ims-lti 2.3.1 → 2.3.2

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 517f20cf164297427cfa6cb070ab79f57514fa7b88e98f0ebd2adec5430e1897
4
- data.tar.gz: 7740db235eee2784d84dd9d66a8aebd132eb337d4ecea837bfc36f49b6117f2a
3
+ metadata.gz: 6de9bbbf79d7c9a876eadd145ec7317b05268aa095ab1df5202db6c96d08599a
4
+ data.tar.gz: 3122f727f095833a7a3a380c46698da81f638a670f8bf49c72124327bf8fd1bb
5
5
  SHA512:
6
- metadata.gz: a9e0205e846821c9415894bbab343e0ab1b53ff8627b2fdc6994ac968f3ce962c99753b5c98ee38e75bbfddafd840ffc9d053f332c573b6d43cde8cddb421d5b
7
- data.tar.gz: 328b07aa4123c8bf8a296cc00231f35b3d03887e7b28562fff59bb19720c34b9e9ec653e263eed440522c1f460d3c64e81946c9c832fb5bfb5cf64bd7a59758a
6
+ metadata.gz: 8c6f21d78459aa18c5953e7e4d40f59882abc5e927eff0c3fedb9672208ac89d4ee4bced6222498cf86b4ef7f9f0803f64ca7f0a99af79dcb6283f6cced63c0d
7
+ data.tar.gz: 8032a4d4d4ffb044a7fb915467b5267fcc0bbbeb07683f5d7d920cdd1d9ee4942f8a394da50c92c9c7c5ae2bbe27cee599b997ab60019931cf6ada666425ed9d
@@ -47,6 +47,19 @@ module IMS::LTI::Models::Messages
47
47
  @descendants || Set.new
48
48
  end
49
49
 
50
+ # For signature generation -- see usage in signed_post_params
51
+ def convert_param_values_to_crlf_endings(hash)
52
+ hash.transform_values do |val|
53
+ if val.is_a?(String)
54
+ # Convert to all newlines first, for consistency, just in case there
55
+ # is some weird mix of newlines & carriage returns in input
56
+ val.encode(universal_newline: true).encode(crlf_newline: true)
57
+ else
58
+ val
59
+ end
60
+ end
61
+ end
62
+
50
63
  private
51
64
 
52
65
  def add_params(instance_variable, param, *params)
@@ -148,7 +161,11 @@ module IMS::LTI::Models::Messages
148
161
  end
149
162
 
150
163
  def signed_post_params(secret)
151
- message_params = oauth_params.merge(post_params)
164
+ # The params will be used in an HTML form, and browsers will always use
165
+ # newlines+carriage return line endings for submitted form data. The
166
+ # signature needs to match, and signature generation does not add carriage
167
+ # returns, so we ensure CRLF endings here.
168
+ message_params = self.class.convert_param_values_to_crlf_endings(oauth_params.merge(post_params))
152
169
  @message_authenticator = IMS::LTI::Services::MessageAuthenticator.new(launch_url, message_params, secret)
153
170
  @message_authenticator.signed_params
154
171
  end
@@ -219,4 +236,4 @@ module IMS::LTI::Models::Messages
219
236
  end
220
237
 
221
238
  end
222
- end
239
+ end
@@ -1,5 +1,5 @@
1
1
  module IMS
2
2
  module LTI
3
- VERSION = "2.3.1"
3
+ VERSION = "2.3.2"
4
4
  end
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ims-lti
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.3.1
4
+ version: 2.3.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Instructure
8
- autorequire:
8
+ autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-01-08 00:00:00.000000000 Z
11
+ date: 2022-05-06 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: addressable
@@ -100,6 +100,20 @@ dependencies:
100
100
  - - "~>"
101
101
  - !ruby/object:Gem::Version
102
102
  version: 0.3.1
103
+ - !ruby/object:Gem::Dependency
104
+ name: rexml
105
+ requirement: !ruby/object:Gem::Requirement
106
+ requirements:
107
+ - - ">="
108
+ - !ruby/object:Gem::Version
109
+ version: '0'
110
+ type: :runtime
111
+ prerelease: false
112
+ version_requirements: !ruby/object:Gem::Requirement
113
+ requirements:
114
+ - - ">="
115
+ - !ruby/object:Gem::Version
116
+ version: '0'
103
117
  - !ruby/object:Gem::Dependency
104
118
  name: byebug
105
119
  requirement: !ruby/object:Gem::Requirement
@@ -212,7 +226,7 @@ dependencies:
212
226
  - - "~>"
213
227
  - !ruby/object:Gem::Version
214
228
  version: '0.8'
215
- description:
229
+ description:
216
230
  email: opensource@instructure.com
217
231
  executables: []
218
232
  extensions: []
@@ -320,7 +334,7 @@ homepage: http://github.com/instructure/ims-lti
320
334
  licenses:
321
335
  - MIT
322
336
  metadata: {}
323
- post_install_message:
337
+ post_install_message:
324
338
  rdoc_options: []
325
339
  require_paths:
326
340
  - lib
@@ -335,8 +349,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
335
349
  - !ruby/object:Gem::Version
336
350
  version: '0'
337
351
  requirements: []
338
- rubygems_version: 3.1.4
339
- signing_key:
352
+ rubygems_version: 3.2.15
353
+ signing_key:
340
354
  specification_version: 4
341
355
  summary: Ruby library for creating IMS LTI tool providers and consumers
342
356
  test_files: []