Making the LtiLaunchVerifier aspect poincut broader

Author: pfgray

src/main/java/org/imsglobal/aspect/LtiLaunchVerifier.java

@@ -12,6 +12,9 @@
 import org.imsglobal.basiclti.BasicLTIUtil;
 import org.imsglobal.basiclti.LtiVerificationResult;
 
+import java.util.ArrayList;
+import java.util.List;
+
 /**
  *
  * @author pgray
@@ -25,13 +28,43 @@ public LtiLaunchVerifier(LtiKeySecretService ltiKeySecretService) {
         this.keyService = ltiKeySecretService;
     }
 
-    @Around("@annotation(launch) && execution(* *(javax.servlet.http.HttpServletRequest+, org.imsglobal.basiclti.LtiVerificationResult)) && args(request,result)")
-    public Object verifyLtiLaunch(ProceedingJoinPoint pjp, Lti launch, HttpServletRequest request, LtiVerificationResult result) throws Throwable {
+    //@Around("@annotation(launch) && execution(* *(javax.servlet.http.HttpServletRequest+, org.imsglobal.basiclti.LtiVerificationResult, ..)) && args(request, result)")
+    @Around("@annotation(launch)")
+    public Object verifyLtiLaunch(ProceedingJoinPoint pjp, Lti launch) throws Throwable {
+        HttpServletRequest request = null;
+        for (Object arg : pjp.getArgs()) {
+            if (HttpServletRequest.class.isInstance(arg)) {
+                request = (HttpServletRequest) arg;
+            }
+        }
+        if(request == null){
+            throw new IllegalStateException(getErrorMessageForArgumentClass("HttpServletRequest", pjp.getSignature().toLongString()));
+        }
 
+        System.out.println("checking lti params...");
         String oauthSecret = keyService.getSecretForKey(request.getParameter("oauth_consumer_key"));
-        result = BasicLTIUtil.validateMessage(request, request.getRequestURL().toString(), oauthSecret);
+        LtiVerificationResult ltiResult = BasicLTIUtil.validateMessage(request, request.getRequestURL().toString(), oauthSecret);
+
+        Boolean ltiVerificationResultExists = false;
+        //This array will hold the arguments to the join point, so we can pass them along to the advised function.
+        List<Object> args = new ArrayList<>(pjp.getArgs().length);
+        for (Object arg : pjp.getArgs()) {
+            if (arg.getClass().equals(LtiVerificationResult.class)) {
+                args.add(ltiResult);
+                ltiVerificationResultExists = true;
+            } else {
+                args.add(arg);
+            }
+        }
+        if(!ltiVerificationResultExists){
+            throw new IllegalStateException(getErrorMessageForArgumentClass("LtiVerificationResult", pjp.getSignature().toLongString()));
+        }
+
+        return pjp.proceed(args.toArray());
+    }
 
-        return pjp.proceed(new Object[] {request, result});
+    public String getErrorMessageForArgumentClass(String argumentClass, String signature){
+        return "The LtiLaunchVerifier instance cannot find the " + argumentClass + " argument on method: " + signature + ", are you sure it was declared?";
     }
 
 }

src/main/java/org/imsglobal/basiclti/LtiUser.java

@@ -15,8 +15,10 @@ public class LtiUser {
     public LtiUser(HttpServletRequest request) {
         this.id = request.getParameter("user_id");
         this.roles = new LinkedList<>();
-        for(String role : request.getParameter("roles").split(",")){
-            this.roles.add(role.trim());
+        if(request.getParameter("roles") != null) {
+            for (String role : request.getParameter("roles").split(",")) {
+                this.roles.add(role.trim());
+            }
         }
     }