atomic_lti 1.5.1 → 1.5.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/lib/atomic_lti/open_id.rb +4 -2
- data/lib/atomic_lti/open_id_middleware.rb +4 -4
- data/lib/atomic_lti/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: '09e333d2d54ff5b9eb9932e2ac888e8abbeeb12c5e32c39665ba4da721ed77f3'
|
|
4
|
+
data.tar.gz: 0a463b3857c3999ae72be4ebd3c3276581327b6d3d35310720e50fb26945ab54
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: e08ce497b87420a2b9a677052136e0fd6ebaed73dd1e976eb30683a9bbca0134e8146d3881f926821d8a931892e566e866ef0014e9917bafb28e5efc18845998
|
|
7
|
+
data.tar.gz: 205225fe9169e6b65348bd3cc35b545a2cfd00531d5cbd331a49c23b83a86a37f3c1a5c776c6c2fff8047f8a356c12758d825727417c172624ef98412adee007
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
module AtomicLti
|
|
2
2
|
class OpenId
|
|
3
|
-
def self.validate_state(nonce, state)
|
|
3
|
+
def self.validate_state(nonce, state, destroy_state)
|
|
4
4
|
if state.blank?
|
|
5
5
|
return false
|
|
6
6
|
end
|
|
@@ -10,7 +10,9 @@ module AtomicLti
|
|
|
10
10
|
return false
|
|
11
11
|
end
|
|
12
12
|
|
|
13
|
-
|
|
13
|
+
if destroy_state
|
|
14
|
+
open_id_state.destroy
|
|
15
|
+
end
|
|
14
16
|
|
|
15
17
|
# Check that the state hasn't expired
|
|
16
18
|
if open_id_state.created_at < 10.minutes.ago
|
|
@@ -73,7 +73,7 @@ module AtomicLti
|
|
|
73
73
|
end
|
|
74
74
|
end
|
|
75
75
|
|
|
76
|
-
def validate_launch(request, validate_target_link_url)
|
|
76
|
+
def validate_launch(request, validate_target_link_url, destroy_state)
|
|
77
77
|
# Validate and decode id_token
|
|
78
78
|
raise AtomicLti::Exceptions::NoLTIToken if request.params["id_token"].blank?
|
|
79
79
|
|
|
@@ -92,7 +92,7 @@ module AtomicLti
|
|
|
92
92
|
end
|
|
93
93
|
|
|
94
94
|
# Validate the state and nonce
|
|
95
|
-
if !AtomicLti::OpenId.validate_state(id_token_decoded["nonce"], state)
|
|
95
|
+
if !AtomicLti::OpenId.validate_state(id_token_decoded["nonce"], state, destroy_state)
|
|
96
96
|
raise AtomicLti::Exceptions::OpenIDStateError.new("Invalid OIDC state.")
|
|
97
97
|
end
|
|
98
98
|
|
|
@@ -100,7 +100,7 @@ module AtomicLti
|
|
|
100
100
|
end
|
|
101
101
|
|
|
102
102
|
def handle_redirect(request)
|
|
103
|
-
id_token_decoded, _state, _state_verified = validate_launch(request, false)
|
|
103
|
+
id_token_decoded, _state, _state_verified = validate_launch(request, false, false)
|
|
104
104
|
|
|
105
105
|
uri = URI(request.url)
|
|
106
106
|
# Technically the target_link_uri is not required and the certification suite
|
|
@@ -152,7 +152,7 @@ module AtomicLti
|
|
|
152
152
|
end
|
|
153
153
|
|
|
154
154
|
def handle_lti_launch(env, request)
|
|
155
|
-
id_token_decoded, state, state_verified = validate_launch(request, true)
|
|
155
|
+
id_token_decoded, state, state_verified = validate_launch(request, true, true)
|
|
156
156
|
|
|
157
157
|
id_token = request.params["id_token"]
|
|
158
158
|
update_install(id_token: id_token_decoded)
|
data/lib/atomic_lti/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: atomic_lti
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.5.
|
|
4
|
+
version: 1.5.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Matt Petro
|
|
@@ -10,7 +10,7 @@ authors:
|
|
|
10
10
|
autorequire:
|
|
11
11
|
bindir: bin
|
|
12
12
|
cert_chain: []
|
|
13
|
-
date: 2023-08-
|
|
13
|
+
date: 2023-08-18 00:00:00.000000000 Z
|
|
14
14
|
dependencies:
|
|
15
15
|
- !ruby/object:Gem::Dependency
|
|
16
16
|
name: pg
|