Commit 92e59b66 authored by victor's avatar victor 🙇

Merge branch 'MDL-70284-dynreg-bug' of https://github.com/cengage/moodle

parents 8099deda 33594cf3
......@@ -101,14 +101,23 @@ class registration_helper {
$ltitoolconfiguration = self::get_parameter($registrationpayload,
'https://purl.imsglobal.org/spec/lti-tool-configuration', true);
$domain = self::get_parameter($ltitoolconfiguration, 'domain', true);
$targetlinkuri = self::get_parameter($ltitoolconfiguration, 'target_link_uri', true);
$domain = self::get_parameter($ltitoolconfiguration, 'domain', false);
$targetlinkuri = self::get_parameter($ltitoolconfiguration, 'target_link_uri', false);
$customparameters = self::get_parameter($ltitoolconfiguration, 'custom_parameters', false);
$scopes = explode(" ", self::get_parameter($registrationpayload, 'scope', false) ?? '');
$claims = self::get_parameter($ltitoolconfiguration, 'claims', false);
$messages = $ltitoolconfiguration['messages'] ?? [];
$description = self::get_parameter($ltitoolconfiguration, 'description', false);
// Validate domain and target link.
if (empty($domain)) {
throw new registration_exception('missing_domain', 400);
}
$targetlinkuri = $targetlinkuri ?: 'https://'.$domain;
if ($domain !== lti_get_domain_from_url($targetlinkuri)) {
throw new registration_exception('domain_targetlinkuri_mismatch', 400);
}
// Validate response type.
// According to specification, for this scenario, id_token must be explicitly set.
if (!in_array('id_token', $responsetypes)) {
......@@ -245,7 +254,7 @@ class registration_helper {
$registrationresponse['initiate_login_uri'] = $config->lti_initiatelogin;
$registrationresponse['grant_types'] = ['client_credentials', 'implicit'];
$registrationresponse['redirect_uris'] = explode(PHP_EOL, $config->lti_redirectionuris);
$registrationresponse['application_type'] = ['web'];
$registrationresponse['application_type'] = 'web';
$registrationresponse['token_endpoint_auth_method'] = 'private_key_jwt';
$registrationresponse['client_name'] = $config->lti_typename;
$registrationresponse['logo_uri'] = $config->lti_icon ?? '';
......@@ -288,12 +297,12 @@ class registration_helper {
$registrationresponse['scope'] = implode(' ', $scopesresponse);
$claimsresponse = ['sub', 'iss'];
if ($config->lti_sendname = LTI_SETTING_ALWAYS) {
if ($config->lti_sendname == LTI_SETTING_ALWAYS) {
$claimsresponse[] = 'name';
$claimsresponse[] = 'family_name';
$claimsresponse[] = 'middle_name';
$claimsresponse[] = 'given_name';
}
if ($config->lti_sendemailaddr = LTI_SETTING_ALWAYS) {
if ($config->lti_sendemailaddr == LTI_SETTING_ALWAYS) {
$claimsresponse[] = 'email';
}
$lticonfigurationresponse['claims'] = $claimsresponse;
......
......@@ -51,7 +51,7 @@ $conf = [
'https://purl.imsglobal.org/spec/lti-platform-configuration' => [
'product_family_code' => 'moodle',
'version' => $CFG->release,
'messages_supported' => ['LtiResourceLink', 'LtiDeepLinkingRequest'],
'messages_supported' => ['LtiResourceLinkRequest', 'LtiDeepLinkingRequest'],
'placements' => ['AddContentMenu'],
'variables' => array_keys(lti_get_capabilities())
]
......
......@@ -162,6 +162,8 @@ EOD;
$this->assertEquals(LTI_SETTING_DELEGATE, $config->lti_acceptgrades);
$this->assertEquals(1, $config->ltiservice_memberships);
$this->assertEquals(0, $config->ltiservice_toolsettings);
$this->assertEquals('client.example.org', $config->lti_tooldomain);
$this->assertEquals('https://client.example.org/lti', $config->lti_toolurl);
$this->assertEquals(LTI_SETTING_ALWAYS, $config->lti_sendname);
$this->assertEquals(LTI_SETTING_ALWAYS, $config->lti_sendemailaddr);
$this->assertEquals(1, $config->lti_contentitem);
......@@ -236,6 +238,51 @@ EOD;
registration_helper::registration_to_config($registration, 'TheClientId');
}
/**
* Validation Test: no domain nor targetlinkuri is rejected.
*/
public function test_validation_missing_domain_targetlinkuri() {
$registration = json_decode($this->registrationminimaljson, true);
$this->expectException(registration_exception::class);
$this->expectExceptionCode(400);
unset($registration['https://purl.imsglobal.org/spec/lti-tool-configuration']['domain']);
unset($registration['https://purl.imsglobal.org/spec/lti-tool-configuration']['target_link_uri']);
registration_helper::registration_to_config($registration, 'TheClientId');
}
/**
* Validation Test: mismatch between domain and targetlinkuri is rejected.
*/
public function test_validation_domain_targetlinkuri_match() {
$registration = json_decode($this->registrationminimaljson, true);
$this->expectException(registration_exception::class);
$this->expectExceptionCode(400);
$registration['https://purl.imsglobal.org/spec/lti-tool-configuration']['domain'] = 'not.the.right.domain';
registration_helper::registration_to_config($registration, 'TheClientId');
}
/**
* Validation Test: domain is required.
*/
public function test_validation_domain_targetlinkuri_onlylink() {
$registration = json_decode($this->registrationminimaljson, true);
unset($registration['https://purl.imsglobal.org/spec/lti-tool-configuration']['domain']);
$this->expectException(registration_exception::class);
$this->expectExceptionCode(400);
$config = registration_helper::registration_to_config($registration, 'TheClientId');
}
/**
* Validation Test: base url (targetlinkuri) is built from domain if not present.
*/
public function test_validation_domain_targetlinkuri_onlydomain() {
$registration = json_decode($this->registrationminimaljson, true);
unset($registration['https://purl.imsglobal.org/spec/lti-tool-configuration']['target_link_uri']);
$config = registration_helper::registration_to_config($registration, 'TheClientId');
$this->assertEquals('client.example.org', $config->lti_tooldomain);
$this->assertEquals('https://client.example.org', $config->lti_toolurl);
}
/**
* Test the transformation from lti config to OpenId LTI Client Registration response.
*/
......@@ -265,5 +312,34 @@ EOD;
$dlmsg = $lti['messages'][0];
$this->assertEquals($dlmsgorig['type'], $dlmsg['type']);
$this->assertEquals($dlmsgorig['target_link_uri'], $dlmsg['target_link_uri']);
$this->assertTrue(in_array('iss', $lti['claims']));
$this->assertTrue(in_array('sub', $lti['claims']));
$this->assertTrue(in_array('email', $lti['claims']));
$this->assertTrue(in_array('family_name', $lti['claims']));
$this->assertTrue(in_array('given_name', $lti['claims']));
$this->assertTrue(in_array('name', $lti['claims']));
}
/**
* Test the transformation from lti config to OpenId LTI Client Registration response for the minimal version.
*/
public function test_config_to_registration_minimal() {
$orig = json_decode($this->registrationminimaljson, true);
$reg = registration_helper::config_to_registration(registration_helper::registration_to_config($orig, 'clid'), 12);
$this->assertEquals('clid', $reg['client_id']);
$this->assertEquals($orig['response_types'], $reg['response_types']);
$this->assertEquals($orig['initiate_login_uri'], $reg['initiate_login_uri']);
$this->assertEquals($orig['redirect_uris'], $reg['redirect_uris']);
$this->assertEquals($orig['jwks_uri'], $reg['jwks_uri']);
$this->assertEquals('', $reg['scope']);
$ltiorig = $orig['https://purl.imsglobal.org/spec/lti-tool-configuration'];
$lti = $reg['https://purl.imsglobal.org/spec/lti-tool-configuration'];
$this->assertTrue(in_array('iss', $lti['claims']));
$this->assertTrue(in_array('sub', $lti['claims']));
$this->assertFalse(in_array('email', $lti['claims']));
$this->assertFalse(in_array('family_name', $lti['claims']));
$this->assertFalse(in_array('given_name', $lti['claims']));
$this->assertFalse(in_array('name', $lti['claims']));
}
}
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment