def verify_credentials():
if 'oauth_consumer_key' in request.form:
consumer_key = request.form['oauth_consumer_key']
permission_to_lt_user = PermissionToLtUser.find(key = consumer_key)
# TODO: check for nonce
# TODO: check for old requests
if permission_to_lt_user is None:
response = Response(render_template('lti/errors.html', message = gettext("Invalid consumer key. Please check it again.")))
# response.status_code = 412
return response
secret = permission_to_lt_user.secret
# The original dict is in unicode, which does not work with ToolProvider
USE_UNICODE = False
if USE_UNICODE:
data_dict = request.form.to_dict()
else:
data_dict = {}
for key, value in request.form.to_dict().iteritems():
data_dict[key.encode('utf8')] = value.encode('utf8')
tool_provider = ToolProvider(consumer_key, secret, data_dict)
try:
return_value = tool_provider.valid_request(request)
except:
traceback.print_exc()
response = Response(render_template('lti/errors.html', message = gettext("Invalid secret: could not validate request.")))
# response.status_code = 403
return response
else:
if return_value == False:
response = Response(render_template('lti/errors.html', message = gettext("Request checked and failed. Please check that the 'secret' is correct.")))
# response.status_code = 403
return response
session['author_identifier'] = request.form['user_id']
if 'lis_person_name_full' in request.form:
session['user_fullname'] = request.form['lis_person_name_full']
if 'context_id' in request.form:
session['group_id'] = request.form['context_id']
if 'context_title' in request.form:
session['group_name'] = request.form['context_title']
if 'launch_presentation_locale' in request.form:
session['launch_locale'] = request.form['launch_presentation_locale']
if 'launch_presentation_document_target' in request.form:
session['launch_presentation_document_target'] = request.form['launch_presentation_document_target']
if 'launch_presentation_return_url' in request.form:
session['launch_presentation_return_url'] = request.form['launch_presentation_return_url']
session['consumer'] = consumer_key
session['last_request'] = time()
return
elif 'consumer' in session:
if float(session['last_request']) - time() < 60 * 60 * 5: # Five Hours
session['last_request'] = time()
return
else:
response = Response(render_template('lti/errors.html', message = gettext("Session not initialized. Are you a LMS?")))
# response.status_code = 403
return response
def verify_credentials():
if 'oauth_consumer_key' in request.form:
consumer_key = request.form['oauth_consumer_key']
permission_to_lt_user = PermissionToLtUser.find(key=consumer_key)
# TODO: check for nonce
# TODO: check for old requests
if permission_to_lt_user is None:
response = Response(
render_template(
'lti/errors.html',
message=gettext(
"Invalid consumer key. Please check it again.")))
# response.status_code = 412
return response
secret = permission_to_lt_user.secret
# The original dict is in unicode, which does not work with ToolProvider
USE_UNICODE = False
if USE_UNICODE:
data_dict = request.form.to_dict()
else:
data_dict = {}
for key, value in request.form.to_dict().iteritems():
data_dict[key.encode('utf8')] = value.encode('utf8')
tool_provider = ToolProvider(consumer_key, secret, data_dict)
try:
return_value = tool_provider.valid_request(request)
except:
traceback.print_exc()
response = Response(
render_template(
'lti/errors.html',
message=gettext(
"Invalid secret: could not validate request.")))
# response.status_code = 403
return response
else:
if return_value == False:
response = Response(
render_template(
'lti/errors.html',
message=gettext(
"Request checked and failed. Please check that the 'secret' is correct."
)))
# response.status_code = 403
return response
session['author_identifier'] = request.form['user_id']
if 'lis_person_name_full' in request.form:
session['user_fullname'] = request.form['lis_person_name_full']
if 'context_id' in request.form:
session['group_id'] = request.form['context_id']
if 'context_title' in request.form:
session['group_name'] = request.form['context_title']
if 'launch_presentation_locale' in request.form:
session['launch_locale'] = request.form[
'launch_presentation_locale']
if 'launch_presentation_document_target' in request.form:
session['launch_presentation_document_target'] = request.form[
'launch_presentation_document_target']
if 'launch_presentation_return_url' in request.form:
session['launch_presentation_return_url'] = request.form[
'launch_presentation_return_url']
session['consumer'] = consumer_key
session['last_request'] = time()
return
elif 'consumer' in session:
if float(session['last_request']) - time() < 60 * 60 * 5: # Five Hours
session['last_request'] = time()
return
else:
response = Response(
render_template(
'lti/errors.html',
message=gettext("Session not initialized. Are you a LMS?")))
# response.status_code = 403
return response
