Break out the issuer and info into separate urls.

badges/badge-info.php

@@ -0,0 +1,45 @@
+<?php
+
+// https://github.com/mozilla/openbadges/wiki/Assertions
+
+use \Tsugi\Util\U;
+use \Tsugi\Core\LTIX;
+use \Tsugi\UI\Lessons;
+
+if ( !isset($_GET['id']) ) {
+    die_with_error_log('Missing id parameter');
+}
+
+require_once "../config.php";
+require_once "badge-util.php";
+
+if ( ! isset($CFG->lessons) ) {
+    die_with_error_log('Cannot find lessons.json ($CFG->lessons)');
+}
+
+// Load the Lesson
+$l = new Lessons($CFG->lessons);
+
+$PDOX = LTIX::getConnection();
+
+//echo("<pre>\n");
+$encrypted = $_GET['id'];
+$x = parse_badge_id($encrypted, $l);
+if ( is_string($x) ) {
+    die_with_error_log($x);
+}
+$row = $x[0];
+$pieces = $x[2];
+$badge = $x[3];
+
+$date = U::iso8601($row['login_at']);
+$email = $row['email'];
+$title = $row['title'];
+$code = $pieces[1];
+error_log('Assertion:'.$pieces[0].':'.$pieces[1].':'.$pieces[2]);
+$image = $CFG->badge_url.'/'.$code.'.png';
+
+$text = get_badge($encrypted, $code, $badge, $title);
+header('Content-Type: application/json');
+echo($text);
+

badges/badge-issuer.php

@@ -0,0 +1,45 @@
+<?php
+
+// https://github.com/mozilla/openbadges/wiki/Assertions
+
+use \Tsugi\Util\U;
+use \Tsugi\Core\LTIX;
+use \Tsugi\UI\Lessons;
+
+if ( !isset($_GET['id']) ) {
+    die_with_error_log('Missing id parameter');
+}
+
+require_once "../config.php";
+require_once "badge-util.php";
+
+if ( ! isset($CFG->lessons) ) {
+    die_with_error_log('Cannot find lessons.json ($CFG->lessons)');
+}
+
+// Load the Lesson
+$l = new Lessons($CFG->lessons);
+
+$PDOX = LTIX::getConnection();
+
+//echo("<pre>\n");
+$encrypted = $_GET['id'];
+$x = parse_badge_id($encrypted, $l);
+if ( is_string($x) ) {
+    die_with_error_log($x);
+}
+$row = $x[0];
+$pieces = $x[2];
+$badge = $x[3];
+
+$date = U::iso8601($row['login_at']);
+$email = $row['email'];
+$title = $row['title'];
+$code = $pieces[1];
+error_log('Assertion:'.$pieces[0].':'.$pieces[1].':'.$pieces[2]);
+$image = $CFG->badge_url.'/'.$code.'.png';
+
+$text = get_issuer($encrypted, $code, $badge, $title);
+header('Content-Type: application/json');
+echo($text);
+

badges/badge-util.php

@@ -72,6 +72,7 @@ function get_assertion($encrypted, $date, $code, $badge, $title, $email ) {
     $image = $CFG->badge_url.'/'.$code.'.png';
     $recepient = 'sha256$' . hash('sha256', $email . $CFG->badge_assert_salt);
     $assert_id = $CFG->wwwroot . "/badges/assert.php?id=". $encrypted;
+    $badge_url = $CFG->wwwroot . "/badges/badge-info.php?id=". $encrypted;
     $retval = <<< EOF
 {
   "@context": "https://w3id.org/openbadges/v2",
@@ -84,26 +85,58 @@ function get_assertion($encrypted, $date, $code, $badge, $title, $email ) {
     "identity": "$recepient"
   },
   "issuedOn": "$date",
-  "badge": {
-    "id": "$image",
+  "badge": "$badge_url",
+  "image" : "$image",
+  "evidence" : "$CFG->apphome",
+  "verification": {
+    "type": "hosted"
+  }
+}
+EOF;
+    $retval = json_encode(json_decode($retval), JSON_PRETTY_PRINT);
+    return $retval;
+}
+
+function get_badge($encrypted, $code, $badge, $title) {
+    global $CFG;
+
+    $image = $CFG->badge_url.'/'.$code.'.png';
+    $badge_url = $CFG->wwwroot . "/badges/badge-info.php?id=". $encrypted;
+    $badge_issuer = $CFG->wwwroot . "/badges/badge-issuer.php?id=". $encrypted;
+    $retval = <<< EOF
+{
+  "@context": "https://w3id.org/openbadges/v2",
+    "id": "$badge_url",
     "type": "BadgeClass",
     "name": "$badge->title",
     "image": "$image",
     "description": "Completed $badge->title in course $title at $CFG->servicename",
     "criteria": "$CFG->apphome",
-    "issuer": {
+    "issuer": "$badge_issuer"
+}
+EOF;
+    $retval = json_encode(json_decode($retval), JSON_PRETTY_PRINT);
+    return $retval;
+}
+
+function get_issuer($encrypted, $code, $badge, $title) {
+    global $CFG;
+
+    $image = $CFG->badge_url.'/'.$code.'.png';
+    $badge_issuer = $CFG->wwwroot . "/badges/badge-issuer.php?id=". $encrypted;
+    $parse = parse_url($CFG->wwwroot);
+    $domain = $parse['host'];
+    $retval = <<< EOF
+{
+  "@context": "https://w3id.org/openbadges/v2",
+      "id": "$badge_issuer",
       "type": "Profile",
-      "id": "$CFG->apphome",
       "url": "$CFG->apphome",
       "name": "$CFG->servicename",
-      "org": "$CFG->servicename"
-    }
-  },
-  "image" : "$image",
-  "evidence" : "$CFG->apphome",
-  "verification": {
-    "type": "hosted"
-  }
+      "org": "$CFG->servicename",
+      "verification": {
+         "allowedOrigins": "$domain"
+      }
 }
 EOF;
     $retval = json_encode(json_decode($retval), JSON_PRETTY_PRINT);