fix: use module_item_redirect OAuth flow for ExternalUrl Panopto items

The Canvas app authenticates ExternalUrl items via: GET session_token?return_to=<module_item_redirect>?display=borderless → GET session_url → OAuth2 confirm → POST /login/oauth2/accept → Panopto Login.aspx?code= → CookieCheck.aspx (sets Panopto cookies) Our previous code used sessionless_launch (the course-level Panopto tool) for direct Panopto links, which gave wrong/incomplete Panopto cookies. Added DownloadExternalPanoptoURL() that replicates the exact app flow. Falls back to DownloadVideo if no Panopto cookies are obtained. Both List.aspx (folder playlists) and Viewer.aspx (single videos) are handled with the correct yt-dlp flags and output templates.
2026-05-16 22:33:22 +02:00
parent 43392a4132
commit 333e784ce9
2 changed files with 118 additions and 1 deletions
--- a/internal/canvas/client.go
+++ b/internal/canvas/client.go
@@ -240,7 +240,7 @@ func (c *Client) DownloadModules(courseRoot string) {
 					indent := strings.Repeat("  ", len(subHeaderStack)+1)
 					fmt.Printf("%s- Found direct video link: %s\n", indent, item.Title)

-					panopto.DownloadVideo(c.HTTPClient, c.AccessToken, c.CourseID, targetDir, item.ExternalURL, item.Title)
+					panopto.DownloadExternalPanoptoURL(c.HTTPClient, c.AccessToken, item.URL, item.ExternalURL, targetDir, item.Title)
 				}

 			case "Page":