ff-ltitoolkit 0.1.0__py3-none-any.whl

ff_ltitoolkit-0.1.0.dist-info/METADATA

@@ -0,0 +1,98 @@
+Metadata-Version: 2.4
+Name: ff-ltitoolkit
+Version: 0.1.0
+Summary: Framework-agnostic LTI 1.3 Advantage toolkit for Python — connect any app to any LMS.
+Project-URL: Homepage, https://github.com/CNIT-Organization/ltitoolkit
+Project-URL: Repository, https://github.com/CNIT-Organization/ltitoolkit
+Project-URL: Issues, https://github.com/CNIT-Organization/ltitoolkit/issues
+Author: Faisal Fida
+License-Expression: MIT
+License-File: LICENSE
+Keywords: canvas,education,lms,lti,lti-advantage,lti1.3,moodle,oidc
+Classifier: Development Status :: 3 - Alpha
+Classifier: Intended Audience :: Developers
+Classifier: Operating System :: OS Independent
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Topic :: Education
+Classifier: Topic :: Internet :: WWW/HTTP
+Classifier: Topic :: Security
+Classifier: Typing :: Typed
+Requires-Python: >=3.10
+Requires-Dist: jwcrypto>=1.5
+Requires-Dist: pyjwt[crypto]<3,>=2.8
+Requires-Dist: requests>=2.31
+Requires-Dist: typing-extensions>=4.9
+Provides-Extra: fastapi
+Requires-Dist: fastapi>=0.110; extra == 'fastapi'
+Requires-Dist: itsdangerous>=2.1; extra == 'fastapi'
+Requires-Dist: python-multipart>=0.0.9; extra == 'fastapi'
+Description-Content-Type: text/markdown
+
+# ltitoolkit
+
+A framework-agnostic **LTI 1.3 Advantage** toolkit for Python. Connect any Python
+application to any LTI 1.3 compliant LMS — Canvas, Moodle, Blackboard, and more —
+with a single dependency.
+
+> Status: **early development (v0.1.0)** — the vendored LTI engine is in place;
+> the FastAPI adapter, Dynamic Registration, and token minting are being built.
+> See [`docs/PROJECT.md`](./docs/PROJECT.md) for the design rationale, capability
+> boundaries, and roadmap.
+
+## What it does (portable — same code on every LMS)
+
+- **Launch & identity** — verified OIDC/JWT launch: who the user is, which course,
+  what role.
+- **LTI Advantage**
+  - **AGS** — read/write grades for your tool's activities.
+  - **NRPS** — fetch the current course roster.
+  - **Deep Linking** — let instructors embed your content into a course.
+- **Dynamic Registration** — install on a new LMS by pasting one URL (no credentials).
+- **Client-credentials tokens** — authenticate as the tool with its own key; no user
+  login required.
+
+## What it deliberately does **not** do
+
+LTI is not a remote control for the whole LMS. Listing all courses, browsing/opening
+files, or creating native quizzes require each LMS's **proprietary** REST API and are
+**not** part of this portable core. Put that code in thin, per-LMS adapters (e.g. a
+Canvas adapter) built on top of the toolkit's generic token minting.
+
+## Layout
+
+```
+src/ltitoolkit/
+├── core/                  # vendored LTI 1.3 engine (PyLTI1p3, rebranded) — internal
+├── fastapi/               # FastAPI adapter (Phase 2)
+├── token/                 # generic client-credentials token minting (Phase 4)
+└── dynamic_registration/  # single-URL install (Phase 5)
+```
+
+## Install (as a dependency)
+
+Published via Git (no PyPI required). Pin to a tag:
+
+```bash
+pip install "git+https://github.com/CNIT-Organization/ltitoolkit.git@v0.1.0"
+# with the FastAPI adapter:
+pip install "ltitoolkit[fastapi] @ git+https://github.com/CNIT-Organization/ltitoolkit.git@v0.1.0"
+```
+
+## Develop (uv)
+
+```bash
+uv sync            # create the env + install runtime, fastapi extra, and dev tools
+uv run pytest      # tests
+uv run ruff check src tests
+uv run mypy src
+uv build           # build wheel + sdist into dist/
+```
+
+## License
+
+MIT. The `core/` engine is a vendored copy of
+[PyLTI1p3](https://github.com/dmitry-viskov/pylti1.3) (MIT); its original license
+is preserved in [`LICENSE`](./LICENSE).

ff_ltitoolkit-0.1.0.dist-info/RECORD

@@ -0,0 +1,94 @@
+ltitoolkit/__init__.py,sha256=Co8qSrVcXduzGMSUNl9ysjVfoGyJxzWog1xJXEbHWec,863
+ltitoolkit/exceptions.py,sha256=HpiQnT-lPeKp-N6dmH6Fbi4kdqHrmJSPN_ttZXEQG_4,1353
+ltitoolkit/http.py,sha256=KgUtnfuDcux1O9Ann0GBpf-YGGR2DdOp7jYScq_Ycz0,2808
+ltitoolkit/adapters/__init__.py,sha256=LLFys4S97EWFhJ1Nmg1NkzHFGHCpukFpVb53YP92niM,590
+ltitoolkit/adapters/brightspace/__init__.py,sha256=3NOhQeEQCdIGHPyKgfXlhED0vlCo9CpgB_PIIrdT2og,976
+ltitoolkit/adapters/brightspace/client.py,sha256=0v_QgqXz2sMdaQZwo6apvEaKoQdBuqa6sCXBNlIFz2o,6857
+ltitoolkit/adapters/canvas/__init__.py,sha256=xLFpt4hTwWRVSPLAhF-cvMKT_qGhxdolrOCMY1pgCfM,764
+ltitoolkit/adapters/canvas/client.py,sha256=ueUaH5xmD6siAe0cI3ZVR1PDLVkhjxd0t8_YMsyTi2I,5591
+ltitoolkit/advantage/__init__.py,sha256=IUNagJR2pF5q72t9uMRKaupdV4uLvMpBgyfmi1BhQm4,335
+ltitoolkit/advantage/service.py,sha256=XTp6XCNTUvRPF8wYmYwnHKukTmPaM4IGp8j0hXjzmzE,3576
+ltitoolkit/core/__init__.py,sha256=Lz1LFiJDTWon1XUMARh-38m0huj_81q70ZKC6j9oews,830
+ltitoolkit/core/actions.py,sha256=WY6_BfIrebRX7PHmP7ztows0N5ROxtNiRbgasY6oGXU,135
+ltitoolkit/core/assignments_grades.py,sha256=oG4hfGUO-cTuiB4845bisGVY2BLtSzNydLPAv4receY,10784
+ltitoolkit/core/cookie.py,sha256=ecu8e0zyz9OSg26S6yn2oTsDT31mehJdmwl1P1Tdf64,417
+ltitoolkit/core/cookies_allowed_check.py,sha256=wJTy8GLoBv12HtIpiaRGPZV8nKpc7gCWpjOnC6sntmg,4867
+ltitoolkit/core/course_groups.py,sha256=mjsXltN6i_BzBGuVfvkxPlxrJunWCs_WGbsYOS2M5Co,3268
+ltitoolkit/core/deep_link.py,sha256=TPDOpK7jsmtlsTw-FqN4wWvyN5E8VRMMqAFv7hgsKWE,3501
+ltitoolkit/core/deep_link_resource.py,sha256=1JTd2Fcz2rywbPL5hZnDK8lE7n-42E2e_9NlCkgFPDU,2698
+ltitoolkit/core/deployment.py,sha256=ctqH-s-PiGKPunDPuSb4yE1h7iAtBXR6oMzQbLdU1hU,305
+ltitoolkit/core/exception.py,sha256=s-OumXf3eEWv5IwYw2f2rirhKhkf1SgUjC8XmPuvmRE,355
+ltitoolkit/core/grade.py,sha256=CKtUfzYikEr0nHX-4uAMmCeIOHT1VLacVX8tHklyLR0,4492
+ltitoolkit/core/lineitem.py,sha256=RltsnKZo7JBkJtx4n1tvDffW_sXlLbOOmCGX9ocrAAI,6268
+ltitoolkit/core/message_launch.py,sha256=NiFxEhe1Lv_T4csQFrVHen_DlUwQ-nfEXi166VbnVbE,29057
+ltitoolkit/core/names_roles.py,sha256=06uObxqqjeUz5A-pzPh3qngrFTbZvBb9w7Q8vyBH0X0,2975
+ltitoolkit/core/oidc_login.py,sha256=gFLJampd9QgDGe0mj5Z-VvvTLgOzmOxHSBKaPnC630g,9923
+ltitoolkit/core/py.typed,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+ltitoolkit/core/redirect.py,sha256=WQgQDmldqWXDqia2bFZrtVgeNgyjmiXi76xfTun1J1U,512
+ltitoolkit/core/registration.py,sha256=hDMrS2zG8Eqr5ZXjNT0ahlSrQKNuoTcHbpaYcrc80g0,3889
+ltitoolkit/core/request.py,sha256=mBmjkfPOfNT2Ic496JcV-_Bvy0PhroJEhTMfghWurE8,342
+ltitoolkit/core/roles.py,sha256=2QNMwDJh_FzpozCAeTj1prtb4pI7JT2zclEwDev8syQ,3444
+ltitoolkit/core/service_connector.py,sha256=MLyDUhmPnVS42j7ptVjWISdL-llp6wA5dfcSt9dUlUI,4948
+ltitoolkit/core/session.py,sha256=dqr2CnWG6MLFgf7zJDPnoIDyZivJjKXc71rrrjzgzLg,2537
+ltitoolkit/core/utils.py,sha256=kyTYEOXaGsZr6Qd_cF7bHWFX3T7GnujmtSlezVylHcM,398
+ltitoolkit/core/contrib/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+ltitoolkit/core/contrib/py.typed,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+ltitoolkit/core/contrib/django/__init__.py,sha256=OFQWKv2Jnm0PCgR08r7A7PEb-XaXnT01E8ox301M5eg,214
+ltitoolkit/core/contrib/django/cookie.py,sha256=aUCcCeaxE63CHZpOVQOXtYfGPRAaEUQmW69Gfvf9VTc,2104
+ltitoolkit/core/contrib/django/message_launch.py,sha256=F04FRN0SiD3K--7BsvTSzB6xFb8TxiZ80uMfHHNyRuM,1156
+ltitoolkit/core/contrib/django/oidc_login.py,sha256=KGqtJh6YnyWs-zXyNp7QRtvd-MX6GCwPote-HZVDS3A,1206
+ltitoolkit/core/contrib/django/redirect.py,sha256=YVrDq-hFq6nvgdEScr-muMtY2FTmt84S8npGG5Q_A4s,1005
+ltitoolkit/core/contrib/django/request.py,sha256=iPqA1q0ypqnEmg3L9AgOA9kRnnZOqJlN9SEfp6Vktd0,910
+ltitoolkit/core/contrib/django/session.py,sha256=rwy9cuREpRRXndEHdq4-3lmUcZK6puiw1fdRI_BXITQ,106
+ltitoolkit/core/contrib/django/launch_data_storage/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+ltitoolkit/core/contrib/django/launch_data_storage/cache.py,sha256=uoOq8xexkPUsEv9yVTOKO_MODFJlLVE48R-hKm2XoyM,337
+ltitoolkit/core/contrib/django/lti1p3_tool_config/__init__.py,sha256=1NX0pPIOqfthTHQ6gVW_fX1bwJmYKZolZGbWOsknStA,4467
+ltitoolkit/core/contrib/django/lti1p3_tool_config/admin.py,sha256=KOuEM91zvvORvikkde-_VacKnW_DOAeCA6l3KePBKY8,1344
+ltitoolkit/core/contrib/django/lti1p3_tool_config/apps.py,sha256=1g8CrH8eCxlzK4VNQ7X_U6g7P_7PHOXGfm_BTY1Deog,195
+ltitoolkit/core/contrib/django/lti1p3_tool_config/models.py,sha256=X4VR3jawccaE_4KaGb9j7LCSZaROHeeh8loQUa3-zjE,5826
+ltitoolkit/core/contrib/django/lti1p3_tool_config/migrations/0001_initial.py,sha256=CLpCZA42jFmgJJGB9tgCa4FlQztB5wCFlyA-Ckdr52E,6085
+ltitoolkit/core/contrib/django/lti1p3_tool_config/migrations/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+ltitoolkit/core/contrib/flask/__init__.py,sha256=KwwFgHZp48KqEooGP0HKryOHwd2NO7VYTE34jb07Dys,276
+ltitoolkit/core/contrib/flask/cookie.py,sha256=cjLEw4jMgf8lmVvxx7Ju1zC_AOrywBW5D5ldGra0ss0,1072
+ltitoolkit/core/contrib/flask/message_launch.py,sha256=T3L01Gt0Y0qFRpfcebHjy3rJVHVyl1wEUbHj-DIpybQ,901
+ltitoolkit/core/contrib/flask/oidc_login.py,sha256=C4t2RbgRjHdngu25KEVpH8WAgZkSm3fvHPCrdlmCw3g,935
+ltitoolkit/core/contrib/flask/redirect.py,sha256=zebVxFZ7UxSE_xi-K_lOQQ2UkQziG5iDwxqQ2c9ocFQ,957
+ltitoolkit/core/contrib/flask/request.py,sha256=jxucbaA7bJQvHva5ZumXZBcL3OI5_ixjWRgFtB_BN_M,1171
+ltitoolkit/core/contrib/flask/session.py,sha256=G4vP7P4ywTD_yzMvY1F4J9UPqULLqPvpMjz_JpiVV2E,105
+ltitoolkit/core/contrib/flask/launch_data_storage/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+ltitoolkit/core/contrib/flask/launch_data_storage/cache.py,sha256=LfXc9N7H44rLdeB8qneiNhkZZFnIhnRego9bkvQ8nwY,250
+ltitoolkit/core/launch_data_storage/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+ltitoolkit/core/launch_data_storage/base.py,sha256=N06Ag9ySzISgWCUV-FAuAP1B09oCoZ_Bli6TG4ldB4Q,2301
+ltitoolkit/core/launch_data_storage/cache.py,sha256=R5hLQhckHhuFjnEvPAAVS4pp5TyTTpnK14npUOMlLnU,1577
+ltitoolkit/core/launch_data_storage/session.py,sha256=NR7YIHZcR2PvWq3jY6z0rhNKFSCoZbWKocKJMwVBnVI,936
+ltitoolkit/core/message_validators/__init__.py,sha256=Oia7N0EyQLYRWSL8FHtIz92yleWnBViVcXKXzONnX2I,409
+ltitoolkit/core/message_validators/abstract.py,sha256=RRiz3R85df2qpgqhHeO7qQA0S66d0BytIwItP1ZEc-8,805
+ltitoolkit/core/message_validators/deep_link.py,sha256=MQ-sPmJcPnGF3C0XCHGhjMAtVD_HnKroM042CjZx1fs,1246
+ltitoolkit/core/message_validators/privacy_launch.py,sha256=K3tNX_ygfFYk2RumWzFwHw8CGGX0dbGEI-19v50wCF8,1349
+ltitoolkit/core/message_validators/resource_message.py,sha256=eQzShJHVP8mpafmOyvfgM1xGgjnMb9iEzeTE_6MaxN4,657
+ltitoolkit/core/message_validators/submission_review.py,sha256=qxD28-buYRkduGPkBTyz4A7KQ2C88X88y3fSgyA4sDY,1607
+ltitoolkit/core/tool_config/__init__.py,sha256=EUiHrHGKBhZ72hYqdUTMHA2m3Z-r-XgC-3Sj_jwVp5U,125
+ltitoolkit/core/tool_config/abstract.py,sha256=ChK8YfJiezkK4Gbvf5jnt_6Shr1jCHbzjNSwMjuFGBk,4718
+ltitoolkit/core/tool_config/dict.py,sha256=iPiA0Ng2io7hf4JKVQJaJ2J5MxryOT16tKNmpTyZ4yY,10658
+ltitoolkit/core/tool_config/json_file.py,sha256=OMgwsbH36lO42GguDe-MWwpQfp6-7lgN53LR58Sh5Oo,4597
+ltitoolkit/core/tool_config/py.typed,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+ltitoolkit/dynamic_registration/__init__.py,sha256=Dp7UfGaL-Ovcv4b3p_n4lFbpHoBx2Y3ZfeRZTMSvjJI,1134
+ltitoolkit/dynamic_registration/models.py,sha256=qkrPnpfK_Fgik-CosCBQAqNa5NWj4y6I3UPou9PWA2Q,6797
+ltitoolkit/dynamic_registration/service.py,sha256=Nvk2eeiJum8bhYkJnRBopLjidK_0ukeRY7kmyTzAh1o,5836
+ltitoolkit/dynamic_registration/store.py,sha256=2REKtCo5v-1R-LCDT18hor8rk4Kifx_6R1E9pfOgnT0,1451
+ltitoolkit/dynamic_registration/tool_conf.py,sha256=FnYiwrS7o_GXeNy7PoAduM0wC59bRx80lIErp4tAlJs,4012
+ltitoolkit/fastapi/__init__.py,sha256=1ARAh3InJSUdcspOIcMQuXm7DrT_3Ojl3vZNuOXUqkY,1117
+ltitoolkit/fastapi/cookie.py,sha256=TI4R9zmph1dcft8xPaAj3RKPACYbCUyK7YP5oMkhzzQ,1903
+ltitoolkit/fastapi/dynamic_registration.py,sha256=FWZG8QQjsLIJL3xIG7a8B6tBvgH1FMiftCkxg6jl_so,1632
+ltitoolkit/fastapi/message_launch.py,sha256=Y8NHagx8nu7IqPGk8pb28-_oEcniSOAq31QKYT7VFm8,2095
+ltitoolkit/fastapi/oidc_login.py,sha256=kCjybspHQx2bJEEqkmYmlr8fkCUrLfrVtQ9V4u3i5fw,1672
+ltitoolkit/fastapi/redirect.py,sha256=GuJmOMoSt3G6P4bNgv-j93_7VAcXMlc-e6Fd3vhsEiE,1642
+ltitoolkit/fastapi/request.py,sha256=olrg4IC5Ab1tMeOh2ojRQ0Vmm4AkpS9lGuMP8z1KoGk,2721
+ltitoolkit/fastapi/session.py,sha256=6eIgtZGlgUVwSp4RCI1Cuia5Pqc1MjVtlDGxTZ3JleY,426
+ltitoolkit/token/__init__.py,sha256=OgpavFZ2Llx91fZbj-TcxQ97Fky7UMqnUe8A-ZuuJZo,717
+ltitoolkit/token/cache.py,sha256=pF0c4zvpFpXgfNxqatVt5vmVoZoqaurrfMlyOy_cSlQ,1473
+ltitoolkit/token/service.py,sha256=SkbJnKD_HpzXUG1MgakXy_ilP3b0xBb5lli00v9hFcY,6121
+ff_ltitoolkit-0.1.0.dist-info/METADATA,sha256=XpqgfHKyyIzO9OeY7LnLSazE82HhizZfKF-kCnKQ5mQ,3820
+ff_ltitoolkit-0.1.0.dist-info/WHEEL,sha256=mffPy8wBnZQn2VnJUU5jE99KsxaSfiyMHV9Yt0aLVxs,87
+ff_ltitoolkit-0.1.0.dist-info/licenses/LICENSE,sha256=Wu9360Rx7_xM3-0AOjY-UEMJiYqb7awBf3j0bhdukfg,1070
+ff_ltitoolkit-0.1.0.dist-info/RECORD,,

ff_ltitoolkit-0.1.0.dist-info/WHEEL

@@ -0,0 +1,4 @@
+Wheel-Version: 1.0
+Generator: hatchling 1.30.1
+Root-Is-Purelib: true
+Tag: py3-none-any

ff_ltitoolkit-0.1.0.dist-info/licenses/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2019 Dmitry Viskov
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

ltitoolkit/__init__.py

@@ -0,0 +1,20 @@
+"""ltitoolkit — a framework-agnostic LTI 1.3 Advantage toolkit for Python.
+
+Connect any Python application to any LTI 1.3 compliant LMS (Canvas, Moodle,
+Blackboard, …) with one dependency:
+
+- LTI 1.3 launch + identity (who, which course, what role)
+- LTI Advantage: Assignment & Grade Services (AGS), Names & Role Provisioning
+  (NRPS), and Deep Linking — portable across every LMS
+- Dynamic Registration: single-URL, no-credentials tool install
+- Generic client-credentials token minting for LMS service/API calls
+
+The portable LTI engine lives in :mod:`ltitoolkit.core` (vendored). Framework
+glue lives in adapters such as :mod:`ltitoolkit.fastapi`. LMS-proprietary REST
+calls (listing files, quizzes, etc.) are intentionally *not* part of the core —
+they belong in thin, separate per-LMS adapters.
+"""
+
+__version__ = "0.1.0"
+
+__all__ = ["__version__"]

ltitoolkit/adapters/__init__.py

@@ -0,0 +1,11 @@
+"""Per-LMS adapters for *proprietary* (Layer 3) APIs.
+
+Everything in this package is intentionally **outside** the portable LTI core.
+LTI standardises identity, roster (NRPS), and grades (AGS) — but **not** browsing
+course files, listing quizzes, or reading the full gradebook. Those require each
+LMS's own REST API, which differs per vendor and is not portable.
+
+Adapters here build on the portable pieces (`ltitoolkit.token` for auth,
+`ltitoolkit.http` for sessions, `ltitoolkit.exceptions` for errors) but call
+vendor-specific endpoints. Use them only against the LMS they target.
+"""

ltitoolkit/adapters/brightspace/__init__.py

@@ -0,0 +1,35 @@
+"""Brightspace (D2L) proprietary REST API adapter (Layer 3 — NOT portable).
+
+Calls Brightspace's own Valence LE API (course content: modules, topics, files)
+using the tool's OAuth2 client-credentials token minted for a Service User — no
+user login. Requires the registered OAuth client to carry the matching scopes
+(e.g. ``content:modules:read``); the LMS admin approves those once at install.
+
+This works **only** on Brightspace. Other LMSs need their own adapter.
+"""
+
+from .client import (
+    SCOPE_CONTENT_FILE_READ,
+    SCOPE_CONTENT_READ,
+    SCOPE_CONTENT_TOPICS_READ,
+    SCOPE_ENROLLMENT_READ,
+    TOPIC_FILE,
+    TOPIC_LINK,
+    TYPE_MODULE,
+    TYPE_TOPIC,
+    BrightspaceAPIClient,
+    TokenProvider,
+)
+
+__all__ = [
+    "BrightspaceAPIClient",
+    "TokenProvider",
+    "SCOPE_CONTENT_READ",
+    "SCOPE_CONTENT_TOPICS_READ",
+    "SCOPE_CONTENT_FILE_READ",
+    "SCOPE_ENROLLMENT_READ",
+    "TYPE_MODULE",
+    "TYPE_TOPIC",
+    "TOPIC_FILE",
+    "TOPIC_LINK",
+]

ltitoolkit/adapters/brightspace/client.py

@@ -0,0 +1,176 @@
+"""A thin Brightspace (D2L) Valence REST API client — Layer 3, NOT portable.
+
+Reads course content (modules / topics / files) from the Brightspace **Learning
+Environment (LE)** API, authenticated by an OAuth2 *client-credentials* Bearer
+token minted for a Brightspace **Service User** — no user login. The token's
+scopes are Brightspace scopes (``content:modules:read`` …) approved once on the
+registered OAuth client; the admin does that at install, the student does nothing.
+
+Brightspace's client-credentials assertion (``iss``=``sub``=client_id, ``aud``=
+token endpoint, RS256 + ``kid``) is exactly what
+:class:`ltitoolkit.token.AccessTokenService` already produces — only the token
+endpoint differs (``https://auth.brightspace.com/core/connect/token``).
+
+Endpoints (per docs.valence.desire2learn.com):
+
+    GET /d2l/api/le/{ver}/{orgUnitId}/content/root/
+    GET /d2l/api/le/{ver}/{orgUnitId}/content/modules/{moduleId}/structure/
+    GET /d2l/api/le/{ver}/{orgUnitId}/content/topics/{topicId}
+    GET /d2l/api/le/{ver}/{orgUnitId}/content/topics/{topicId}/file
+
+Works **only** on Brightspace. Other LMSs need their own adapter.
+
+.. note::
+   Response shapes follow the Valence docs. Verify against the client's instance
+   and its LE ``version`` (see ``GET /d2l/api/le/versions/``) before the demo.
+"""
+
+from __future__ import annotations
+
+import typing as t
+
+import requests
+
+from ...exceptions import ExternalRequestError
+from ...http import build_session
+
+# OAuth2 scopes (format: ``<group>:<resource>:<action>``), approved on the
+# registered OAuth client / Service User by the admin once.
+SCOPE_CONTENT_READ = "content:modules:read"
+SCOPE_CONTENT_TOPICS_READ = "content:topics:read"
+SCOPE_CONTENT_FILE_READ = "content:file:read"
+SCOPE_ENROLLMENT_READ = "enrollment:orgunit:read"
+
+# ContentObject.Type values.
+TYPE_MODULE = 0
+TYPE_TOPIC = 1
+
+# Topic.TopicType values.
+TOPIC_FILE = 1
+TOPIC_LINK = 3
+
+# Default LE API version; override per instance.
+_DEFAULT_LE_VERSION = "1.74"
+# Recursion guard against pathological / cyclic module structures.
+_MAX_MODULE_DEPTH = 25
+
+
+@t.runtime_checkable
+class TokenProvider(t.Protocol):
+    """Anything that can mint a Bearer token for a set of scopes."""
+
+    def get_token(self, scopes: t.Sequence[str]) -> str: ...
+
+
+class BrightspaceAPIClient:
+    """Read-only convenience wrapper over the Brightspace LE content API."""
+
+    def __init__(
+        self,
+        base_url: str,
+        token_provider: TokenProvider,
+        scopes: t.Sequence[str],
+        *,
+        le_version: str = _DEFAULT_LE_VERSION,
+        session: requests.Session | None = None,
+    ) -> None:
+        self._base = base_url.rstrip("/")
+        self._tokens = token_provider
+        self._scopes = tuple(scopes)
+        self._ver = le_version
+        self._session = session if session is not None else build_session()
+
+    # -- public API --------------------------------------------------------
+
+    def get_content_root(self, org_unit_id: str | int) -> list[dict[str, t.Any]]:
+        """Top-level modules of a course (``Type == TYPE_MODULE``)."""
+        return self._get_list(self._le(org_unit_id, "content/root/"))
+
+    def get_module_structure(
+        self, org_unit_id: str | int, module_id: str | int
+    ) -> list[dict[str, t.Any]]:
+        """Direct children of a module — a mix of submodules and topics."""
+        return self._get_list(
+            self._le(org_unit_id, f"content/modules/{module_id}/structure/")
+        )
+
+    def get_topic(self, org_unit_id: str | int, topic_id: str | int) -> dict[str, t.Any]:
+        """Metadata for a single topic (``Title``, ``TopicType``, ``Url`` …)."""
+        return self._get_json(self._le(org_unit_id, f"content/topics/{topic_id}"))
+
+    def download_topic_file(
+        self, org_unit_id: str | int, topic_id: str | int, *, stream: bool = False
+    ) -> bytes:
+        """Raw bytes of a file-type topic (feed to NeuralMentor's ingestion)."""
+        params = {"stream": "true"} if stream else None
+        response = self._request(
+            self._le(org_unit_id, f"content/topics/{topic_id}/file"), params
+        )
+        return response.content
+
+    def list_course_topics(self, org_unit_id: str | int) -> list[dict[str, t.Any]]:
+        """Flat list of every topic in a course (walks the full module tree).
+
+        Each topic is the raw ContentObject; useful as "the course's lessons" to
+        feed into a lesson-generation pipeline. Submodules are traversed; cycles
+        and excessive depth are guarded against.
+        """
+        topics: list[dict[str, t.Any]] = []
+        seen: set[t.Any] = set()
+
+        def walk(entries: list[dict[str, t.Any]], depth: int) -> None:
+            if depth > _MAX_MODULE_DEPTH:
+                return
+            for obj in entries:
+                if obj.get("Type") == TYPE_TOPIC:
+                    topics.append(obj)
+                elif obj.get("Type") == TYPE_MODULE:
+                    module_id = obj.get("Id")
+                    if module_id is None or module_id in seen:
+                        continue
+                    seen.add(module_id)
+                    walk(self.get_module_structure(org_unit_id, module_id), depth + 1)
+
+        walk(self.get_content_root(org_unit_id), 0)
+        return topics
+
+    # -- internals ---------------------------------------------------------
+
+    def _le(self, org_unit_id: str | int, path: str) -> str:
+        return f"{self._base}/d2l/api/le/{self._ver}/{org_unit_id}/{path}"
+
+    def _headers(self) -> dict[str, str]:
+        token = self._tokens.get_token(self._scopes)
+        return {"Authorization": f"Bearer {token}", "Accept": "application/json"}
+
+    def _request(
+        self, url: str, params: dict[str, t.Any] | None = None
+    ) -> requests.Response:
+        try:
+            response = self._session.get(url, params=params, headers=self._headers())
+        except requests.Timeout as exc:
+            raise ExternalRequestError(
+                f"Timed out calling Brightspace: {exc}", url=url, is_timeout=True
+            ) from exc
+        except requests.RequestException as exc:
+            raise ExternalRequestError(
+                f"Error calling Brightspace: {exc}", url=url
+            ) from exc
+
+        if not response.ok:
+            raise ExternalRequestError(
+                "Brightspace API request failed",
+                status_code=response.status_code,
+                url=url,
+                response_text=response.text,
+            )
+        return response
+
+    def _get_json(self, url: str) -> dict[str, t.Any]:
+        return self._request(url).json()
+
+    def _get_list(self, url: str) -> list[dict[str, t.Any]]:
+        body = self._request(url).json()
+        if not isinstance(body, list):
+            raise ExternalRequestError("Expected a list response from Brightspace", url=url)
+        return body

ltitoolkit/adapters/canvas/__init__.py

@@ -0,0 +1,27 @@
+"""Canvas LMS proprietary REST API adapter (Layer 3 — NOT portable).
+
+Calls Canvas's own REST API (files, quizzes, …) using the tool's LTI
+client-credentials token — no user login. Requires the tool's developer key to
+carry the matching Canvas API scopes (e.g. ``url:GET|/api/v1/courses/:id/files``);
+the LMS admin approves those once at install.
+
+This works **only** on Canvas. Other LMSs need their own adapter.
+"""
+
+from .client import (
+    SCOPE_GET_FILE,
+    SCOPE_GET_FILE_PUBLIC_URL,
+    SCOPE_LIST_COURSE_FILES,
+    SCOPE_LIST_QUIZZES,
+    CanvasAPIClient,
+    TokenProvider,
+)
+
+__all__ = [
+    "CanvasAPIClient",
+    "TokenProvider",
+    "SCOPE_LIST_COURSE_FILES",
+    "SCOPE_GET_FILE",
+    "SCOPE_GET_FILE_PUBLIC_URL",
+    "SCOPE_LIST_QUIZZES",
+]

ltitoolkit/adapters/canvas/client.py

@@ -0,0 +1,142 @@
+"""A thin Canvas REST API client authenticated by the LTI tool token.
+
+Authentication reuses :class:`ltitoolkit.token.AccessTokenService` — the tool
+signs with its own key and exchanges it (client-credentials) for a Bearer token.
+The token's scopes are Canvas API scopes (``url:METHOD|/api/v1/...``) declared on
+the developer key, so **no user login is involved**.
+
+Only a few high-value, read-only endpoints are wrapped here; add more as needed
+following the same pattern. Note Canvas has *two* quiz systems: classic quizzes
+(``/api/v1/courses/:id/quizzes``, wrapped below) and New Quizzes (a separate
+``/api/quiz/v1/...`` API) — extend with a dedicated method if you need the latter.
+"""
+
+from __future__ import annotations
+
+import typing as t
+
+import requests
+
+from ...exceptions import ExternalRequestError
+from ...http import build_session
+
+# Canvas API scopes (declared on the developer key, approved by the admin once).
+SCOPE_LIST_COURSE_FILES = "url:GET|/api/v1/courses/:course_id/files"
+SCOPE_GET_FILE = "url:GET|/api/v1/files/:id"
+SCOPE_GET_FILE_PUBLIC_URL = "url:GET|/api/v1/files/:id/public_url"
+SCOPE_LIST_QUIZZES = "url:GET|/api/v1/courses/:course_id/quizzes"
+
+_DEFAULT_PER_PAGE = 50
+_MAX_PAGES = 100  # safety bound against pathological pagination
+
+
+@t.runtime_checkable
+class TokenProvider(t.Protocol):
+    """Anything that can mint a Bearer token for a set of scopes."""
+
+    def get_token(self, scopes: t.Sequence[str]) -> str: ...
+
+
+class CanvasAPIClient:
+    """Read-only convenience wrapper over a subset of the Canvas REST API."""
+
+    def __init__(
+        self,
+        base_url: str,
+        token_provider: TokenProvider,
+        scopes: t.Sequence[str],
+        *,
+        session: requests.Session | None = None,
+        per_page: int = _DEFAULT_PER_PAGE,
+    ) -> None:
+        self._base = base_url.rstrip("/")
+        self._tokens = token_provider
+        self._scopes = tuple(scopes)
+        self._session = session if session is not None else build_session()
+        self._per_page = per_page
+
+    # -- public API --------------------------------------------------------
+
+    def list_course_files(
+        self, course_id: str | int, **params: t.Any
+    ) -> list[dict[str, t.Any]]:
+        """List files in a course (all pages). Extra kwargs become query params."""
+        return self._get_paginated(f"/api/v1/courses/{course_id}/files", params)
+
+    def list_quizzes(self, course_id: str | int) -> list[dict[str, t.Any]]:
+        """List classic quizzes in a course (all pages)."""
+        return self._get_paginated(f"/api/v1/courses/{course_id}/quizzes")
+
+    def get_file(self, file_id: str | int) -> dict[str, t.Any]:
+        """Get a single file's metadata."""
+        return self._get(f"/api/v1/files/{file_id}")
+
+    def get_file_public_url(self, file_id: str | int) -> str:
+        """Get a temporary, directly-downloadable URL for a file's contents.
+
+        Preferred over proxying bytes: hand this URL to the browser to open the
+        PDF/document directly.
+        """
+        body = self._get(f"/api/v1/files/{file_id}/public_url")
+        url = body.get("public_url")
+        if not url:
+            raise ExternalRequestError(
+                "Canvas did not return a public_url for the file",
+                url=f"{self._base}/api/v1/files/{file_id}/public_url",
+            )
+        return url
+
+    # -- internals ---------------------------------------------------------
+
+    def _headers(self) -> dict[str, str]:
+        token = self._tokens.get_token(self._scopes)
+        return {"Authorization": f"Bearer {token}", "Accept": "application/json"}
+
+    def _request(self, url: str, params: dict[str, t.Any] | None = None) -> requests.Response:
+        try:
+            response = self._session.get(url, params=params, headers=self._headers())
+        except requests.Timeout as exc:
+            raise ExternalRequestError(
+                f"Timed out calling Canvas: {exc}", url=url, is_timeout=True
+            ) from exc
+        except requests.RequestException as exc:
+            raise ExternalRequestError(f"Error calling Canvas: {exc}", url=url) from exc
+
+        if not response.ok:
+            raise ExternalRequestError(
+                "Canvas API request failed",
+                status_code=response.status_code,
+                url=url,
+                response_text=response.text,
+            )
+        return response
+
+    def _get(self, path: str, params: dict[str, t.Any] | None = None) -> dict[str, t.Any]:
+        response = self._request(self._base + path, params)
+        return response.json()
+
+    def _get_paginated(
+        self, path: str, params: dict[str, t.Any] | None = None
+    ) -> list[dict[str, t.Any]]:
+        query = dict(params or {})
+        query.setdefault("per_page", self._per_page)
+
+        results: list[dict[str, t.Any]] = []
+        url: str | None = self._base + path
+        pages = 0
+        # First page carries query params; subsequent `next` links are absolute
+        # and already include them.
+        next_params: dict[str, t.Any] | None = query
+        while url and pages < _MAX_PAGES:
+            response = self._request(url, next_params)
+            body = response.json()
+            if not isinstance(body, list):
+                raise ExternalRequestError(
+                    "Expected a list response from Canvas", url=url
+                )
+            results.extend(body)
+            next_link = response.links.get("next")
+            url = next_link["url"] if next_link else None
+            next_params = None
+            pages += 1
+        return results

ltitoolkit/advantage/__init__.py

@@ -0,0 +1,9 @@
+"""LTI Advantage convenience layer (AGS + NRPS).
+
+Surfaces the portable Advantage services of a validated launch through a small,
+documented facade so applications never reach into ``ltitoolkit.core``.
+"""
+
+from .service import AdvantageServiceUnavailable, LaunchAdvantage
+
+__all__ = ["LaunchAdvantage", "AdvantageServiceUnavailable"]