qalam_ims_lti 0.0.2

data/lib/ims/lti/models/vendor.rb

@@ -0,0 +1,28 @@
+module IMS::LTI::Models
+  class Vendor < LTIModel
+
+    add_attributes :code, :website
+    add_attribute :id, json_key:'@id'
+    add_attribute :contact, relation:'IMS::LTI::Models::Contact'
+    add_attribute :vendor_name, relation:'IMS::LTI::Models::LocalizedName'
+    add_attribute :description, relation:'IMS::LTI::Models::LocalizedText'
+    add_attribute :timestamp, json_converter: 'IMS::LTI::Converters::TimeJSONConverter'
+
+    def create_vendor_name(name, key = 'vendor.name')
+      @vendor_name = LocalizedName.new(name, key)
+    end
+
+    def create_description(name, key = 'vendor.description')
+      @description = LocalizedText.new(name, key)
+    end
+
+    def default_name
+      vendor_name && vendor_name.default_value
+    end
+
+    def default_description
+      description && description.default_value
+    end
+
+  end
+end

data/lib/ims/lti/models.rb

@@ -0,0 +1,38 @@
+module IMS::LTI
+  module Models
+    require_relative 'models/lti_model'
+    require_relative 'models/serializable'
+    require_relative 'models/contact'
+    require_relative 'models/localized_name'
+    require_relative 'models/localized_text'
+    require_relative 'models/product_family'
+    require_relative 'models/product_info'
+    require_relative 'models/product_instance'
+    require_relative 'models/rest_service'
+    require_relative 'models/service_owner'
+    require_relative 'models/service_provider'
+    require_relative 'models/tool_consumer_profile'
+    require_relative 'models/vendor'
+    require_relative 'models/messages'
+    require_relative 'models/tool_proxy'
+    require_relative 'models/tool_profile'
+    require_relative 'models/resource_handler'
+    require_relative 'models/resource_type'
+    require_relative 'models/message_handler'
+    require_relative 'models/parameter'
+    require_relative 'models/icon_info'
+    require_relative 'models/icon_endpoint'
+    require_relative 'models/security_contract'
+    require_relative 'models/rest_service_profile'
+    require_relative 'models/base_url_choice'
+    require_relative 'models/base_url_selector'
+    require_relative 'models/tool_setting'
+    require_relative 'models/tool_setting_container'
+    require_relative 'models/content_items'
+    require_relative 'models/content_item_placement'
+    require_relative 'models/content_item_container'
+    require_relative 'models/image'
+    require_relative 'models/membership_service'
+    require_relative 'models/security_profile'
+  end
+end

data/lib/ims/lti/outcome_request.rb

@@ -0,0 +1,225 @@
+module IMS::LTI
+  # Class for consuming/generating LTI Outcome Requests
+  #
+  # Outcome Request documentation: http://www.imsglobal.org/lti/v1p1pd/ltiIMGv1p1pd.html#_Toc309649691
+  #
+  # This class can be used by both Tool Providers and Tool Consumers. Each will
+  # use it a bit differently. The Tool Provider will use it to POST an OAuth-signed
+  # request to a TC. A Tool Consumer will use it to parse such a request from a TP.
+  #
+  # === Tool Provider Usage
+  # An OutcomeRequest will generally be created through a configured ToolProvider
+  # object. See the ToolProvider documentation.
+  #
+  # === Tool Consumer Usage
+  # When an outcome request is sent from a TP the body of the request is XML.
+  # This class parses that XML and provides a simple interface for accessing the
+  # information in the request. Typical usage would be:
+  #
+  #    # create an OutcomeRequest from the request object
+  #    req = IMS::LTI::OutcomeRequest.from_post_request(request)
+  #
+  #    # access the source id to identify the user who's grade you'd like to access
+  #    req.lis_result_sourcedid
+  #
+  #    # process the request
+  #    if req.replace_request?
+  #      # set a new score for the user
+  #    elsif req.read_request?
+  #      # return the score for the user
+  #    elsif req.delete_request?
+  #      # clear the score for the user
+  #    else
+  #      # return an unsupported OutcomeResponse
+  #    end
+  class OutcomeRequest < ToolBase
+    include IMS::LTI::Extensions::Base
+
+    REPLACE_REQUEST = 'replaceResult'
+    DELETE_REQUEST = 'deleteResult'
+    READ_REQUEST = 'readResult'
+
+    attr_accessor :operation, :score, :outcome_response, :message_identifier,
+                  :lis_outcome_service_url, :lis_result_sourcedid,
+                  :consumer_key, :consumer_secret, :post_request
+
+    # Create a new OutcomeRequest
+    #
+    # @param opts [Hash] initialization hash
+    def initialize(opts={})
+      opts.each_pair do |key, val|
+        self.send("#{key}=", val) if self.respond_to?("#{key}=")
+      end
+    end
+
+    # Convenience method for creating a new OutcomeRequest from a request object
+    #
+    #    req = IMS::LTI::OutcomeRequest.from_post_request(request)
+    def self.from_post_request(post_request)
+      request = OutcomeRequest.new
+      request.process_post_request(post_request)
+    end
+
+    def process_post_request(post_request)
+      self.post_request = post_request
+      if post_request.body.respond_to?(:read)
+        xml = post_request.body.read
+        post_request.body.rewind
+      else
+        xml = post_request.body
+      end
+      self.process_xml(xml)
+      self
+    end
+
+    # POSTs the given score to the Tool Consumer with a replaceResult
+    #
+    # @return [OutcomeResponse] The response from the Tool Consumer
+    def post_replace_result!(score)
+      @operation = REPLACE_REQUEST
+      @score = score
+      post_outcome_request
+    end
+
+    # POSTs a deleteResult to the Tool Consumer
+    #
+    # @return [OutcomeResponse] The response from the Tool Consumer
+    def post_delete_result!
+      @operation = DELETE_REQUEST
+      post_outcome_request
+    end
+
+    # POSTs a readResult to the Tool Consumer
+    #
+    # @return [OutcomeResponse] The response from the Tool Consumer
+    def post_read_result!
+      @operation = READ_REQUEST
+      post_outcome_request
+    end
+
+    # Check whether this request is a replaceResult request
+    def replace_request?
+      @operation == REPLACE_REQUEST
+    end
+
+    # Check whether this request is a deleteResult request
+    def delete_request?
+      @operation == DELETE_REQUEST
+    end
+
+    # Check whether this request is a readResult request
+    def read_request?
+      @operation == READ_REQUEST
+    end
+
+    # Check whether the last outcome POST was successful
+    def outcome_post_successful?
+      @outcome_response && @outcome_response.success?
+    end
+
+    # POST an OAuth signed request to the Tool Consumer
+    #
+    # @return [OutcomeResponse] The response from the Tool Consumer
+    def post_outcome_request
+      raise IMS::LTI::InvalidLTIConfigError, "" unless has_required_attributes?
+
+      res = post_service_request(@lis_outcome_service_url,
+                                 'application/xml',
+                                 generate_request_xml)
+
+      @outcome_response = extend_outcome_response(OutcomeResponse.new)
+      @outcome_response.process_post_response(res)
+    end
+
+    # Parse Outcome Request data from XML
+    def process_xml(xml)
+      doc = REXML::Document.new xml
+      @message_identifier = doc.text("//imsx_POXRequestHeaderInfo/imsx_messageIdentifier")
+      @lis_result_sourcedid = doc.text("//resultRecord/sourcedGUID/sourcedId")
+
+      if REXML::XPath.first(doc, "//deleteResultRequest")
+        @operation = DELETE_REQUEST
+      elsif REXML::XPath.first(doc, "//readResultRequest")
+        @operation = READ_REQUEST
+      elsif REXML::XPath.first(doc, "//replaceResultRequest")
+        @operation = REPLACE_REQUEST
+        @score = doc.get_text("//resultRecord/result/resultScore/textString")
+      end
+      extention_process_xml(doc)
+    end
+
+    def generate_request_xml
+      raise IMS::LTI::InvalidLTIConfigError, "`@operation` and `@lis_result_sourcedid` are required" unless has_request_xml_attributes?
+      builder = Builder::XmlMarkup.new #(:indent=>2)
+      builder.instruct!
+
+      builder.imsx_POXEnvelopeRequest("xmlns" => "http://www.imsglobal.org/services/ltiv1p1/xsd/imsoms_v1p0") do |env|
+        env.imsx_POXHeader do |header|
+          header.imsx_POXRequestHeaderInfo do |info|
+            info.imsx_version "V1.0"
+            info.imsx_messageIdentifier @message_identifier || IMS::LTI::generate_identifier
+          end
+        end
+        env.imsx_POXBody do |body|
+          body.tag!(@operation + 'Request') do |request|
+            request.resultRecord do |record|
+              record.sourcedGUID do |guid|
+                guid.sourcedId @lis_result_sourcedid
+              end
+              results(record)
+            end
+            submission_details(request)
+          end
+        end
+      end
+    end
+
+    private
+
+    def extention_process_xml(doc)
+    end
+
+    def has_result_data?
+      !!score
+    end
+
+    def has_details_data?
+      false
+    end
+
+    def results(node)
+      return unless has_result_data?
+
+      node.result do |res|
+        result_values(res)
+      end
+    end
+
+    def submission_details(request)
+      return unless has_details_data?
+      request.submissionDetails do |record|
+        details(record)
+      end
+    end
+
+    def details(record)
+    end
+
+    def result_values(node)
+      if score
+        node.resultScore do |res_score|
+          res_score.language "en" # 'en' represents the format of the number
+          res_score.textString score.to_s
+        end
+      end
+    end
+
+    def has_required_attributes?
+      @consumer_key && @consumer_secret && @lis_outcome_service_url && @lis_result_sourcedid && @operation
+    end
+
+    def has_request_xml_attributes?
+      @operation && @lis_result_sourcedid
+    end
+  end
+end

data/lib/ims/lti/outcome_response.rb

@@ -0,0 +1,166 @@
+module IMS::LTI
+  # Class for consuming/generating LTI Outcome Responses
+  #
+  # Response documentation: http://www.imsglobal.org/lti/v1p1pd/ltiIMGv1p1pd.html#_Toc309649691
+  #
+  # Error code documentation: http://www.imsglobal.org/gws/gwsv1p0/imsgws_baseProfv1p0.html#1639667
+  #
+  # This class can be used by both Tool Providers and Tool Consumers. Each will
+  # use it a bit differently. The Tool Provider will use it parse the result of
+  # an OutcomeRequest to the Tool Consumer. A Tool Consumer will use it generate
+  # proper response XML to send back to a Tool Provider
+  #
+  # === Tool Provider Usage
+  # An OutcomeResponse will generally be created when POSTing an OutcomeRequest
+  # through a configured ToolProvider. See the ToolProvider documentation for
+  # typical usage.
+  #
+  # === Tool Consumer Usage
+  # When an outcome request is sent from a Tool Provider the body of the request
+  # is XML. This class parses that XML and provides a simple interface for
+  # accessing the information in the request. Typical usage would be:
+  #
+  #    # create a new response and set the appropriate values
+  #    res = IMS::LTI::OutcomeResponse.new
+  #    res.message_ref_identifier = outcome_request.message_identifier
+  #    res.operation = outcome_request.operation
+  #    res.code_major = 'success'
+  #    res.severity = 'status'
+  #
+  #    # set a description (optional) and other information based on the type of response
+  #    if outcome_request.replace_request?
+  #      res.description = "Your old score of 0 has been replaced with #{outcome_request.score}"
+  #    elsif outcome_request.read_request?
+  #      res.description = "You score is 50"
+  #      res.score = 50
+  #    elsif outcome_request.delete_request?
+  #      res.description = "You score has been cleared"
+  #    else
+  #      res.code_major = 'unsupported'
+  #      res.severity = 'status'
+  #      res.description = "#{outcome_request.operation} is not supported"
+  #    end
+  #
+  #    # the generated xml is returned to the Tool Provider
+  #    res.generate_response_xml
+  #
+  class OutcomeResponse
+    include IMS::LTI::Extensions::Base
+
+    attr_accessor :request_type, :score, :message_identifier, :response_code,
+            :post_response, :code_major, :severity, :description, :operation,
+            :message_ref_identifier
+
+    CODE_MAJOR_CODES = %w{success processing failure unsupported}
+    SEVERITY_CODES = %w{status warning error}
+
+    # Create a new OutcomeResponse
+    #
+    # @param opts [Hash] initialization hash
+    def initialize(opts={})
+      opts.each_pair do |key, val|
+        self.send("#{key}=", val) if self.respond_to?("#{key}=")
+      end
+    end
+
+    # Convenience method for creating a new OutcomeResponse from a response object
+    #
+    #    req = IMS::LTI::OutcomeResponse.from_post_response(response)
+    def self.from_post_response(post_response)
+      response = OutcomeResponse.new
+      response.process_post_response(post_response)
+    end
+
+    def process_post_response(post_response)
+      self.post_response = post_response
+      self.response_code = post_response.code
+      xml = post_response.body
+      self.process_xml(xml)
+      self
+    end
+
+    def success?
+      @code_major == 'success'
+    end
+
+    def processing?
+      @code_major == 'processing'
+    end
+
+    def failure?
+      @code_major == 'failure'
+    end
+
+    def unsupported?
+      @code_major == 'unsupported'
+    end
+
+    def has_warning?
+      @severity == 'warning'
+    end
+
+    def has_error?
+      @severity == 'error'
+    end
+
+    # Parse Outcome Response data from XML
+    def process_xml(xml)
+      begin
+        doc = REXML::Document.new xml
+      rescue => e
+        raise IMS::LTI::XMLParseError, "#{e}\nOriginal xml: '#{xml}'"
+      end
+      @message_identifier = doc.text("//imsx_statusInfo/imsx_messageIdentifier").to_s
+      @code_major = doc.text("//imsx_statusInfo/imsx_codeMajor")
+      @code_major.downcase! if @code_major
+      @severity = doc.text("//imsx_statusInfo/imsx_severity")
+      @severity.downcase! if @severity
+      @description = doc.text("//imsx_statusInfo/imsx_description")
+      @description = @description.to_s if @description
+      @message_ref_identifier = doc.text("//imsx_statusInfo/imsx_messageRefIdentifier")
+      @operation = doc.text("//imsx_statusInfo/imsx_operationRefIdentifier")
+      @score = doc.text("//readResultResponse//resultScore/textString")
+      @score = @score.to_s if @score
+    end
+
+    # Generate XML based on the current configuration
+    # @return [String] The response xml
+    def generate_response_xml
+      builder = Builder::XmlMarkup.new
+      builder.instruct!
+
+      builder.imsx_POXEnvelopeResponse("xmlns" => "http://www.imsglobal.org/services/ltiv1p1/xsd/imsoms_v1p0") do |env|
+        env.imsx_POXHeader do |header|
+          header.imsx_POXResponseHeaderInfo do |info|
+            info.imsx_version "V1.0"
+            info.imsx_messageIdentifier @message_identifier || IMS::LTI::generate_identifier
+            info.imsx_statusInfo do |status|
+              status.imsx_codeMajor @code_major
+              status.imsx_severity @severity
+              status.imsx_description @description
+              status.imsx_messageRefIdentifier @message_ref_identifier
+              status.imsx_operationRefIdentifier @operation
+            end
+          end
+        end #/header
+        env.imsx_POXBody do |body|
+          unless unsupported?
+            if @operation == OutcomeRequest::READ_REQUEST
+              body.tag!(@operation + 'Response') do |request|
+                request.result do |res|
+                  res.resultScore do |res_score|
+                    res_score.language "en" # 'en' represents the format of the number
+                    res_score.textString @score.to_s
+                  end
+                end #/result
+              end
+            else
+              body.tag!(@operation + 'Response')
+            end #/operationResponse
+          end
+        end #/body
+      end
+    end
+
+  end
+end

data/lib/ims/lti/request_validator.rb

@@ -0,0 +1,56 @@
+module IMS::LTI
+  # A mixin for OAuth request validation
+  module RequestValidator
+
+    attr_reader :oauth_signature_validator
+
+    # Validates and OAuth request using the OAuth Gem - https://github.com/oauth/oauth-ruby
+    #
+    # To validate the OAuth signatures you need to require the appropriate
+    # request proxy for your application. For example:
+    #
+    #    # For a sinatra app:
+    #    require 'oauth/request_proxy/rack_request'
+    #
+    #    # For a rails app:
+    #    require 'oauth/request_proxy/action_controller_request'
+    # @return [Bool] Whether the request was valid
+    def valid_request?(request, handle_error=true)
+      begin
+        @oauth_signature_validator = OAuth::Signature.build(request, :consumer_secret => @consumer_secret)
+        @oauth_signature_validator.verify() or raise OAuth::Unauthorized.new(request)
+        true
+      rescue OAuth::Signature::UnknownSignatureMethod
+        if handle_error
+          false
+        else
+          raise $!
+        end
+      rescue OAuth::Unauthorized
+        if handle_error
+          false
+        else
+          raise OAuth::Unauthorized.new(request)
+        end
+      end
+    end
+
+    # Check whether the OAuth-signed request is valid and throw error if not
+    #
+    # @return [Bool] Whether the request was valid
+    def valid_request!(request)
+      valid_request?(request, false)
+    end
+
+    # convenience method for getting the oauth nonce from the request
+    def request_oauth_nonce
+      @oauth_signature_validator && @oauth_signature_validator.request.oauth_nonce
+    end
+
+    # convenience method for getting the oauth timestamp from the request
+    def request_oauth_timestamp
+      @oauth_signature_validator && @oauth_signature_validator.request.oauth_timestamp
+    end
+
+  end
+end

data/lib/ims/lti/role_checks.rb

@@ -0,0 +1,101 @@
+module IMS::LTI
+  # Some convenience methods for the most used roles
+  # Take care when using context_ helpers, as the context of an LTI launch
+  # determines the meaning of that role. For example, if the context is an
+  # institution context instead of a course context, then the short role of
+  # "Instructor" means they are a teacher at the institution, but not necessarily
+  # of the course you're working in.
+  #
+  # Also note that these only check for the base roles. So, asking context_student?
+  # only matches `urn:lti:role:ims/lis/Learner`, not `urn:lti:role:ims/lis/Learner/NonCreditLearner`
+  # If you make use of the more specific roles you'll need to ask specifically for those:
+  # @tool_provider.has_exact_role?("urn:lti:role:ims/lis/Learner/NonCreditLearner")
+  # Or you can use `has_base_role?`
+  module RoleChecks
+
+    # Check whether the Launch Parameters have a given role
+    def has_exact_role?(role)
+      role = role.downcase
+      @roles && @roles.any? { |r| r.downcase == role }
+    end
+
+    # Check whether the Launch Parameters have a given role ignoring
+    # sub roles. So asking:
+    # @tool_provider.has_base_role?("urn:lti:role:ims/lis/Instructor/")
+    # will return true if the role is `urn:lti:role:ims/lis/Instructor/GuestInstructor`
+    def has_base_role?(role)
+      role = role.downcase
+      @roles && @roles.any? { |r| r.downcase.start_with?(role) }
+    end
+
+    # Convenience method for checking if the user is the system administrator of the TC
+    def system_administrator?
+      has_exact_role?('urn:lti:sysrole:ims/lis/SysAdmin') ||
+              has_exact_role?('SysAdmin') ||
+              has_exact_role?('urn:lti:sysrole:ims/lis/Administrator')
+    end
+
+    ### Institution-level roles
+    # Note, these only check if the role is explicitely an institution level role
+    # if the context of the LTI launch is the institution, the short names
+    # will apply, and you should use the context_x? helpers.
+
+    # Convenience method for checking if the user has 'student' or 'learner' roles at the institution
+    def institution_student?
+      has_exact_role?('urn:lti:instrole:ims/lis/Student') || has_exact_role?('urn:lti:instrole:ims/lis/Learner')
+    end
+
+    # Convenience method for checking if the user has 'Instructor' role at the institution
+    def institution_instructor?
+      has_exact_role?('urn:lti:instrole:ims/lis/Instructor')
+    end
+
+    # Convenience method for checking if the user has 'Administrator' role at the institution
+    def institution_admin?
+      has_exact_role?('urn:lti:instrole:ims/lis/Administrator')
+    end
+
+
+    ### Context-level roles
+    # Note, the most common LTI context is a course, but that is not always the
+    # case. You should be aware of the context when using these helpers.
+    # The difference for the context_ helpers is that they check for the
+    # short version of the roles. So `Learner` and `urn:lti:role:ims/lis/Learner`
+    # are both valid.
+
+    # Convenience method for checking if the user has 'learner' role in the current launch context
+    def context_student?
+      has_exact_role?('Learner') || has_exact_role?('urn:lti:role:ims/lis/Learner')
+    end
+
+    # Convenience method for checking if the user has 'instructor' role in the current launch context
+    def context_instructor?
+      has_exact_role?('instructor') || has_exact_role?('urn:lti:role:ims/lis/Instructor')
+    end
+
+    # Convenience method for checking if the user has 'contentdeveloper' role in the current launch context
+    def context_content_developer?
+      has_exact_role?('ContentDeveloper') || has_exact_role?('urn:lti:role:ims/lis/ContentDeveloper')
+    end
+
+    # Convenience method for checking if the user has 'Mentor' role in the current launch context
+    def context_mentor?
+      has_exact_role?('Mentor') || has_exact_role?('urn:lti:role:ims/lis/Mentor')
+    end
+
+    # Convenience method for checking if the user has 'administrator' role in the current launch context
+    def context_admin?
+      has_exact_role?('Administrator') || has_exact_role?('urn:lti:role:ims/lis/Administrator')
+    end
+
+    # Convenience method for checking if the user has 'TeachingAssistant' role in the current launch context
+    def context_ta?
+      has_exact_role?('TeachingAssistant') || has_exact_role?('urn:lti:role:ims/lis/TeachingAssistant')
+    end
+
+    # Convenience method for checking if the user has 'Observer' role in the current launch context
+    def context_observer?
+      has_exact_role?('Observer') || has_exact_role?('urn:lti:instrole:ims/lis/Observer')
+    end
+  end
+end