From 29360dde8a44ec48f35df7b2e0946b0338035101 Mon Sep 17 00:00:00 2001
From: mike seibel <mikes@washington.edu>
Date: Sat, 25 Jan 2025 10:12:34 -0800
Subject: [PATCH] target link uri

---
 blti/templates/blti/500.html | 22 ++++++++++++++++++++++
 blti/views/login.py          | 25 ++++++++++++-------------
 2 files changed, 34 insertions(+), 13 deletions(-)
 create mode 100644 blti/templates/blti/500.html

diff --git a/blti/templates/blti/500.html b/blti/templates/blti/500.html
new file mode 100644
index 0000000..cd02b31
--- /dev/null
+++ b/blti/templates/blti/500.html
@@ -0,0 +1,22 @@
+{% extends 'blti/base.html' %}
+
+{% load static %}
+
+{% block mobile_css %}
+    <link rel="stylesheet" type="text/css" href="{% static "blti/css/mobile.css" %}"/>
+{% endblock mobile_css %}
+
+
+{% block content %}
+<div id="unauthorized_holder">
+  <div id="unauthorized_message">
+    <h2 class="ui-state-error">
+        <i class="fa fa-warning"></i> <span>Page Error</span>
+    </h2>
+    <p><strong>{{ error }}</strong></p>
+    <p>
+      An error has occured while producing this page.  If this page does not load properly after a few minutes, please use the "Help" link to notify support of the problem.
+    </p>
+  </div>
+</div>
+{% endblock content %}
diff --git a/blti/views/login.py b/blti/views/login.py
index 407b003..9efb725 100644
--- a/blti/views/login.py
+++ b/blti/views/login.py
@@ -2,9 +2,8 @@
 # SPDX-License-Identifier: Apache-2.0
 
 from django.views.decorators.csrf import csrf_exempt
-from django.http import HttpResponse
+from django.template.response import TemplateResponse
 from blti.config import get_tool_conf, get_launch_data_storage
-from blti.exceptions import BLTIException
 from pylti1p3.contrib.django import DjangoOIDCLogin
 import logging
 
@@ -12,14 +11,6 @@
 logger = logging.getLogger(__name__)
 
 
-def get_launch_url(request):
-    try:
-        return request.POST.get(
-            'target_link_uri', request.GET['target_link_uri'])
-    except KeyError:
-        raise BLTIException('Missing "target_link_uri" param')
-
-
 @csrf_exempt
 def login(request):
     try:
@@ -27,12 +18,20 @@ def login(request):
         launch_data_storage = get_launch_data_storage()
         oidc_login = DjangoOIDCLogin(
             request, tool_conf, launch_data_storage=launch_data_storage)
-        target_link_uri = get_launch_url(request)
+
+        target_link_uri = getattr(request, request.method)['target_link_uri']
 
         if target_link_uri.startswith('http:') and request.is_secure():
             target_link_uri = f"https:{target_link_uri[5:]}"
 
         return oidc_login.enable_check_cookies().redirect(target_link_uri)
+    except KeyError:
+        logger.error(f"Missing 'target_link_uri' in {request.method} params: "
+                     "{request.body.decode('utf-8')}")
+        return TemplateResponse(request, 'blti/500.html',
+                                context={'error': 'Missing Target Link URI'},
+                                status=500)
     except Exception as ex:
-        logger.error(f"LTI 1.3 login exception: {ex}")
-        return HttpResponse(str(ex), status=401)
+        logger.exception(f"LTI 1.3 login exception: {ex}")
+        return TemplateResponse(request, 'blti/500.html',
+                                context={'error': str(ex)}, status=500)