atomic_lti_1v1 1.0.1 → 1.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +2 -0
- data/lib/atomic_lti_1v1/lti_1v1.rb +3 -1
- data/lib/atomic_lti_1v1/lti_1v1_middleware.rb +12 -1
- data/lib/atomic_lti_1v1/version.rb +1 -1
- data/lib/atomic_lti_1v1.rb +1 -0
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 332b4e4c334846321195e2ea3f46f1e25806ac7c08973fecc533b52e56034cb9
|
4
|
+
data.tar.gz: c2b0499894e487fee66aec9c3e6fad1e3013b0fc00b210922411c668955f0601
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 39c89b02401dbfd8c07bdaa3e7e6307a5a1181d449e6e84a989d269abc48e16cb8a42f4a6b5025fdebf2324fcf27c12fd10b0f8d736f360990f444772b0db467
|
7
|
+
data.tar.gz: 88e1022bd1dcb20e1475696838088fa9fd89cfc075fe2563284e5e3b07b0e1a6a94a7537cc6a187821f8c8bf7ca1d109c257940b83e192d15dafa2e709fed673
|
data/README.md
CHANGED
@@ -42,6 +42,8 @@ Provide `secret_provider`
|
|
42
42
|
# If using most Atomic Jolt Apps, probably something like this
|
43
43
|
ApplicationInstance.find_by(lti_key: oauth_consumer_key)&.lti_secret
|
44
44
|
end
|
45
|
+
# List of path prefixes to handle. Default is the following:
|
46
|
+
AtomicLti1v1.path_prefixes = ["/lti_launches"]
|
45
47
|
```
|
46
48
|
|
47
49
|
## License
|
@@ -1,7 +1,9 @@
|
|
1
1
|
module AtomicLti1v1
|
2
2
|
class Lti1v1
|
3
3
|
def self.is_lti_1v1?(request)
|
4
|
-
request.params['oauth_consumer_key'].present?
|
4
|
+
request.params['oauth_consumer_key'].present? &&
|
5
|
+
request.params['oauth_signature'].present? &&
|
6
|
+
request.params['lti_version'] == 'LTI-1p0'
|
5
7
|
end
|
6
8
|
|
7
9
|
def self.valid_timestamp?(request)
|
@@ -5,9 +5,15 @@ module AtomicLti1v1
|
|
5
5
|
@app = app
|
6
6
|
end
|
7
7
|
|
8
|
+
def matches_path_prefixes?(request)
|
9
|
+
AtomicLti1v1.path_prefixes.any? do |prefix|
|
10
|
+
request.path.starts_with? prefix
|
11
|
+
end
|
12
|
+
end
|
13
|
+
|
8
14
|
def call(env)
|
9
15
|
request = Rack::Request.new(env)
|
10
|
-
if AtomicLti1v1::Lti1v1.is_lti_1v1?(request)
|
16
|
+
if matches_path_prefixes?(request) && AtomicLti1v1::Lti1v1.is_lti_1v1?(request)
|
11
17
|
oauth_consumer_key = request.params['oauth_consumer_key']
|
12
18
|
|
13
19
|
lti_secret = nil
|
@@ -26,6 +32,11 @@ module AtomicLti1v1
|
|
26
32
|
elsif lti_secret.present? && !AtomicLti1v1::Lti1v1.valid_lti_request?(request, lti_secret)
|
27
33
|
raise AtomicLti1v1::LtiValidationFailed, "Validation failed for oauth_consumer_key: #{oauth_consumer_key}"
|
28
34
|
end
|
35
|
+
|
36
|
+
# Let the frontend know there's no state to validate. This is an LTI 1.3 thing.
|
37
|
+
env["atomic.validated.state_validation"] = {
|
38
|
+
state_verified: true,
|
39
|
+
}
|
29
40
|
end
|
30
41
|
|
31
42
|
@app.call(env)
|
data/lib/atomic_lti_1v1.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: atomic_lti_1v1
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0
|
4
|
+
version: 1.2.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Nick Benoit
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2023-
|
11
|
+
date: 2023-10-11 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rspec
|
@@ -91,7 +91,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
91
91
|
- !ruby/object:Gem::Version
|
92
92
|
version: '0'
|
93
93
|
requirements: []
|
94
|
-
rubygems_version: 3.
|
94
|
+
rubygems_version: 3.4.19
|
95
95
|
signing_key:
|
96
96
|
specification_version: 4
|
97
97
|
summary: Rack middleware to handle validating Lti 1.1 requests
|