Our platform has to support LTI (Learning Tools Interoperability) for being able to integrate into other learning platform such as EdX.
Basically, as a LTI Provider, our items will be opened in an iframe by the LTI Consumer, with some LTI-specific authentication. We have to handle this request (LTI Launch request)(POST), handle the auth (ask login-module), and redirect to the content.
New table lti_cookies "Authorized user's cookies for LTI sessions" with
cookie PK
lti_user_id string(255) not null
user_id FK to users.id
expires_at
Input
POST input:
lti_message_type must be "basic-lti-launch-request"
other lti parameter not checked as they are forwarded to the authenticator
URL input:
redirect_to: encoded url to which the user has to be redirected after a success authentication (typically, the url of the frontend with a reference to the content).
Output
Redirect 303 to the redirect_to url.
Actions
If no "lti_session" cookie is provided or lti_cookies.lti_user_id does not matches the user_id provided in POST:
send a POST /platform_api/lti/entry to login platform with { "post_params": <the post params>, "http_method": "POST", "http_url": <the full url of this service> }
on success:
if it is a new user:
create the user (with the usual things around)
put the user in the group with as textid "lti", if it exists
store the returned token in sessions
generate a cookie, valid 2h, stored in lti_cookies
Overview
Our platform has to support LTI (Learning Tools Interoperability) for being able to integrate into other learning platform such as EdX.
Basically, as a LTI Provider, our items will be opened in an iframe by the LTI Consumer, with some LTI-specific authentication. We have to handle this request (LTI Launch request)(POST), handle the auth (ask login-module), and redirect to the content.
See workflow here.
On
POST /lti/launch?redirect_to=...
DB Prerequisite
New table
lti_cookies
"Authorized user's cookies for LTI sessions" withcookie
PKlti_user_id
string(255) not nulluser_id
FK tousers.id
expires_at
Input
POST input:
Output
Redirect 303 to the
redirect_to
url.Actions
lti_cookies.lti_user_id
does not matches theuser_id
provided in POST:POST /platform_api/lti/entry
to login platform with{ "post_params": <the post params>, "http_method": "POST", "http_url": <the full url of this service> }
sessions
lti_cookies
redirect_to
url