panda_pal 5.6.0 → 5.6.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 57786e37a6af09156402d16afed167b7984105dde04a1e1cc32aad5d8505567a
-  data.tar.gz: 1d9cc2abbe1dce34ce0d52aa0234f6f8e909dca3a5c9eabd59b57d2b91de9f90
+  metadata.gz: 79e31ac9d48be7e13d818cd57950034fa982726721bb9c451bac65ee3aaee702
+  data.tar.gz: 1bf00f07eba7546e160b2ee268e3bbfd37fdd3dfdf339999e8f322c43ceb6780
 SHA512:
-  metadata.gz: 1943d3e91f8c510f28eeedd1793a8853545800608b098aa29e217a3ab7a155ad6e6ea414e6c661b13206b0980b527425564612c91f65a97e17537436ac30e449
-  data.tar.gz: d762fe3b44e97fda8eaded8595ebf4f53a8a2e551de8fd5ab8e74433068dcb2a52fcc0dcbf5af637ca0e28c13ee88d3d751a3860bd8d873d61f85a3199d44055
+  metadata.gz: 4dfa6dbf1aff76385844bb204aab7298d4096410df44cc2646643fe28bd2a2d54c9960f932c624544ee990218fc95022e27964c73b7604545fafa6618630fa0b
+  data.tar.gz: 0a74434217765714b28247315515ba9c6c71931d367e96130d3ed51a4f334ce43c03d80a0bdb6dfeee27caeff98f36c857cd525e61ee294a36db88f2619e4e76

data/app/controllers/panda_pal/lti_v1_p0_controller.rb

@@ -2,7 +2,11 @@ require_dependency "panda_pal/application_controller"
 
 module PandaPal
   class LtiV1P0Controller < ApplicationController
-    skip_before_action :verify_authenticity_token
+    if Rails.version < '5.0'
+      skip_before_action :verify_authenticity_token
+    else
+      skip_before_action :verify_authenticity_token, raise: false
+    end
 
     def launch
       current_session_data.merge!({

data/app/controllers/panda_pal/lti_v1_p3_controller.rb

@@ -2,11 +2,23 @@ require_dependency "panda_pal/application_controller"
 
 module PandaPal
   class LtiV1P3Controller < ApplicationController
-    skip_before_action :verify_authenticity_token
+    if Rails.version < '5.0'
+      skip_before_action :verify_authenticity_token
+    else
+      skip_before_action :verify_authenticity_token, raise: false
+    end
+
     before_action :validate_launch!, only: [:resource_link_request]
     around_action :switch_tenant, only: [:resource_link_request]
 
     def login
+      # TODO Figure out how to make this support deployment_ids
+      #   May need to move Platform#jwks_url and Platform#authentication_redirect_url to
+      #   a new GenericPlatform class/model and then associate the here-generated Session with
+      #   the public tenant, re-homing it once we have a deployment_id available
+      #   ... or create a new AuthState model instead of using Session here
+      @organization = PandaPal::Organization.find_by!(key: params[:client_id])
+
       current_session_data[:lti_oauth_nonce] = SecureRandom.uuid
 
       @form_action = current_lti_platform.authentication_redirect_url

data/app/models/panda_pal/platform.rb

@@ -3,6 +3,8 @@ begin
 rescue LoadError
 end
 
+require 'httparty'
+
 module PandaPal
   class Platform
     def public_jwks
@@ -49,7 +51,7 @@ module PandaPal
       "#{base_url}/login/oauth2/token"
     end
 
-    def base_url; org.canvas_url; end
+    def base_url; @organization.canvas_url; end # TODO Dissolve?
 
     module OrgExtension
       def install_lti(host: nil, context: :root_account, version: 'v1p1', exists: :error)

data/lib/panda_pal/engine.rb

@@ -60,7 +60,7 @@ module PandaPal
       ActionDispatch::Routing::Mapper.send :include, PandaPal::Helpers::RouteHelper
     end
 
-    initializer 'panda_pal.route_options' do |app|
+    initializer 'panda_pal.route_options', after: :build_middleware_stack do |app|
       ActiveSupport.on_load(:action_controller) do
         Rails.application.reload_routes!
         PandaPal::validate_pandapal_config!

data/lib/panda_pal/helpers/controller_helper.rb

@@ -59,7 +59,15 @@ module PandaPal::Helpers
       raise JSON::JWT::VerificationFailed, 'error decoding id_token' if decoded_jwt.blank?
 
       client_id = decoded_jwt['aud']
-      @organization = PandaPal::Organization.find_by!(key: client_id)
+      deployment_id = decoded_jwt['https://purl.imsglobal.org/spec/lti/claim/deployment_id']
+
+      if deployment_id.present?
+        @organization ||= PandaPal::Organization.find_by(key: "#{client_id}/#{deployment_id}")
+        @organization ||= PandaPal::Organization.find_by(key: deployment_id)
+      end
+
+      @organization ||= PandaPal::Organization.find_by(key: client_id)
+
       raise JSON::JWT::VerificationFailed, 'Unrecognized Organization' unless @organization.present?
 
       decoded_jwt.verify!(current_lti_platform.public_jwks)
@@ -124,8 +132,6 @@ module PandaPal::Helpers
 
     def organization_key
       org_key ||= params[:oauth_consumer_key]
-      org_key ||= "#{params[:client_id]}/#{params[:deployment_id]}" if params[:client_id].present? && params[:deployment_id].present?
-      org_key ||= params[:client_id] if params[:client_id].present?
       org_key ||= session[:organization_key]
       org_key
     end

data/lib/panda_pal/helpers/route_helper.rb

@@ -10,10 +10,7 @@ module PandaPal::Helpers::RouteHelper
 
     lti_options = options.delete(:lti_options) || {}
     lti_options[:auto_launch] = options.delete(:auto_launch)
-
-    if lti_options[:auto_launch].nil?
-      lti_options[:auto_launch] = (@scope[:path] || '').include?(':organization_id')
-    end
+    lti_options[:auto_launch] = true if lti_options[:auto_launch].nil? && (@scope[:path] || '').include?(':organization_id')
 
     lti_options[:route_helper_key] = path.split('/').reject(&:empty?).join('_')
     post(path, options.dup, &block)

data/lib/panda_pal/version.rb

@@ -1,3 +1,3 @@
 module PandaPal
-  VERSION = "5.6.0"
+  VERSION = "5.6.3"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: panda_pal
 version: !ruby/object:Gem::Version
-  version: 5.6.0
+  version: 5.6.3
 platform: ruby
 authors:
 - Instructure ProServe
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-07-29 00:00:00.000000000 Z
+date: 2022-09-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails