lti_box_engine 0.0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: ed29d85473c8108733a7065619550a82516a9772
+  data.tar.gz: d675c633ca88b0f96566dc4eac7ee909eac61d49
+SHA512:
+  metadata.gz: 40cc43a14e1bb6eb1370b3e00c4e045e36f01cc6f3c2a42b3dc00ef4bb01a45765250961c335416e745dfcd0b1f415e48f2ecb9c2fab986fadeb439e5a143133
+  data.tar.gz: 2cf411615056fc78f45bb7dd5252f79404cf63b670498f714df306b309f5184b11c523f21865847adf22a9d1606e69ab910faaf551969add0936ae9d24a03891

data/MIT-LICENSE

@@ -0,0 +1,20 @@
+Copyright 2014 YOURNAME
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.rdoc

@@ -0,0 +1,3 @@
+= LtiBoxEngine
+
+This project rocks and uses MIT-LICENSE.

data/Rakefile

@@ -0,0 +1,40 @@
+begin
+  require 'bundler/setup'
+rescue LoadError
+  puts 'You must `gem install bundler` and `bundle install` to run rake tasks'
+end
+
+require 'rdoc/task'
+
+RDoc::Task.new(:rdoc) do |rdoc|
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.title    = 'LtiBoxEngine'
+  rdoc.options << '--line-numbers'
+  rdoc.rdoc_files.include('README.rdoc')
+  rdoc.rdoc_files.include('lib/**/*.rb')
+end
+
+APP_RAKEFILE = File.expand_path("../spec/test_app/Rakefile", __FILE__)
+load 'rails/tasks/engine.rake'
+
+
+
+Bundler::GemHelper.install_tasks
+
+Dir[File.join(File.dirname(__FILE__), 'tasks/**/*.rake')].each {|f| load f }
+require 'rspec/core/rake_task'
+RSpec::Core::RakeTask.new(:spec)
+task :default => :spec
+
+desc 'Run the test dummy rails app'
+task :run_engine do
+  exec 'cd spec/test_app && bundle exec rails s'
+end
+
+desc 'Run a pry console'
+task :console do
+  require 'pry'
+  require '#{name}'
+  ARGV.clear
+  Pry.start
+end

data/app/assets/javascripts/lti_box_engine/application.js

@@ -0,0 +1,13 @@
+// This is a manifest file that'll be compiled into application.js, which will include all the files
+// listed below.
+//
+// Any JavaScript/Coffee file within this directory, lib/assets/javascripts, vendor/assets/javascripts,
+// or vendor/assets/javascripts of plugins, if any, can be referenced here using a relative path.
+//
+// It's not advisable to add code directly here, but if you do, it'll appear at the bottom of the
+// compiled file.
+//
+// Read Sprockets README (https://github.com/sstephenson/sprockets#sprockets-directives) for details
+// about supported directives.
+//
+//= require_tree .

data/app/assets/javascripts/lti_box_engine/lti.js

@@ -0,0 +1,2 @@
+// Place all the behaviors and hooks related to the matching controller here.
+// All this logic will automatically be available in application.js.

data/app/assets/javascripts/lti_box_engine/test.js

@@ -0,0 +1,2 @@
+// Place all the behaviors and hooks related to the matching controller here.
+// All this logic will automatically be available in application.js.

data/app/assets/stylesheets/lti_box_engine/application.scss

@@ -0,0 +1,17 @@
+@import "bootstrap";
+
+body {
+  padding-top: 20px;
+  background-color: #eee;
+}
+
+.content {
+  max-width: 330px;
+  padding: 15px;
+  margin: 0 auto;
+  text-align: center;
+}
+
+#box-select {
+  margin: 20px auto;
+}

data/app/controllers/lti_box_engine/application_controller.rb

@@ -0,0 +1,33 @@
+module LtiBoxEngine
+  class ApplicationController < ActionController::Base
+    before_action :set_default_headers
+    before_filter :cors_preflight_check
+    after_filter :cors_set_access_control_headers
+
+    def set_default_headers
+      response.headers['X-Frame-Options'] = 'ALLOWALL'
+    end
+
+    # For all responses in this controller, return the CORS access control headers.
+    def cors_set_access_control_headers
+      headers['Access-Control-Allow-Origin'] = '*'
+      headers['Access-Control-Allow-Methods'] = 'POST, PUT, DELETE, GET, OPTIONS'
+      headers['Access-Control-Request-Method'] = '*'
+      headers['Access-Control-Allow-Headers'] = 'Origin, X-Requested-With, Content-Type, Accept, Authorization'
+      headers['Access-Control-Max-Age'] = "1728000"
+    end
+
+    # If this is a preflight OPTIONS request, then short-circuit the
+    # request, return only the necessary headers and return an empty
+    # text/plain.
+    def cors_preflight_check
+      if request.method == :options
+        headers['Access-Control-Allow-Origin'] = '*'
+        headers['Access-Control-Allow-Methods'] = 'POST, GET, OPTIONS'
+        headers['Access-Control-Allow-Headers'] = '*'
+        headers['Access-Control-Max-Age'] = '1728000'
+        render :text => '', :content_type => 'text/plain'
+      end
+    end
+  end
+end

data/app/controllers/lti_box_engine/lti_controller.rb

@@ -0,0 +1,80 @@
+require_dependency "lti_box_engine/application_controller"
+require "ims/lti"
+require "oauth/request_proxy/rack_request"
+
+module LtiBoxEngine
+  class LtiController < ApplicationController
+
+    def index
+      @client = Client.new
+      @tp = @client.authorize!(request, params)
+      if @tp
+        if @tp.accepts_content?
+          @lti_launch = LtiLaunch.create_from_tp(@tp)
+          if @tp.accepts_file?
+            @link_type = "direct"
+          else
+            @link_type = "shared"
+          end
+        else
+          # launched via navigation
+          redirect_to "https://www.box.com/embed_widget/files/0/f/0"
+        end
+      else
+        # handle invalid auth
+        @message = @client.error_message
+        render :error
+      end
+    end
+
+    def embed
+      item = params[:item]
+      lti_launch = LtiLaunch.where(id: params[:lti_launch_id]).first
+      launch_params = lti_launch.payload
+
+      tp = IMS::LTI::ToolProvider.new(nil, nil, launch_params)
+      tp.extend IMS::LTI::Extensions::Content::ToolProvider
+      
+      if tp.accepts_content?
+        if tp.accepts_file?(item['name']) && item['type'] != 'folder'
+          redirect_url = tp.file_content_return_url(item['url'], item['name'])
+          render json: { redirect_url: redirect_url } and return
+        elsif tp.accepts_url?
+          # The URL will be to a folder. We need to modify it to load the embed widget
+          redirect_url = tp.url_content_return_url(Client.box_url_to_box_embed_url(item['url']), item['name'], item['name'])
+          render json: { redirect_url: redirect_url } and return
+        else
+          render text: 'Unsupported content type', status: 500
+        end
+      else
+        render text: 'Unable to embed content', status: 500
+      end
+    end
+
+    def xml_config
+      host = "#{request.protocol}#{request.host_with_port}"
+      url = "#{host}#{root_path}"
+      title = "Box"
+      tool_id = "lti_box_engine"
+      tc = IMS::LTI::ToolConfig.new(:title => title, :launch_url => url)
+      tc.extend IMS::LTI::Extensions::Canvas::ToolConfig
+      tc.description = "Embed files from Box.net"
+      tc.canvas_privacy_anonymous!
+      tc.canvas_domain!(request.host)
+      tc.canvas_icon_url!("#{host}/assets/lti_box_engine/icon.png")
+      tc.canvas_text!(title)
+      tc.set_ext_param('canvas.instructure.com', :tool_id, tool_id)
+      tc.canvas_homework_submission!(enabled: true)
+      tc.canvas_editor_button!(enabled: true)
+      tc.canvas_resource_selection!(enabled: true)
+      tc.canvas_course_navigation!(enabled: true)
+      tc.canvas_user_navigation!(enabled: true)
+      tc.canvas_selector_dimensions!(430, 200)
+      render xml: tc.to_xml
+    end
+
+    def health_check
+      head 200
+    end
+  end
+end

data/app/controllers/lti_box_engine/test_controller.rb

@@ -0,0 +1,8 @@
+require_dependency "lti_box_engine/application_controller"
+
+module LtiBoxEngine
+  class TestController < ApplicationController
+    def backdoor
+    end
+  end
+end

data/app/helpers/lti_box_engine/application_helper.rb

@@ -0,0 +1,4 @@
+module LtiBoxEngine
+  module ApplicationHelper
+  end
+end

data/app/helpers/lti_box_engine/lti_helper.rb

@@ -0,0 +1,4 @@
+module LtiBoxEngine
+  module LtiHelper
+  end
+end

data/app/helpers/lti_box_engine/test_helper.rb

@@ -0,0 +1,4 @@
+module LtiBoxEngine
+  module TestHelper
+  end
+end

data/app/models/lti_box_engine/lti_launch.rb

@@ -0,0 +1,24 @@
+module LtiBoxEngine
+  class LtiLaunch < ActiveRecord::Base
+    serialize :payload, Hash
+
+    class << self 
+      def valid_nonce?(nonce, min=60)
+        nonce_ts = Time.now - (min * 60 * 60)
+        where(nonce: nonce).where("request_oauth_timestamp >= ?", nonce_ts).count == 0
+      end
+
+      def cleanup!(num_days=3)
+        where("request_oauth_timestamp <= ?", Time.now - num_days.days).destroy_all
+      end
+
+      def create_from_tp(tp)
+        create({
+          nonce: tp.request_oauth_nonce,
+          request_oauth_timestamp: Time.at(tp.request_oauth_timestamp.to_i),
+          payload: tp.to_params
+        })
+      end
+    end
+  end
+end

data/app/views/layouts/lti_box_engine/application.html.erb

@@ -0,0 +1,18 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>Box</title>
+  <%= stylesheet_link_tag    "lti_box_engine/application", media: "all" %>
+  <%= javascript_include_tag "lti_box_engine/application" %>
+  <%= csrf_meta_tags %>
+</head>
+<body>
+
+<div class="container">
+  <div class="content">
+    <%= yield %>
+  </div>
+</div>
+
+</body>
+</html>

data/app/views/lti_box_engine/lti/embed.html.erb

@@ -0,0 +1,10 @@
+<div class="container">
+  <h4 class="page-header">Embed Code Generated</h4>
+  <p>
+    You're not in a system that supports auto-inserting content,
+    so you'll need to copy and past the following code by hand
+    in order to insert it into your content.
+  </p>
+
+  <textarea class="form-control" rows="4"><iframe title="<%= @title %>" width="<%= @width %>" height="<%= @height %>" src="<%= @url %>" /></textarea>
+</div>

data/app/views/lti_box_engine/lti/error.html.erb

@@ -0,0 +1 @@
+<%= @message %>

data/app/views/lti_box_engine/lti/index.html.erb

@@ -0,0 +1,34 @@
+<script src="//ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js" ></script>
+<script type="text/javascript" src="https://app.box.com/js/static/select.js"></script>
+
+<div id="message">Click the button below to select your content</div>
+
+<div id="box-select" 
+     data-link-type="<%= @link_type %>"
+     data-multiselect="false"
+     data-client-id="zfwxjp79195xz6to7uxlo0hsoehkgryq"></div>
+
+<script type="text/javascript">
+  $(document).ready(function() {
+    var boxSelect = new BoxSelect();
+
+    // Register a success callback handler
+    boxSelect.success(function(response) {
+      var item = response[0];
+      $.post('<%= lti_embed_path %>', { item: item, lti_launch_id: <%= @lti_launch.id %> }).then(
+        function(data) { // success
+          console.log(data.redirect_url);
+          window.location = data.redirect_url;
+        },
+        function(jqXHR) { // error
+          $('#message').addClass('alert alert-danger').html(jqXHR.responseText);
+        }
+      );
+    });
+
+    // Register a cancel callback handler
+    boxSelect.cancel(function() {
+      $('#message').removeClass('alert alert-danger').html("Click the button below to select your content");
+    });
+  });
+</script>

data/app/views/lti_box_engine/test/backdoor.html.erb

@@ -0,0 +1,4 @@
+<p>Form to access root page via POST. Used for tests.</p>
+<%= form_tag root_path do %>
+  <button type="submit" id="submit">Submit</button>
+<% end %>

data/config/routes.rb

@@ -0,0 +1,11 @@
+LtiBoxEngine::Engine.routes.draw do
+  post "embed" => "lti#embed", as: :lti_embed
+  match  "launch" => "lti#launch", as: :launch, via: [:get, :post]
+  get "config(.xml)" => "lti#xml_config", as: :lti_xml_config
+  get "health_check" => "lti#health_check"
+  match "/" => "lti#index", via: [:get, :post]
+  match "/picker" => "lti#picker", via: [:get, :post]
+  root "lti#index"
+  get "lti/index"
+  get "test/backdoor"
+end

data/db/migrate/20140401155717_create_lti_box_engine_lti_launches.rb

@@ -0,0 +1,11 @@
+class CreateLtiBoxEngineLtiLaunches < ActiveRecord::Migration
+  def change
+    create_table :lti_box_engine_lti_launches do |t|
+      t.string :nonce
+      t.text :payload
+      t.timestamp :request_oauth_timestamp
+
+      t.timestamps
+    end
+  end
+end

data/lib/lti_box_engine.rb

@@ -0,0 +1,9 @@
+require "lti_box_engine/engine"
+require "lti_box_engine/client"
+require "bootstrap-sass"
+
+# Enable oauth 10 support
+OAUTH_10_SUPPORT = true
+
+module LtiBoxEngine
+end

data/lib/lti_box_engine/client.rb

@@ -0,0 +1,49 @@
+require 'ims/lti'
+
+module LtiBoxEngine
+  class Client
+
+    $oauth_creds = { "key" => "secret" }
+
+    attr_accessor :error_message
+
+    def initialize
+      @error_message = nil
+    end
+
+    def register_error(message)
+      @error_message = message
+    end
+
+    def self.box_url_to_box_embed_url(url)
+      embed_id = url.strip.split('/').last
+      "https://app.box.com/embed_widget/s/#{embed_id}?view=list&sort=name&direction=ASC&theme=blue"
+    end
+
+    def authorize!(request, opts = {})
+      @error_message = nil
+      key = opts['oauth_consumer_key']
+      tp = IMS::LTI::ToolProvider.new(key, $oauth_creds[key], opts)
+
+      if !tp.valid_request?(request)
+        register_error("The OAuth signature was invalid")
+        return nil
+      end
+
+      if Time.now.utc.to_i - tp.request_oauth_timestamp.to_i > 60*60
+        register_error("Your request is too old.")
+        return nil
+      end
+
+      if !LtiLaunch.valid_nonce?(tp.request_oauth_nonce, 60)
+        register_error("Nonce has already been used.")
+        return nil
+      end
+
+      tp.extend IMS::LTI::Extensions::Content::ToolProvider
+
+      return tp
+    end
+
+  end
+end

data/lib/lti_box_engine/engine.rb

@@ -0,0 +1,9 @@
+module LtiBoxEngine
+  class Engine < ::Rails::Engine
+    isolate_namespace LtiBoxEngine
+
+    config.generators do |g|
+      g.test_framework :rspec
+    end
+  end
+end

data/lib/lti_box_engine/version.rb

@@ -0,0 +1,3 @@
+module LtiBoxEngine
+  VERSION = "0.0.1"
+end

data/lib/tasks/assets.rake

@@ -0,0 +1,9 @@
+task "assets:precompile" do
+  #Copy assets to a non-fingerprinted version
+  fingerprint = /\-[0-9a-f]{32}\./
+  for file in Dir["public/assets/lti_box_engine/**/*"]
+    next unless file =~ fingerprint && !file.end_with?('.css', '.css.gz', '.js', '.js.gz')
+    nondigest = file.sub fingerprint, '.'
+    FileUtils.cp file, nondigest, verbose: true
+  end
+end

data/lib/tasks/lti_box_engine_tasks.rake

@@ -0,0 +1,4 @@
+# desc "Explaining what the task does"
+# task :lti_box_engine do
+#   # Task goes here
+# end

metadata

@@ -0,0 +1,186 @@
+--- !ruby/object:Gem::Specification
+name: lti_box_engine
+version: !ruby/object:Gem::Version
+  version: 0.0.1
+platform: ruby
+authors:
+- Brad Humphrey
+- Eric Berry
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2014-04-03 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 4.0.4
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 4.0.4
+- !ruby/object:Gem::Dependency
+  name: sass-rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '3.2'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '3.2'
+- !ruby/object:Gem::Dependency
+  name: bootstrap-sass
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 3.1.0
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 3.1.0
+- !ruby/object:Gem::Dependency
+  name: ims-lti
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: sqlite3
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec-rails
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: capybara
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: poltergeist
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: Box.net LTI Application as a mountable Rails engine
+email:
+- brad@instructure.com
+- ericb@instructure.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- MIT-LICENSE
+- README.rdoc
+- Rakefile
+- app/assets/images/lti_box_engine/icon.png
+- app/assets/javascripts/lti_box_engine/application.js
+- app/assets/javascripts/lti_box_engine/lti.js
+- app/assets/javascripts/lti_box_engine/test.js
+- app/assets/stylesheets/lti_box_engine/application.scss
+- app/controllers/lti_box_engine/application_controller.rb
+- app/controllers/lti_box_engine/lti_controller.rb
+- app/controllers/lti_box_engine/test_controller.rb
+- app/helpers/lti_box_engine/application_helper.rb
+- app/helpers/lti_box_engine/lti_helper.rb
+- app/helpers/lti_box_engine/test_helper.rb
+- app/models/lti_box_engine/lti_launch.rb
+- app/views/layouts/lti_box_engine/application.html.erb
+- app/views/lti_box_engine/lti/embed.html.erb
+- app/views/lti_box_engine/lti/error.html.erb
+- app/views/lti_box_engine/lti/index.html.erb
+- app/views/lti_box_engine/test/backdoor.html.erb
+- config/routes.rb
+- db/migrate/20140401155717_create_lti_box_engine_lti_launches.rb
+- lib/lti_box_engine.rb
+- lib/lti_box_engine/client.rb
+- lib/lti_box_engine/engine.rb
+- lib/lti_box_engine/version.rb
+- lib/tasks/assets.rake
+- lib/tasks/lti_box_engine_tasks.rake
+homepage: https://github.com/instructure/lti-box-engine
+licenses: []
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.2.1
+signing_key: 
+specification_version: 4
+summary: Box.net LTI Application
+test_files: []
+has_rdoc: