ims-lti 1.2.4 → 2.2.3

data/lib/ims/lti/models/vendor.rb

@@ -0,0 +1,28 @@
+module IMS::LTI::Models
+  class Vendor < LTIModel
+
+    add_attributes :code, :website
+    add_attribute :id, json_key:'@id'
+    add_attribute :contact, relation:'IMS::LTI::Models::Contact'
+    add_attribute :vendor_name, relation:'IMS::LTI::Models::LocalizedName'
+    add_attribute :description, relation:'IMS::LTI::Models::LocalizedText'
+    add_attribute :timestamp, json_converter: 'IMS::LTI::Converters::TimeJSONConverter'
+
+    def create_vendor_name(name, key = 'vendor.name')
+      @vendor_name = LocalizedName.new(name, key)
+    end
+
+    def create_description(name, key = 'vendor.description')
+      @description = LocalizedText.new(name, key)
+    end
+
+    def default_name
+      vendor_name && vendor_name.default_value
+    end
+
+    def default_description
+      description && description.default_value
+    end
+
+  end
+end

data/lib/ims/lti/models.rb

@@ -0,0 +1,38 @@
+module IMS::LTI
+  module Models
+    require_relative 'models/lti_model'
+    require_relative 'models/serializable'
+    require_relative 'models/contact'
+    require_relative 'models/localized_name'
+    require_relative 'models/localized_text'
+    require_relative 'models/product_family'
+    require_relative 'models/product_info'
+    require_relative 'models/product_instance'
+    require_relative 'models/rest_service'
+    require_relative 'models/service_owner'
+    require_relative 'models/service_provider'
+    require_relative 'models/tool_consumer_profile'
+    require_relative 'models/vendor'
+    require_relative 'models/messages'
+    require_relative 'models/tool_proxy'
+    require_relative 'models/tool_profile'
+    require_relative 'models/resource_handler'
+    require_relative 'models/resource_type'
+    require_relative 'models/message_handler'
+    require_relative 'models/parameter'
+    require_relative 'models/icon_info'
+    require_relative 'models/icon_endpoint'
+    require_relative 'models/security_contract'
+    require_relative 'models/rest_service_profile'
+    require_relative 'models/base_url_choice'
+    require_relative 'models/base_url_selector'
+    require_relative 'models/tool_setting'
+    require_relative 'models/tool_setting_container'
+    require_relative 'models/content_items'
+    require_relative 'models/content_item_placement'
+    require_relative 'models/content_item_container'
+    require_relative 'models/image'
+    require_relative 'models/membership_service'
+    require_relative 'models/security_profile'
+  end
+end

data/lib/ims/lti/serializers/base.rb

@@ -0,0 +1,125 @@
+module IMS::LTI::Serializers
+  class Base
+    class Filter
+      def initialize
+        @optionals = Set.new
+        @keys = {}
+        @serializables = Set.new
+        @serializable_lists = Set.new
+      end
+
+      def add_filter(name, opts={})
+        @optionals.add(name) if opts[:optional]
+        @keys[name] = opts[:key] if opts[:key]
+        @serializables.add(name) if opts[:serializable]
+        @serializable_lists.add(name) if opts[:list_of_serializables]
+      end
+
+      def options_for_attribute(attribute)
+        options = {}
+        options[:optional] = @optionals.include?(attribute) ? true : false
+        options[:key] = @keys[attribute]
+        options[:has_serializable] = @serializables.include?(attribute) ? true : false
+        options[:has_list_of_serializables] = @serializable_lists.include?(attribute) ? true : false
+        options
+      end
+
+      def filter(hash)
+        hash = optionals(hash)
+        hash = serializables(hash)
+        hash = serializable_lists(hash)
+        keys(hash) # Needs to happen last
+      end
+
+      private
+      def optionals(hash)
+        hash.reject { |k, v| @optionals.include?(k) && v.nil? }
+      end
+
+      def serializables(hash)
+        hash.reduce({}) do |memo, (k, v)|
+          memo[k] = @serializables.include?(k) ? serialize_serializable(v) : v
+          memo
+        end
+      end
+
+      def serialize_serializable(serializable)
+        return if serializable.nil?
+        serializable.as_json
+      end
+
+      def serializable_lists(hash)
+        hash.reduce({}) do |memo, (k, v)|
+          memo[k] = @serializable_lists.include?(k) ? serialize_serializable_list(v) : v
+          memo
+        end
+      end
+
+      def serialize_serializable_list(list)
+        return if list.nil?
+        list.map(&:as_json)
+      end
+
+      def keys(hash)
+        hash.reduce({}) do |memo, (k, v)|
+          key = @keys.include?(k) ? @keys[k] : k
+          memo[key] = v
+          memo
+        end
+      end
+    end
+
+    @filter = Filter.new
+    @attributes = Set.new
+
+    def self.inherited(subclass)
+      subclass.instance_variable_set(:@filter, Filter.new)
+      subclass.instance_variable_set(:@attributes, Set.new)
+    end
+
+    def self.set_attribute(name, opts={})
+      @attributes.add(name)
+      @filter.add_filter(name, opts)
+    end
+
+    def self.set_attributes(*names)
+      names.each { |name| set_attribute(name) }
+    end
+
+    def self.has_serializable(name, opts={})
+      opts[:serializable] = true
+      opts[:list_of_serializables] = false
+      set_attribute(name, opts)
+    end
+
+    def self.has_list_of_serializables(name, opts={})
+      opts[:list_of_serializables] = true
+      opts[:serializable] = false
+      set_attribute(name, opts)
+    end
+
+    def self.as_json(obj)
+      @filter.filter(base_hash(obj))
+    end
+
+    def self.to_json(obj)
+      as_json(obj).to_json
+    end
+
+    def self.options_for_attribute(attribute)
+      @filter.options_for_attribute(attribute)
+    end
+
+    def self.attributes
+      @attributes
+    end
+
+    private
+
+    def self.base_hash(obj)
+      h = {}
+      @attributes.each { |attribute| h[attribute] = obj.send(attribute) }
+      h
+    end
+  end
+end

data/lib/ims/lti/serializers/membership_service/agent_serializer.rb

@@ -0,0 +1,5 @@
+module IMS::LTI::Serializers::MembershipService
+  class AgentSerializer < IMS::LTI::Serializers::Base
+    set_attribute :id, key: :@id
+  end
+end

data/lib/ims/lti/serializers/membership_service/container_serializer.rb

@@ -0,0 +1,6 @@
+module IMS::LTI::Serializers::MembershipService
+  class ContainerSerializer < IMS::LTI::Serializers::Base
+    set_attribute :membership_predicate, key: :membershipPredicate
+    has_serializable :membership_subject, key: :membershipSubject
+  end
+end

data/lib/ims/lti/serializers/membership_service/context_serializer.rb

@@ -0,0 +1,9 @@
+module IMS::LTI::Serializers::MembershipService
+  class ContextSerializer < IMS::LTI::Serializers::Base
+    set_attribute :id, key: :@id
+    set_attribute :name
+    set_attribute :type, key: :@type
+    set_attribute :context_id, key: :contextId
+    has_list_of_serializables :membership
+  end
+end

data/lib/ims/lti/serializers/membership_service/lis_membership_container_serializer.rb

@@ -0,0 +1,9 @@
+module IMS::LTI::Serializers::MembershipService
+  class LISMembershipContainerSerializer < IMS::LTI::Serializers::Base
+    set_attribute :membership_predicate, key: :membershipPredicate
+    has_serializable :membership_subject, key: :membershipSubject
+    set_attribute :id, key: :@id
+    set_attribute :context, key: :@context
+    set_attribute :type, key: :@type
+  end
+end

data/lib/ims/lti/serializers/membership_service/lis_person_serializer.rb

@@ -0,0 +1,11 @@
+module IMS::LTI::Serializers::MembershipService
+  class LISPersonSerializer < IMS::LTI::Serializers::Base
+    set_attribute :id, key: :@id
+    set_attributes :name, :img, :email
+    set_attribute :family_name, key: :familyName
+    set_attribute :given_name, key: :givenName
+    set_attribute :result_sourced_id, key: :resultSourcedId
+    set_attribute :sourced_id, key: :sourcedId
+    set_attribute :user_id, key: :userId
+  end
+end

data/lib/ims/lti/serializers/membership_service/membership_serializer.rb

@@ -0,0 +1,7 @@
+module IMS::LTI::Serializers::MembershipService
+  class MembershipSerializer < IMS::LTI::Serializers::Base
+    set_attribute :id, key: :@id
+    set_attributes :status, :role
+    has_serializable :member
+  end
+end

data/lib/ims/lti/serializers/membership_service/organization_serializer.rb

@@ -0,0 +1,8 @@
+module IMS::LTI::Serializers::MembershipService
+  class OrganizationSerializer < IMS::LTI::Serializers::Base
+    set_attribute :id, key: :@id
+    set_attribute :name
+    set_attribute :type, key: :@type
+    has_list_of_serializables :membership
+  end
+end

data/lib/ims/lti/serializers/membership_service/page_serializer.rb

@@ -0,0 +1,10 @@
+module IMS::LTI::Serializers::MembershipService
+  class PageSerializer < IMS::LTI::Serializers::Base
+    set_attribute :id, key: :@id
+    set_attribute :type, key: :@type
+    set_attribute :context, key: :@context
+    set_attribute :differences
+    set_attribute :next_page, key: :nextPage
+    has_serializable :page_of, key: :pageOf
+  end
+end

data/lib/ims/lti/serializers/membership_service/person_serializer.rb

@@ -0,0 +1,8 @@
+module IMS::LTI::Serializers::MembershipService
+  class PersonSerializer < IMS::LTI::Serializers::Base
+    set_attribute :id, key: :@id
+    set_attributes :name, :img
+    set_attribute :family_name, key: :familyName
+    set_attribute :given_name, key: :givenName
+  end
+end

data/lib/ims/lti/serializers/membership_service.rb

@@ -0,0 +1,13 @@
+module IMS::LTI::Serializers
+  module MembershipService
+    require_relative 'membership_service/agent_serializer'
+    require_relative 'membership_service/container_serializer'
+    require_relative 'membership_service/context_serializer'
+    require_relative 'membership_service/lis_membership_container_serializer'
+    require_relative 'membership_service/lis_person_serializer'
+    require_relative 'membership_service/membership_serializer'
+    require_relative 'membership_service/organization_serializer'
+    require_relative 'membership_service/page_serializer'
+    require_relative 'membership_service/person_serializer'
+  end
+end

data/lib/ims/lti/serializers.rb

@@ -0,0 +1,6 @@
+module IMS::LTI
+  module Serializers
+    require_relative 'serializers/base'
+    require_relative 'serializers/membership_service'
+  end
+end

data/lib/ims/lti/services/authentication_service.rb

@@ -0,0 +1,67 @@
+module IMS::LTI::Services
+  class AuthenticationService
+
+    attr_accessor :connection, :iss, :aud, :sub, :secret, :grant_type,
+                  :additional_claims, :additional_params
+    attr_writer :secret
+
+    def initialize(iss:, aud:, sub:, secret:)
+      @iss = iss
+      @aud = aud
+      @sub = sub
+      @secret = secret
+      @additional_claims = {}
+      @additional_params = {}
+      @grant_type = 'urn:ietf:params:oauth:grant-type:jwt-bearer'
+    end
+
+    def connection
+      @connection ||= Faraday.new
+    end
+
+    def access_token
+      access_token_request['access_token']
+    end
+
+    def expiration
+      expires_in = access_token_request['expires_in'].to_i
+      @_response_time + expires_in
+    end
+
+    def expired?
+      expiration < Time.now
+    end
+
+    def invalidate!
+      @_access_token_request = nil
+      @_response_time = nil
+    end
+
+    private
+
+    def access_token_request
+      @_access_token_request ||= begin
+        assertion = JSON::JWT.new(
+          iss: iss,
+          sub: sub,
+          aud: aud.to_s,
+          iat: Time.now.to_i,
+          exp: 1.minute.from_now,
+          jti: SecureRandom.uuid
+        )
+        assertion.merge!(@additional_claims)
+        assertion = assertion.sign(@secret, :HS256).to_s
+        body = {
+          grant_type: grant_type,
+          assertion: assertion
+        }
+        body.merge!(@additional_params)
+        response = connection.post(aud, body)
+        raise IMS::LTI::Errors::AuthenticationFailedError.new(response: response) unless response.success?
+        @_response_time = Time.now
+        response.body
+      end
+    end
+
+  end
+end

data/lib/ims/lti/services/message_authenticator.rb

@@ -0,0 +1,80 @@
+module IMS::LTI::Services
+  class MessageAuthenticator
+
+    attr_reader :launch_url, :params, :message, :simple_oauth_header, :signature, :consumer_key
+
+    def initialize(launch_url, params, secret)
+      @launch_url = launch_url
+      @params = params
+      @options, @parsed_params = parse_params(params)
+      @consumer_key = @options[:consumer_key]
+      @signature = @parsed_params.delete(:oauth_signature)
+      @secret = secret
+    end
+
+
+    def valid_signature?
+       message.jwt ? valid_jwt? : simple_oauth_header.valid?(signature: signature)
+    end
+
+    def message
+      @message ||= begin
+        m = IMS::LTI::Models::Messages::Message.generate(params)
+        m.launch_url = launch_url
+        m
+      end
+    end
+
+    def simple_oauth_header
+      @simple_oauth_header ||= begin
+        @simple_oauth_header = SimpleOAuth::Header.new(
+          :post, launch_url,
+          @parsed_params,
+          @options.merge(
+            {
+              consumer_key: consumer_key,
+              consumer_secret: @secret
+            }
+          )
+        )
+        @simple_oauth_header
+      end
+    end
+
+    def base_string
+      simple_oauth_header.send(:signature_base)
+    end
+
+    def signed_params
+      simple_oauth_header.signed_attributes.merge(@parsed_params)
+    end
+
+
+    private
+
+    def valid_jwt?
+      begin
+        jwt = JSON::JWT.decode(message.jwt, @secret)
+        aud1 = Addressable::URI.parse(jwt['aud'])
+        aud2 = Addressable::URI.parse(launch_url)
+        [aud1, aud2].each{ |aud| aud.fragment = '' }
+        aud1.normalize == aud2.normalize
+      rescue JSON::JWS::VerificationFailed
+        false
+      end
+    end
+
+    def parse_params(params)
+      params.inject([{}, {}]) do |array, (k, v)|
+        attr = k.to_s.sub('oauth_', '').to_sym
+        if SimpleOAuth::Header::ATTRIBUTE_KEYS.include?(attr)
+          array[0][attr] = v
+        else
+          array[1][k.to_sym] = v
+        end
+        array
+      end
+    end
+
+  end
+end

data/lib/ims/lti/services/oauth2_client.rb

@@ -0,0 +1,18 @@
+module IMS::LTI::Services
+
+  class OAuth2Client
+    attr_accessor :token, :base_url
+    attr_writer :connection
+
+    def initialize(token:, base_url: nil)
+      @base_url = base_url
+      @token = token
+    end
+
+    def connection
+      @connection ||= Faraday.new base_url do |conn|
+        conn.authorization :Bearer, token
+      end
+    end
+  end
+end

data/lib/ims/lti/{tool_config.rb → services/tool_config.rb}

@@ -1,4 +1,4 @@
-module IMS::LTI
+module IMS::LTI::Services
   # Class used to represent an LTI configuration
   #
   # It can create and read the Common Cartridge XML representation of LTI links
@@ -8,7 +8,7 @@ module IMS::LTI
   # To generate an XML configuration:
   #
   #    # Create a config object and set some options
-  #    tc = IMS::LTI::ToolConfig.new(:title => "Example Sinatra Tool Provider", :launch_url => url)
+  #    tc = IMS::LTI::Services::ToolConfig.new(:title => "Example Sinatra Tool Provider", :launch_url => url)
   #    tc.description = "This example LTI Tool Provider supports LIS Outcome pass-back."
   #
   #    # generate the XML
@@ -16,7 +16,7 @@ module IMS::LTI
   #
   # Or to create a config object from an XML String:
   #
-  #    tc = IMS::LTI::ToolConfig.create_from_xml(xml)
+  #    tc = IMS::LTI::Services::ToolConfig.create_from_xml(xml)
   class ToolConfig
     attr_reader :custom_params, :extensions
 
@@ -79,10 +79,10 @@ module IMS::LTI
 
     # Namespaces used for parsing configuration XML
     LTI_NAMESPACES = {
-            "xmlns" => 'http://www.imsglobal.org/xsd/imslticc_v1p0',
-            "blti" => 'http://www.imsglobal.org/xsd/imsbasiclti_v1p0',
-            "lticm" => 'http://www.imsglobal.org/xsd/imslticm_v1p0',
-            "lticp" => 'http://www.imsglobal.org/xsd/imslticp_v1p0',
+      "xmlns" => 'http://www.imsglobal.org/xsd/imslticc_v1p0',
+      "blti" => 'http://www.imsglobal.org/xsd/imsbasiclti_v1p0',
+      "lticm" => 'http://www.imsglobal.org/xsd/imslticm_v1p0',
+      "lticp" => 'http://www.imsglobal.org/xsd/imslticp_v1p0',
     }
 
     # Parse tool configuration data out of the Common Cartridge LTI link XML
@@ -115,7 +115,13 @@ module IMS::LTI
           platform = vendor_ext_node.attributes['platform']
           properties = {}
           set_properties(properties, vendor_ext_node)
-          set_options(properties, vendor_ext_node)
+          REXML::XPath.each(vendor_ext_node, 'lticm:options', LTI_NAMESPACES) do |options_node|
+            opt_name = options_node.attributes['name']
+            options = {}
+            set_properties(options, options_node)
+            properties[opt_name] = options
+          end
+
           self.set_ext_params(platform, properties)
         end
 
@@ -124,8 +130,6 @@ module IMS::LTI
 
     # Generate XML from the current settings
     def to_xml(opts = {})
-      raise IMS::LTI::InvalidLTIConfigError, "A launch url is required for an LTI configuration." unless self.launch_url || self.secure_launch_url
-
       builder = Builder::XmlMarkup.new(:indent => opts[:indent] || 0)
       builder.instruct!
       builder.cartridge_basiclti_link("xmlns" => "http://www.imsglobal.org/xsd/imslticc_v1p0",
@@ -141,7 +145,7 @@ module IMS::LTI
         end
 
         vendor_keys = %w{name code description url}
-        if vendor_keys.any?{|k|self.send("vendor_#{k}")} || vendor_contact_email
+        if vendor_keys.any? { |k| self.send("vendor_#{k}") } || vendor_contact_email
           blti_node.blti :vendor do |v_node|
             vendor_keys.each do |key|
               v_node.lticp key.to_sym, self.send("vendor_#{key}") if self.send("vendor_#{key}")
@@ -169,7 +173,17 @@ module IMS::LTI
             ext_params = @extensions[ext_platform]
             blti_node.blti(:extensions, :platform => ext_platform) do |ext_node|
               ext_params.keys.sort.each do |key|
-                nest_xml(ext_node, key, ext_params[key])
+                val = ext_params[key]
+                if val.is_a?(Hash)
+                  ext_node.lticm(:options, :name => key) do |type_node|
+                    val.keys.sort.each do |p_key|
+                      p_val = val[p_key]
+                      type_node.lticm :property, p_val, 'name' => p_key
+                    end
+                  end
+                else
+                  ext_node.lticm :property, val, 'name' => key
+                end
               end
             end
           end
@@ -183,18 +197,6 @@ module IMS::LTI
 
     private
 
-    def nest_xml(ext_node, key, value)
-      if value.is_a?(Hash)
-        ext_node.lticm(:options, :name => key) do |type_node|
-          value.keys.sort.each do |sub_key|
-            nest_xml(type_node, sub_key, value[sub_key])
-          end
-        end
-      else
-        ext_node.lticm :property, value, 'name' => key
-      end
-    end
-
     def get_node_text(node, path)
       if val = REXML::XPath.first(node, path, LTI_NAMESPACES)
         val.text
@@ -217,15 +219,5 @@ module IMS::LTI
       end
     end
 
-    def set_options(hash, node)
-      REXML::XPath.each(node, 'lticm:options', LTI_NAMESPACES) do |options_node|
-        opt_name = options_node.attributes['name']
-        options = {}
-        set_properties(options, options_node)
-        set_options(options, options_node)
-        hash[opt_name] = options
-      end
-    end
-
   end
 end

data/lib/ims/lti/services/tool_consumer_profile_service.rb

@@ -0,0 +1,16 @@
+module IMS::LTI::Services
+  class ToolConsumerProfileService
+
+    attr_accessor :tcp
+
+    def initialize(tool_consumer_profile)
+      @tcp = tool_consumer_profile
+    end
+
+    def supports_capabilities?(capability, *capabilities)
+      capabilities.unshift(capability)
+      (capabilities - tcp.capabilities_offered).empty?
+    end
+
+  end
+end