ims-lti 1.2.2 → 2.3.2

data/lib/ims/lti/services/tool_proxy_registration_service.rb

@@ -0,0 +1,84 @@
+module IMS::LTI::Services
+  class ToolProxyRegistrationService
+    def initialize(registration_request)
+      @registration_request = registration_request
+    end
+
+    def tool_consumer_profile
+      return @tool_consumer_profile if @tool_consumer_profile
+
+      connection = Faraday.new
+      response = connection.get(@registration_request.tc_profile_url)
+      @tool_consumer_profile = IMS::LTI::Models::ToolConsumerProfile.new.from_json(response.body)
+    end
+
+    def service_profiles
+      tool_consumer_profile.services_offered.map(&:profile)
+    end
+
+    def register_tool_proxy(tool_proxy, reregistration_confirm_url = nil, shared_secret = nil)
+      service = tool_consumer_profile.services_offered.find { |s| s.formats.include?('application/vnd.ims.lti.v2.toolproxy+json') && s.actions.include?('POST') }
+
+      SimpleOAuth::Header::ATTRIBUTE_KEYS << :body_hash unless SimpleOAuth::Header::ATTRIBUTE_KEYS.include? :body_hash
+      tool_proxy_json = tool_proxy.to_json
+      body_hash = Digest::SHA1.base64digest tool_proxy_json
+
+      if reregistration?
+        consumer_key = tool_proxy.tool_proxy_guid
+        consumer_secret = shared_secret
+      else
+        consumer_key = @registration_request.reg_key
+        consumer_secret = @registration_request.reg_password
+      end
+
+      conn = Faraday.new do |conn|
+        conn.request :oauth, {:consumer_key => consumer_key, :consumer_secret => consumer_secret, :body_hash => body_hash}
+        conn.adapter :net_http
+      end
+
+      response = conn.post do |req|
+        req.url service.endpoint
+        req.headers['Content-Type'] = 'application/vnd.ims.lti.v2.toolproxy+json'
+        req.headers['VND-IMS-CONFIRM-URL'] = reregistration_confirm_url if reregistration_confirm_url
+        req.body = tool_proxy_json
+      end
+
+      if response.status == 201 || (response.status == 200 && reregistration?)
+        IMS::LTI::Models::ToolProxy.new.from_json(tool_proxy.to_json).from_json(response.body)
+      else
+        raise IMS::LTI::Errors::ToolProxyRegistrationError.new(response.status, response.body)
+      end
+    end
+
+
+    def remove_invalid_capabilities!(message_handler)
+      {
+        invalid_capabilities: remove_capabilites!(message_handler),
+        invalid_parameters: remove_params!(message_handler)
+      }
+    end
+
+    private
+
+    def remove_params!(message_handler)
+      orig_parameters = message_handler.parameter || []
+      parameters = orig_parameters.select {|p| p.fixed? || tool_consumer_profile.capability_offered.include?(p.variable)}
+      message_handler.parameter = parameters
+      orig_parameters - parameters
+    end
+
+    def remove_capabilites!(message_handler)
+      orig_capabilities = message_handler.enabled_capability || []
+      capabilites = orig_capabilities & tool_consumer_profile.capability_offered
+      capabilites.reject! { |cap| IMS::LTI::Models::ToolConsumerProfile::MESSAGING_CAPABILITIES.include? cap }
+      message_handler.enabled_capability = capabilites
+      orig_capabilities - capabilites
+    end
+
+    def reregistration?
+      @registration_request.is_a?(IMS::LTI::Models::Messages::ToolProxyUpdateRequest)
+    end
+
+
+  end
+end

data/lib/ims/lti/services/tool_proxy_validator.rb

@@ -0,0 +1,182 @@
+module IMS::LTI::Services
+  class ToolProxyValidator
+
+    attr_reader :tool_proxy
+
+    def initialize(tool_proxy)
+      @tool_proxy = tool_proxy
+    end
+
+    def tool_consumer_profile
+      return @tool_consumer_profile if @tool_consumer_profile
+
+      connection = Faraday.new
+      response = connection.get(tool_proxy.tool_consumer_profile)
+      @tool_consumer_profile = IMS::LTI::Models::ToolConsumerProfile.new.from_json(response.body)
+      @tool_consumer_profile
+    end
+
+    def tool_consumer_profile=(tcp)
+      tcp = IMS::LTI::Models::ToolConsumerProfile.from_json(tcp) unless tcp.is_a?(IMS::LTI::Models::ToolConsumerProfile)
+      if tool_proxy.tool_consumer_profile != tcp.id
+        raise IMS::LTI::Errors::InvalidToolConsumerProfile, "Tool Consumer Profile @id doesn't match the Tool Proxy"
+      end
+      @tool_consumer_profile = tcp
+    end
+
+    def capabilities_offered
+      tool_consumer_profile.capabilities_offered
+    end
+
+    def invalid_services
+      services = tool_proxy.security_contract.services
+      services_used = services.each_with_object({}) do |s, hash|
+        hash[s.service.split('#').last.strip] = s.actions
+        hash
+      end
+      services_offered = tool_consumer_profile.services_offered.each_with_object({}) do |s, hash|
+        hash[s.id.split(':').last.split('#').last.strip] = s.actions
+        hash
+      end
+      invalid_services = services_used.each_with_object({}) do |(id, actions), hash|
+        if services_offered.keys.include?(id)
+          actions_used = normalize_strings(*services_offered[id])
+          actions_offered = normalize_strings(*actions)
+          invalid_actions = actions_offered - actions_used
+          hash[id] = invalid_actions unless invalid_actions.empty?
+        else
+          hash[id] = actions
+        end
+        hash
+      end
+      invalid_services
+    end
+
+    def invalid_message_handlers
+      ret_val = {}
+      tool_profile = tool_proxy.tool_profile
+      #singleton_message_handlers = tool_profile.messages
+      invalid_rhs = validate_resource_handlers(tool_profile.resource_handlers)
+      ret_val[:resource_handlers] = invalid_rhs unless invalid_rhs.empty?
+      invalid_singleton_message_handlers = validate_singleton_message_handlers(tool_profile.messages)
+      ret_val[:singleton_message_handlers] = invalid_singleton_message_handlers unless invalid_singleton_message_handlers.empty?
+      ret_val
+    end
+
+    def invalid_capabilities
+      tool_proxy.enabled_capabilities - capabilities_offered
+    end
+
+    def invalid_security_contract
+      ret_val = {}
+
+      is_split_secret_capable = tool_proxy.enabled_capabilities.include?('Security.splitSecret')
+      has_shared_secret = tool_proxy.security_contract.shared_secret != nil && !tool_proxy.security_contract.shared_secret.empty?
+      has_split_secret = tool_proxy.security_contract.tp_half_shared_secret != nil && !tool_proxy.security_contract.tp_half_shared_secret.empty?
+
+      if is_split_secret_capable
+        ret_val[:missing_secret] = :tp_half_shared_secret unless has_split_secret
+        ret_val[:invalid_secret_type] = :shared_secret if has_shared_secret
+      else
+        ret_val[:missing_secret] = :shared_secret unless has_shared_secret
+        ret_val[:invalid_secret_type] = :tp_half_shared_secret if has_split_secret
+      end
+
+      ret_val
+    end
+
+    def invalid_security_profiles
+      security_profiles = tool_proxy.tool_profile.security_profiles
+      array = security_profiles.each_with_object([]) do |sp, array|
+        tcp_sp = tool_consumer_profile.security_profile_by_name(security_profile_name: sp.security_profile_name)
+        if tcp_sp
+          supported_algorithms = sp.digest_algorithms & tcp_sp.digest_algorithms
+          unsupported_algorithms = sp.digest_algorithms - supported_algorithms
+          unless unsupported_algorithms.empty?
+            array << { name: sp.security_profile_name, algorithms: unsupported_algorithms }
+          end
+        else
+          array << { name: sp.security_profile_name }
+        end
+      end
+      array
+    end
+
+    def errors
+      ret_val = {}
+      ret_val[:invalid_security_contract] = invalid_security_contract unless invalid_security_contract.empty?
+      ret_val[:invalid_capabilities] = invalid_capabilities unless invalid_capabilities.empty?
+      ret_val[:invalid_message_handlers] = invalid_message_handlers unless invalid_message_handlers.empty?
+      ret_val[:invalid_services] = invalid_services unless invalid_services.empty?
+      ret_val[:invalid_security_profiles] = invalid_security_profiles unless invalid_security_profiles.empty?
+      ret_val
+    end
+
+    def valid?
+      errors.keys.empty?
+    end
+
+    private
+
+    def normalize_strings(string, *strings)
+      strings.push(string)
+      normalized = strings.map {|s| s.upcase.strip}
+      normalized
+    end
+
+    def validate_message_handlers(message_handlers)
+      message_handlers.each_with_object([]) do |mh, array|
+        invalid_capabilities = mh.enabled_capabilities - capabilities_offered
+        invalid_parameters = validate_parameters(mh.parameters)
+        if !invalid_parameters.empty? || !invalid_capabilities.empty?
+          hash = { message_type: mh.message_type, }
+          hash[:invalid_capabilities] = invalid_capabilities unless invalid_capabilities.empty?
+          hash[:invalid_parameters] = invalid_parameters unless invalid_parameters.empty?
+          array << hash
+        end
+        array
+      end
+    end
+
+    def validate_parameters(parameters)
+      parameters.each_with_object([]) do |p, array|
+        if !p.fixed? && !capabilities_offered.include?(p.variable)
+          array << { name: p.name, variable: p.variable }
+        end
+      end
+    end
+
+    def validate_message_types(message_handlers)
+      message_handlers.each_with_object([]) do |mh, array|
+        array << mh.message_type unless capabilities_offered.include?(mh.message_type)
+        array
+      end
+    end
+
+    def validate_resource_handlers(resource_handlers)
+      resource_handlers.each_with_object([]) do |rh, array|
+        invalid_message_types = validate_message_types(rh.messages)
+        invalid_mhs = validate_message_handlers(rh.messages)
+        if !invalid_mhs.empty? || !invalid_message_types.empty?
+          hash = {
+            code: rh.resource_type.code,
+          }
+          hash[:messages] = invalid_mhs unless invalid_mhs.empty?
+          hash[:invalid_message_types] = invalid_message_types unless invalid_message_types.empty?
+          array << hash
+        end
+        array
+      end
+    end
+
+    def validate_singleton_message_handlers(message_handlers)
+      hash = {}
+      invalid_messages = validate_message_handlers(message_handlers)
+      invalid_message_types = validate_message_types(message_handlers)
+      hash[:messages] = invalid_messages unless invalid_messages.empty?
+      hash[:invalid_message_types] = invalid_message_types unless invalid_message_types.empty?
+      hash
+    end
+
+  end
+end

data/lib/ims/lti/services.rb

@@ -0,0 +1,11 @@
+module IMS::LTI
+  module Services
+    require_relative 'services/oauth2_client'
+    require_relative 'services/tool_proxy_registration_service'
+    require_relative 'services/tool_config'
+    require_relative 'services/tool_proxy_validator'
+    require_relative 'services/message_authenticator'
+    require_relative 'services/tool_consumer_profile_service'
+    require_relative 'services/authentication_service'
+  end
+end

data/lib/ims/lti/version.rb

@@ -0,0 +1,5 @@
+module IMS
+  module LTI
+    VERSION = "2.3.2"
+  end
+end

data/lib/ims/lti.rb

@@ -1,69 +1,19 @@
-require 'oauth'
+require 'addressable/uri'
 require 'builder'
-require "rexml/document"
-require 'cgi'
+require 'faraday'
+require 'faraday_middleware'
+require 'json'
+require 'json/jwt'
+require 'rexml/document'
 require 'securerandom'
+require 'simple_oauth'
 
-module IMS # :nodoc:
-
-  # :main:IMS::LTI
-  # LTI is a standard defined by IMS for creating eduction Tool Consumers/Providers.
-  # LTI documentation: http://www.imsglobal.org/lti/index.html
-  #
-  # When creating these tools you will work primarily with the ToolProvider and
-  # ToolConsumer classes.
-  #
-  # For validating OAuth request be sure to require the necessary proxy request
-  # object. See IMS::LTI::RequestValidator#valid_request? for more documentation.
-  #
-  # == Installation
-  # This is packaged as the `ims-lti` rubygem, so you can just add the dependency to
-  # your Gemfile or install the gem on your system:
-  #
-  #    gem install ims-lti
-  #
-  # To require the library in your project:
-  #
-  #    require 'ims/lti'
+module IMS
   module LTI
-
-    # The versions of LTI this library supports
-    VERSIONS = %w{1.0 1.1}
-
-    class InvalidLTIConfigError < StandardError
-    end
-
-    class XMLParseError < StandardError
-    end
-
-    # POST a signed oauth request with the given key/secret/data
-    def self.post_service_request(key, secret, url, content_type, body)
-      raise IMS::LTI::InvalidLTIConfigError, "" unless key && secret
-
-      consumer = OAuth::Consumer.new(key, secret)
-      token = OAuth::AccessToken.new(consumer)
-      token.post(
-              url,
-              body,
-              'Content-Type' => content_type
-      )
-    end
-
-    # Generates a unique identifier
-    def self.generate_identifier
-      SecureRandom.uuid
-    end
+    require_relative 'lti/converters'
+    require_relative 'lti/errors'
+    require_relative 'lti/models'
+    require_relative 'lti/serializers'
+    require_relative 'lti/services'
   end
 end
-
-require 'ims/lti/extensions'
-require 'ims/lti/launch_params'
-require 'ims/lti/request_validator'
-require 'ims/lti/tool_base'
-require 'ims/lti/deprecated_role_checks'
-require 'ims/lti/role_checks'
-require 'ims/lti/tool_provider'
-require 'ims/lti/tool_consumer'
-require 'ims/lti/outcome_request'
-require 'ims/lti/outcome_response'
-require 'ims/lti/tool_config'

data/lib/ims.rb

@@ -1 +1,4 @@
-require 'ims/lti'
+module IMS
+  require 'ims/lti'
+  require 'ims/lis'
+end