ims-lti 1.2.4 → 2.2.3

data/lib/ims/lti/outcome_request.rb

@@ -1,225 +0,0 @@
-module IMS::LTI
-  # Class for consuming/generating LTI Outcome Requests
-  #
-  # Outcome Request documentation: http://www.imsglobal.org/lti/v1p1pd/ltiIMGv1p1pd.html#_Toc309649691
-  #
-  # This class can be used by both Tool Providers and Tool Consumers. Each will
-  # use it a bit differently. The Tool Provider will use it to POST an OAuth-signed
-  # request to a TC. A Tool Consumer will use it to parse such a request from a TP.
-  #
-  # === Tool Provider Usage
-  # An OutcomeRequest will generally be created through a configured ToolProvider
-  # object. See the ToolProvider documentation.
-  #
-  # === Tool Consumer Usage
-  # When an outcome request is sent from a TP the body of the request is XML.
-  # This class parses that XML and provides a simple interface for accessing the
-  # information in the request. Typical usage would be:
-  #
-  #    # create an OutcomeRequest from the request object
-  #    req = IMS::LTI::OutcomeRequest.from_post_request(request)
-  #
-  #    # access the source id to identify the user who's grade you'd like to access
-  #    req.lis_result_sourcedid
-  #
-  #    # process the request
-  #    if req.replace_request?
-  #      # set a new score for the user
-  #    elsif req.read_request?
-  #      # return the score for the user
-  #    elsif req.delete_request?
-  #      # clear the score for the user
-  #    else
-  #      # return an unsupported OutcomeResponse
-  #    end
-  class OutcomeRequest < ToolBase
-    include IMS::LTI::Extensions::Base
-
-    REPLACE_REQUEST = 'replaceResult'
-    DELETE_REQUEST = 'deleteResult'
-    READ_REQUEST = 'readResult'
-
-    attr_accessor :operation, :score, :outcome_response, :message_identifier,
-                  :lis_outcome_service_url, :lis_result_sourcedid,
-                  :consumer_key, :consumer_secret, :post_request
-
-    # Create a new OutcomeRequest
-    #
-    # @param opts [Hash] initialization hash
-    def initialize(opts={})
-      opts.each_pair do |key, val|
-        self.send("#{key}=", val) if self.respond_to?("#{key}=")
-      end
-    end
-
-    # Convenience method for creating a new OutcomeRequest from a request object
-    #
-    #    req = IMS::LTI::OutcomeRequest.from_post_request(request)
-    def self.from_post_request(post_request)
-      request = OutcomeRequest.new
-      request.process_post_request(post_request)
-    end
-
-    def process_post_request(post_request)
-      self.post_request = post_request
-      if post_request.body.respond_to?(:read)
-        xml = post_request.body.read
-        post_request.body.rewind
-      else
-        xml = post_request.body
-      end
-      self.process_xml(xml)
-      self
-    end
-
-    # POSTs the given score to the Tool Consumer with a replaceResult
-    #
-    # @return [OutcomeResponse] The response from the Tool Consumer
-    def post_replace_result!(score)
-      @operation = REPLACE_REQUEST
-      @score = score
-      post_outcome_request
-    end
-
-    # POSTs a deleteResult to the Tool Consumer
-    #
-    # @return [OutcomeResponse] The response from the Tool Consumer
-    def post_delete_result!
-      @operation = DELETE_REQUEST
-      post_outcome_request
-    end
-
-    # POSTs a readResult to the Tool Consumer
-    #
-    # @return [OutcomeResponse] The response from the Tool Consumer
-    def post_read_result!
-      @operation = READ_REQUEST
-      post_outcome_request
-    end
-
-    # Check whether this request is a replaceResult request
-    def replace_request?
-      @operation == REPLACE_REQUEST
-    end
-
-    # Check whether this request is a deleteResult request
-    def delete_request?
-      @operation == DELETE_REQUEST
-    end
-
-    # Check whether this request is a readResult request
-    def read_request?
-      @operation == READ_REQUEST
-    end
-
-    # Check whether the last outcome POST was successful
-    def outcome_post_successful?
-      @outcome_response && @outcome_response.success?
-    end
-
-    # POST an OAuth signed request to the Tool Consumer
-    #
-    # @return [OutcomeResponse] The response from the Tool Consumer
-    def post_outcome_request
-      raise IMS::LTI::InvalidLTIConfigError, "" unless has_required_attributes?
-
-      res = post_service_request(@lis_outcome_service_url,
-                                 'application/xml',
-                                 generate_request_xml)
-
-      @outcome_response = extend_outcome_response(OutcomeResponse.new)
-      @outcome_response.process_post_response(res)
-    end
-
-    # Parse Outcome Request data from XML
-    def process_xml(xml)
-      doc = REXML::Document.new xml
-      @message_identifier = doc.text("//imsx_POXRequestHeaderInfo/imsx_messageIdentifier")
-      @lis_result_sourcedid = doc.text("//resultRecord/sourcedGUID/sourcedId")
-
-      if REXML::XPath.first(doc, "//deleteResultRequest")
-        @operation = DELETE_REQUEST
-      elsif REXML::XPath.first(doc, "//readResultRequest")
-        @operation = READ_REQUEST
-      elsif REXML::XPath.first(doc, "//replaceResultRequest")
-        @operation = REPLACE_REQUEST
-        @score = doc.get_text("//resultRecord/result/resultScore/textString")
-      end
-      extention_process_xml(doc)
-    end
-
-    def generate_request_xml
-      raise IMS::LTI::InvalidLTIConfigError, "`@operation` and `@lis_result_sourcedid` are required" unless has_request_xml_attributes?
-      builder = Builder::XmlMarkup.new #(:indent=>2)
-      builder.instruct!
-
-      builder.imsx_POXEnvelopeRequest("xmlns" => "http://www.imsglobal.org/services/ltiv1p1/xsd/imsoms_v1p0") do |env|
-        env.imsx_POXHeader do |header|
-          header.imsx_POXRequestHeaderInfo do |info|
-            info.imsx_version "V1.0"
-            info.imsx_messageIdentifier @message_identifier || IMS::LTI::generate_identifier
-          end
-        end
-        env.imsx_POXBody do |body|
-          body.tag!(@operation + 'Request') do |request|
-            request.resultRecord do |record|
-              record.sourcedGUID do |guid|
-                guid.sourcedId @lis_result_sourcedid
-              end
-              results(record)
-            end
-            submission_details(request)
-          end
-        end
-      end
-    end
-
-    private
-
-    def extention_process_xml(doc)
-    end
-
-    def has_result_data?
-      !!score
-    end
-
-    def has_details_data?
-      false
-    end
-
-    def results(node)
-      return unless has_result_data?
-
-      node.result do |res|
-        result_values(res)
-      end
-    end
-
-    def submission_details(request)
-      return unless has_details_data?
-      request.submissionDetails do |record|
-        details(record)
-      end
-    end
-
-    def details(record)
-    end
-
-    def result_values(node)
-      if score
-        node.resultScore do |res_score|
-          res_score.language "en" # 'en' represents the format of the number
-          res_score.textString score.to_s
-        end
-      end
-    end
-
-    def has_required_attributes?
-      @consumer_key && @consumer_secret && @lis_outcome_service_url && @lis_result_sourcedid && @operation
-    end
-
-    def has_request_xml_attributes?
-      @operation && @lis_result_sourcedid
-    end
-  end
-end

data/lib/ims/lti/outcome_response.rb

@@ -1,166 +0,0 @@
-module IMS::LTI
-  # Class for consuming/generating LTI Outcome Responses
-  #
-  # Response documentation: http://www.imsglobal.org/lti/v1p1pd/ltiIMGv1p1pd.html#_Toc309649691
-  #
-  # Error code documentation: http://www.imsglobal.org/gws/gwsv1p0/imsgws_baseProfv1p0.html#1639667
-  #
-  # This class can be used by both Tool Providers and Tool Consumers. Each will
-  # use it a bit differently. The Tool Provider will use it parse the result of
-  # an OutcomeRequest to the Tool Consumer. A Tool Consumer will use it generate
-  # proper response XML to send back to a Tool Provider
-  #
-  # === Tool Provider Usage
-  # An OutcomeResponse will generally be created when POSTing an OutcomeRequest
-  # through a configured ToolProvider. See the ToolProvider documentation for
-  # typical usage.
-  #
-  # === Tool Consumer Usage
-  # When an outcome request is sent from a Tool Provider the body of the request
-  # is XML. This class parses that XML and provides a simple interface for
-  # accessing the information in the request. Typical usage would be:
-  #
-  #    # create a new response and set the appropriate values
-  #    res = IMS::LTI::OutcomeResponse.new
-  #    res.message_ref_identifier = outcome_request.message_identifier
-  #    res.operation = outcome_request.operation
-  #    res.code_major = 'success'
-  #    res.severity = 'status'
-  #
-  #    # set a description (optional) and other information based on the type of response
-  #    if outcome_request.replace_request?
-  #      res.description = "Your old score of 0 has been replaced with #{outcome_request.score}"
-  #    elsif outcome_request.read_request?
-  #      res.description = "You score is 50"
-  #      res.score = 50
-  #    elsif outcome_request.delete_request?
-  #      res.description = "You score has been cleared"
-  #    else
-  #      res.code_major = 'unsupported'
-  #      res.severity = 'status'
-  #      res.description = "#{outcome_request.operation} is not supported"
-  #    end
-  #
-  #    # the generated xml is returned to the Tool Provider
-  #    res.generate_response_xml
-  #
-  class OutcomeResponse
-    include IMS::LTI::Extensions::Base
-
-    attr_accessor :request_type, :score, :message_identifier, :response_code,
-            :post_response, :code_major, :severity, :description, :operation,
-            :message_ref_identifier
-
-    CODE_MAJOR_CODES = %w{success processing failure unsupported}
-    SEVERITY_CODES = %w{status warning error}
-
-    # Create a new OutcomeResponse
-    #
-    # @param opts [Hash] initialization hash
-    def initialize(opts={})
-      opts.each_pair do |key, val|
-        self.send("#{key}=", val) if self.respond_to?("#{key}=")
-      end
-    end
-
-    # Convenience method for creating a new OutcomeResponse from a response object
-    #
-    #    req = IMS::LTI::OutcomeResponse.from_post_response(response)
-    def self.from_post_response(post_response)
-      response = OutcomeResponse.new
-      response.process_post_response(post_response)
-    end
-
-    def process_post_response(post_response)
-      self.post_response = post_response
-      self.response_code = post_response.code
-      xml = post_response.body
-      self.process_xml(xml)
-      self
-    end
-
-    def success?
-      @code_major == 'success'
-    end
-
-    def processing?
-      @code_major == 'processing'
-    end
-
-    def failure?
-      @code_major == 'failure'
-    end
-
-    def unsupported?
-      @code_major == 'unsupported'
-    end
-
-    def has_warning?
-      @severity == 'warning'
-    end
-
-    def has_error?
-      @severity == 'error'
-    end
-
-    # Parse Outcome Response data from XML
-    def process_xml(xml)
-      begin
-        doc = REXML::Document.new xml
-      rescue => e
-        raise IMS::LTI::XMLParseError, "#{e}\nOriginal xml: '#{xml}'"
-      end
-      @message_identifier = doc.text("//imsx_statusInfo/imsx_messageIdentifier").to_s
-      @code_major = doc.text("//imsx_statusInfo/imsx_codeMajor")
-      @code_major.downcase! if @code_major
-      @severity = doc.text("//imsx_statusInfo/imsx_severity")
-      @severity.downcase! if @severity
-      @description = doc.text("//imsx_statusInfo/imsx_description")
-      @description = @description.to_s if @description
-      @message_ref_identifier = doc.text("//imsx_statusInfo/imsx_messageRefIdentifier")
-      @operation = doc.text("//imsx_statusInfo/imsx_operationRefIdentifier")
-      @score = doc.text("//readResultResponse//resultScore/textString")
-      @score = @score.to_s if @score
-    end
-
-    # Generate XML based on the current configuration
-    # @return [String] The response xml
-    def generate_response_xml
-      builder = Builder::XmlMarkup.new
-      builder.instruct!
-
-      builder.imsx_POXEnvelopeResponse("xmlns" => "http://www.imsglobal.org/services/ltiv1p1/xsd/imsoms_v1p0") do |env|
-        env.imsx_POXHeader do |header|
-          header.imsx_POXResponseHeaderInfo do |info|
-            info.imsx_version "V1.0"
-            info.imsx_messageIdentifier @message_identifier || IMS::LTI::generate_identifier
-            info.imsx_statusInfo do |status|
-              status.imsx_codeMajor @code_major
-              status.imsx_severity @severity
-              status.imsx_description @description
-              status.imsx_messageRefIdentifier @message_ref_identifier
-              status.imsx_operationRefIdentifier @operation
-            end
-          end
-        end #/header
-        env.imsx_POXBody do |body|
-          unless unsupported?
-            if @operation == OutcomeRequest::READ_REQUEST
-              body.tag!(@operation + 'Response') do |request|
-                request.result do |res|
-                  res.resultScore do |res_score|
-                    res_score.language "en" # 'en' represents the format of the number
-                    res_score.textString @score.to_s
-                  end
-                end #/result
-              end
-            else
-              body.tag!(@operation + 'Response')
-            end #/operationResponse
-          end
-        end #/body
-      end
-    end
-
-  end
-end

data/lib/ims/lti/request_validator.rb

@@ -1,56 +0,0 @@
-module IMS::LTI
-  # A mixin for OAuth request validation
-  module RequestValidator
-
-    attr_reader :oauth_signature_validator
-
-    # Validates and OAuth request using the OAuth Gem - https://github.com/oauth/oauth-ruby
-    #
-    # To validate the OAuth signatures you need to require the appropriate
-    # request proxy for your application. For example:
-    #
-    #    # For a sinatra app:
-    #    require 'oauth/request_proxy/rack_request'
-    #
-    #    # For a rails app:
-    #    require 'oauth/request_proxy/action_controller_request'
-    # @return [Bool] Whether the request was valid
-    def valid_request?(request, handle_error=true)
-      begin
-        @oauth_signature_validator = OAuth::Signature.build(request, :consumer_secret => @consumer_secret)
-        @oauth_signature_validator.verify() or raise OAuth::Unauthorized.new(request)
-        true
-      rescue OAuth::Signature::UnknownSignatureMethod
-        if handle_error
-          false
-        else
-          raise $!
-        end
-      rescue OAuth::Unauthorized
-        if handle_error
-          false
-        else
-          raise OAuth::Unauthorized.new(request)
-        end
-      end
-    end
-
-    # Check whether the OAuth-signed request is valid and throw error if not
-    #
-    # @return [Bool] Whether the request was valid
-    def valid_request!(request)
-      valid_request?(request, false)
-    end
-
-    # convenience method for getting the oauth nonce from the request
-    def request_oauth_nonce
-      @oauth_signature_validator && @oauth_signature_validator.request.oauth_nonce
-    end
-
-    # convenience method for getting the oauth timestamp from the request
-    def request_oauth_timestamp
-      @oauth_signature_validator && @oauth_signature_validator.request.oauth_timestamp
-    end
-
-  end
-end

data/lib/ims/lti/role_checks.rb

@@ -1,101 +0,0 @@
-module IMS::LTI
-  # Some convenience methods for the most used roles
-  # Take care when using context_ helpers, as the context of an LTI launch
-  # determines the meaning of that role. For example, if the context is an
-  # institution context instead of a course context, then the short role of
-  # "Instructor" means they are a teacher at the institution, but not necessarily
-  # of the course you're working in.
-  #
-  # Also note that these only check for the base roles. So, asking context_student?
-  # only matches `urn:lti:role:ims/lis/Learner`, not `urn:lti:role:ims/lis/Learner/NonCreditLearner`
-  # If you make use of the more specific roles you'll need to ask specifically for those:
-  # @tool_provider.has_exact_role?("urn:lti:role:ims/lis/Learner/NonCreditLearner")
-  # Or you can use `has_base_role?`
-  module RoleChecks
-
-    # Check whether the Launch Parameters have a given role
-    def has_exact_role?(role)
-      role = role.downcase
-      @roles && @roles.any? { |r| r.downcase == role }
-    end
-
-    # Check whether the Launch Parameters have a given role ignoring
-    # sub roles. So asking:
-    # @tool_provider.has_base_role?("urn:lti:role:ims/lis/Instructor/")
-    # will return true if the role is `urn:lti:role:ims/lis/Instructor/GuestInstructor`
-    def has_base_role?(role)
-      role = role.downcase
-      @roles && @roles.any? { |r| r.downcase.start_with?(role) }
-    end
-
-    # Convenience method for checking if the user is the system administrator of the TC
-    def system_administrator?
-      has_exact_role?('urn:lti:sysrole:ims/lis/SysAdmin') ||
-              has_exact_role?('SysAdmin') ||
-              has_exact_role?('urn:lti:sysrole:ims/lis/Administrator')
-    end
-
-    ### Institution-level roles
-    # Note, these only check if the role is explicitely an institution level role
-    # if the context of the LTI launch is the institution, the short names
-    # will apply, and you should use the context_x? helpers.
-
-    # Convenience method for checking if the user has 'student' or 'learner' roles at the institution
-    def institution_student?
-      has_exact_role?('urn:lti:instrole:ims/lis/Student') || has_exact_role?('urn:lti:instrole:ims/lis/Learner')
-    end
-
-    # Convenience method for checking if the user has 'Instructor' role at the institution
-    def institution_instructor?
-      has_exact_role?('urn:lti:instrole:ims/lis/Instructor')
-    end
-
-    # Convenience method for checking if the user has 'Administrator' role at the institution
-    def institution_admin?
-      has_exact_role?('urn:lti:instrole:ims/lis/Administrator')
-    end
-
-
-    ### Context-level roles
-    # Note, the most common LTI context is a course, but that is not always the
-    # case. You should be aware of the context when using these helpers.
-    # The difference for the context_ helpers is that they check for the
-    # short version of the roles. So `Learner` and `urn:lti:role:ims/lis/Learner`
-    # are both valid.
-
-    # Convenience method for checking if the user has 'learner' role in the current launch context
-    def context_student?
-      has_exact_role?('Learner') || has_exact_role?('urn:lti:role:ims/lis/Learner')
-    end
-
-    # Convenience method for checking if the user has 'instructor' role in the current launch context
-    def context_instructor?
-      has_exact_role?('instructor') || has_exact_role?('urn:lti:role:ims/lis/Instructor')
-    end
-
-    # Convenience method for checking if the user has 'contentdeveloper' role in the current launch context
-    def context_content_developer?
-      has_exact_role?('ContentDeveloper') || has_exact_role?('urn:lti:role:ims/lis/ContentDeveloper')
-    end
-
-    # Convenience method for checking if the user has 'Mentor' role in the current launch context
-    def context_mentor?
-      has_exact_role?('Mentor') || has_exact_role?('urn:lti:role:ims/lis/Mentor')
-    end
-
-    # Convenience method for checking if the user has 'administrator' role in the current launch context
-    def context_admin?
-      has_exact_role?('Administrator') || has_exact_role?('urn:lti:role:ims/lis/Administrator')
-    end
-
-    # Convenience method for checking if the user has 'TeachingAssistant' role in the current launch context
-    def context_ta?
-      has_exact_role?('TeachingAssistant') || has_exact_role?('urn:lti:role:ims/lis/TeachingAssistant')
-    end
-
-    # Convenience method for checking if the user has 'Observer' role in the current launch context
-    def context_observer?
-      has_exact_role?('Observer') || has_exact_role?('urn:lti:instrole:ims/lis/Observer')
-    end
-  end
-end

data/lib/ims/lti/tool_base.rb

@@ -1,29 +0,0 @@
-module IMS::LTI
-  class ToolBase
-    include IMS::LTI::Extensions::Base
-    include IMS::LTI::LaunchParams
-    include IMS::LTI::RequestValidator
-
-    # OAuth credentials
-    attr_accessor :consumer_key, :consumer_secret
-
-    def initialize(consumer_key, consumer_secret, params={})
-      @consumer_key = consumer_key
-      @consumer_secret = consumer_secret
-      @custom_params = {}
-      @ext_params = {}
-      @non_spec_params = {}
-      process_params(params)
-    end
-
-    # Convenience method for doing oauth signed requests to services that
-    # aren't supported by this library
-    def post_service_request(url, content_type, body)
-      IMS::LTI::post_service_request(@consumer_key,
-                                     @consumer_secret,
-                                     url,
-                                     content_type,
-                                     body)
-    end
-  end
-end

data/lib/ims/lti/tool_consumer.rb

@@ -1,86 +0,0 @@
-module IMS::LTI
-  # Class for implementing an LTI Tool Consumer
-  class ToolConsumer < ToolBase
-    attr_accessor :launch_url, :timestamp, :nonce
-
-    # Create a new ToolConsumer
-    #
-    # @param consumer_key [String] The OAuth consumer key
-    # @param consumer_secret [String] The OAuth consumer secret
-    # @param params [Hash] Set the launch parameters as described in LaunchParams
-    def initialize(consumer_key, consumer_secret, params={})
-      super(consumer_key, consumer_secret, params)
-      @launch_url = params['launch_url']
-    end
-    
-    def process_post_request(post_request)
-      request = extend_outcome_request(OutcomeRequest.new)
-      request.process_post_request(post_request)
-    end
-
-    # Set launch data from a ToolConfig
-    #
-    # @param config [ToolConfig]
-    def set_config(config)
-      @launch_url ||= config.secure_launch_url
-      @launch_url ||= config.launch_url
-      # any parameters already set will take priority
-      @custom_params = config.custom_params.merge(@custom_params)
-    end
-
-    # Check if the required parameters for a tool launch are set
-    def has_required_params?
-      @consumer_key && @consumer_secret && @resource_link_id && @launch_url
-    end
-
-    # Generate the launch data including the necessary OAuth information
-    #
-    #
-    def generate_launch_data
-      raise IMS::LTI::InvalidLTIConfigError, "Not all required params set for tool launch" unless has_required_params?
-
-      params = self.to_params
-      params['lti_version'] ||= 'LTI-1p0'
-      params['lti_message_type'] ||= 'basic-lti-launch-request'
-      uri = URI.parse(@launch_url)
-
-      if uri.port == uri.default_port
-        host = uri.host
-      else
-        host = "#{uri.host}:#{uri.port}"
-      end
-
-      consumer = OAuth::Consumer.new(@consumer_key, @consumer_secret, {
-              :site => "#{uri.scheme}://#{host}",
-              :signature_method => "HMAC-SHA1"
-      })
-
-      path = uri.path
-      path = '/' if path.empty?
-      if uri.query && uri.query != ''
-        CGI.parse(uri.query).each do |query_key, query_values|
-          unless params[query_key]
-            params[query_key] = query_values.first
-          end
-        end
-      end
-      options = {
-              :scheme => 'body',
-              :timestamp => @timestamp,
-              :nonce => @nonce
-      }
-      request = consumer.create_signed_request(:post, path, nil, options, params)
-
-      # the request is made by a html form in the user's browser, so we
-      # want to revert the escapage and return the hash of post parameters ready
-      # for embedding in a html view
-      hash = {}
-      request.body.split(/&/).each do |param|
-        key, val = param.split(/=/).map { |v| CGI.unescape(v) }
-        hash[key] = val
-      end
-      hash
-    end
-
-  end
-end