Module: LtiSessionAuthable

Extended by:
ActiveSupport::Concern
Defined in:
app/controllers/concerns/lti_session_authable.rb

Constant Summary collapse

SESSION_HEADER_NAME = 
'HTTP_LTI_SESSION_ID'
UNAUTHORIZED_MESSAGE = 
'Session not found. Please refresh the page.'

Instance Method Summary collapse

Instance Method Details

#fetch_param(key) ⇒ Object 



28
29
30
 
# File 'app/controllers/concerns/lti_session_authable.rb', line 28

def fetch_param(key)
  request.parameters[key]
end

#handle_existing_sessionObject 



64
65
66
 
# File 'app/controllers/concerns/lti_session_authable.rb', line 64

def handle_existing_session
  read_session unless @lti_session.nil?
end

#initialize_lti_parametersObject 



14
15
16
17
18
19
20
21
22
23
24
25
26
 
# File 'app/controllers/concerns/lti_session_authable.rb', line 14

def initialize_lti_parameters
  @lti_context_id = fetch_param('context_id')
  @lti_context_title = fetch_param('context_title')
  @lti_resource_link_title = fetch_param('resource_link_title')
  @lti_consumer_key = fetch_param('oauth_consumer_key')
  @lti_user_email = fetch_param('lis_person_contact_email_primary')
  @lti_custom_canvas_api_domain = fetch_param('custom_canvas_api_domain')
  @lti_custom_canvas_course_id = fetch_param('custom_canvas_course_id')
  @lti_custom_canvas_user_id = fetch_param('custom_canvas_user_id')
  @lis_person_name_given = fetch_param('lis_person_name_given')
  @lis_person_name_family = fetch_param('lis_person_name_family')
  @user_ext_roles = fetch_param('ext_roles')
end

#initialize_lti_sessionObject 



9
10
11
12
 
# File 'app/controllers/concerns/lti_session_authable.rb', line 9

def initialize_lti_session
  @lti_session_id = SecureRandom.uuid
  initialize_lti_parameters
end

#lti_launch_validatorObject 



101
102
103
 
# File 'app/controllers/concerns/lti_session_authable.rb', line 101

def lti_launch_validator
  @lti_launch_validator ||= LtiLaunchValidator.new(request)
end

#lti_session_idObject 



49
50
51
 
# File 'app/controllers/concerns/lti_session_authable.rb', line 49

def lti_session_id
  request.headers[SESSION_HEADER_NAME] || params[:lti_session_id]
end

#read_sessionObject 



80
81
82
83
84
85
86
87
88
89
90
91
92
 
# File 'app/controllers/concerns/lti_session_authable.rb', line 80

def read_session
  @lti_context_id = @lti_session[:context_id]
  @lti_context_title = @lti_session[:context_title]
  @lti_resource_link_title = @lti_session[:resource_link_title]
  @lti_consumer_key = @lti_session[:consumer_key]
  @lti_custom_canvas_api_domain = @lti_session[:custom_canvas_api_domain]
  @lti_custom_canvas_course_id = @lti_session[:custom_canvas_course_id]
  @lti_custom_canvas_user_id = @lti_session[:custom_canvas_user_id]
  @lti_user_email = @lti_session[:user_email]
  @lis_person_name_given = @lti_session[:user_first_name]
  @lis_person_name_family = @lti_session[:user_last_name]
  @user_ext_roles = @lti_session[:user_ext_roles]
end

#rotate_session_idObject 



94
95
96
97
98
99
 
# File 'app/controllers/concerns/lti_session_authable.rb', line 94

def rotate_session_id
  return unless @old_session_id

  write_session_to_cache
  Rails.cache.delete(@old_session_id)
end

#rotate_session_if_neededObject 



72
73
74
75
76
77
78
 
# File 'app/controllers/concerns/lti_session_authable.rb', line 72

def rotate_session_if_needed
  return if params[:dont_rotate_session]
  return if request.method == 'POST'

  @old_session_id = @lti_session_id
  @lti_session_id = SecureRandom.uuid
end

#unauthorized_responseObject 



68
69
70
 
# File 'app/controllers/concerns/lti_session_authable.rb', line 68

def unauthorized_response
  render plain: UNAUTHORIZED_MESSAGE, status: :unauthorized
end

#validate_lti_launchObject

Raises:

  • (RequestNotFoundError) 


105
106
107
108
109
 
# File 'app/controllers/concerns/lti_session_authable.rb', line 105

def validate_lti_launch
  raise RequestNotFoundError unless request.is_a? ActionDispatch::Request

  head(:unauthorized) unless lti_launch_validator.is_valid?
end

#validate_sessionObject 



53
54
55
56
57
58
59
60
61
62
 
# File 'app/controllers/concerns/lti_session_authable.rb', line 53

def validate_session
  @lti_session_id = lti_session_id
  unauthorized_response and return unless @lti_session_id.present?

  @lti_session = Rails.cache.read(@lti_session_id)

  handle_existing_session
  rotate_session_if_needed
  unauthorized_response if @lti_session.nil?
end

#write_session_to_cacheObject 



32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
 
# File 'app/controllers/concerns/lti_session_authable.rb', line 32

def write_session_to_cache
  Rails.cache.write(@lti_session_id, {
    record_id: @lti_session_id,
    context_id: @lti_context_id,
    context_title: @lti_context_title,
    resource_link_title: @lti_resource_link_title,
    consumer_key: @lti_consumer_key,
    user_email: @lti_user_email,
    custom_canvas_api_domain: @lti_custom_canvas_api_domain,
    custom_canvas_course_id: @lti_custom_canvas_course_id,
    custom_canvas_user_id: @lti_custom_canvas_user_id,
    user_first_name: @lis_person_name_given,
    user_last_name: @lis_person_name_family,
    user_ext_roles: @user_ext_roles
  }, expires_in: 12.hours)
end