module IMS::LTI::RequestValidator

A mixin for OAuth request validation

Attributes

oauth_signature_validator[R]

Public Instance Methods

request_oauth_nonce() click to toggle source

convenience method for getting the oauth nonce from the request

# File lib/ims/lti/request_validator.rb, line 46
def request_oauth_nonce
  @oauth_signature_validator && @oauth_signature_validator.request.oauth_nonce
end
request_oauth_timestamp() click to toggle source

convenience method for getting the oauth timestamp from the request

# File lib/ims/lti/request_validator.rb, line 51
def request_oauth_timestamp
  @oauth_signature_validator && @oauth_signature_validator.request.oauth_timestamp
end
valid_request!(request) click to toggle source

Check whether the OAuth-signed request is valid and throw error if not

@return [Bool] Whether the request was valid

# File lib/ims/lti/request_validator.rb, line 41
def valid_request!(request)
  valid_request?(request, false)
end
valid_request?(request, handle_error=true) click to toggle source

Validates and OAuth request using the OAuth Gem - github.com/oauth/oauth-ruby

To validate the OAuth signatures you need to require the appropriate request proxy for your application. For example:

# For a sinatra app:
require 'oauth/request_proxy/rack_request'

# For a rails app:
require 'oauth/request_proxy/action_controller_request'

@return [Bool] Whether the request was valid

# File lib/ims/lti/request_validator.rb, line 18
def valid_request?(request, handle_error=true)
  begin
    @oauth_signature_validator = OAuth::Signature.build(request, :consumer_secret => @consumer_secret)
    @oauth_signature_validator.verify() or raise OAuth::Unauthorized.new(request)
    true
  rescue OAuth::Signature::UnknownSignatureMethod
    if handle_error
      false
    else
      raise $!
    end
  rescue OAuth::Unauthorized
    if handle_error
      false
    else
      raise OAuth::Unauthorized.new(request)
    end
  end
end