Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-40005

Service.php cannot read the Authorization header when PHP is run as FCGI

    XMLWordPrintable

    Details

    • Testing Instructions:
      Hide

      1. You'll need to find a tool provider that supports sending grades (I think http://www.imsglobal.org/developers/LTI/test/v1p1/tool.php can)
      2. Add an external tool link pointing to that tool provider (make sure it's configured to accept grades)
      3. Ensure the user you're testing as is enrolled in the course
      4. View the external tool link and have it send a grade back
      5. Check the grade book. A grade should be present for the user and that LTI item.

      Note: your moodle site might need to be publicly available so the Tool can send info back.

      Show
      1. You'll need to find a tool provider that supports sending grades (I think http://www.imsglobal.org/developers/LTI/test/v1p1/tool.php can) 2. Add an external tool link pointing to that tool provider (make sure it's configured to accept grades) 3. Ensure the user you're testing as is enrolled in the course 4. View the external tool link and have it send a grade back 5. Check the grade book. A grade should be present for the user and that LTI item. Note: your moodle site might need to be publicly available so the Tool can send info back.
    • Affected Branches:
      MOODLE_23_STABLE, MOODLE_24_STABLE, MOODLE_25_STABLE
    • Fixed Branches:
      MOODLE_24_STABLE, MOODLE_25_STABLE
    • Pull Master Branch:
      MDL-40005_lti_headers

      Description

      Steps to reproduce:
      Run PHP as FCGI
      Try to POST a grade from an external tool to Moodle
      Nothing is reported

      This is due to the fact that getheaders() used in service.php only works when mod_php is used via Apache.

      My solution was to use a .htaccess with this in it:
      RewriteEngine on
      RewriteRule .* - [E=HTTP_AUTHORIZATION:%

      {HTTP:Authorization}

      ,L]

      And insert the following code at the very top of the page

      if (!function_exists('getallheaders'))
      {
      function getallheaders()
      {
      $headers = '';
      foreach ($_SERVER as $name => $value)
      {
      if (substr($name, 0, 5) == 'HTTP_')

      { $headers[str_replace(' ', '-', ucwords(strtolower(str_replace('_', ' ', substr($name, 5)))))] = $value; }

      }

      $headers['Authorization'] = $_SERVER['HTTP_AUTHORIZATION'];

      return $headers;
      }
      }

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              bushido Mark Nielsen
              Reporter:
              epimedia Eric Warner
              Peer reviewer:
              Dan Poltawski
              Integrator:
              Sam Hemelryk
              Tester:
              Rajesh Taneja
              Participants:
              Component watchers:
              Adrian Greeve, Jake Dallimore, Mathew May, Mihail Geshoski, Peter Dias
              Votes:
              1 Vote for this issue
              Watchers:
              10 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Fix Release Date:
                9/Sep/13