From 1192cfddace4c2197009a4318c29a14e9007e233 Mon Sep 17 00:00:00 2001
From: Fred Woolard <woolardfa@appstate.edu>
Date: Fri, 22 Jul 2016 08:58:25 -0400
Subject: [PATCH] MDL-49171 mod_lti: Fix how request scheme determined

---
 mod/lti/OAuth.php | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/mod/lti/OAuth.php b/mod/lti/OAuth.php
index bdd6b2f..2e8e522 100644
--- a/mod/lti/OAuth.php
+++ b/mod/lti/OAuth.php
@@ -252,7 +252,10 @@ class OAuthRequest {
      * attempt to build up a request from what was passed to the server
      */
     public static function from_request($http_method = null, $http_url = null, $parameters = null) {
-        $scheme = (!is_https()) ? 'http' : 'https';
+        $scheme = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on') ? 'https' : 'http';
+        if (isset($_SERVER['HTTP_X_FORWARDED_PROTO'])) {
+            $scheme = $_SERVER['HTTP_X_FORWARDED_PROTO'];
+        }
         $port = "";
         if ($_SERVER['SERVER_PORT'] != "80" && $_SERVER['SERVER_PORT'] != "443" && strpos(':', $_SERVER['HTTP_HOST']) < 0) {
             $port = ':' . $_SERVER['SERVER_PORT'];
-- 
2.1.4