ClassCube · ghost · May 11, 2020
diff --git a/inc/OAuth.php b/inc/OAuth.php
@@ -1,9 +1,9 @@
 <?php
 
-/* Not mine, but just in case there's another plugin using a 
- * different version of this class. 
+/* Not mine, but just in case there's another plugin using a
+ * different version of this class.
  */
-namespace ClassCube; 
+namespace ClassCube;
 
 /* Generic exception class
  */
@@ -116,9 +116,9 @@ public function check_signature( $request, $consumer, $token, $signature ) {
 }
 
 /**
- * The HMAC-SHA1 signature method uses the HMAC-SHA1 signature algorithm as defined in [RFC2104] 
- * where the Signature Base String is the text and the key is the concatenated values (each first 
- * encoded per Parameter Encoding) of the Consumer Secret and Token Secret, separated by an '&' 
+ * The HMAC-SHA1 signature method uses the HMAC-SHA1 signature algorithm as defined in [RFC2104]
+ * where the Signature Base String is the text and the key is the concatenated values (each first
+ * encoded per Parameter Encoding) of the Consumer Secret and Token Secret, separated by an '&'
  * character (ASCII code 38) even if empty.
  *   - Chapter 9.2 ("HMAC-SHA1")
  */
@@ -146,7 +146,7 @@ public function build_signature( $request, $consumer, $token ) {
 }
 
 /**
- * The PLAINTEXT method does not provide any security protection and SHOULD only be used 
+ * The PLAINTEXT method does not provide any security protection and SHOULD only be used
  * over a secure channel such as HTTPS. It does not use the Signature Base String.
  *   - Chapter 9.4 ("PLAINTEXT")
  */
@@ -157,8 +157,8 @@ public function get_name() {
     }
 
     /**
-     * oauth_signature is set to the concatenated encoded values of the Consumer Secret and 
-     * Token Secret, separated by a '&' character (ASCII code 38), even if either secret is 
+     * oauth_signature is set to the concatenated encoded values of the Consumer Secret and
+     * Token Secret, separated by a '&' character (ASCII code 38), even if either secret is
      * empty. The result MUST be encoded again.
      *   - Chapter 9.4.1 ("Generating Signatures")
      *
@@ -181,10 +181,10 @@ public function build_signature( $request, $consumer, $token ) {
 }
 
 /**
- * The RSA-SHA1 signature method uses the RSASSA-PKCS1-v1_5 signature algorithm as defined in 
- * [RFC3447] section 8.2 (more simply known as PKCS#1), using SHA-1 as the hash function for 
- * EMSA-PKCS1-v1_5. It is assumed that the Consumer has provided its RSA public key in a 
- * verified way to the Service Provider, in a manner which is beyond the scope of this 
+ * The RSA-SHA1 signature method uses the RSASSA-PKCS1-v1_5 signature algorithm as defined in
+ * [RFC3447] section 8.2 (more simply known as PKCS#1), using SHA-1 as the hash function for
+ * EMSA-PKCS1-v1_5. It is assumed that the Consumer has provided its RSA public key in a
+ * verified way to the Service Provider, in a manner which is beyond the scope of this
  * specification.
  *   - Chapter 9.3 ("RSA-SHA1")
  */
@@ -382,7 +382,7 @@ public function get_signable_parameters() {
      *
      * The base string defined as the method, the url
      * and the parameters (normalized), each urlencoded
-     * and the concated with &.
+     * and then concatenated with &.
      */
     public function get_signature_base_string() {
         $parts = array(
@@ -397,7 +397,7 @@ public function get_signature_base_string() {
     }
 
     /**
-     * just uppercases the http method
+     * just upper-cases the http method
      */
     public function get_normalized_http_method() {
         return strtoupper( $this->http_method );
@@ -567,7 +567,7 @@ public function fetch_access_token( &$request ) {
     /**
      * verify an api call, checks all the parameters
      */
-    public function verify_request( &$request ) { 
+    public function verify_request( &$request ) {
         $this->get_version( $request );
         $consumer = $this->get_consumer( $request );
         $token = $this->get_token( $request, $consumer, "access" );
@@ -584,7 +584,7 @@ public function verify_request( &$request ) {
     private function get_version( &$request ) {
         $version = $request->get_parameter( "oauth_version" );
         if ( !$version ) {
-            // Service Providers MUST assume the protocol version to be 1.0 if this parameter is not present. 
+            // Service Providers MUST assume the protocol version to be 1.0 if this parameter is not present.
             // Chapter 7.0 ("Accessing Protected Ressources")
             $version = '1.0';
         }
@@ -686,7 +686,7 @@ private function check_timestamp( $timestamp ) {
         $now = time();
         if ( abs( $now - $timestamp ) > $this->timestamp_threshold ) {
             throw new OAuthException(
-            "Expired timestamp. Yours: " . date('r', $timestamp) . ', ours: ' . date('r', $now)      
+            "Expired timestamp. Yours: " . date('r', $timestamp) . ', ours: ' . date('r', $now)
             //"Expired timestamp, yours $timestamp, ours $now"
             );
         }
@@ -897,7 +897,7 @@ public static function build_http_query( $params ) {
 
 /**
  * A Trivial memory-based store - no support for tokens.
- * 
+ *
  * Pulled from Moodle code base
  */
 class TrivialOAuthDataStore extends OAuthDataStore {
@@ -920,7 +920,7 @@ public function add_consumer( $consumerkey, $consumersecret ) {
      *
      * @param string $consumerkey     Consumer key
      *
-     * @return \OAuthConsumer  OAuthConsumer object
+     * @return OAuthConsumer  OAuthConsumer object
      */
     public function lookup_consumer( $consumerkey ) {
         if ( strpos( $consumerkey, "http://" ) === 0 ) {
@@ -937,11 +937,11 @@ public function lookup_consumer( $consumerkey ) {
     /**
      * Create a dummy OAuthToken object for a consumer
      *
-     * @param \OAuthConsumer $consumer     Consumer
+     * @param OAuthConsumer $consumer     Consumer
      * @param string $tokentype    Type of token
      * @param string $token        Token ID
      *
-     * @return \OAuthToken OAuthToken object
+     * @return OAuthToken OAuthToken object
      */
     public function lookup_token( $consumer, $tokentype, $token ) {
         return new OAuthToken( $consumer, '' );
@@ -950,7 +950,7 @@ public function lookup_token( $consumer, $tokentype, $token ) {
     /**
      * Nonce values are not checked so just return a null
      *
-     * @param \OAuthConsumer $consumer     Consumer
+     * @param OAuthConsumer $consumer     Consumer
      * @param string $token        Token ID
      * @param string $nonce        Nonce value
      * @param string $timestamp    Timestamp
@@ -967,23 +967,23 @@ public function lookup_nonce( $consumer, $token, $nonce, $timestamp ) {
     /**
      * Tokens are not used so just return a null.
      *
-     * @param \OAuthConsumer $consumer     Consumer
+     * @param OAuthConsumer $consumer     Consumer
      *
      * @return null
      */
-    public function new_request_token( $consumer ) {
+    public function new_request_token( $consumer, $callback = null ) {
         return null;
     }
 
     /**
      * Tokens are not used so just return a null.
      *
      * @param string $token        Token ID
-     * @param \OAuthConsumer $consumer     Consumer
+     * @param OAuthConsumer $consumer     Consumer
      *
      * @return null
      */
-    public function new_access_token( $token, $consumer ) {
+    public function new_access_token( $token, $consumer, $verifier = null ) {
         return null;
     }
 

diff --git a/inc/class-lti-consumer.php b/inc/class-lti-consumer.php
@@ -52,7 +52,7 @@ public static function admin_css( $hook ) {
 
     private static function admin_menus() {
         add_menu_page( __( 'LTI Consumer', 'cc-lti' ), __( 'LTI Consumer', 'cc-lti' ), 'manage_options', 'cc-lti', function() {
-            
+
         }, '', 99 );
 
         add_submenu_page( 'cc-lti', __( 'LTI Consumer Tools', 'cc-lti' ), __( 'LTI Tools', 'cc-lti' ), 'manage_options', 'cc-lti', function() {
@@ -65,8 +65,8 @@ private static function admin_menus() {
     }
 
     /**
-     * Outputs the HTML for the admin page where all of the existing 
-     * LTI tools are listed and links to create new tools. 
+     * Outputs the HTML for the admin page where all of the existing
+     * LTI tools are listed and links to create new tools.
      */
     private static function admin_lti_tools() {
         if ( isset( $_GET[ 'add' ] ) ) {
@@ -98,7 +98,7 @@ private static function update_settings() {
 
     /**
      * Gets a setting for the plugin, storing it in a static if needed for later
-     * 
+     *
      * @param type $setting_name
      * @param type $default
      * @param boolean $force_refresh
@@ -128,7 +128,7 @@ public static function add_edit_form() {
 
         if ( empty( $_POST[ 'cc-tool-name' ] ) || empty( $_POST[ 'cc-base-url' ] ) ) {
             if ( !empty( $_POST[ 'cc-id' ] ) ) {
-                
+
             }
             else {
                 wp_redirect( admin_url( 'admin.php?page=cc-lti&add&req' ) );
@@ -156,10 +156,10 @@ public static function add_edit_form() {
 
     /**
      * Adds a new tool to the options table.
-     * 
+     *
      * This doesn't do any validation that the information passed is valid.
      * That should be taken care of before calling this method.
-     * 
+     *
      * @param type $tool_info
      */
     public static function add_tool( $tool_info = [] ) {
@@ -194,10 +194,10 @@ public static function get_tool( $tool_id ) {
 
     /**
      * Retrieves information on a tool based on a url.
-     * 
+     *
      * This looks for the base url field that is found at the beginning
-     * of the url value passed. 
-     * 
+     * of the url value passed.
+     *
      * @param type $url
      */
     private static function find_tool( $url ) {
@@ -358,11 +358,11 @@ private static function generate_hmac_signature( $post_data, $secret, $launch_ur
 
         return $signature;
 
-        $key_parts = urlencodeRFC3986( $secret );
-//$key = implode('&', $key_parts);
-        $key = $key_parts . '&';
-        $base_string = 'GET&' . urlencodeRFC3986( $url ) . '&' . urlencodeRFC3986( $post_string );
-        $signature = base64_encode( hash_hmac( 'sha1', $base_string, $key, true ) );
+//        $key_parts = urlencodeRFC3986( $secret );
+////$key = implode('&', $key_parts);
+//        $key = $key_parts . '&';
+//        $base_string = 'GET&' . urlencodeRFC3986( $url ) . '&' . urlencodeRFC3986( $post_string );
+//        $signature = base64_encode( hash_hmac( 'sha1', $base_string, $key, true ) );
     }
 
     private static function urlencodeRFC3986( $string ) { /* {{{ */

diff --git a/inc/class-lti-table.php b/inc/class-lti-table.php
@@ -34,7 +34,7 @@ public function prepare_items() {
     /**
      * Override the parent columns method. Defines the columns to use in your listing table
      *
-     * @return Array
+     * @return array
      */
     public function get_columns() {
         $columns = array(
@@ -47,7 +47,7 @@ public function get_columns() {
     /**
      * Define which columns are hidden
      *
-     * @return Array
+     * @return array
      */
     public function get_hidden_columns() {
         return array();
@@ -56,7 +56,7 @@ public function get_hidden_columns() {
     /**
      * Define the sortable columns
      *
-     * @return Array
+     * @return array
      */
     public function get_sortable_columns() {
         return array( 'title' => array( 'title', false ) );
@@ -65,7 +65,7 @@ public function get_sortable_columns() {
     /**
      * Get the table data
      *
-     * @return Array
+     * @return array
      */
     private function table_data() {
         $data = get_option( 'classcube-lti-tools', [ ] );
@@ -76,7 +76,7 @@ private function table_data() {
     /**
      * Define what data to show on each column of the table
      *
-     * @param  Array $item        Data
+     * @param  array $item        Data
      * @param  String $column_name - Current column name
      *
      * @return Mixed

diff --git a/inc/pages/admin-tool-edit.php b/inc/pages/admin-tool-edit.php
@@ -80,7 +80,7 @@
                     <th><?php _e( 'Share Username', 'cc-lti' ); ?></th>
                     <td>
                         <input type="checkbox" name="cc-share-username" <?php checked( $tool[ 'share_username' ], true, true ); ?>>
-                    </td>                                
+                    </td>
                 </tr>
                 <tr>
                     <th><?php _e( 'Share Email Address', 'cc-lti' ); ?></th>
@@ -89,9 +89,9 @@
                     </td>
                 </tr>
             </table>
-            <input type="submit" class="button button-primary" value="<?php _e( 'Add Tool', 'cc-lti' ); ?>">
+            <input type="submit" class="button button-primary" value="<?php isset($_GET['add']) ? _e( 'Add Tool', 'cc-lti' ) : _e( 'Save Tool', 'cc-lti' ); ?>">
             <input type="hidden" name="action" value="add_tool">
             <input type="hidden" name="cc-id" value="<?php echo esc_attr( $tool[ 'id' ] ); ?>">
         </form>
     </div>
-</div>
+</div>