strongmind-auth 1.1.118 → 1.1.124

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 54012245095295e150196fc80e2ad10c7a302b2ccf90481b0f9d29045891ad79
-  data.tar.gz: 9c960c366e9d77d1dd0f7bc1ec65bb7a5033a64708a9ee9bf20416289d7570c0
+  metadata.gz: '048a0f120c80b6cf5fd9434d55faac903ee8b5b77f086f96c125b464d7eb5c10'
+  data.tar.gz: 68ae3c3300beba2fc9f5a3734a1c42fc3924dbbf20289069bddd16cf4b8c4739
 SHA512:
-  metadata.gz: 0a48379813bce8d02c83994b36cb3e3c797f23a40ccbf873b5a02f12de69b120ba895381c39694340a795093dae9e2d7fd4379bc12edc2a460227e34851b5028
-  data.tar.gz: '085d8271e0aac7b174bf8f97fca85bc6657bc05841d9e4da3811805d2400ce752e2365a98fb0c64275f32377faedaa6e45aaff9d6479c7e7af312a11fd9099e8'
+  metadata.gz: a964d1571ff5c9ff1ea898439d5e76f704bf279879cf176f90e6ff3de363509cbd8e4e6bfd409071242b608707c6174ea8fa2c79308595f294adf5611f7fb6d4
+  data.tar.gz: a040a080edcac1cc3d9cd9acc591f720fa61ac7e22fd2128c5356244ef4264b600cb99bc4bcd9f6ef82ea16f24f70914db023e323da53090c5c503114c27c550

data/app/controllers/concerns/lti_session_authable.rb

@@ -0,0 +1,111 @@
+# frozen_string_literal: true
+
+module LtiSessionAuthable
+  extend ActiveSupport::Concern
+
+  SESSION_HEADER_NAME = 'HTTP_LTI_SESSION_ID'
+  UNAUTHORIZED_MESSAGE = 'Session not found. Please refresh the page.'
+
+  def initialize_lti_session
+    @lti_session_id = SecureRandom.uuid
+    initialize_lti_parameters
+  end
+
+  def initialize_lti_parameters
+    @lti_context_id = fetch_param('context_id')
+    @lti_context_title = fetch_param('context_title')
+    @lti_resource_link_title = fetch_param('resource_link_title')
+    @lti_consumer_key = fetch_param('oauth_consumer_key')
+    @lti_user_email = fetch_param('lis_person_contact_email_primary')
+    @lti_custom_canvas_api_domain = fetch_param('custom_canvas_api_domain')
+    @lti_custom_canvas_course_id = fetch_param('custom_canvas_course_id')
+    @lti_custom_canvas_user_id = fetch_param('custom_canvas_user_id')
+    @lis_person_name_given = fetch_param('lis_person_name_given')
+    @lis_person_name_family = fetch_param('lis_person_name_family')
+    @user_ext_roles = fetch_param('ext_roles')
+  end
+
+  def fetch_param(key)
+    request.parameters[key]
+  end
+
+  def write_session_to_cache
+    Rails.cache.write(@lti_session_id, {
+      record_id: @lti_session_id,
+      context_id: @lti_context_id,
+      context_title: @lti_context_title,
+      resource_link_title: @lti_resource_link_title,
+      consumer_key: @lti_consumer_key,
+      user_email: @lti_user_email,
+      custom_canvas_api_domain: @lti_custom_canvas_api_domain,
+      custom_canvas_course_id: @lti_custom_canvas_course_id,
+      custom_canvas_user_id: @lti_custom_canvas_user_id,
+      user_first_name: @lis_person_name_given,
+      user_last_name: @lis_person_name_family,
+      user_ext_roles: @user_ext_roles
+    }, expires_in: 12.hours)
+  end
+
+  def lti_session_id
+    request.headers[SESSION_HEADER_NAME] || params[:lti_session_id]
+  end
+
+  def validate_session
+    @lti_session_id = lti_session_id
+    unauthorized_response and return unless @lti_session_id.present?
+
+    @lti_session = Rails.cache.read(@lti_session_id)
+
+    handle_existing_session
+    rotate_session_if_needed
+    unauthorized_response if @lti_session.nil?
+  end
+
+  def handle_existing_session
+    read_session unless @lti_session.nil?
+  end
+
+  def unauthorized_response
+    render plain: UNAUTHORIZED_MESSAGE, status: :unauthorized
+  end
+
+  def rotate_session_if_needed
+    return if params[:dont_rotate_session]
+    return if request.method == 'POST'
+
+    @old_session_id = @lti_session_id
+    @lti_session_id = SecureRandom.uuid
+  end
+
+  def read_session
+    @lti_context_id = @lti_session[:context_id]
+    @lti_context_title = @lti_session[:context_title]
+    @lti_resource_link_title = @lti_session[:resource_link_title]
+    @lti_consumer_key = @lti_session[:consumer_key]
+    @lti_custom_canvas_api_domain = @lti_session[:custom_canvas_api_domain]
+    @lti_custom_canvas_course_id = @lti_session[:custom_canvas_course_id]
+    @lti_custom_canvas_user_id = @lti_session[:custom_canvas_user_id]
+    @lti_user_email = @lti_session[:user_email]
+    @lis_person_name_given = @lti_session[:user_first_name]
+    @lis_person_name_family = @lti_session[:user_last_name]
+    @user_ext_roles = @lti_session[:user_ext_roles]
+  end
+
+  def rotate_session_id
+    return unless @old_session_id
+
+    write_session_to_cache
+    Rails.cache.delete(@old_session_id)
+  end
+
+  def lti_launch_validator
+    @lti_launch_validator ||= LtiLaunchValidator.new(request)
+  end
+
+  def validate_lti_launch
+    raise RequestNotFoundError unless request.is_a? ActionDispatch::Request
+
+    head(:unauthorized) unless lti_launch_validator.is_valid?
+  end
+end
+

data/lib/strongmind/auth/version.rb

@@ -1,5 +1,5 @@
 module Strongmind
   module Auth
-    VERSION = "1.1.118"
+    VERSION = "1.1.124"
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: strongmind-auth
 version: !ruby/object:Gem::Version
-  version: 1.1.118
+  version: 1.1.124
 platform: ruby
 authors:
 - Team Belding
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-11-11 00:00:00.000000000 Z
+date: 2024-12-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rails
@@ -106,6 +106,7 @@ files:
 - app/assets/config/strongmind_auth_manifest.js
 - app/assets/stylesheets/strongmind/auth/application.css
 - app/controllers/concerns/jwt_utilities.rb
+- app/controllers/concerns/lti_session_authable.rb
 - app/controllers/concerns/strong_mind_nav.rb
 - app/controllers/logins_controller.rb
 - app/controllers/users/omniauth_callbacks_controller.rb
@@ -137,7 +138,7 @@ licenses:
 metadata:
   homepage_uri: https://www.strongmind.com
   source_code_uri: https://github.com/StrongMind/rails-auth
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -153,7 +154,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubygems_version: 3.4.10
-signing_key: 
+signing_key:
 specification_version: 4
 summary: Ruby gem for StrongMind authentication in a strongmind app
 test_files: []