); |
301 | } |
302 | } |