panda_pal 4.0.2 → 4.0.3
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 5417c78c9e0bcfbf54c14f734f2557bc404b2cd8468308dadec444990504ddae
|
|
4
|
+
data.tar.gz: 662611dc5ee5bdea1e9ed4fc288c0ba3ac9a2f719245d08666118f4254e46bd1
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: af4e16b5a96d1aca7b4a5f427738ee3059668af3d66ec7f4d56cadf2bafa1b838296b3bbf17033b2893e5a9d7d9e8656d0e2483a09d96f8ddcdc34a278fbf5fd
|
|
7
|
+
data.tar.gz: fdd6010fa02960f3e9a613a3e4c0f28ee42c1b13318b61660b973ca1bd5611d88c1a96f2d17e7addc98505fb02a47b361a0665a8673c5694b07a46e3b75740ee
|
|
@@ -1,4 +1,12 @@
|
|
|
1
1
|
<script nonce=<%= content_security_policy_script_nonce %>>
|
|
2
|
-
|
|
3
|
-
|
|
2
|
+
const mainWindow = window.parent;
|
|
3
|
+
var url = window.location.href;
|
|
4
|
+
// Until PLAT-4836 is resolved, we need to make sure our url has a "?" in it.
|
|
5
|
+
if (!(url.indexOf("?") > -1)) {
|
|
6
|
+
url = url + "?dummy_param=1"
|
|
7
|
+
}
|
|
8
|
+
mainWindow.postMessage({
|
|
9
|
+
messageType: "requestFullWindowLaunch",
|
|
10
|
+
data: url
|
|
11
|
+
}, '*');
|
|
4
12
|
</script>
|
|
@@ -27,11 +27,32 @@ module PandaPal::Helpers::ControllerHelper
|
|
|
27
27
|
def validate_launch!
|
|
28
28
|
authorized = false
|
|
29
29
|
if @organization = params['oauth_consumer_key'] && PandaPal::Organization.find_by_key(params['oauth_consumer_key'])
|
|
30
|
-
|
|
30
|
+
sanitized_params = request.request_parameters
|
|
31
|
+
# These params come over with a safari-workaround launch. The authenticator doesn't like them, so clean them out.
|
|
32
|
+
safe_unexpected_params = ["full_win_launch_requested", "platform_redirect_url", "dummy_param"]
|
|
33
|
+
safe_unexpected_params.each do |p|
|
|
34
|
+
sanitized_params.delete(p)
|
|
35
|
+
end
|
|
36
|
+
authenticator = IMS::LTI::Services::MessageAuthenticator.new(request.original_url, sanitized_params, @organization.secret)
|
|
31
37
|
authorized = authenticator.valid_signature?
|
|
32
38
|
end
|
|
33
|
-
|
|
34
|
-
authorized
|
|
39
|
+
# short-circuit if we know the user is not authorized.
|
|
40
|
+
if !authorized
|
|
41
|
+
render plain: 'Invalid Credentials, please contact your Administrator.', :status => :unauthorized unless authorized
|
|
42
|
+
return authorized
|
|
43
|
+
end
|
|
44
|
+
if cookies_need_iframe_fix?
|
|
45
|
+
fix_iframe_cookies
|
|
46
|
+
return false
|
|
47
|
+
end
|
|
48
|
+
# For safari we may have been launched temporarily full-screen by canvas. This allows us to set the session cookie.
|
|
49
|
+
# In this case, we should make sure the session cookie is fixed and redirect back to canvas to properly launch the embedded LTI.
|
|
50
|
+
if params[:platform_redirect_url]
|
|
51
|
+
session[:safari_cookie_fixed] = true
|
|
52
|
+
redirect_to params[:platform_redirect_url]
|
|
53
|
+
return false
|
|
54
|
+
end
|
|
55
|
+
return authorized
|
|
35
56
|
end
|
|
36
57
|
|
|
37
58
|
def switch_tenant(organization = current_organization, &block)
|
|
@@ -57,7 +78,7 @@ module PandaPal::Helpers::ControllerHelper
|
|
|
57
78
|
end
|
|
58
79
|
|
|
59
80
|
def cookies_need_iframe_fix?
|
|
60
|
-
browser.safari? && !request.referrer&.include?('sessionless_launch') && !session[:safari_cookie_fixed]
|
|
81
|
+
browser.safari? && !request.referrer&.include?('sessionless_launch') && !session[:safari_cookie_fixed] && !params[:platform_redirect_url]
|
|
61
82
|
end
|
|
62
83
|
|
|
63
84
|
def forbid_access_if_lacking_session
|
data/lib/panda_pal/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: panda_pal
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 4.0.
|
|
4
|
+
version: 4.0.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Instructure ProServe
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-
|
|
11
|
+
date: 2019-08-28 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rails
|