Adds the property that is required by Chrome to opt-in to its 3rd party
cookie partitioning solution, CHIPS. This specific change ensures the
'state' cookie, used in the OIDC handshake, has partitioning support.
This cookie can be partitioned unconditionally, since it's a cookie
controlled by the library and one we don't expect to be set without
partitioning elsewhere.
The default implementation, previously included with the library, is no
longer shipped there. Clients must provide their own implementation of
the ICookie interface instead.
This has been generated running the following Sniffs, all
them part of the Moodle's CodeSniffer standard:
- PSR12.Functions.ReturnTypeDeclaration
- PSR12.Functions.NullableTypeDeclaration
- moodle.Methods.MethodDeclarationSpacing
- Squiz.Whitespace.ScopeKeywordSpacing
All them are, exclusively, about correct spacing, so the changes
are, all them, only white space changes.
Only exceptions to the above are 3 changes what were setting the
return type in a new line, and, when that happens, the closing
parenthesis (bracket) has to go to the same line than the colon.
If an activity, like workshop or forum, has multiple grade items,
declarative binding of the grade item (line item) isn't supported.
Instead of throwing an exception, handle the case more elegantly
and just omit the 'add to gradebook' option for these activities.
Only call user_update_user when the relevant user data has changed,
preventing unnecessary user_updated events. This also removes the
line setting timemodified on the user since user_update_user already
handles this.
If the enrolment method is updated from an LTI 1.1/2.0 tool to an LTI
1.3 tool, it may have associated enrol_lti_users records not having
ltideploymentid values. These are legacy users and must not be returned
by the repository, which deals only with LTI 1.3 LTI users.
As in MDL-74691, we need either or both of these fields, meaning either
one could be omitted. This just supports that as per the fix made in
MDL-74691.
If member sync runs before the user launches the tool, a partial record
is created, without consumer secret. Subsequent launches of the tool by
that member don't resolve this and this results in grade sync failing
for any affected users. This patch:
- data fixes the existing affected rows
- fixes the launch code, ensuring secret is recorded on launch,
irrespective of whether the user info record has been created already
or not.
Fixes the enrol_lti_users.consumersecret field for LTI 2.0 users.
This field erroneously contained the tool secret and not the consumer
secret needed for service requests when used with LTI 2.0 consumers,
which resulted in complete grade sync failure for LTI 2.0 consumers.
This patch:
- adds an upgrade step to address existing incorrect secrets for LTI
2.0 launched users. It sets these to the correct consumer secret.
- fixes the way the secret is first set during a launch, ensuring
this->consumer->secret is used, which properly captures either the
tool secret (for 1.1 launches) or the consumer secret (for 2.0
launches).
The lib/lti1p3 library now passes $options['form_params'] instead of
$options['body'] when making access token requests. To maintain the
'application/x-www-form-urlencoded' content-type required by OAuth 2.0
(https://www.rfc-editor.org/rfc/rfc6749#section-4.1.3), the client has
been changed to convert these array params into a body query string,
which matches the behaviour prior to the library upgrade and makes
the tool can continue to call tool platform services. Support for
$options['body'] remains, as this is still used during service calls.
Adds a warning to the 'name' column of the tables, letting teachers know
that the activity exposed by the method has been deleted and what their
options are.
This changes the admin pages such that to see the endpoints required
by the platform, an admin user must first create a draft registration.
This allows the registration uniqueid to be generated and included in
the initiate login and dynamic registration URLs.
- Allow the tool to generate secure, one time, dynamic registration
URLs for use in supporting platforms.
- Registration endpoint, which validates the one time URL, makes
the registration requqest to the platform and adds the approriate
tool registration changes in the tool on success.
- Admin settings pages make use of the 'copy to clipboard' module
which is now in core.
This change adds a new grade sync task for LTI Advantage and updates
the legacy task such that it only operates on legacy tools. This uses
the assignment and grades service 2.0.
This change adds a new member sync task for LTI Advantage and updates
the legacy task such that it only operates on legacy tools. This uses
the names and roles provisioning service 2.0.
