use of com.auth0.json.mgmt.Role in project gravitee-api-management by gravitee-io.
the class AbstractAuthenticationResource method connectUserInternal.
protected Response connectUserInternal(UserEntity user, final String state, final HttpServletResponse servletResponse, final String accessToken, final String idToken) {
final Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
final UserDetails userDetails = (UserDetails) authentication.getPrincipal();
// Manage authorities, initialize it with dynamic permissions from the IDP
List<Map<String, String>> authorities = userDetails.getAuthorities().stream().map(authority -> Maps.<String, String>builder().put("authority", authority.getAuthority()).build()).collect(Collectors.toList());
// We must also load permissions from repository for configured management or portal role
Set<RoleEntity> userRoles = membershipService.getRoles(MembershipReferenceType.ORGANIZATION, GraviteeContext.getCurrentOrganization(), MembershipMemberType.USER, userDetails.getId());
if (!userRoles.isEmpty()) {
userRoles.forEach(role -> authorities.add(Maps.<String, String>builder().put("authority", role.getScope().toString() + ':' + role.getName()).build()));
}
// JWT signer
Algorithm algorithm = Algorithm.HMAC256(environment.getProperty("jwt.secret"));
Date issueAt = new Date();
Instant expireAt = issueAt.toInstant().plus(Duration.ofSeconds(environment.getProperty("jwt.expire-after", Integer.class, DEFAULT_JWT_EXPIRE_AFTER)));
final String token = JWT.create().withIssuer(environment.getProperty("jwt.issuer", DEFAULT_JWT_ISSUER)).withIssuedAt(issueAt).withExpiresAt(Date.from(expireAt)).withSubject(user.getId()).withClaim(JWTHelper.Claims.PERMISSIONS, authorities).withClaim(JWTHelper.Claims.EMAIL, user.getEmail()).withClaim(JWTHelper.Claims.FIRSTNAME, user.getFirstname()).withClaim(JWTHelper.Claims.LASTNAME, user.getLastname()).withJWTId(UUID.randomUUID().toString()).sign(algorithm);
final TokenEntity tokenEntity = new TokenEntity();
tokenEntity.setType(BEARER);
tokenEntity.setToken(token);
if (idToken != null) {
tokenEntity.setAccessToken(accessToken);
tokenEntity.setIdToken(idToken);
}
if (state != null && !state.isEmpty()) {
tokenEntity.setState(state);
}
final Cookie bearerCookie = cookieGenerator.generate(TokenAuthenticationFilter.AUTH_COOKIE_NAME, "Bearer%20" + token);
servletResponse.addCookie(bearerCookie);
return Response.ok(tokenEntity).build();
}
use of com.auth0.json.mgmt.Role in project gravitee-api-management by gravitee-io.
the class UserServiceTest method shouldUpdateUserWithGroupMappingWithoutOverridingIfGroupDefined.
@Test
public void shouldUpdateUserWithGroupMappingWithoutOverridingIfGroupDefined() throws IOException, TechnicalException {
reset(identityProvider, userRepository, groupService, roleService, membershipService);
mockDefaultEnvironment();
mockGroupsMapping();
mockRolesMapping();
User createdUser = mockUser();
when(userRepository.create(any(User.class))).thenReturn(createdUser);
when(identityProvider.getId()).thenReturn("oauth2");
when(userRepository.findBySource("oauth2", "janedoe@example.com", ORGANIZATION)).thenReturn(Optional.empty());
// mock group search and association
when(groupService.findById(GraviteeContext.getCurrentEnvironment(), "Example group")).thenReturn(mockGroupEntity("group_id_1", "Example group"));
when(groupService.findById(GraviteeContext.getCurrentEnvironment(), "soft user")).thenReturn(mockGroupEntity("group_id_2", "soft user"));
when(groupService.findById(GraviteeContext.getCurrentEnvironment(), "Api consumer")).thenReturn(mockGroupEntity("group_id_4", "Api consumer"));
// mock role search
RoleEntity roleOrganizationAdmin = mockRoleEntity(RoleScope.ORGANIZATION, "ADMIN");
RoleEntity roleOrganizationUser = mockRoleEntity(RoleScope.ORGANIZATION, "USER");
RoleEntity roleEnvironmentAdmin = mockRoleEntity(RoleScope.ENVIRONMENT, "ADMIN");
RoleEntity roleApiUser = mockRoleEntity(RoleScope.API, "USER");
RoleEntity roleApplicationAdmin = mockRoleEntity(RoleScope.APPLICATION, "ADMIN");
when(roleService.findByScopeAndName(RoleScope.ORGANIZATION, "ADMIN")).thenReturn(Optional.of(roleOrganizationAdmin));
when(roleService.findByScopeAndName(RoleScope.ORGANIZATION, "USER")).thenReturn(Optional.of(roleOrganizationUser));
when(roleService.findDefaultRoleByScopes(RoleScope.API, RoleScope.APPLICATION)).thenReturn(Arrays.asList(roleApiUser, roleApplicationAdmin));
Membership membership = new Membership();
membership.setSource("oauth2");
membership.setReferenceId("membershipId");
membership.setReferenceType(io.gravitee.repository.management.model.MembershipReferenceType.GROUP);
final HashSet<Membership> memberships = new HashSet<>();
memberships.add(membership);
when(membershipRepository.findByMemberIdAndMemberTypeAndReferenceType("janedoe@example.com", io.gravitee.repository.management.model.MembershipMemberType.USER, io.gravitee.repository.management.model.MembershipReferenceType.GROUP)).thenReturn(memberships);
when(membershipService.updateRolesToMemberOnReferenceBySource(eq(GraviteeContext.getCurrentOrganization()), eq(GraviteeContext.getCurrentEnvironment()), eq(new MembershipService.MembershipReference(MembershipReferenceType.GROUP, "group_id_1")), eq(new MembershipService.MembershipMember("janedoe@example.com", null, MembershipMemberType.USER)), argThat(roles -> roles.contains(new MembershipService.MembershipRole(RoleScope.API, "USER")) && roles.contains(new MembershipService.MembershipRole(RoleScope.APPLICATION, "ADMIN"))), eq("oauth2"))).thenReturn(Collections.singletonList(mockMemberEntity()));
when(membershipService.updateRolesToMemberOnReferenceBySource(eq(GraviteeContext.getCurrentOrganization()), eq(GraviteeContext.getCurrentEnvironment()), eq(new MembershipService.MembershipReference(MembershipReferenceType.GROUP, "group_id_2")), eq(new MembershipService.MembershipMember("janedoe@example.com", null, MembershipMemberType.USER)), argThat(roles -> roles.contains(new MembershipService.MembershipRole(RoleScope.API, "USER")) && roles.contains(new MembershipService.MembershipRole(RoleScope.APPLICATION, "ADMIN"))), eq("oauth2"))).thenReturn(Collections.singletonList(mockMemberEntity()));
when(membershipService.updateRolesToMemberOnReferenceBySource(eq(GraviteeContext.getCurrentOrganization()), eq(GraviteeContext.getCurrentEnvironment()), eq(new MembershipService.MembershipReference(MembershipReferenceType.GROUP, "group_id_4")), eq(new MembershipService.MembershipMember("janedoe@example.com", null, MembershipMemberType.USER)), argThat(roles -> roles.contains(new MembershipService.MembershipRole(RoleScope.API, "USER")) && roles.contains(new MembershipService.MembershipRole(RoleScope.APPLICATION, "ADMIN"))), eq("oauth2"))).thenReturn(Collections.singletonList(mockMemberEntity()));
when(membershipService.updateRolesToMemberOnReferenceBySource(eq(GraviteeContext.getCurrentOrganization()), eq(GraviteeContext.getCurrentEnvironment()), eq(new MembershipService.MembershipReference(MembershipReferenceType.ORGANIZATION, "DEFAULT")), eq(new MembershipService.MembershipMember("janedoe@example.com", null, MembershipMemberType.USER)), argThat(roles -> roles.contains(new MembershipService.MembershipRole(RoleScope.ORGANIZATION, "ADMIN")) && roles.contains(new MembershipService.MembershipRole(RoleScope.ORGANIZATION, "USER"))), eq("oauth2"))).thenReturn(Collections.singletonList(mockMemberEntity()));
String userInfo = IOUtils.toString(read("/oauth2/json/user_info_response_body.json"), Charset.defaultCharset());
userService.createOrUpdateUserFromSocialIdentityProvider(identityProvider, userInfo);
// verify group creations
verify(membershipService, times(1)).updateRolesToMemberOnReferenceBySource(eq(GraviteeContext.getCurrentOrganization()), eq(GraviteeContext.getCurrentEnvironment()), eq(new MembershipService.MembershipReference(MembershipReferenceType.GROUP, "group_id_1")), eq(new MembershipService.MembershipMember("janedoe@example.com", null, MembershipMemberType.USER)), argThat(roles -> roles.contains(new MembershipService.MembershipRole(RoleScope.API, "USER")) && roles.contains(new MembershipService.MembershipRole(RoleScope.APPLICATION, "ADMIN"))), eq("oauth2"));
verify(membershipService, times(1)).updateRolesToMemberOnReferenceBySource(eq(GraviteeContext.getCurrentOrganization()), eq(GraviteeContext.getCurrentEnvironment()), eq(new MembershipService.MembershipReference(MembershipReferenceType.GROUP, "group_id_2")), eq(new MembershipService.MembershipMember("janedoe@example.com", null, MembershipMemberType.USER)), argThat(roles -> roles.contains(new MembershipService.MembershipRole(RoleScope.API, "USER")) && roles.contains(new MembershipService.MembershipRole(RoleScope.APPLICATION, "ADMIN"))), eq("oauth2"));
verify(membershipService, times(0)).updateRolesToMemberOnReferenceBySource(eq(GraviteeContext.getCurrentOrganization()), eq(GraviteeContext.getCurrentEnvironment()), eq(new MembershipService.MembershipReference(MembershipReferenceType.GROUP, "group_id_3")), eq(new MembershipService.MembershipMember("janedoe@example.com", null, MembershipMemberType.USER)), argThat(roles -> roles.contains(new MembershipService.MembershipRole(RoleScope.API, "USER")) && roles.contains(new MembershipService.MembershipRole(RoleScope.APPLICATION, "ADMIN"))), eq("oauth2"));
verify(membershipService, times(1)).updateRolesToMemberOnReferenceBySource(eq(GraviteeContext.getCurrentOrganization()), eq(GraviteeContext.getCurrentEnvironment()), eq(new MembershipService.MembershipReference(MembershipReferenceType.GROUP, "group_id_4")), eq(new MembershipService.MembershipMember("janedoe@example.com", null, MembershipMemberType.USER)), argThat(roles -> roles.contains(new MembershipService.MembershipRole(RoleScope.API, "USER")) && roles.contains(new MembershipService.MembershipRole(RoleScope.APPLICATION, "ADMIN"))), eq("oauth2"));
verify(membershipService, times(1)).updateRolesToMemberOnReferenceBySource(eq(GraviteeContext.getCurrentOrganization()), eq(GraviteeContext.getCurrentEnvironment()), eq(new MembershipService.MembershipReference(MembershipReferenceType.ORGANIZATION, "DEFAULT")), eq(new MembershipService.MembershipMember("janedoe@example.com", null, MembershipMemberType.USER)), argThat(roles -> roles.contains(new MembershipService.MembershipRole(RoleScope.ORGANIZATION, "ADMIN")) && roles.contains(new MembershipService.MembershipRole(RoleScope.ORGANIZATION, "USER"))), eq("oauth2"));
verify(membershipService, times(1)).deleteReferenceMemberBySource(eq(GraviteeContext.getCurrentOrganization()), eq(GraviteeContext.getCurrentEnvironment()), eq(MembershipReferenceType.GROUP), eq("membershipId"), eq(MembershipMemberType.USER), eq("janedoe@example.com"), eq("oauth2"));
}
use of com.auth0.json.mgmt.Role in project gravitee-api-management by gravitee-io.
the class CurrentUserResource method login.
@POST
@Path("/login")
@ApiOperation(value = "Login")
@Produces(MediaType.APPLICATION_JSON)
public Response login(@Context final javax.ws.rs.core.HttpHeaders headers, @Context final HttpServletResponse servletResponse) {
final Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
if (authentication != null && authentication.getPrincipal() instanceof UserDetails) {
// JWT signer
final Map<String, Object> claims = new HashMap<>();
claims.put(Claims.ISSUER, environment.getProperty("jwt.issuer", DEFAULT_JWT_ISSUER));
final UserDetails userDetails = (UserDetails) authentication.getPrincipal();
// Manage authorities, initialize it with dynamic permissions from the IDP
List<Map<String, String>> authorities = userDetails.getAuthorities().stream().map(authority -> Maps.<String, String>builder().put("authority", authority.getAuthority()).build()).collect(Collectors.toList());
// We must also load permissions from repository for configured management or portal role
Set<RoleEntity> roles = membershipService.getRoles(MembershipReferenceType.ORGANIZATION, GraviteeContext.getCurrentOrganization(), MembershipMemberType.USER, userDetails.getUsername());
if (!roles.isEmpty()) {
roles.forEach(role -> authorities.add(Maps.<String, String>builder().put("authority", role.getScope().toString() + ':' + role.getName()).build()));
}
this.environmentService.findByOrganization(GraviteeContext.getCurrentOrganization()).stream().flatMap(env -> membershipService.getRoles(MembershipReferenceType.ENVIRONMENT, env.getId(), MembershipMemberType.USER, userDetails.getUsername()).stream()).filter(Objects::nonNull).forEach(role -> authorities.add(Maps.<String, String>builder().put("authority", role.getScope().toString() + ':' + role.getName()).build()));
// JWT signer
Algorithm algorithm = Algorithm.HMAC256(environment.getProperty("jwt.secret"));
Date issueAt = new Date();
Instant expireAt = issueAt.toInstant().plus(Duration.ofSeconds(environment.getProperty("jwt.expire-after", Integer.class, DEFAULT_JWT_EXPIRE_AFTER)));
final String token = JWT.create().withIssuer(environment.getProperty("jwt.issuer", DEFAULT_JWT_ISSUER)).withIssuedAt(issueAt).withExpiresAt(Date.from(expireAt)).withSubject(userDetails.getUsername()).withClaim(JWTHelper.Claims.PERMISSIONS, authorities).withClaim(JWTHelper.Claims.EMAIL, userDetails.getEmail()).withClaim(JWTHelper.Claims.FIRSTNAME, userDetails.getFirstname()).withClaim(JWTHelper.Claims.LASTNAME, userDetails.getLastname()).withJWTId(UUID.randomUUID().toString()).sign(algorithm);
final TokenEntity tokenEntity = new TokenEntity();
tokenEntity.setType(BEARER);
tokenEntity.setToken(token);
final Cookie bearerCookie = cookieGenerator.generate(TokenAuthenticationFilter.AUTH_COOKIE_NAME, "Bearer%20" + token);
servletResponse.addCookie(bearerCookie);
return ok(tokenEntity).build();
}
return ok().build();
}
use of com.auth0.json.mgmt.Role in project gravitee-api-management by gravitee-io.
the class AuthResource method login.
@POST
@Path("/login")
@Produces(MediaType.APPLICATION_JSON)
public Response login(@Context final javax.ws.rs.core.HttpHeaders headers, @Context final HttpServletResponse servletResponse) {
final Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
if (authentication != null && authentication.getPrincipal() instanceof UserDetails) {
// JWT signer
final UserDetails userDetails = (UserDetails) authentication.getPrincipal();
// Manage authorities, initialize it with dynamic permissions from the IDP
List<Map<String, String>> authorities = userDetails.getAuthorities().stream().map(authority -> Maps.<String, String>builder().put("authority", authority.getAuthority()).build()).collect(Collectors.toList());
// We must also load permissions from repository for configured environment role
Set<RoleEntity> userRoles = membershipService.getRoles(MembershipReferenceType.ENVIRONMENT, GraviteeContext.getCurrentEnvironment(), MembershipMemberType.USER, userDetails.getId());
if (!userRoles.isEmpty()) {
userRoles.forEach(role -> authorities.add(Maps.<String, String>builder().put("authority", role.getScope().toString() + ':' + role.getName()).build()));
}
Algorithm algorithm = Algorithm.HMAC256(environment.getProperty("jwt.secret"));
Date issueAt = new Date();
Instant expireAt = issueAt.toInstant().plus(Duration.ofSeconds(environment.getProperty("jwt.expire-after", Integer.class, DEFAULT_JWT_EXPIRE_AFTER)));
final String sign = JWT.create().withIssuer(environment.getProperty("jwt.issuer", DEFAULT_JWT_ISSUER)).withIssuedAt(issueAt).withExpiresAt(Date.from(expireAt)).withSubject(userDetails.getUsername()).withClaim(Claims.PERMISSIONS, authorities).withClaim(Claims.EMAIL, userDetails.getEmail()).withClaim(Claims.FIRSTNAME, userDetails.getFirstname()).withClaim(Claims.LASTNAME, userDetails.getLastname()).withJWTId(UUID.randomUUID().toString()).sign(algorithm);
final Token tokenEntity = new Token();
tokenEntity.setTokenType(TokenTypeEnum.BEARER);
tokenEntity.setToken(sign);
final Cookie bearerCookie = cookieGenerator.generate("Bearer%20" + sign);
servletResponse.addCookie(bearerCookie);
return ok(tokenEntity).build();
}
return ok().build();
}
use of com.auth0.json.mgmt.Role in project chemvantage by chuckwight.
the class LTILaunch method basicLtiLaunchRequest.
void basicLtiLaunchRequest(HttpServletRequest request, HttpServletResponse response) throws IOException {
// check for required LTI launch parameters:
try {
String lti_message_type = request.getParameter("lti_message_type");
if (lti_message_type == null || !"basic-lti-launch-request".contentEquals(lti_message_type)) {
doError(request, response, "Invalid lti_message_type parameter.", null, null);
return;
}
String lti_version = request.getParameter("lti_version");
if (lti_version == null) {
doError(request, response, "Missing lti_version parameter.", null, null);
return;
} else if (!lti_version.equals("LTI-1p0")) {
doError(request, response, "Invalid lti_version parameter.", null, null);
return;
}
String oauth_consumer_key = request.getParameter("oauth_consumer_key");
if (oauth_consumer_key == null) {
doError(request, response, "Missing oauth_consumer_key.", null, null);
return;
}
String resource_link_id = request.getParameter("resource_link_id");
if (resource_link_id == null) {
doError(request, response, "Missing resource_link_id.", null, null);
return;
}
Date now = new Date();
BLTIConsumer tc;
try {
tc = ofy().load().type(BLTIConsumer.class).id(oauth_consumer_key).safe();
if ("suspended".equals(tc.status)) {
response.getWriter().println(Subject.header("ChemVantage Account Management") + suspendedAccount(tc) + Subject.footer);
return;
} else if (tc.expires != null && tc.expires.before(now)) {
response.getWriter().println(Subject.header("ChemVantage Account Management") + expiredAccount(tc, request.getServerName()) + Subject.footer);
return;
}
if (tc.secret == null)
throw new Exception("Shared secret was not found in the ChemVantage database.");
// 24 hrs ago
Date yesterday = new Date(now.getTime() - 86400000L);
if (tc.lastLogin == null || tc.lastLogin.before(yesterday)) {
tc.lastLogin = now;
tc.launchParameters = request.getParameterMap();
try {
// this section synchronizes expiration dates from a single domain
String domain = new URL(tc.launchParameters.get("lis_outcome_service_url")[0]).getHost();
// domain may be null for instructors
if (domain != null)
tc.domain = domain;
if (tc.domain != null) {
// tc.domain may be null if grades are never returned to the LMS
List<BLTIConsumer> companions = ofy().load().type(BLTIConsumer.class).filter("domain", tc.domain).list();
companions.remove(tc);
for (BLTIConsumer tcc : companions) {
// assign the shortest expiration time found for this domain
if (tcc.expires != null && (tc.expires == null || tcc.expires.before(tc.expires)))
tc.expires = tcc.expires;
}
}
} catch (Exception e) {
}
// update the lastLogin value and possibly the domain and expires fields
ofy().save().entity(tc);
}
} catch (Exception e) {
String use = request.getServerName().contains("dev-vantage") ? "dev" : "prod";
throw new Exception("Invalid oauth_consumer_key. " + "Please verify that the oauth_consumer_key is entered into your LMS exactly as you are registered with ChemVantage. " + "If your account has been inactive for more than " + ("dev".equals(use) ? "30 days" : "six months") + ", it may have been " + "deleted in accordance with our <a href=https://www.chemvantage.org/About#privacy target=_blank>privacy policy</a>.<br/>" + "Please use the <a href=https://www.chemvantage.org/lti/registration target=_blank>ChemVantage Registration Page</a> " + "to reregister your LMS.");
}
OAuthMessage oam = OAuthServlet.getMessage(request, null);
OAuthValidator oav = new SimpleOAuthValidator();
OAuthConsumer cons = new OAuthConsumer("about:blank#OAuth+CallBack+NotUsed", oauth_consumer_key, tc.secret, null);
OAuthAccessor acc = new OAuthAccessor(cons);
OAuthSignatureMethod.getBaseString(oam);
if (!Nonce.isUnique(request.getParameter("oauth_nonce"), request.getParameter("oauth_timestamp")))
throw new Exception("Invalid nonce or timestamp.");
try {
oav.validateMessage(oam, acc);
} catch (Exception e) {
throw new Exception("OAuth validation failed, most likely due to an invalid shared_secret value in your LMS. Check carefully to eliminate leading or trailing blank spaces.");
}
// BLTI Launch message was validated successfully at this point
// debug.append("Basic LTI launch message validated...");
// Detect whether this is an anonymous LTI launch request per LTIv1p1p2. This is a security patch that
// prevents a cross-site request forgery threat applicable to versions of LTI released prior to v1.3.
// The launch procedure is for the TC to issue an anonymous BLTI launch request with no user information.
// The TP wraps the TC-defined platform_state into an encrypted JSON Web Token (JWT) and redircects the browser
// to the TC-specified relaunch_url with the original platform_state and the new tool_state parameters, where
// tool_state is the encrypted JWT. The TC then relaunches to the TP with the user information and the
// two state parameters, which must be verified by the TP to proceed with the launch. This security patch makes
// ChemVantage compliant with LTIv1p1p2. If the parameters are not included, the TP may proceed with a
// normal v1p0 BLTI launch; however this is subject to the following deprecation schedule:
// LTIv1p0 last certification 12/31/2019 and last market availability 12/31/2020
// LTIv1p1p2 last certification 06/30/2021 and last market availability 06/30/2022
String relaunch_url = request.getParameter("relaunch_url");
String platform_state = request.getParameter("platform_state");
String tool_state = request.getParameter("tool_state");
Algorithm algorithm = Algorithm.HMAC256(Subject.getHMAC256Secret());
if (tool_state != null && platform_state != null) {
// This is a LTIv1.1.2 relaunch response. Validate the tool_state value
try {
JWT.require(algorithm).withIssuer("https://www.chemvantage.org").withClaim("platform_state", platform_state).build().verify(tool_state);
if (tc.lti_version == null || !tc.lti_version.equals("LTI-1p1p2")) {
tc.lti_version = "LTI-1p1p2";
// should have to do this only once
ofy().save().entity(tc);
}
} catch (Exception e) {
throw new Exception("Tool state could not be validated.");
}
} else if (relaunch_url != null && platform_state != null) {
// Anonymous LRTIv1p1p2 launch request. Execute relaunch sequence:
try {
// 10 minutes from now
Date expires = new Date(new Date().getTime() + 600000);
tool_state = JWT.create().withIssuer("https://www.chemvantage.org").withClaim("platform_state", platform_state).withExpiresAt(expires).sign(algorithm);
response.sendRedirect(relaunch_url + "?platform_state=" + platform_state + "&tool_state=" + tool_state);
lti_version = "LTI-1p1p2_proposed";
} catch (Exception e) {
throw new Exception("Tool state JWT could not be created.");
}
// wait for relaunch from platform
return;
}
// End of LTIv1p1p2 section. Continue with normal LTI launch sequence
// Gather some information about the user
String userId = request.getParameter("user_id");
userId = oauth_consumer_key + ":" + (userId == null ? "" : userId);
// Process user information, provision a new user account if necessary, and store the userId in the user's session
User user = new User(userId);
// check if user has Instructor or Administrator role
String roles = request.getParameter("roles");
if (roles != null) {
roles = roles.toLowerCase();
user.setIsInstructor(roles.contains("instructor"));
user.setIsAdministrator(roles.contains("administrator"));
user.setIsTeachingAssistant(roles.contains("teachingassistant"));
}
// user information OK;
// debug.append("userId=" + userId + " and role=" + (user.isInstructor()?"Instructor":"Learner") + "...");
// Gather information that may be needed to return a score to the LMS:
String lis_result_sourcedid = request.getParameter("lis_result_sourcedid");
// debug.append("lis_result_sourcedid=" + lis_result_sourcedid + "...");
String lisOutcomeServiceUrl = request.getParameter("lis_outcome_service_url");
// debug.append("lis_outcome_service_url=" + lisOutcomeServiceUrl + "...");
// Use the resourceLinkId to find the assignment or create a new one:
Assignment myAssignment = null;
boolean saveAssignment = false;
try {
// load the requested Assignment entity if it exists
myAssignment = ofy().load().type(Assignment.class).filter("domain", oauth_consumer_key).filter("resourceLinkId", resource_link_id).first().safe();
if (lisOutcomeServiceUrl != null && !lisOutcomeServiceUrl.equals(myAssignment.lis_outcome_service_url)) {
myAssignment.lis_outcome_service_url = lisOutcomeServiceUrl;
saveAssignment = true;
}
if (saveAssignment)
ofy().save().entity(myAssignment);
} catch (Exception e) {
// or create a new one with the available information (but no assignmentType or topicIds)
myAssignment = new Assignment(oauth_consumer_key, resource_link_id, lisOutcomeServiceUrl, true);
// we'll need the new id value immediately
ofy().save().entity(myAssignment).now();
}
user.setAssignment(myAssignment.id, lis_result_sourcedid);
if (myAssignment.isValid()) {
// used for hashing userIds by Task queue
Queue queue = QueueFactory.getDefaultQueue();
queue.add(withUrl("/HashUserIds").param("sig", user.getTokenSignature()));
response.sendRedirect("/" + myAssignment.assignmentType + "?sig=" + user.getTokenSignature());
} else
response.getWriter().println(Subject.header("Select A ChemVantage Assignment") + pickResourceForm(user, myAssignment, -1) + Subject.footer);
return;
} catch (Exception e) {
doError(request, response, "LTI Launch failed. " + e.getMessage(), null, e);
}
}
Aggregations