panda_pal 5.6.1 → 5.6.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7993707e0990a86f80f284e71273d15cfe69caf5c66558955fe2b62a9231cc7b
-  data.tar.gz: 8023bf4a5aebd34b7525a849114632b97af868874496b831b049873d2e176f96
+  metadata.gz: 8a4824355877c5a36c29faacc0da32347ae94be1c52d3efce5aed163bd8ee8d7
+  data.tar.gz: 1742b3a3547d60758eb53f74ffab79b316061c4887073351924229a638da3399
 SHA512:
-  metadata.gz: d096780e3672ad9883c23f70ad2c339247d65a4cbf217c60f2a2abeae81967dccf834c4181e21b18fb3502b4d2ae7e116469e5f612ae7ce81a77dbbebbbb0eb0
-  data.tar.gz: 24aa028f7a8dc64b7884112afa743c710b26ffa3224eac8c968cd75d0cb8665a180b0d0abb5eac6198194a7aabd0d04c71cad680502144c6417223e3e98acd71
+  metadata.gz: 9de12a4da426d281acc78dfb1588a7d2d33bce69d8de4c20d03eff3f12fcf8c4c0bf5aa6cd3e1951f1f061ea67a0e6a280b2c925dcc0619e27244858975e14ac
+  data.tar.gz: 8ccf4609b82b88456ecf5f245bca29e98aa916179c35da74a33a0eee57a4713f0dd9522e011999928df0267ce938d4a8f1f308a616b83da237c8d2f82bf691e0

data/app/controllers/panda_pal/lti_v1_p0_controller.rb

@@ -2,7 +2,11 @@ require_dependency "panda_pal/application_controller"
 
 module PandaPal
   class LtiV1P0Controller < ApplicationController
-    skip_before_action :verify_authenticity_token
+    if Rails.version < '5.0'
+      skip_before_action :verify_authenticity_token
+    else
+      skip_before_action :verify_authenticity_token, raise: false
+    end
 
     def launch
       current_session_data.merge!({

data/app/controllers/panda_pal/lti_v1_p3_controller.rb

@@ -2,11 +2,23 @@ require_dependency "panda_pal/application_controller"
 
 module PandaPal
   class LtiV1P3Controller < ApplicationController
-    skip_before_action :verify_authenticity_token
+    if Rails.version < '5.0'
+      skip_before_action :verify_authenticity_token
+    else
+      skip_before_action :verify_authenticity_token, raise: false
+    end
+
     before_action :validate_launch!, only: [:resource_link_request]
     around_action :switch_tenant, only: [:resource_link_request]
 
     def login
+      # TODO Figure out how to make this support deployment_ids
+      #   May need to move Platform#jwks_url and Platform#authentication_redirect_url to
+      #   a new GenericPlatform class/model and then associate the here-generated Session with
+      #   the public tenant, re-homing it once we have a deployment_id available
+      #   ... or create a new AuthState model instead of using Session here
+      @organization = PandaPal::Organization.find_by!(key: params[:client_id])
+
       current_session_data[:lti_oauth_nonce] = SecureRandom.uuid
 
       @form_action = current_lti_platform.authentication_redirect_url

data/app/models/panda_pal/platform.rb

@@ -3,6 +3,8 @@ begin
 rescue LoadError
 end
 
+require 'httparty'
+
 module PandaPal
   class Platform
     def public_jwks
@@ -49,7 +51,7 @@ module PandaPal
       "#{base_url}/login/oauth2/token"
     end
 
-    def base_url; org.canvas_url; end
+    def base_url; @organization.canvas_url; end # TODO Dissolve?
 
     module OrgExtension
       def install_lti(host: nil, context: :root_account, version: 'v1p1', exists: :error)

data/lib/panda_pal/engine.rb

@@ -60,7 +60,7 @@ module PandaPal
       ActionDispatch::Routing::Mapper.send :include, PandaPal::Helpers::RouteHelper
     end
 
-    initializer 'panda_pal.route_options', after: :build_middleware_stack do |app|
+    config.after_initialize do |app|
       ActiveSupport.on_load(:action_controller) do
         Rails.application.reload_routes!
         PandaPal::validate_pandapal_config!

data/lib/panda_pal/helpers/controller_helper.rb

@@ -59,7 +59,15 @@ module PandaPal::Helpers
       raise JSON::JWT::VerificationFailed, 'error decoding id_token' if decoded_jwt.blank?
 
       client_id = decoded_jwt['aud']
-      @organization = PandaPal::Organization.find_by!(key: client_id)
+      deployment_id = decoded_jwt['https://purl.imsglobal.org/spec/lti/claim/deployment_id']
+
+      if deployment_id.present?
+        @organization ||= PandaPal::Organization.find_by(key: "#{client_id}/#{deployment_id}")
+        @organization ||= PandaPal::Organization.find_by(key: deployment_id)
+      end
+
+      @organization ||= PandaPal::Organization.find_by(key: client_id)
+
       raise JSON::JWT::VerificationFailed, 'Unrecognized Organization' unless @organization.present?
 
       decoded_jwt.verify!(current_lti_platform.public_jwks)
@@ -124,8 +132,6 @@ module PandaPal::Helpers
 
     def organization_key
       org_key ||= params[:oauth_consumer_key]
-      org_key ||= "#{params[:client_id]}/#{params[:deployment_id]}" if params[:client_id].present? && params[:deployment_id].present?
-      org_key ||= params[:client_id] if params[:client_id].present?
       org_key ||= session[:organization_key]
       org_key
     end

data/lib/panda_pal/helpers/route_helper.rb

@@ -10,10 +10,7 @@ module PandaPal::Helpers::RouteHelper
 
     lti_options = options.delete(:lti_options) || {}
     lti_options[:auto_launch] = options.delete(:auto_launch)
-
-    if lti_options[:auto_launch].nil?
-      lti_options[:auto_launch] = (@scope[:path] || '').include?(':organization_id')
-    end
+    lti_options[:auto_launch] = true if lti_options[:auto_launch].nil? && (@scope[:path] || '').include?(':organization_id')
 
     lti_options[:route_helper_key] = path.split('/').reject(&:empty?).join('_')
     post(path, options.dup, &block)

data/lib/panda_pal/version.rb

@@ -1,3 +1,3 @@
 module PandaPal
-  VERSION = "5.6.1"
+  VERSION = "5.6.4"
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: panda_pal
 version: !ruby/object:Gem::Version
-  version: 5.6.1
+  version: 5.6.4
 platform: ruby
 authors:
 - Instructure ProServe
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-08-30 00:00:00.000000000 Z
+date: 2022-09-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails