RubyGems - lti_skydrive - Versions diffs - 1.2.0 → 1.2.1 - Mend

lti_skydrive 1.2.0 → 1.2.1

Files changed (30) hide show

checksums.yaml CHANGED Viewed

@@ -1,15 +1,7 @@
 ---
-!binary "U0hBMQ==":
-  metadata.gz: !binary |-
-    OWFmMTU0ZmUzNjQzOTljZWY5MjY2ODlmY2U1YWFjMDcyZTdjYjZjMg==
-  data.tar.gz: !binary |-
-    ZGUzNDk1ODEyMDE0ZTdmZmE3MTU3N2U1YmFmNmFjMzY5ZTkyNjFhOQ==
+SHA1:
+  metadata.gz: 0b86a8e829a9306ff1eb0bb4fd553470803fb2c1
+  data.tar.gz: 7edd66d2c89d2e532bdaf8f4d835e32a08b1017a
 SHA512:
-  metadata.gz: !binary |-
-    NWYxMmU3NzFhYWZiODYyY2NhZGNmZjVkMjhlNDUzNmQ5ZDM1MWEyZjJjNDE5
-    ZGFhOTJlZjE3NDdkMTM0MmZjZTcwZjNiNjA3OGQ5YzVlMGQzYmRkMjU1YzI4
-    MzhjMTMwMjQzYzAzMWFlMzU3ZDQ0NTY2YTU1NTEyNDI1YjAzYTA=
-  data.tar.gz: !binary |-
-    OTRiMmM4ZGNhMTljZDFiMTYzYjM2MWQ5YTIxM2I2NGQ0OWZhODY3OGUyNWNh
-    ZTZhNThiNDgxNWI0YjU4ZWUwZWZmYmM3OWU4NWI4MjgxYjkxMjkxZDgxZDcx
-    YTkzODJiYzI4Zjg0MTIwZmJjODQ1ZWI2MTY3YzkwNjFmNzViMzY=
+  metadata.gz: 256f3e439614ec9318abecb8f20bb4670849a640cb4007ff4a626e6f1ec9b3520e77f9b906c512ce6332635c647ad16eff69d44601c0ab267545676ec99b8323
+  data.tar.gz: c3a020f97b8d890d8aad9b2a7b9d18a0914493238401e8445a065ea2c9324920c654907b137d2d0b30560e29cf9a58c450240cdc4094baa56b94dc825662cda4

data/app/controllers/skydrive/application_controller.rb CHANGED Viewed

@@ -38,11 +38,7 @@ module Skydrive
     end
     def skydrive_client
-      @skydrive_client ||=
-          Client.new(SHAREPOINT.merge(
-                         personal_url: current_user.token.personal_url,
-                         token: current_user.token.access_token
-                     ))
+      @skydrive_client ||= current_user.skydrive_client
     end
   end
 end

data/app/controllers/skydrive/files_controller.rb CHANGED Viewed

@@ -1,4 +1,5 @@
 require 'open-uri'
+require 'mimemagic'
 module Skydrive
   class FilesController < ApplicationController
@@ -44,8 +45,14 @@ module Skydrive
       if api_key
         user = api_key.user
         uri = "#{user.token.personal_url}_api/Web/GetFileByServerRelativeUrl('#{params[:file].gsub(/ /, '%20')}')/$value"
-        puts "URI: #{uri}"
-        send_data open(uri, { "Authorization" => "Bearer #{user.token.access_token}"}, &:read)
+        send_data_options = {
+          filename: ::File.basename(params[:file]),
+          type: MimeMagic::by_extension(params[:file].match(/\.[a-z]+$/))
+        }
+        data = open(uri, { "Authorization" => "Bearer #{user.token.access_token}"}, &:read)
+        send_data(data, send_data_options)
       else
         render status: 401
       end

data/app/controllers/skydrive/launch_controller.rb CHANGED Viewed

@@ -4,58 +4,45 @@ require 'ims/lti'
 module Skydrive
   ERROR_NO_API_KEY = "Unable to get an access token, your state is invalid"
-  ERROR_JSON_PARSE = "JSON::ParserError"
-  ERROR_SKY_DRIVE_API = "Skydrive::APIErrorException"
   class LaunchController < ApplicationController
     include ActionController::Cookies
     before_filter :ensure_authenticated_user, only: :skydrive_authorized
     def tool_provider
-      require 'oauth/request_proxy/rack_request'
+      @tool_provider ||= begin
+        require 'oauth/request_proxy/rack_request'
+        @account = Account.where(key: params['oauth_consumer_key']).first
-      @account = Account.where(key: params['oauth_consumer_key']).first
+        if @account
+          key = @account.key
+          secret = @account.secret
+        end
-      if @account
-        key = @account.key
-        secret = @account.secret
-      end
+        tp = IMS::LTI::ToolProvider.new(key, secret, params)
-      tp = IMS::LTI::ToolProvider.new(key, secret, params)
+        if !key
+          tp.lti_errorlog = "Invalid consumer key or secret"
+        elsif !secret
+          tp.lti_errorlog = "Consumer key wasn't recognized"
+        elsif !tp.valid_request?(request)
+          tp.lti_errorlog = "The OAuth signature was invalid"
+        elsif Time.now.utc.to_i - tp.request_oauth_timestamp.to_i > 120
+          tp.lti_errorlog = "Your request is too old"
+        end
-      if !key
-        tp.lti_errorlog = "Invalid consumer key or secret"
-      elsif !secret
-        tp.lti_errorlog = "Consumer key wasn't recognized"
-      elsif !tp.valid_request?(request)
-        tp.lti_errorlog = "The OAuth signature was invalid"
-      elsif Time.now.utc.to_i - tp.request_oauth_timestamp.to_i > 120
-        tp.lti_errorlog = "Your request is too old"
+        tp
       end
-      #
-      ## this isn't actually checking anything like it should, just want people
-      ## implementing real tools to be aware they need to check the nonce
-      #if was_nonce_used_in_last_x_minutes?(@tp.request_oauth_nonce, 60)
-      #  register_error "Why are you reusing the nonce?"
-      #  return false
-      #end
-      return tp
     end
     def basic_launch
       tp = tool_provider
       if tp.lti_errorlog
         render text: tp.lti_errorlog, status: 400, layout: "skydrive/error"
         return
       end
-      user_id = tp.get_custom_param('masquerading_user_id') || tp.user_id
-      is_masquerading = user_id == tp.get_custom_param('masquerading_user_id')
+      user_id = is_masquerading && tp.get_custom_param('masquerading_user_id') || tp.user_id
       name = is_masquerading ? 'masqueraded session' : tp.lis_person_name_full
       email = is_masquerading ? 'masqueraded session' : tp.lis_person_contact_email_primary
@@ -72,8 +59,6 @@ module Skydrive
         user.name = name
         user.save!
       end
-      user.ensure_token
       user.cleanup_api_keys
       code = user.session_api_key(params).oauth_code
@@ -81,17 +66,7 @@ module Skydrive
     end
     def skydrive_authorized
-      skydrive_token = current_user.token
-      if skydrive_token && skydrive_token.requires_refresh?
-        begin
-          skydrive_client.refresh_token = skydrive_token.refresh_token
-          skydrive_token.refresh!(skydrive_client)
-        rescue Skydrive::APIResponseErrorException => error
-          current_user.reset_token!
-        end
-      end
-      if skydrive_token && skydrive_token.is_valid?
+      if current_user.valid_skydrive_token?
         render json: {}, status: 201
       else
         code = current_user.api_keys.active.skydrive_oauth.create.oauth_code
@@ -102,19 +77,19 @@ module Skydrive
     def microsoft_oauth
       begin
         api_key = ApiKey.trade_oauth_code_for_access_token(params['state'])
-        raise RuntimeError, ERROR_NO_API_KEY unless api_key
+        raise OAuthStateException, ERROR_NO_API_KEY unless api_key
         @current_user = api_key.user
         skydrive_client.request_oauth_token(params['code'], microsoft_oauth_url)
         service = skydrive_client.get_my_files_service()
         current_user.token.resource = service["serviceResourceId"]
-        current_user.token.refresh!(skydrive_client)
+        current_user.token.refresh!
         personal_url = skydrive_client.get_personal_url(service["serviceEndpointUri"]).gsub(/\/Documents$/,'/')
         current_user.token.update_attribute(:personal_url, personal_url)
         redirect_to "#{root_path}oauth/callback"
-      rescue Exception => api_error
+      rescue APIResponseErrorException, JSON::ParserError, OAuthStateException => api_error
         launch_exception_handler api_error
       end
     end
@@ -164,5 +139,12 @@ module Skydrive
       render action: :launch_error, status: 400, layout: "skydrive/error"
     end
+    def is_masquerading
+      @is_masquerading ||= begin
+        m_user_id = tool_provider.get_custom_param('masquerading_user_id')
+        !m_user_id.blank? && m_user_id != '$Canvas.masqueradingUser.userId'
+      end
+    end
   end
 end

data/app/models/skydrive/token.rb CHANGED Viewed

@@ -4,16 +4,16 @@ module Skydrive
     belongs_to :user
     def requires_refresh?
-      !!self.not_before && self.not_before < Time.now
+      !!(self.not_before && !self.not_before.is_a?(Time) && self.not_before < Time.now)
     end
     def is_valid?
       !!self.access_token && self.expires_on && self.expires_on > Time.now
     end
-    def refresh!(client)
+    def refresh!
       results = {}
-      results = client.refresh_token(resource: resource)
+      results = self.user.skydrive_client.update_api_tokens(resource: resource, refresh_token: refresh_token, token: access_token)
       if results.key? 'access_token'
         attrs = ['token_type', 'expires_in', 'expires_on', 'not_before', 'resource', 'access_token', 'refresh_token']
         update_attributes(results.reject{|a| !attrs.include?(a)})

data/app/models/skydrive/user.rb CHANGED Viewed

@@ -2,6 +2,9 @@ module Skydrive
   class User < ActiveRecord::Base
     include ActiveModel::ForbiddenAttributesProtection
+    after_initialize :ensure_token
+    after_initialize :cleanup_api_keys
     has_many :api_keys
     has_one :token
     belongs_to :account
@@ -26,6 +29,14 @@ module Skydrive
     end
     def ensure_token
+      if self.token
+        begin
+          self.token.refresh! if self.token.requires_refresh?
+        rescue Skydrive::APIResponseErrorException, JSON::ParserError => error
+          self.reset_token!
+        end
+      end
       self.token = self.create_token unless self.token
     end
@@ -34,12 +45,10 @@ module Skydrive
       ensure_token
     end
-    # Convenience method
-    def onedrive_client
-      @onedrive_client ||=
+    def skydrive_client
+      @skydrive_client ||=
           Client.new(SHAREPOINT.merge(
-                         personal_url: self.token.personal_url,
-                         token: self.token.access_token
+                          user_token: self.token
                      ))
     end
   end

data/config/database.yml ADDED Viewed

@@ -0,0 +1,12 @@
+development: &default
+  adapter: postgresql
+  encoding: unicode
+  database: lti_skydrive
+  host: localhost
+  pool: 5
+  username: canvas
+test:
+  <<: *default
+  database: lti_skydrive_test

data/lib/skydrive.rb CHANGED Viewed

@@ -1,6 +1,24 @@
 require "skydrive/engine"
 module Skydrive
+  class OAuthStateException < RuntimeError
+  end
+  class APIErrorException < RuntimeError
+  end
+  class APIResponseErrorException < RuntimeError
+    attr_reader :response, :code, :description
+    def initialize(response)
+      @response = response
+      @code = response['error']
+      @description = response['error_description']
+      super("#{@code}: #{@description}\n#{response}")
+    end
+  end
   class << self
     attr_accessor :logger
   end

data/lib/skydrive/client.rb CHANGED Viewed

@@ -7,28 +7,29 @@ require 'skydrive/raven_logger'
 module Skydrive
-  class APIErrorException < RuntimeError
-  end
-  class APIResponseErrorException < RuntimeError
-    attr_reader :response, :code, :description
-    def initialize(response)
-      @response = response
-      @code = response['error']
-      @description = response['error_description']
-      super("#{@code}: #{@description}\n#{response}")
-    end
-  end
   class Client
     include ActionView::Helpers::NumberHelper
-    attr_accessor :client_id, :client_secret, :guid, :personal_url, :token, :refresh_token
+    attr_accessor :client_id, :client_secret, :guid, :user_token
     def initialize(options = {})
       options.each do |key, val|
         self.send("#{key}=", val) if self.respond_to?("#{key}=")
       end
+      RestClient.log = Skydrive.logger
+    end
+    def personal_url
+      user_token.personal_url
+    end
+    def token
+      user_token.access_token
+    end
+    def refresh_token
+      user_token.refresh_token
     end
     # URL used to authorize this app for a sharepoint tenant
@@ -59,8 +60,8 @@ module Skydrive
       RestClient.post endpoint, options do |response, request, result|
         log_restclient_response(response, request, result)
         results = format_results(parse_api_response(response))
-        self.token = results['access_token']
-        self.refresh_token = results['refresh_token']
+        self.user_token.access_token = results['access_token']
+        self.user_token.refresh_token = results['refresh_token']
         results
       end
     end
@@ -71,23 +72,25 @@ module Skydrive
     end
     def get_personal_url(service_endpoint_uri)
-      self.personal_url = api_call("#{service_endpoint_uri}/files/root/weburl", {'Accept' => nil})['value']
+      self.user_token.personal_url = api_call("#{service_endpoint_uri}/files/root/weburl", {'Accept' => nil})['value']
     end
-    def refresh_token(params)
+    def update_api_tokens(params)
       endpoint = 'https://login.windows.net/common/oauth2/token'
       options = {
           client_id: client_id,
           client_secret: client_secret,
           grant_type: 'refresh_token',
-          refresh_token: @refresh_token
+          refresh_token: self.user_token.refresh_token
       }.merge(params)
+      Rails.logger.info("#{refresh_token} | #{params[:refresh_token]} | #{options[:refresh_token]}")
       RestClient.post endpoint, options do |response, request, result|
         log_restclient_response(response, request, result)
         results = format_results(parse_api_response(response))
-        self.token = results['access_token']
-        self.refresh_token = results['refresh_token']
+        self.user_token.access_token = results['access_token']
+        self.user_token.refresh_token = results['refresh_token']
         results
       end
     end
@@ -168,49 +171,16 @@ module Skydrive
     end
     def api_call(url, headers = {})
-      begin
+      url.gsub!("https:/i", "https://i")
+      uri = URI.escape(url)
-        url.gsub!("https:/i", "https://i")
-        uri = URI.escape(url)
+      headers['Authorization'] = "Bearer #{self.user_token.access_token}" unless headers.has_key? 'Authorization'
+      headers['Accept'] = "application/json; odata=verbose" unless headers.has_key? 'Accept'
-        headers['Authorization'] = "Bearer #{token}" unless headers.has_key? 'Authorization'
-        headers['Accept'] = "application/json; odata=verbose" unless headers.has_key? 'Accept'
-        c = Curl::Easy.new(uri) do |http|
-          headers.each {|k,v| http.headers[k] = v if v }
-        end
-        headers = []
-        buffer = ""
-        c.on_body { |data|
-          buffer << data
-          data.size
-        }
-        c.on_header { |data|
-          headers << data
-          data.size
-        }
-        c.perform
-        result = parse_api_response(buffer)
-      rescue Exception => error
-        pid = generate_pid
-        headerOutput = c.headers.map {|k,v| "#{k}: #{v}"}.join("\n[#{pid}] - ")
-        backtrace_output = error.backtrace.join("\n[#{pid}] - ")
-        buffer_output = buffer.split("\n").join("\n[#{pid}] - ")
-        Skydrive.logger.error("[#{pid}] SKYDRIVE ERROR: #{error.class.to_s} ◊ #{error}")
-        Skydrive.logger.info("[#{pid}] SKYDRIVE BACKTRACE: \n[#{pid}] - #{backtrace_output}")
-        Skydrive.logger.info("[#{pid}] SKYDRIVE REQUEST: #{uri.to_s}")
-        Skydrive.logger.info("[#{pid}] SKYDRIVE REQUEST HEADERS:\n[#{pid}] - #{headerOutput}")
-        Skydrive.logger.info("[#{pid}] SKYDRIVE RESPONSE HEADERS:\n[#{pid}] - #{headers.join('  - ')}")
-        Skydrive.logger.info("[#{pid}] SKYDRIVE RESPONSE BODY:\n[#{pid}] - #{buffer_output}");
-        Skydrive.logger.info("[#{pid}] END --\n");
-        RavenLogger.capture_exception(error)
-        raise error
+      result = RestClient.get uri, headers do |response, request, result|
+        log_restclient_response(response, request, result)
+        parse_api_response(response)
       end
       result["d"] || result
     end
@@ -221,17 +191,49 @@ module Skydrive
     private
     def log_restclient_response(response, request, result)
-      pid = generate_pid
-      Skydrive.logger.info("[#{pid}] SKYDRIVE REQUEST: #{request.url}")
-      Skydrive.logger.info("[#{pid}] SKYDRIVE REQUEST PAYLOAD: #{request.payload}")
-      headerOutput = request.headers.values.join("\n  - ")
-      Skydrive.logger.info("[#{pid}] SKYDRIVE REQUEST HEADERS:\n  - #{headerOutput}")
-      Skydrive.logger.info("[#{pid}] SKYDRIVE RESPONSE CODE: #{result.code}")
-      Skydrive.logger.info("[#{pid}] SKYDRIVE RESPONSE BODY:\n#{response}")
+      response = format_log_lines response.split("\n")
+      request_headers = format_key_value_log_lines request.headers.merge(request.processed_headers)
+      response_headers = format_key_value_log_lines result.each_header
+      payload = request.args[:payload] || (request.payload && request.payload.empty? && request.payload) || '--No Payload!!--'
+      Skydrive.logger.info(%Q|
+==========================================================================
+========= BEGIN SKYDRIVE RestClient Response log [#{current_pid}] ========
+      Method:   #{request.method}
+      Endpoint: #{request.url}
+      Headers: #{request_headers}
+      Payload: #{payload}
+      Response Code: #{result.code}
+      Response Headers: #{response_headers}
+      Response Body: #{response}
+      Caller: #{format_log_lines caller}
+========= END SKYDRIVE RestClient Response log [#{current_pid}] =========
+=========================================================================|)
+    end
+    def format_key_value_log_lines(lines)
+      format_log_lines lines.map {|k, v| "$#{k} => '#{v}'"}
+    end
+    def format_log_lines(lines)
+      space = "\n          "
+      "#{space}#{lines.join(space)}"
+    end
+    def log_error(error)
+      RavenLogger.capture_exception(error)
+      Skydrive.logger.error(%Q|
+==========================================================================
+========= BEGIN SKYDRIVE ERROR [#{current_pid}] ==========================
+      Error: #{error}
+      Class: #{error.class.to_s}
+      Caller: #{format_log_lines  caller}
+========= END SKYDRIVE ERROR [#{current_pid}] ============================
+==========================================================================|)
     end
-    def generate_pid
-      (0...8).map { (65 + rand(26)).chr }.join
+    def current_pid
+      @pid ||= (0...8).map { (65 + rand(26)).chr }.join
     end
     def parse_api_response(body)