rack-lti 0.1.1 → 0.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.travis.yml +0 -1
- data/README.md +10 -3
- data/lib/rack/lti/config.rb +4 -1
- data/lib/rack/lti/middleware.rb +12 -8
- data/lib/rack/lti/version.rb +1 -1
- data/test/config_test.rb +1 -0
- data/test/middleware_test.rb +21 -3
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 83539ad4c6309fda9eb0176e963e8386b8ca968f
|
4
|
+
data.tar.gz: 90a44a26537982e6d47607d9009996b07ffd99cd
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 4c61ce0e39167d3006606c68cac6bbe302b01d110a0c06c0504c521e47fe32aca73e65c3cae8e9436beda00c0c0a05a165db3d78622936f5c9cdbc2538d26b18
|
7
|
+
data.tar.gz: 4e154407ce03c67880fcdaaa2eef0ac6767f4c747bb8a450550b2399553eefe5f80eac6f969e262382fbd3c89148051258669a336f3c9fe1cdd9598095577005
|
data/.travis.yml
CHANGED
data/README.md
CHANGED
@@ -43,7 +43,9 @@ class Application < Rails::Application
|
|
43
43
|
request.session['launch_params'] = lti_params
|
44
44
|
response.headers['X-Custom-Header'] = 'value'
|
45
45
|
},
|
46
|
+
|
46
47
|
time_limit: 60*60,
|
48
|
+
future_time_limit: 60,
|
47
49
|
|
48
50
|
extensions: {
|
49
51
|
'canvas.instructure.com' => {
|
@@ -83,7 +85,9 @@ class Application < Sinatra::Base
|
|
83
85
|
request.session['launch_params'] = lti_params
|
84
86
|
response.headers['X-Custom-Header'] = 'value'
|
85
87
|
},
|
88
|
+
|
86
89
|
time_limit: 60*60,
|
90
|
+
future_time_limit: 60
|
87
91
|
|
88
92
|
extensions: {
|
89
93
|
'canvas.instructure.com' => {
|
@@ -119,13 +123,16 @@ values are:
|
|
119
123
|
* `launch_path` The path to receive LTI launch requests at. Defaults to
|
120
124
|
'/lti/launch'.
|
121
125
|
* `redirect` If true, redirect to the `app_path`. If false, pass the launch
|
122
|
-
request through to the application. If false, app_path is not used.
|
126
|
+
request through to the application. If false, app_path is not used. Defaults
|
127
|
+
to true.
|
123
128
|
* `title` The title of your LTI application.
|
124
129
|
* `description` The description of your LTI application.
|
125
130
|
* `nonce_validator` A lambda used to validate the current request's nonce.
|
126
131
|
It is passed the nonce to verify. If not provided, all nonces are allowed.
|
127
|
-
* `time_limit` The time limit, in seconds, to consider requests
|
128
|
-
If not passed, the default is 3600 seconds (one hour).
|
132
|
+
* `time_limit` The past time limit, inclusive and in seconds, to consider requests
|
133
|
+
valid within. If not passed, the default is 3600 seconds (one hour).
|
134
|
+
* `future_time_limit` The future time limit, inclusive and in seconds, to consider
|
135
|
+
requests valid within. If not passed, all future timestamps are accepted as valid.
|
129
136
|
* `success` A lambda called on successful launch. It is passed the launch
|
130
137
|
params as a hash, the Rack Request, and the Rack Response. Can be used to
|
131
138
|
cache params for the current user, find the current user, etc. By default,
|
data/lib/rack/lti/config.rb
CHANGED
@@ -13,6 +13,7 @@ module Rack::LTI
|
|
13
13
|
req.session['launch_params'] = lti if req.env['rack.session']
|
14
14
|
},
|
15
15
|
time_limit: 60*60,
|
16
|
+
future_time_limit: nil,
|
16
17
|
title: 'LTI App'
|
17
18
|
}
|
18
19
|
|
@@ -24,7 +25,9 @@ module Rack::LTI
|
|
24
25
|
[:consumer_key, :consumer_secret, :nonce_validator].each do |method|
|
25
26
|
define_method(method) do |*args|
|
26
27
|
if self[method].respond_to?(:call)
|
27
|
-
|
28
|
+
# Only pass the arguments supported by this lambda
|
29
|
+
supported_args = args.take(self[method].parameters.length)
|
30
|
+
self[method].call(*supported_args)
|
28
31
|
else
|
29
32
|
self[method]
|
30
33
|
end
|
data/lib/rack/lti/middleware.rb
CHANGED
@@ -7,7 +7,7 @@ module Rack::LTI
|
|
7
7
|
attr_reader :app, :config
|
8
8
|
|
9
9
|
def initialize(app, options = {}, &block)
|
10
|
-
@app = app
|
10
|
+
@app = app
|
11
11
|
@config = Config.new(options, &block)
|
12
12
|
end
|
13
13
|
|
@@ -38,8 +38,8 @@ module Rack::LTI
|
|
38
38
|
end
|
39
39
|
|
40
40
|
def launch_action(request, env)
|
41
|
-
provider = IMS::LTI::ToolProvider.new(@config.consumer_key(*request.params.values_at('oauth_consumer_key', 'tool_consumer_instance_guid')),
|
42
|
-
@config.consumer_secret(*request.params.values_at('oauth_consumer_key', 'tool_consumer_instance_guid')),
|
41
|
+
provider = IMS::LTI::ToolProvider.new(@config.consumer_key(*request.params.values_at('oauth_consumer_key', 'tool_consumer_instance_guid'), request),
|
42
|
+
@config.consumer_secret(*request.params.values_at('oauth_consumer_key', 'tool_consumer_instance_guid'), request),
|
43
43
|
request.params)
|
44
44
|
|
45
45
|
if valid?(provider, request)
|
@@ -77,11 +77,15 @@ module Rack::LTI
|
|
77
77
|
end
|
78
78
|
|
79
79
|
def valid_timestamp?(timestamp)
|
80
|
-
|
81
|
-
|
82
|
-
|
83
|
-
|
84
|
-
|
80
|
+
now = Time.now.to_i
|
81
|
+
|
82
|
+
# timestamp too far into the past?
|
83
|
+
return false if (past = config.time_limit) && (now - past > timestamp)
|
84
|
+
|
85
|
+
# timestamp too far into the future?
|
86
|
+
return false if (future = config.future_time_limit) && (now + future < timestamp)
|
87
|
+
|
88
|
+
true
|
85
89
|
end
|
86
90
|
end
|
87
91
|
end
|
data/lib/rack/lti/version.rb
CHANGED
data/test/config_test.rb
CHANGED
@@ -32,6 +32,7 @@ class ConfigTest < Minitest::Test
|
|
32
32
|
assert_equal '/lti/launch', @config.launch_path
|
33
33
|
assert_equal true, @config.nonce_validator
|
34
34
|
assert_equal 3600, @config.time_limit
|
35
|
+
assert_equal nil, @config.future_time_limit
|
35
36
|
assert_equal 'LTI App', @config.title
|
36
37
|
assert_equal true, @config.redirect
|
37
38
|
assert_instance_of Proc, @config.success
|
data/test/middleware_test.rb
CHANGED
@@ -27,7 +27,7 @@ class MiddlewareTest < Minitest::Test
|
|
27
27
|
def test_routes_returns_the_recognized_routes
|
28
28
|
known_routes = { @lti_app.config.config_path => :config_action,
|
29
29
|
@lti_app.config.launch_path => :launch_action }
|
30
|
-
assert_equal known_routes, @lti_app.routes
|
30
|
+
assert_equal known_routes, @lti_app.routes
|
31
31
|
end
|
32
32
|
|
33
33
|
def test_call_returns_a_valid_rack_response
|
@@ -81,10 +81,28 @@ class MiddlewareTest < Minitest::Test
|
|
81
81
|
def test_call_returns_403_on_expired_timestamp
|
82
82
|
@lti_app.config.nonce_validator = true
|
83
83
|
@lti_app.config.time_limit = 30
|
84
|
+
timestamp = (Time.now - 60*60).to_i
|
84
85
|
|
85
86
|
@lti_app.stub(:valid_request?, true) do
|
86
|
-
env
|
87
|
-
|
87
|
+
env = Rack::MockRequest.env_for(
|
88
|
+
'/lti/launch',
|
89
|
+
params: { oauth_timestamp: timestamp }
|
90
|
+
)
|
91
|
+
response = @lti_app.call(env)
|
92
|
+
assert_equal 403, response[0]
|
93
|
+
end
|
94
|
+
end
|
95
|
+
|
96
|
+
def test_call_returns_403_on_future_timestamp
|
97
|
+
@lti_app.config.nonce_validator = true
|
98
|
+
@lti_app.config.future_time_limit = 30
|
99
|
+
timestamp = (Time.now + 60*60).to_i
|
100
|
+
|
101
|
+
@lti_app.stub(:valid_request?, true) do
|
102
|
+
env = Rack::MockRequest.env_for(
|
103
|
+
'/lti/launch',
|
104
|
+
params: { oauth_timestamp: timestamp }
|
105
|
+
)
|
88
106
|
response = @lti_app.call(env)
|
89
107
|
assert_equal 403, response[0]
|
90
108
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rack-lti
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.2.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Zach Pendleton
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2018-03-15 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|
@@ -127,7 +127,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
127
127
|
version: '0'
|
128
128
|
requirements: []
|
129
129
|
rubyforge_project:
|
130
|
-
rubygems_version: 2.
|
130
|
+
rubygems_version: 2.6.14
|
131
131
|
signing_key:
|
132
132
|
specification_version: 4
|
133
133
|
summary: Middleware for handling LTI launches inside your Rack app.
|