RubyGems - lti_skydrive - Versions diffs - 0.0.1 - Mend

lti_skydrive 0.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (150) hide show

data/app/controllers/skydrive/launch_controller.rb ADDED Viewed

@@ -0,0 +1,152 @@
+require 'ims/lti'
+module Skydrive
+  class LaunchController < ApplicationController
+    include ActionController::Cookies
+    before_filter :ensure_authenticated_user, only: :skydrive_authorized
+    def tool_provider
+      require 'oauth/request_proxy/rack_request'
+      lti_key = LtiKey.where(key: params['oauth_consumer_key']).first
+      if lti_key
+        key = lti_key.key
+        secret = lti_key.secret
+      end
+      tp = IMS::LTI::ToolProvider.new(key, secret, params)
+      if !key
+        tp.lti_errorlog = "No consumer key"
+      elsif !secret
+        tp.lti_errorlog = "Consumer key wasn't recognized"
+      elsif !tp.valid_request?(request)
+        tp.lti_errorlog = "The OAuth signature was invalid"
+      elsif Time.now.utc.to_i - tp.request_oauth_timestamp.to_i > 120
+        tp.lti_errorlog = "Your request is too old."
+      end
+      #
+      ## this isn't actually checking anything like it should, just want people
+      ## implementing real tools to be aware they need to check the nonce
+      #if was_nonce_used_in_last_x_minutes?(@tp.request_oauth_nonce, 60)
+      #  register_error "Why are you reusing the nonce?"
+      #  return false
+      #end
+      #
+      ## save the launch parameters for use in later request
+      ##session['launch_params'] = @tp.to_params
+      #
+      #@username = @tp.username("Dude")
+      return tp
+    end
+    def basic_launch
+      tp = tool_provider
+      if tp.lti_errorlog
+        render text: tp.lti_errorlog, status: 400
+        return
+      end
+      email = tp.lis_person_contact_email_primary
+      unless email.present?
+        render text: "Missing email information"
+        return
+      end
+      unless client_domain = tp.get_custom_param('sharepoint_client_domain')
+        render text: "Missing sharepoint client domain", status: 400
+        return
+      end
+      user = User.where(email: email).first ||
+          User.create!(
+              name: tp.lis_person_name_full,
+              username: tp.user_id,
+              email: email
+          )
+      if user.token
+        user.token.update_attributes(client_domain: "#{client_domain}-my.sharepoint.com")
+      else
+        user.token = Token.create(client_domain: "#{client_domain}-my.sharepoint.com")
+      end
+      user.cleanup_api_keys
+      code = user.session_api_key(params).oauth_code
+      redirect_to "#{root_path}#/launch/#{code}"
+    end
+    def skydrive_authorized
+      skydrive_token = current_user.token
+      if skydrive_token && skydrive_token.requires_refresh?
+        results = skydrive_client.refresh_token(skydrive_token.refresh_token)
+        return render json: results if results.key? 'error'
+        skydrive_token.update_attributes(results)
+      end
+      if skydrive_token && skydrive_token.is_valid?
+        render json: {}, status: 201
+      else
+        code = current_user.api_keys.active.skydrive_oauth.create.oauth_code
+        auth_url = skydrive_client.oauth_authorize_redirect_uri(skydrive_redirect_uri, state: code)
+        render text: auth_url, status: 401
+      end
+    end
+    def microsoft_oauth
+      @current_user = ApiKey.trade_oauth_code_for_access_token(params['state']).user
+      results = skydrive_client.get_token(skydrive_redirect_uri, params['code'])
+      return render text: "#{results['error']} - #{results['error_description']}" if results.key? 'error'
+      results.merge!(personal_url: skydrive_client.get_user['PersonalUrl'])
+      @current_user.token.update_attributes(results)
+      redirect_to "#{root_path}#/oauth/callback"
+    end
+    def xml_config
+      # ie http://localhost:9393/config?sharepoint_client_domain=my_subdomain
+      host = request.scheme + "://" + request.host_with_port + "/"
+      if params['sharepoint_client_domain']
+        url = "#{request.protocol}#{request.host_with_port}#{launch_path}"
+        title = "Skydrive Pro"
+        tc = IMS::LTI::ToolConfig.new(:title => title, :launch_url => url)
+        tc.extend IMS::LTI::Extensions::Canvas::ToolConfig
+        tc.description = 'Allows you to pull in documents from Skydrive Pro to canvas'
+        tc.canvas_privacy_public!
+        tc.canvas_domain!(request.host)
+        tc.canvas_icon_url!("#{host}assets/skydrive/skydrive_icon.png")
+        tc.canvas_selector_dimensions!(700,600)
+        tc.canvas_text!(title)
+        tc.canvas_homework_submission!
+        #tc.canvas_editor_button!
+        #tc.canvas_resource_selection!
+        #tc.canvas_account_navigation!
+        #tc.canvas_course_navigation!
+        #tc.canvas_user_navigation!
+        tc.set_ext_param(
+            IMS::LTI::Extensions::Canvas::ToolConfig::PLATFORM, :custom_fields,
+            {sharepoint_client_domain: params['sharepoint_client_domain']})
+        render xml: tc.to_xml
+      else
+        render text: 'The sharepoint_client_domain is a required parameter.'
+      end
+    end
+    private
+    def skydrive_client
+      @skydrive_client ||= Client.new(SHAREPOINT.merge(client_domain: current_user.token.client_domain))
+    end
+    def skydrive_redirect_uri
+      @skydrive_redirect_uri ||= "#{request.protocol}#{request.host_with_port}#{microsoft_oauth_path}"
+    end
+  end
+end

data/app/controllers/skydrive/session_controller.rb ADDED Viewed

@@ -0,0 +1,12 @@
+module Skydrive
+  class SessionController < ApplicationController
+    def create
+      user = User.where("username = ? OR email = ?", params[:username_or_email], params[:username_or_email]).first
+      if user && user.authenticate(params[:password])
+        render json: user.session_api_key, status: 201
+      else
+        render json: {}, status: 401
+      end
+    end
+  end
+end

data/app/controllers/skydrive/users_controller.rb ADDED Viewed

@@ -0,0 +1,34 @@
+module Skydrive
+  class UsersController < ApplicationController
+    before_filter :ensure_authenticated_user, except: [:create]
+    # Returns list of users. This requires authorization
+    def index
+      render json: User.all
+    end
+    def show
+      if params[:id] == 'self'
+        render json: current_user
+      else
+        render json: User.find(params[:id])
+      end
+    end
+    def create
+      user = User.create(user_params)
+      if user.new_record?
+        render json: { errors: user.errors.messages }, status: 422
+      else
+        render json: user.session_api_key, status: 201
+      end
+    end
+    private
+    # Strong Parameters (Rails 4)
+    def user_params
+      params.require(:user).permit(:name, :username, :email, :password, :password_confirmation)
+    end
+  end
+end

data/app/helpers/skydrive/application_helper.rb ADDED Viewed

@@ -0,0 +1,4 @@
+module Skydrive
+  module ApplicationHelper
+  end
+end

data/app/helpers/skydrive/ember_helper.rb ADDED Viewed

@@ -0,0 +1,4 @@
+module Skydrive
+  module EmberHelper
+  end
+end

data/app/models/skydrive/api_key.rb ADDED Viewed

@@ -0,0 +1,47 @@
+module Skydrive
+  class ApiKey < ActiveRecord::Base
+    validates :scope, inclusion: { in: %w( session api skydrive_oauth) }
+    #before_create :generate_access_token, :set_expiry_date
+    before_create :generate_code, :set_expiry_date
+    belongs_to :user
+    scope :session,       -> { where(scope: 'session') }
+    scope :skydrive_oauth,-> { where(scope: 'skydrive_oauth') }
+    scope :api,           -> { where(scope: 'api') }
+    scope :active,        -> { where("expired_at >= ?", Time.now) }
+    scope :inactive,      -> { where("expired_at < ?", Time.now) }
+    def params
+      self.init_params ? JSON.parse(self.init_params) : {}
+    end
+    def accepted_extensions
+      extensions = params['ext_content_file_extensions']
+      extensions ? extensions.split(',') : nil
+    end
+    private
+    def set_expiry_date
+      self.expired_at = case self.scope
+                          when 'session'
+                            60.minutes.from_now
+                          when 'skydrive_oauth'
+                            30.minutes.from_now
+                          else
+                            #Unsupported token types will start expired
+                            Time.now
+                        end
+    end
+    def generate_code
+      self.oauth_code = SecureRandom.uuid
+    end
+    def self.trade_oauth_code_for_access_token(oauth_code)
+      api_key = ApiKey.active.where(oauth_code: oauth_code).first if oauth_code
+      api_key.update(access_token: SecureRandom.uuid, oauth_code: nil) if api_key
+      api_key
+    end
+  end
+end

data/app/models/skydrive/lti_key.rb ADDED Viewed

@@ -0,0 +1,10 @@
+module Skydrive
+  class LtiKey < ActiveRecord::Base
+    validates :key, presence: true, uniqueness: true
+    validates :secret, presence: true
+    def self.new_key
+      LtiKey.create(key: SecureRandom.uuid, secret: SecureRandom.hex)
+    end
+  end
+end

data/app/models/skydrive/token.rb ADDED Viewed

@@ -0,0 +1,14 @@
+module Skydrive
+  class Token < ActiveRecord::Base
+    validates :user_id, uniqueness: true
+    belongs_to :user
+    def requires_refresh?
+      !!self.not_before && self.not_before < Time.now
+    end
+    def is_valid?
+      !!self.access_token && self.expires_on && self.expires_on > Time.now
+    end
+  end
+end

data/app/models/skydrive/user.rb ADDED Viewed

@@ -0,0 +1,28 @@
+module Skydrive
+  class User < ActiveRecord::Base
+    include ActiveModel::ForbiddenAttributesProtection
+    has_many :api_keys
+    has_one :token
+    validates :email, presence: true, uniqueness: true
+    validates :username, presence: true, uniqueness: true
+    validates :name, presence: true
+    def session_api_key(params={})
+      ApiKey.create(
+        user_id: self.id,
+        scope: 'session',
+        init_params: params.to_json
+      )
+    end
+    def cleanup_api_keys
+      api_keys.inactive.each(&:destroy)
+    end
+    def valid_skydrive_token?
+      self.token && self.token.is_valid?
+    end
+  end
+end

data/app/serializers/api_key_serializer.rb ADDED Viewed

@@ -0,0 +1,5 @@
+module Skydrive
+  class ApiKeySerializer < ActiveModel::Serializer
+    attributes :id, :user_id, :access_token
+  end
+end

data/app/serializers/user_serializer.rb ADDED Viewed

@@ -0,0 +1,5 @@
+module Skydrive
+  class UserSerializer < ActiveModel::Serializer
+    attributes :id, :name, :username, :email
+  end
+end

data/app/views/layouts/skydrive/application.html.erb ADDED Viewed

@@ -0,0 +1,21 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <title>Sky Drive</title>
+	<meta http-equiv="Content-type" content="text/html; charset=utf-8">
+  <%= stylesheet_link_tag    "skydrive/stylesheets/font-awesome/font-awesome.min.css", media: "all" %>
+  <%= stylesheet_link_tag    "skydrive/stylesheets/normalize.css", media: "all" %>
+  <%= stylesheet_link_tag    "skydrive/stylesheets/app.css", media: "all" %>
+  <%= javascript_include_tag "skydrive/javascripts/vendor/jquery.js" %>
+  <%= javascript_include_tag "skydrive/javascripts/vendor/handlebars.js" %>
+  <%= javascript_include_tag "skydrive/javascripts/vendor/ember.js" %>
+  <%= csrf_meta_tags %>
+</head>
+<body>
+<%#= yield %>
+<script src="skydrive/javascripts/application.js"></script>
+</body>
+</html>

data/app/views/skydrive/ember/index.html.erb ADDED Viewed

@@ -0,0 +1,20 @@
+<!doctype html>
+<html lang="en">
+<head>
+	<meta http-equiv="Content-type" content="text/html; charset=utf-8">
+  <link rel="stylesheet" href="/assets/skydrive/font-awesome/font-awesome.min.css">
+  <link rel="stylesheet" href="/assets/skydrive/normalize.css">
+  <link rel="stylesheet" href="/assets/skydrive/app.css">
+  <script src="/assets/skydrive/vendor/jquery.js"></script>
+  <script src="/assets/skydrive/vendor/handlebars.js"></script>
+  <script src="/assets/skydrive/vendor/ember.js"></script>
+	<title>Sky Drive</title>
+</head>
+<body>
+  <script type="text/javascript" charset="utf-8">
+    window.ENV = <%= raw @env.to_json %>;
+  </script>
+  <script src="/assets/skydrive/application.js"></script>
+</body>
+</html>

data/config/initializers/sharepoint.rb ADDED Viewed

	@@ -0,0 +1 @@
1	+ SHAREPOINT = YAML.load(File.read("#{Rails.root}/config/sharepoint.yml"))[Rails.env].symbolize_keys

data/config/routes.rb ADDED Viewed

@@ -0,0 +1,24 @@
+Skydrive::Engine.routes.draw do
+  root "ember#index"
+  get 'health_check' => 'ember#health_check'
+  get '/download/file' => 'files#download', as: :download
+  scope "api/v1" do
+    resources :users, except: [:new, :edit]
+    get 'files(/*uri)' => 'files#index'
+    get 'skydrive_authorized' => 'launch#skydrive_authorized'
+  end
+  post 'session' => 'session#create'
+  #LTI launch paths
+  get 'launch' => 'launch#basic_launch', :as => :launch
+  post 'launch' => 'launch#basic_launch'
+  get 'backdoor' => 'launch#backdoor_launch'
+  get 'microsoft_oauth' => 'launch#microsoft_oauth'
+  get 'config' => 'launch#xml_config'
+  post 'oauth2/token' => 'api_keys#oauth2_token'
+end

data/config/sharepoint.yml.example ADDED Viewed

@@ -0,0 +1,17 @@
+defaults: &defaults
+  guid: 00000003-0000-0ff1-ce00-000000000000
+development:
+  <<: *defaults
+  client_id: 00a878a3-fde7-47a3-9c89-3c9912e6bb83
+  client_secret: MO2cbtapMB22kKEKqNsTDTVUN0vwS1vNjqaCG+NejaI=
+test:
+  <<: *defaults
+  client_id: 00a878a3-fde7-47a3-9c89-3c9912e6bb83
+  client_secret: MO2cbtapMB22kKEKqNsTDTVUN0vwS1vNjqaCG+NejaI=
+production:
+  <<: *defaults
+  client_id: 00a878a3-fde7-47a3-9c89-3c9912e6bb83
+  client_secret: MO2cbtapMB22kKEKqNsTDTVUN0vwS1vNjqaCG+NejaI=

data/db/migrate/20130710195807_create_users.rb ADDED Viewed

@@ -0,0 +1,11 @@
+class CreateUsers < ActiveRecord::Migration
+  def change
+    create_table :users do |t|
+      t.string :name
+      t.string :username
+      t.string :email
+      t.timestamps
+    end
+  end
+end

data/db/migrate/20130710195819_create_api_keys.rb ADDED Viewed

@@ -0,0 +1,15 @@
+class CreateApiKeys < ActiveRecord::Migration
+  def change
+    create_table :api_keys do |t|
+      t.integer :user_id
+      t.string :access_token
+      t.string :scope
+      t.string :oauth_code
+      t.datetime :expired_at
+      t.datetime :created_at
+    end
+    add_index :api_keys, :user_id
+    add_index :api_keys, :access_token
+    add_index :api_keys, :oauth_code
+  end
+end

data/db/migrate/20130722173006_add_skydrive_token_storage.rb ADDED Viewed

@@ -0,0 +1,15 @@
+class AddSkydriveTokenStorage < ActiveRecord::Migration
+  def change
+    create_table :skydrive_tokens do |t|
+      t.integer :user_id
+      t.string :token_type
+      t.string :access_token
+      t.integer :expires_in
+      t.string :refresh_token
+      t.datetime :not_before
+      t.datetime :expires_on
+      t.string :resource
+    end
+    add_index :skydrive_tokens, :user_id
+  end
+end

data/db/migrate/20130725183724_add_client_domain_to_skydrive_tokens.rb ADDED Viewed

@@ -0,0 +1,5 @@
+class AddClientDomainToSkydriveTokens < ActiveRecord::Migration
+  def change
+    add_column :skydrive_tokens, :client_domain, :string
+  end
+end

data/db/migrate/20130726170108_add_personal_url_to_skydrive_token.rb ADDED Viewed

@@ -0,0 +1,5 @@
+class AddPersonalUrlToSkydriveToken < ActiveRecord::Migration
+  def change
+    add_column :skydrive_tokens, :personal_url, :string
+  end
+end

data/db/migrate/20130730164700_add_init_params_to_api_key.rb ADDED Viewed

@@ -0,0 +1,5 @@
+class AddInitParamsToApiKey < ActiveRecord::Migration
+  def change
+    add_column :api_keys, :init_params, :text
+  end
+end

data/db/migrate/20130801181008_create_lti_keys.rb ADDED Viewed

@@ -0,0 +1,9 @@
+class CreateLtiKeys < ActiveRecord::Migration
+  def change
+    create_table :lti_keys do |t|
+      t.string :key
+      t.string :secret
+    end
+    add_index :lti_keys, :key
+  end
+end

data/db/migrate/20130802231147_change_skydrive_token_length.rb ADDED Viewed

@@ -0,0 +1,6 @@
+class ChangeSkydriveTokenLength < ActiveRecord::Migration
+  def change
+    change_column :skydrive_tokens, :access_token, :text
+    change_column :skydrive_tokens, :refresh_token, :text
+  end
+end

data/db/migrate/20140103221052_skydrive_namespace.rb ADDED Viewed

@@ -0,0 +1,13 @@
+class SkydriveNamespace < ActiveRecord::Migration
+  def self.up
+    rename_table :api_keys, :skydrive_api_keys
+    rename_table :lti_keys, :skydrive_lti_keys
+    rename_table :users, :skydrive_users
+  end
+  def self.down
+    rename_table :skydrive_api_keys, :api_keys
+    rename_table :skydrive_lti_keys, :lti_keys
+    rename_table :skydrive_users, :users
+  end
+end