qalam_oauth_engine 3.0.0 → 3.0.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c279d51629e80dacd77e7c365883cf2ffb44ea9fd77dec8effd0488c9ef91f8e
-  data.tar.gz: 6e70cf4d4b5c336df62942203e1c813218bf65b035b9ebf3a692cbf781cfaa7b
+  metadata.gz: e153aaa7541aee767fe47cb0824831482a12f392f1bd87803ee4ad4703e7d30f
+  data.tar.gz: '0494829ca2a3a9d94c7ddee7ca5b853de2df985e74e1d3f142f1d805578826ad'
 SHA512:
-  metadata.gz: 57ee1b2f2d570024c32e4f0c215e55e461ce7b1f3975b645570f3b7771f31f409c79bd72cd0f2394f2ba2840716c3bad59516ae606d565edc4e10af84b8abb32
-  data.tar.gz: d40987744306c6069faf0efeec603f88847be0de290c91dcf43bdc3d44f2ad8e9de03bf696bb6a2a525e672865c0543eb7a86d5e5efe288314e4f58fd5dcf6cd
+  metadata.gz: 2bca130d4a82b30db36ebb3fb1a6208db2b7cc6350cd97e8c1a9e9ada3498e0d3f431f2c4f626db35bfeb03e540e27a1b9e5543487380da2b9b73783b4b6d0cc
+  data.tar.gz: 91a7d377612aa1e3d5036e730348224c7c0d0f60f0aa1635d4c4f1f6f6d7d847f6c9f40430bb3538d4e6cb8638893d2b6ccf0f631aebdcd6768953cb1ab293df

data/app/controllers/canvas_oauth/canvas_controller.rb

@@ -5,8 +5,9 @@ module CanvasOauth
     def oauth
       if verify_oauth2_state(params[:state]) && params[:code]
         if token = canvas.get_access_token(params[:code])
+          set_root_account
           refresh_token = canvas.refresh_token
-          if CanvasOauth::Authorization.cache_token(token, refresh_token, user_id, tool_consumer_instance_guid)
+          if CanvasOauth::Authorization.cache_token(token, refresh_token, user_id, @root_account_id, tool_consumer_instance_guid)
             redirect_to main_app.root_path
           else
             render plain: "Error: unable to save token"
@@ -23,4 +24,12 @@ module CanvasOauth
       callback_state.present? && callback_state == session.delete(:oauth2_state)
     end
   end
-end
+
+  def set_root_account
+    if current_account_id
+      @root_account_id = canvas.root_account_id(current_account_id)
+    elsif current_course_id
+      @root_account_id = canvas.course_root_account_id(current_course_id)
+    end
+  end
+end

data/app/models/canvas_lti_key.rb

@@ -0,0 +1,4 @@
+class CanvasLtiKey < ApplicationRecord
+    validates :canvas_url, :secret, presence: true
+    validates :key, presence: true, :uniqueness => {:scope=>:canvas_url}
+end

data/app/models/canvas_oauth/authorization.rb

@@ -2,16 +2,25 @@ module CanvasOauth
   class Authorization < ActiveRecord::Base
     validates :canvas_user_id, :token, :refresh_token, :last_used_at, presence: true
 
-    def self.cache_token(token, refresh_token, user_id, tool_consumer_instance_guid)
+    def self.cache_token(token, refresh_token, user_id, account_id, tool_consumer_instance_guid)
       create do |t|
         t.token = token
         t.refresh_token = refresh_token
         t.canvas_user_id = user_id
+        t.canvas_root_account_id = account_id
         t.tool_consumer_instance_guid = tool_consumer_instance_guid
         t.last_used_at = Time.now
       end
     end
 
+    def self.fetch_account(user_id, tool_consumer_instance_guid)
+      user_accounts = where(canvas_user_id: user_id, tool_consumer_instance_guid: tool_consumer_instance_guid).order("created_at DESC")
+      if canvas_auth = user_accounts.first
+        canvas_auth.update_attribute(:last_used_at, Time.now)
+        return canvas_auth.canvas_root_account_id
+      end
+    end
+
     def self.fetch_token(user_id, tool_consumer_instance_guid)
       user_tokens = where(canvas_user_id: user_id, tool_consumer_instance_guid: tool_consumer_instance_guid).order("created_at DESC")
       if canvas_auth = user_tokens.first

data/db/migrate/20121121005358_create_canvas_oauth_authorizations.rb

@@ -2,6 +2,7 @@ class CreateCanvasOauthAuthorizations < ActiveRecord::Migration[4.2]
   def change
     create_table "canvas_oauth_authorizations", :force => true do |t|
       t.integer  "canvas_user_id", :limit => 8
+      t.integer  "canvas_root_account_id", :limit => 8
       t.string   "tool_consumer_instance_guid", :null => false
       t.string   "token"
       t.string   "refresh_token"

data/db/migrate/20210809092919_create_canvas_lti_keys.rb

@@ -0,0 +1,11 @@
+class CreateCanvasLtiKeys < ActiveRecord::Migration[6.0]
+  def change
+    create_table :canvas_lti_keys do |t|
+      t.string :key
+      t.string :secret
+      t.string :canvas_url
+
+      t.timestamps
+    end
+  end
+end

data/lib/canvas_oauth/canvas_api.rb

@@ -6,19 +6,21 @@ module CanvasOauth
     attr_accessor :token, :refresh_token, :key, :secret
     attr_reader :canvas_url, :canvas_user_id
 
-    def initialize(canvas_url, canvas_user_id, token, refresh_token, key, secret)
+    def initialize(canvas_url, canvas_user_id, canvas_root_account_id, token, refresh_token, key, secret)
       unless [key, secret].all?(&:present?)
-        raise "Invalid Canvas oAuth configuration"
+        raise "Invalid Qalam oAuth configuration"
       end
       
       self.refresh_token = refresh_token
       self.canvas_url = canvas_url
       self.canvas_user_id = canvas_user_id
+      self.canvas_root_account_id = canvas_root_account_id
       self.token = token
       self.key = key
       self.secret = secret
     end
 
+    ### START AUTH ###
     def authenticated_request(method, *params)
       params << {} if params.size == 1
 
@@ -53,6 +55,55 @@ module CanvasOauth
       end
     end
 
+    def auth_url(redirect_uri, oauth2_state)
+      "#{canvas_url}/login/oauth2/auth?client_id=#{key}&response_type=code&state=#{oauth2_state}&redirect_uri=#{redirect_uri}"
+    end
+    
+    def qalam_auth_url(qalam_url, redirect_uri, oauth2_state)
+      "#{qalam_url}/login/oauth2/auth?client_id=#{key}&response_type=code&state=#{oauth2_state}&redirect_uri=#{redirect_uri}"
+    end
+
+    def get_access_token(code)
+      params = {
+        body: {
+          client_id: key,
+          client_secret: secret,
+          code: code
+        }
+      }
+      
+      response = self.class.post '/login/oauth2/token', params
+      self.refresh_token = response['refresh_token']
+      self.token = response['access_token']
+    end
+    
+    def get_access_token_by_refresh_token
+      params = {
+        body: {
+          grant_type: 'refresh_token',
+          client_id: key,
+          client_secret: secret,
+          refresh_token: refresh_token
+        }
+      }
+      
+      response = self.class.post '/login/oauth2/token', params
+      self.token = response['access_token']
+      CanvasOauth::Authorization.update_token(refresh_token, token)
+    end
+    
+    def authenticated_get(*params)
+      authenticated_request(:get, *params)
+    end
+    
+    def authenticated_post(*params)
+      authenticated_request(:post, *params)
+    end
+    
+    def authenticated_put(*params)
+      authenticated_request(:put, *params)
+    end
+
     def paginated_get(url, params = {})
       params[:query] ||= {}
       params[:query][:per_page] = PER_PAGE
@@ -69,34 +120,29 @@ module CanvasOauth
 
       all_pages
     end
-
-    def get_report(account_id, report_type, params)
-      report = authenticated_post("/api/v1/accounts/#{account_id}/reports/#{report_type}", { body: params })
-      report = authenticated_get "/api/v1/accounts/#{account_id}/reports/#{report_type}/#{report['id']}"
-      while (report['status'] == 'created' || report['status'] == 'running')
-        sleep(4)
-        report = authenticated_get "/api/v1/accounts/#{account_id}/reports/#{report_type}/#{report['id']}"
-      end
-
-      if report['status'] == 'complete'
-        file_id = report['file_url'].match(/files\/([0-9]+)\/download/)[1]
-        file = get_file(file_id)
-        return hash_csv(self.class.get(file['url'], limit: 15, parser: DefaultUTF8Parser).parsed_response)
-      else
-        return report
-      end
+    ### END AUTH ###
+    
+    ### HELPER METHODS ###
+    def canvas_url=(value)
+      @canvas_url = value
+      self.class.base_uri(value)
     end
-
-    def valid_page?(page)
-      page && page.size > 0
+    
+    def canvas_user_id=(value)
+      @canvas_user_id = value
     end
 
-    def get_file(file_id)
-      authenticated_get "/api/v1/files/#{file_id}"
+    def canvas_root_account_id=(value)
+      @canvas_root_account_id = value
+    end
+    
+    def hex_sis_id(name, value)
+      hex = value.unpack("H*")[0]
+      return "hex:#{name}:#{hex}"
     end
 
-    def get_accounts_provisioning_report(account_id)
-      get_report(account_id, :provisioning_csv, 'parameters[accounts]' => true)
+    def valid_page?(page)
+      page && page.size > 0
     end
 
     #Needs to be refactored to somewhere more generic
@@ -117,17 +163,61 @@ module CanvasOauth
 
       return output
     end
+    ### END HELPER METHODS ###
+
+    ### CANVAS API ###
+      # get_report
+      # get_file
+      # get_accounts_provisioning_report
+      # get_courses
+      # get_account
+      # get_account_sub_accounts
+      # get_account_courses
+      # get_account_users
+      # get_course
+      # get_section_enrollments
+      # get_user_enrollments
+      # get_course_users
+      # get_all_course_users
+      # get_course_teachers_and_tas
+      # get_course_students
+      # get_course_active_students
+      # get_section
+      # get_sections
+      # get_assignments
+      # get_assignment
+      # get_user_profile
+      # create_assignment
+      # update_assignment
+      # grade_assignment
+      # get_submission
+      # course_account_id
+      # root_account_id
+      # course_root_account_id
+    
+    def get_report(account_id, report_type, params)
+      report = authenticated_post("/api/v1/accounts/#{account_id}/reports/#{report_type}", { body: params })
+      report = authenticated_get "/api/v1/accounts/#{account_id}/reports/#{report_type}/#{report['id']}"
+      while (report['status'] == 'created' || report['status'] == 'running')
+        sleep(4)
+        report = authenticated_get "/api/v1/accounts/#{account_id}/reports/#{report_type}/#{report['id']}"
+      end
 
-    def authenticated_get(*params)
-      authenticated_request(:get, *params)
+      if report['status'] == 'complete'
+        file_id = report['file_url'].match(/files\/([0-9]+)\/download/)[1]
+        file = get_file(file_id)
+        return hash_csv(self.class.get(file['url'], limit: 15, parser: DefaultUTF8Parser).parsed_response)
+      else
+        return report
+      end
     end
 
-    def authenticated_post(*params)
-      authenticated_request(:post, *params)
+    def get_file(file_id)
+      authenticated_get "/api/v1/files/#{file_id}"
     end
 
-    def authenticated_put(*params)
-      authenticated_request(:put, *params)
+    def get_accounts_provisioning_report(account_id)
+      get_report(account_id, :provisioning_csv, 'parameters[accounts]' => true)
     end
 
     def get_courses
@@ -146,7 +236,7 @@ module CanvasOauth
       paginated_get "/api/v1/accounts/#{account_id}/courses"
     end
 
-    def get_account_courses(account_id)
+    def get_account_users(account_id)
       paginated_get "/api/v1/accounts/#{account_id}/users"
     end
 
@@ -234,59 +324,17 @@ module CanvasOauth
     def course_root_account_id(course_id)
       root_account_id(course_account_id(course_id))
     end
+    ### END CANVAS API ###
 
-    def auth_url(redirect_uri, oauth2_state)
-      "#{canvas_url}/login/oauth2/auth?client_id=#{key}&response_type=code&state=#{oauth2_state}&redirect_uri=#{redirect_uri}"
-    end
-
-    def qalam_auth_url(qalam_url, redirect_uri, oauth2_state)
-      "#{qalam_url}/login/oauth2/auth?client_id=#{key}&response_type=code&state=#{oauth2_state}&redirect_uri=#{redirect_uri}"
-    end
-
-    def get_access_token(code)
-      params = {
-        body: {
-          client_id: key,
-          client_secret: secret,
-          code: code
-        }
-      }
-
-      response = self.class.post '/login/oauth2/token', params
-      self.refresh_token = response['refresh_token']
-      self.token = response['access_token']
-    end
-
-    def get_access_token_by_refresh_token
-      params = {
-        body: {
-          grant_type: 'refresh_token',
-          client_id: key,
-          client_secret: secret,
-          refresh_token: refresh_token
-        }
-      }
+    ### QALAM API ENDPOINTS ###
+      # get_canvas_user_profile
+      # get_course_active_pages
+      # course_external_tool_update
+      # account_external_tool_update
+      # get_school_details
+      # get_grade_students
+      # get_classroom_students
 
-      response = self.class.post '/login/oauth2/token', params
-      self.token = response['access_token']
-      CanvasOauth::Authorization.update_token(refresh_token, token)
-    end
-
-    def hex_sis_id(name, value)
-      hex = value.unpack("H*")[0]
-      return "hex:#{name}:#{hex}"
-    end
-
-    def canvas_url=(value)
-      @canvas_url = value
-      self.class.base_uri(value)
-    end
-
-    def canvas_user_id=(value)
-      @canvas_user_id = value
-    end
-
-    ### QALAM ###
     def get_canvas_user_profile
       authenticated_get "/api/v1/users/#{canvas_user_id}/profile"
     end
@@ -313,21 +361,14 @@ module CanvasOauth
       authenticated_get "/api/v1/accounts/#{account_id}/school_details"
     end
 
-    def get_school_account(account_id)
-      authenticated_get "/api/v1/accounts/#{account_id}/school_account"
-    end
-
-    def get_school_account_by_course(course_id)
-      authenticated_get "/api/v1/courses/#{course_id}/school_account"
-    end
-
-    def get_students_by_grade(account_id, grade_id)
-      paginated_get "/api/v1/accounts/#{account_id}/students_by_grade/#{grade_id}"
+    def get_grade_students(account_id, grade_id)
+      paginated_get "/api/v1/accounts/#{account_id}/grade_students/#{grade_id}"
     end
 
-    def get_students_by_class(account_id, class_id)
-      paginated_get "/api/v1/accounts/#{account_id}/students_by_class_room/#{class_id}"
+    def get_classroom_students(account_id, class_id)
+      paginated_get "/api/v1/accounts/#{account_id}/classroom_students/#{class_id}"
     end
+    ### END QALAM API ###
   end
 
   class CanvasApi::Unauthorized < StandardError ; end

data/lib/canvas_oauth/canvas_api_extensions.rb

@@ -1,9 +1,12 @@
 module CanvasOauth
   class CanvasApiExtensions
     def self.build(canvas_url, user_id, tool_consumer_instance_guid)
-      refresh_token = CanvasOauth::Authorization.fetch_refresh_token(user_id, tool_consumer_instance_guid)
+      account_id = CanvasOauth::Authorization.fetch_ccount(user_id, tool_consumer_instance_guid)
       token = CanvasOauth::Authorization.fetch_token(user_id, tool_consumer_instance_guid)
-      CanvasApi.new(canvas_url, user_id, token, refresh_token, CanvasConfig.key, CanvasConfig.secret)
+      refresh_token = CanvasOauth::Authorization.fetch_refresh_token(user_id, tool_consumer_instance_guid)
+      canvas_key = ((CanvasLtiKey.table_exists? && CanvasLtiKey.find_by(canvas_url: canvas_url)&.key) or CanvasConfig.key)
+      canvas_secret = ((CanvasLtiKey.table_exists? && CanvasLtiKey.find_by(key: canvas_key, canvas_url: canvas_url)&.secret) or CanvasConfig.secret)
+      CanvasApi.new(canvas_url, user_id, account_id, token, refresh_token, canvas_key, canvas_secret)
     end
   end
 end

data/lib/canvas_oauth/canvas_config.rb

@@ -13,21 +13,16 @@ module CanvasOauth
 
     def self.setup!
       if File.exists?(config_file)
-        Rails.logger.info "Initializing Canvas using configuration in #{config_file}"
+        Rails.logger.info "Initializing Qalam using configuration in #{config_file}"
         config = load_config
         self.key = config['key']
         self.secret = config['secret']
-
-        Rails.logger.info "\n> Initializing Key #{config['key']} - Secret #{config['secret']}\n".green
-
       elsif ENV['CANVAS_KEY'].present? && ENV['CANVAS_SECRET'].present?
-        Rails.logger.info "Initializing Canvas using environment vars CANVAS_KEY and CANVAS_SECRET"
+        Rails.logger.info "Initializing Qalam using environment vars CANVAS_KEY and CANVAS_SECRET"
         self.key = ENV['CANVAS_KEY']
         self.secret = ENV['CANVAS_SECRET']
-
-        Rails.logger.info "\n> Initializing Key #{ENV['CANVAS_KEY']} - Secret #{ENV['CANVAS_SECRET']}\n".green
       else
-        warn "Warning: Canvas key and secret not configured (RAILS_ENV = #{ENV['RAILS_ENV']})."
+        warn "Warning: Qalam key and secret not configured (RAILS_ENV = #{ENV['RAILS_ENV']})."
       end
     end
   end

data/lib/canvas_oauth/version.rb

@@ -1,3 +1,3 @@
 module CanvasOauth
-  VERSION = "3.0.0"
+  VERSION = "3.0.4"
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: qalam_oauth_engine
 version: !ruby/object:Gem::Version
-  version: 3.0.0
+  version: 3.0.4
 platform: ruby
 authors:
 - Dave Donahue
@@ -11,7 +11,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2021-04-21 00:00:00.000000000 Z
+date: 2021-08-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: httparty
@@ -50,7 +50,7 @@ dependencies:
         version: '4.2'
     - - "<"
       - !ruby/object:Gem::Version
-        version: '5.3'
+        version: '6.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -60,7 +60,7 @@ dependencies:
         version: '4.2'
     - - "<"
       - !ruby/object:Gem::Version
-        version: '5.3'
+        version: '6.1'
 - !ruby/object:Gem::Dependency
   name: byebug
   requirement: !ruby/object:Gem::Requirement
@@ -257,10 +257,12 @@ files:
 - Rakefile
 - app/controllers/canvas_oauth/canvas_controller.rb
 - app/controllers/canvas_oauth/oauth_application_controller.rb
+- app/models/canvas_lti_key.rb
 - app/models/canvas_oauth/authorization.rb
 - config/canvas.yml.example
 - config/routes.rb
 - db/migrate/20121121005358_create_canvas_oauth_authorizations.rb
+- db/migrate/20210809092919_create_canvas_lti_keys.rb
 - lib/canvas_oauth.rb
 - lib/canvas_oauth/canvas_api.rb
 - lib/canvas_oauth/canvas_api_extensions.rb
@@ -330,7 +332,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.2.3
+rubygems_version: 3.2.22
 signing_key: 
 specification_version: 4
 summary: CanvasOauth is a mountable engine for handling the oauth workflow with canvas