aj-ims-lti 1.1.1

data/lib/ajims/lti/outcome_response.rb

@@ -0,0 +1,165 @@
+module AJIMS::LTI
+  # Class for consuming/generating LTI Outcome Responses
+  #
+  # Response documentation: http://www.imsglobal.org/lti/v1p1pd/ltiIMGv1p1pd.html#_Toc309649691
+  #
+  # Error code documentation: http://www.imsglobal.org/gws/gwsv1p0/imsgws_baseProfv1p0.html#1639667
+  #
+  # This class can be used by both Tool Providers and Tool Consumers. Each will
+  # use it a bit differently. The Tool Provider will use it parse the result of
+  # an OutcomeRequest to the Tool Consumer. A Tool Consumer will use it generate
+  # proper response XML to send back to a Tool Provider
+  #
+  # === Tool Provider Usage
+  # An OutcomeResponse will generally be created when POSTing an OutcomeRequest
+  # through a configured ToolProvider. See the ToolProvider documentation for
+  # typical usage.
+  #
+  # === Tool Consumer Usage
+  # When an outcome request is sent from a Tool Provider the body of the request
+  # is XML. This class parses that XML and provides a simple interface for
+  # accessing the information in the request. Typical usage would be:
+  #
+  #    # create a new response and set the appropriate values
+  #    res = IMS::LTI::OutcomeResponse.new
+  #    res.message_ref_identifier = outcome_request.message_identifier
+  #    res.operation = outcome_request.operation
+  #    res.code_major = 'success'
+  #    res.severity = 'status'
+  #
+  #    # set a description (optional) and other information based on the type of response
+  #    if outcome_request.replace_request?
+  #      res.description = "Your old score of 0 has been replaced with #{outcome_request.score}"
+  #    elsif outcome_request.read_request?
+  #      res.description = "You score is 50"
+  #      res.score = 50
+  #    elsif outcome_request.delete_request?
+  #      res.description = "You score has been cleared"
+  #    else
+  #      res.code_major = 'unsupported'
+  #      res.severity = 'status'
+  #      res.description = "#{outcome_request.operation} is not supported"
+  #    end
+  #
+  #    # the generated xml is returned to the Tool Provider
+  #    res.generate_response_xml
+  #
+  class OutcomeResponse
+    include AJIMS::LTI::Extensions::Base
+    
+    attr_accessor :request_type, :score, :message_identifier, :response_code,
+            :post_response, :code_major, :severity, :description, :operation,
+            :message_ref_identifier
+
+    CODE_MAJOR_CODES = %w{success processing failure unsupported}
+    SEVERITY_CODES = %w{status warning error}
+
+    # Create a new OutcomeResponse
+    #
+    # @param opts [Hash] initialization hash
+    def initialize(opts={})
+      opts.each_pair do |key, val|
+        self.send("#{key}=", val) if self.respond_to?("#{key}=")
+      end
+    end
+
+    # Convenience method for creating a new OutcomeResponse from a response object
+    #
+    #    req = IMS::LTI::OutcomeResponse.from_post_response(response)
+    def self.from_post_response(post_response)
+      response = OutcomeResponse.new
+      response.process_post_response(post_response)
+    end
+    
+    def process_post_response(post_response)
+      self.post_response = post_response
+      self.response_code = post_response.code
+      xml = post_response.body
+      self.process_xml(xml)
+      self
+    end
+
+    def success?
+      @code_major == 'success'
+    end
+
+    def processing?
+      @code_major == 'processing'
+    end
+
+    def failure?
+      @code_major == 'failure'
+    end
+
+    def unsupported?
+      @code_major == 'unsupported'
+    end
+
+    def has_warning?
+      @severity == 'warning'
+    end
+
+    def has_error?
+      @severity == 'error'
+    end
+
+    # Parse Outcome Response data from XML
+    def process_xml(xml)
+      doc = REXML::Document.new xml
+      @message_identifier = doc.text("//imsx_statusInfo/imsx_messageIdentifier").to_s
+      @code_major = doc.text("//imsx_statusInfo/imsx_codeMajor")
+      @code_major.downcase! if @code_major
+      @severity = doc.text("//imsx_statusInfo/imsx_severity")
+      @severity.downcase! if @severity
+      @description = doc.text("//imsx_statusInfo/imsx_description")
+      @description = @description.to_s if @description
+      @message_ref_identifier = doc.text("//imsx_statusInfo/imsx_messageRefIdentifier")
+      @operation = doc.text("//imsx_statusInfo/imsx_operationRefIdentifier")
+      @score = doc.text("//readResultResponse//resultScore/textString")
+      @score = @score.to_s if @score
+    rescue REXML::ParseException
+      raise AJIMS::LTI::XmlParseException.new(
+        xml,
+        "Failed to parse XML response from canvas"
+      )
+    end
+
+    # Generate XML based on the current configuration
+    # @return [String] The response xml
+    def generate_response_xml
+      builder = Builder::XmlMarkup.new
+      builder.instruct!
+
+      builder.imsx_POXEnvelopeResponse("xmlns" => "http://www.imsglobal.org/lis/oms1p0/pox") do |env|
+        env.imsx_POXHeader do |header|
+          header.imsx_POXResponseHeaderInfo do |info|
+            info.imsx_version "V1.0"
+            info.imsx_messageIdentifier @message_identifier || AJIMS::LTI::generate_identifier
+            info.imsx_statusInfo do |status|
+              status.imsx_codeMajor @code_major
+              status.imsx_severity @severity
+              status.imsx_description @description
+              status.imsx_messageRefIdentifier @message_ref_identifier
+              status.imsx_operationRefIdentifier @operation
+            end
+          end
+        end #/header
+        env.imsx_POXBody do |body|
+          unless unsupported?
+            body.tag!(@operation + 'Response') do |request|
+              if @operation == OutcomeRequest::READ_REQUEST
+                request.result do |res|
+                  res.resultScore do |res_score|
+                    res_score.language "en" # 'en' represents the format of the number
+                    res_score.textString @score.to_s
+                  end
+                end #/result
+              end
+            end #/operationResponse
+          end
+        end #/body
+      end
+    end
+
+  end
+end

data/lib/ajims/lti/request_validator.rb

@@ -0,0 +1,50 @@
+module AJIMS::LTI
+  # A mixin for OAuth request validation
+  module RequestValidator
+
+    attr_reader :oauth_signature_validator
+
+    # Validates and OAuth request using the OAuth Gem - https://github.com/oauth/oauth-ruby
+    #
+    # To validate the OAuth signatures you need to require the appropriate
+    # request proxy for your application. For example:
+    #
+    #    # For a sinatra app:
+    #    require 'oauth/request_proxy/rack_request'
+    #
+    #    # For a rails app:
+    #    require 'oauth/request_proxy/action_controller_request'
+    # @return [Bool] Whether the request was valid
+    def valid_request?(request, handle_error=true)
+      begin
+        @oauth_signature_validator = OAuth::Signature.build(request, :consumer_secret => @consumer_secret)
+        @oauth_signature_validator.verify() or raise OAuth::Unauthorized
+        true
+      rescue OAuth::Signature::UnknownSignatureMethod, OAuth::Unauthorized
+        if handle_error
+          false
+        else
+          raise $!
+        end
+      end
+    end
+
+    # Check whether the OAuth-signed request is valid and throw error if not
+    #
+    # @return [Bool] Whether the request was valid
+    def valid_request!(request)
+      valid_request?(request, false)
+    end
+
+    # convenience method for getting the oauth nonce from the request
+    def request_oauth_nonce
+      @oauth_signature_validator && @oauth_signature_validator.request.oauth_nonce
+    end
+
+    # convenience method for getting the oauth timestamp from the request
+    def request_oauth_timestamp
+      @oauth_signature_validator && @oauth_signature_validator.request.oauth_timestamp
+    end
+
+  end
+end

data/lib/ajims/lti/tool_config.rb

@@ -0,0 +1,225 @@
+module AJIMS::LTI
+  # Class used to represent an LTI configuration
+  #
+  # It can create and read the Common Cartridge XML representation of LTI links
+  # as described here: http://www.imsglobal.org/LTI/v1p1pd/ltiIMGv1p1pd.html#_Toc309649689
+  #
+  # == Usage
+  # To generate an XML configuration:
+  #
+  #    # Create a config object and set some options
+  #    tc = IMS::LTI::ToolConfig.new(:title => "Example Sinatra Tool Provider", :launch_url => url)
+  #    tc.description = "This example LTI Tool Provider supports LIS Outcome pass-back."
+  #
+  #    # generate the XML
+  #    tc.to_xml
+  #
+  # Or to create a config object from an XML String:
+  #
+  #    tc = IMS::LTI::ToolConfig.create_from_xml(xml)
+  class ToolConfig
+    attr_reader :custom_params, :extensions
+
+    attr_accessor :title, :description, :launch_url, :secure_launch_url,
+                  :icon, :secure_icon, :cartridge_bundle, :cartridge_icon,
+                  :vendor_code, :vendor_name, :vendor_description, :vendor_url,
+                  :vendor_contact_email, :vendor_contact_name
+
+    # Create a new ToolConfig with the given options
+    #
+    # @param opts [Hash] The initial options for the ToolConfig
+    def initialize(opts={})
+      @custom_params = opts.delete("custom_params") || {}
+      @extensions = opts.delete("extensions") || {}
+
+      opts.each_pair do |key, val|
+        self.send("#{key}=", val) if self.respond_to?("#{key}=")
+      end
+    end
+
+    # Create a ToolConfig from the given XML
+    #
+    # @param xml [String]
+    def self.create_from_xml(xml)
+      tc = ToolConfig.new
+      tc.process_xml(xml)
+
+      tc
+    end
+
+    def set_custom_param(key, val)
+      @custom_params[key] = val
+    end
+
+    def get_custom_param(key)
+      @custom_params[key]
+    end
+
+    # Set the extension parameters for a specific vendor
+    #
+    # @param ext_key [String] The identifier for the vendor-specific parameters
+    # @param ext_params [Hash] The parameters, this is allowed to be two-levels deep
+    def set_ext_params(ext_key, ext_params)
+      raise ArgumentError unless ext_params.is_a?(Hash)
+      @extensions[ext_key] = ext_params
+    end
+
+    def get_ext_params(ext_key)
+      @extensions[ext_key]
+    end
+
+    def set_ext_param(ext_key, param_key, val)
+      @extensions[ext_key] ||= {}
+      @extensions[ext_key][param_key] = val
+    end
+
+    def get_ext_param(ext_key, param_key)
+      @extensions[ext_key] && @extensions[ext_key][param_key]
+    end
+
+    # Namespaces used for parsing configuration XML
+    LTI_NAMESPACES = {
+            "xmlns" => 'http://www.imsglobal.org/xsd/imslticc_v1p0',
+            "blti" => 'http://www.imsglobal.org/xsd/imsbasiclti_v1p0',
+            "lticm" => 'http://www.imsglobal.org/xsd/imslticm_v1p0',
+            "lticp" => 'http://www.imsglobal.org/xsd/imslticp_v1p0',
+    }
+
+    # Parse tool configuration data out of the Common Cartridge LTI link XML
+    def process_xml(xml)
+      doc = REXML::Document.new xml
+      if root = REXML::XPath.first(doc, 'xmlns:cartridge_basiclti_link')
+        @title = get_node_text(root, 'blti:title')
+        @description = get_node_text(root, 'blti:description')
+        @launch_url = get_node_text(root, 'blti:launch_url')
+        @secure_launch_url = get_node_text(root, 'blti:secure_launch_url')
+        @icon = get_node_text(root, 'blti:icon')
+        @secure_icon = get_node_text(root, 'blti:secure_icon')
+        @cartridge_bundle = get_node_att(root, 'xmlns:cartridge_bundle', 'identifierref')
+        @cartridge_icon = get_node_att(root, 'xmlns:cartridge_icon', 'identifierref')
+
+        if vendor = REXML::XPath.first(root, 'blti:vendor')
+          @vendor_code = get_node_text(vendor, 'lticp:code')
+          @vendor_description = get_node_text(vendor, 'lticp:description')
+          @vendor_name = get_node_text(vendor, 'lticp:name')
+          @vendor_url = get_node_text(vendor, 'lticp:url')
+          @vendor_contact_email = get_node_text(vendor, '//lticp:contact/lticp:email')
+          @vendor_contact_name = get_node_text(vendor, '//lticp:contact/lticp:name')
+        end
+
+        if custom = REXML::XPath.first(root, 'blti:custom', LTI_NAMESPACES)
+          set_properties(@custom_params, custom)
+        end
+
+        REXML::XPath.each(root, 'blti:extensions', LTI_NAMESPACES) do |vendor_ext_node|
+          platform = vendor_ext_node.attributes['platform']
+          properties = {}
+          set_properties(properties, vendor_ext_node)
+          REXML::XPath.each(vendor_ext_node, 'lticm:options', LTI_NAMESPACES) do |options_node|
+            opt_name = options_node.attributes['name']
+            options = {}
+            set_properties(options, options_node)
+            properties[opt_name] = options
+          end
+
+          self.set_ext_params(platform, properties)
+        end
+
+      end
+    end
+
+    # Generate XML from the current settings
+    def to_xml(opts = {})
+      raise AJIMS::LTI::InvalidLTIConfigError, "A launch url is required for an LTI configuration." unless self.launch_url || self.secure_launch_url
+
+      builder = Builder::XmlMarkup.new(:indent => opts[:indent] || 0)
+      builder.instruct!
+      builder.cartridge_basiclti_link("xmlns" => "http://www.imsglobal.org/xsd/imslticc_v1p0",
+                                      "xmlns:blti" => 'http://www.imsglobal.org/xsd/imsbasiclti_v1p0',
+                                      "xmlns:lticm" => 'http://www.imsglobal.org/xsd/imslticm_v1p0',
+                                      "xmlns:lticp" => 'http://www.imsglobal.org/xsd/imslticp_v1p0',
+                                      "xmlns:xsi" => "http://www.w3.org/2001/XMLSchema-instance",
+                                      "xsi:schemaLocation" => "http://www.imsglobal.org/xsd/imslticc_v1p0 http://www.imsglobal.org/xsd/lti/ltiv1p0/imslticc_v1p0.xsd http://www.imsglobal.org/xsd/imsbasiclti_v1p0 http://www.imsglobal.org/xsd/lti/ltiv1p0/imsbasiclti_v1p0p1.xsd http://www.imsglobal.org/xsd/imslticm_v1p0 http://www.imsglobal.org/xsd/lti/ltiv1p0/imslticm_v1p0.xsd http://www.imsglobal.org/xsd/imslticp_v1p0 http://www.imsglobal.org/xsd/lti/ltiv1p0/imslticp_v1p0.xsd"
+      ) do |blti_node|
+
+        %w{title description launch_url secure_launch_url icon secure_icon}.each do |key|
+          blti_node.blti key.to_sym, self.send(key) if self.send(key)
+        end
+
+        vendor_keys = %w{name code description url}
+        if vendor_keys.any?{|k|self.send("vendor_#{k}")} || vendor_contact_email
+          blti_node.blti :vendor do |v_node|
+            vendor_keys.each do |key|
+              v_node.lticp key.to_sym, self.send("vendor_#{key}") if self.send("vendor_#{key}")
+            end
+            if vendor_contact_email
+              v_node.lticp :contact do |c_node|
+                c_node.lticp :name, vendor_contact_name
+                c_node.lticp :email, vendor_contact_email
+              end
+            end
+          end
+        end
+
+        if !@custom_params.empty?
+          blti_node.tag!("blti:custom") do |custom_node|
+            @custom_params.keys.sort.each do |key|
+              val = @custom_params[key]
+              custom_node.lticm :property, val, 'name' => key
+            end
+          end
+        end
+
+        if !@extensions.empty?
+          @extensions.keys.sort.each do |ext_platform|
+            ext_params = @extensions[ext_platform]
+            blti_node.blti(:extensions, :platform => ext_platform) do |ext_node|
+              ext_params.keys.sort.each do |key|
+                val = ext_params[key]
+                if val.is_a?(Hash)
+                  ext_node.lticm(:options, :name => key) do |type_node|
+                    val.keys.sort.each do |p_key|
+                      p_val = val[p_key]
+                      type_node.lticm :property, p_val, 'name' => p_key
+                    end
+                  end
+                else
+                  ext_node.lticm :property, val, 'name' => key
+                end
+              end
+            end
+          end
+        end
+
+        blti_node.cartridge_bundle(:identifierref => @cartridge_bundle) if @cartridge_bundle
+        blti_node.cartridge_icon(:identifierref => @cartridge_icon) if @cartridge_icon
+
+      end
+    end
+
+    private
+
+    def get_node_text(node, path)
+      if val = REXML::XPath.first(node, path, LTI_NAMESPACES)
+        val.text
+      else
+        nil
+      end
+    end
+
+    def get_node_att(node, path, att)
+      if val = REXML::XPath.first(node, path, LTI_NAMESPACES)
+        val.attributes[att]
+      else
+        nil
+      end
+    end
+
+    def set_properties(hash, node)
+      REXML::XPath.each(node, 'lticm:property', LTI_NAMESPACES) do |prop|
+        hash[prop.attributes['name']] = prop.text
+      end
+    end
+
+  end
+end

data/lib/ajims/lti/tool_consumer.rb

@@ -0,0 +1,95 @@
+module AJIMS::LTI
+  # Class for implementing an LTI Tool Consumer
+  class ToolConsumer
+    include AJIMS::LTI::Extensions::Base
+    include AJIMS::LTI::LaunchParams
+    include AJIMS::LTI::RequestValidator
+
+    attr_accessor :consumer_key, :consumer_secret, :launch_url, :timestamp, :nonce
+
+    # Create a new ToolConsumer
+    #
+    # @param consumer_key [String] The OAuth consumer key
+    # @param consumer_secret [String] The OAuth consumer secret
+    # @param params [Hash] Set the launch parameters as described in LaunchParams
+    def initialize(consumer_key, consumer_secret, params={})
+      @consumer_key = consumer_key
+      @consumer_secret = consumer_secret
+      @custom_params = {}
+      @ext_params = {}
+      @non_spec_params = {}
+      @launch_url = params['launch_url']
+      process_params(params)
+    end
+    
+    def process_post_request(post_request)
+      request = extend_outcome_request(OutcomeRequest.new)
+      request.process_post_request(post_request)
+    end
+
+    # Set launch data from a ToolConfig
+    #
+    # @param config [ToolConfig]
+    def set_config(config)
+      @launch_url ||= config.secure_launch_url
+      @launch_url ||= config.launch_url
+      # any parameters already set will take priority
+      @custom_params = config.custom_params.merge(@custom_params)
+    end
+
+    # Check if the required parameters for a tool launch are set
+    def has_required_params?
+      @consumer_key && @consumer_secret && @resource_link_id && @launch_url
+    end
+
+    # Generate the launch data including the necessary OAuth information
+    #
+    #
+    def generate_launch_data
+      raise AJIMS::LTI::InvalidLTIConfigError, "Not all required params set for tool launch" unless has_required_params?
+
+      params = self.to_params
+      params['lti_version'] ||= 'LTI-1p0'
+      params['lti_message_type'] ||= 'basic-lti-launch-request'
+      uri = URI.parse(@launch_url)
+
+      if uri.port == uri.default_port
+        host = uri.host
+      else
+        host = "#{uri.host}:#{uri.port}"
+      end
+
+      consumer = OAuth::Consumer.new(@consumer_key, @consumer_secret, {
+              :site => "#{uri.scheme}://#{host}",
+              :signature_method => "HMAC-SHA1"
+      })
+
+      path = uri.path
+      path = '/' if path.empty?
+      if uri.query && uri.query != ''
+        CGI.parse(uri.query).each do |query_key, query_values|
+          unless params[query_key]
+            params[query_key] = query_values.first
+          end
+        end
+      end
+      options = {
+              :scheme => 'body',
+              :timestamp => @timestamp,
+              :nonce => @nonce
+      }
+      request = consumer.create_signed_request(:post, path, nil, options, params)
+
+      # the request is made by a html form in the user's browser, so we
+      # want to revert the escapage and return the hash of post parameters ready
+      # for embedding in a html view
+      hash = {}
+      request.body.split(/&/).each do |param|
+        key, val = param.split(/=/).map { |v| CGI.unescape(v) }
+        hash[key] = val
+      end
+      hash
+    end
+
+  end
+end