Use Case and Request for Single-Site wordpress-lti

[pacesetter-cm]

Hi again,

You asked that I write a separate issue to explain our potential use case for the wordpress-lti plugin.

I work with a company called Pace Learning Systems. We publish learning systems, both books and software, for correctional institutions (state, federal, and private) and publicly funded basic education programs. The vast majority of our customers are state prisons in various US states.

One of our partners, who provides secure labs or secure access to programming in our customer states, uses LTI (v1) as a method of "single sign-in" from their proprietary virtual learning environment. Essentially, they offer a "secure window" where inmates can access publisher content from various publishers with the same user account. They partner with publishers/content providers to create versions of their public-facing websites where their VLE can connect inmates to programming through LTI.

This way, inmate learners never need to even know their username/ID, and obviously, don't need to access email to manage their work in the program...inmates are not generally allowed access to email or any other 'free world' content; so generally, content providers who work with this provider create versions or sections of their application that are separate for inmates to access. These don't have all the account management features, external links, etc. Inmates using this system just open content provider's sites from within a window in the VLE, and ideally, they are automatically sent to where they should be based on their user/group.

Additionally, this allows teaching staff to access the same site/application as a learning manager, using the normal public-facing login and the fully featured application. In many cases, while inmates do not have 'free world' internet access in the learning lab, their instructors do and so they do not use the same VLE window that inmates use to access content .

I thought this plugin may work for our needs, as a content provider or Tool Provider to be able to provide an "LTI Tool" in our WordPress application. But you suggested an upcoming version/update may better suit what we need.

For reference, we are using an 'LMS plugin' called Learndash, which we use to create the course content and assessments. Learndash creates custom post types for Classes (user groups), Courses, Topics, Lessons, Quizzes, and Questions. Learndash Classes post type also matches a group/class with their respective Courses (content containers)...in other words, different classes access the same courses and course content is not "rebuilt/restructured" for each group... Group A uses the same "Reading Course" as Group B, but the reporting/group management for the two groups in that course is separate.

It is my understanding that Learndash is a very popular tool, but it doesn't currently address LTI.

Additionally, we use two plugins from Uncanny Owl to help with group-level reporting and user management, post-login automation, and activity tracking (tracking login time by content). These plugins (Uncanny Groups and Uncanny Toolkit) provide additional front-end tools/functionality for instructor users, such as adding users to their group, managing user progress, etc. The Groups plugin utilizes the same custom post type created by Learndash for Classes. Uncanny Groups uses Classes post type and associates a custom user role, the Group Leader/instructor user role, with their respective students (Subscriber user role).

(I think) we would need a single site version, where instead of creating new resources for each user, it logs them into existing resources to match them with existing groups/courses. It would work very much like the plugin does now, deciding automatically based on the "Platform" they are coming from. For our case, we could create a separate, contained site/application for each institutional customer, so it would not need to manage multiple platforms. However, I think that would be very useful too; I am not sure if this is possible, but I am imagining a way to create rules or run a custom block of code after LTI login, depending on the "Platform" the request is coming from. It may also need to be able to match data that comes from the Platform (like user groups, user role, user ID) and create users in the correct Wordpress roles, or any custom user role, with the appropriate data to be able to route the student to the right group/course automatically.

If you are working toward a plugin version/update that work with single site WordPress, we would be very interested!

You mentioned you have an update in progress. Do you have an idea of your timeline for it? Also, do you think this use case can be supported?

I do not have a development background, but I'm learning quickly and would be willing to help you as I am able.

Let me know what other info I can provide that might help...

And thanks again.

[spvickers]

Thanks for the details of your use case. I am working on an update to this plugin to add support for single-site instances of WordPress. I expect the first release of this to be available within the next 2 weeks.

My current expectation with this update is that it would allow users to launch into WordPress with their user account created on-the-fly (as is currently the case) and for them to be redirected to the WordPress site homepage, or some other endpoint based on which LMS they have come from (or possibly based on the value of a custom parameter passed in the launch). The option to synchronise users with the LMS would also be retained (adapted for the fact that the WordPress instance may contain users from more than one LMS).

Some more details of your needs would be helpful:

1. What types of role mapping do you anticipate? At present I would expect instructors to be given editor role, students author role and others subscriber role.
2. Am I correct in believing that your reference to groups relates to functionality provided by the Uncanny plugin, rather than standard WordPress functionality? But the LearnDash LMS is able to use these groups for managing access to courses? If so, I suspect that sharing group information from the LMS would require a more specific extension, which is currently beyond my planned scope (I am more focussed on supporting core WordPress functionality). Do you think an alternative solution would be to create multiple launch links in the LMS course with each one being released to a different group of users and each being directed to a different course in LearnDash?
3. Does the LearnDash LMS plugin support the ability to restrict course access to specific users, or groups of users; i.e. it is possible to deny a user access to a specific course?

Thanks,

[pacesetter-cm]

This is awesome news!

for questions 1 and 2:

[ I have sent a request to that secure VLE provider to try to get more information on any user roles or group roles that are sent by LTI connection requests...I will edit here when I hear back... ]

As far as I know, from the LTI Platform, there will only be student users. In Learndash, students are Wordpress default role "Subscribers". LD creates "Group Leader" custom role for teacher users, and it does not use the Author or Editor roles.

for questions 1 and 2:

Yes, Uncanny Groups plugin adds the grouping functionality from Learndash to the front end, where Group Leaders can enroll students, add users or other Group Leaders, etc. (Group Leaders are a custom user role by Learndash, which is used by Uncanny. And uncanny adds some reporting and student management functionality which uses these groups). In Learndash, you can create Groups with Group Leaders in the Admin Dashboard, but there is no front-end group registration or front-end group managerment/reporting without Uncanny Groups plugin.

Also, we would be able to restructure the courses or replicate them by group to have multiple launches (I think I understand correctly). This may not be necessary, but I have also a request to get more information from them as I am unsure. I don't think that "group associations" are managed centrally by their LMS/VLE, and that this is managed independently on the different content providers' applications where a certain student's user name/id is always the same (created by the first LTI connection for that user).

for #3:

yes, in Learndash, access to courses can be controlled by individual user or by user group/class. Courses "contain" all the other custom post types like Lesson, Topic, Test, and courses can be set to "open" (where any viewer can access), "Free" (where any registered site subscriber can access), "Buy Now" or "Recurring" (which integrates with Woocommerce or other payment integration), and "Closed" (where course enrollment and access is controlled elsewhere outside of Learndash entirely). In Learndash admin , you can give access to users or groups of users at the Course level.

I hope this helps!! Let me know what else I can do or what other info might help...

[spvickers]

Thanks for the update. So, if the groups are not originally defined in the LMS but are created within WordPress, then it seems that the only change you need, which is not part of the core WordPress functionality, is an option to apply a role of "Group Leader" to instructors, rather than a standard WordPress role.

Another issue may be that, within an LMS, a user may have a different role in different courses, and so the role they are given in WordPress may change according to which course they launch from. If the LMS passes system-level roles in the launch message, then these could be used instead of the context-level (course-level) roles to avoid this, but I'm not sure how many LMSs pass these roles. Do you have any specific LMSs that you need to support?

[pacesetter-cm]

No, if I understand correctly. On our side ("tool provider"), we use just WordPress with Learndash (LMS plugin). On the Platform side, it is a specific LMS, but a proprietary one that is not publicly marketed. I know that they use LTI for their connections from within VLE to outside publishers, and I sent a request for more information to see if they also send group associations or specific 'roles' that we will need to transfer in the connection request. I hope to get a response to that soon!

[spvickers]

@pacesetter-cm, the latest commits in this repository add the support for non-multisite instances of WordPress. Are you able and willing to test this and provide feedback on whether it meets your needs before it is finalised and released? Thanks.

[pacesetter-cm]

Hi again, yes I will be happy to do so and should be able to try it out this weekend. Thanks!

[spvickers]

@pacesetter-cm, excellent, that would be very useful. Contact me directly at stephen@spvsoftwareproducts.com if you need any help - the documentation on this site has yet to be udpated for the new version (which will be 3.0.0). Note that you can either install the dependent libraries using composer or manually (as per the current documentation) or by just installing the new ceLTIc LTI Library plugin available from the WordPress plugin directory. Good luck!

[pacesetter-cm]

TY!

[pacesetter-cm]

Hi again,

I tried installation tonight on a new wp site. when I activated the plugin, I got the following error in WP admin:

Warning: session_start(): Cannot start session when headers already sent in /home/customer/www/paceware.us/public_html/wp-content/plugins/lti/lti.php on line 51

Warning: Cannot modify header information - headers already sent by (output started at /home/customer/www/paceware.us/public_html/wp-content/plugins/lti/config.php:78) in /home/customer/www/paceware.us/public_html/wp-includes/functions.php on line 6712

It 'activates', but doesn't populate the LTI menu/tab correctly in the admin dashboard...

I used the same 'config.php' file as I used successfully on the other site (when I installed before); also, I used the same install process as before (composer installation) which had no errors. Am I missing something?

[spvickers]

I can't see anything obvious to cause this. However, it may be that you took the code after I made a couple more commits yesterday, so you could try replacing the affected files (lti.php, lib.php and DoSaveOptions.php) with their previous version.

[pacesetter-cm]

Hey, I tried again, and it seems to have installed/activated with no errors. This time, as you suggested before, I also added the "ceLTIc LTI Library" plugin from the wp plugin directory first. So it seems to be installed and activated.

However, I don't see the "LTI Platforms" tab in the admin dashboard as before, or in any of the popout menus. I checked in different browsers too...does this version work differently or should I see that same management panel?

Let me know if I should try something else, and thanks again!

[spvickers]

It looks like you have installed the latest released version of the plugin (2.2) rather than the latest code from this repository which has yet to be released (3.0.0). Only the latest code commits will add the LTI Platforms menu on the admin page of a non-multisite instance of WordPress.

[pacesetter-cm]

Oops! Thanks for the extra help. It is now installed without error. Going to try to get it to connect with a user from the tool I was able to use before (https://saltire.lti.app/) and will let you know how it goes. Thank you again.

[pacesetter-cm]

Update: for c6ebe38

The plugin installs and works to create a user as the specified user role!

Now we just need to figure out how to redirect/link them with specific courses or specific groups.

Question: can the information in the lti request under "Context and Resource links" be used to send the information required for this?

If unused, where does this information go? When I use the saLTIre tool, it gives an error when I don't include the Context/Resource information, but the information is irrelevant for my site (in that it doesn't match anything and doesn't seem to do anything).

Would either of these IDs correspond with the post ID for the custom posts for "Group"/"Class" in Learndash? Or maybe the ID for the "Course" in Learndash?

Finally, does "homepage" in the plugin options control the "landing page" for all VLE platform login requests? So, I could put something on a separate landing page for "LTI VLE logins" that could do my group and course assignment for the given user and redirect them to the right place?

[spvickers]

@pacesetter-cm, glad to hear it is now installed and working. Let me try to answer your questions, though not in the order you asked them.

I suspect the error you reported was because you did not send a resource link ID in the launch message - this is a required parameter in the LTI spec so any messages without this parameter are rejected. Most other parameters are optional.

It is possible to send additional data in the LTI launch message - they are referred to as custom parameters. Normally these have standard values for all users performing the launch from the same link, though your platform may support some of the user-related substitution variables such as $User.username. I am not sure if this will help you if the platform cannot provide the value you need. If you are able to set one or more custom parameters to the values you need (e.g. the LearnDash course ID) then we could do something to insert this into the homepage URL; for example "/learndash?course=%custom_courseid%". What URL do you need to use?

Are your users currently logging in and being redirected/linked with specific courses or specific groups? If so, you should be able to use the same URL that is doing this as the homepage setting in the options page. If not, how do you know which endpoint a user should be sent to? This may need a bespoke script on your server if the data required is not readily available.

[pacesetter-cm]

Thanks so much for this extra help explaining the spec. The details are extremely helpful.

'[Resource/Course link] is a required parameter in the LTI spec so any messages without this parameter are rejected. Most other parameters are optional.'

So this is data that must be included from the Platform's request - does this represent "resources" or "courses" they are coming from?

" I am not sure if this will help you if the platform cannot provide the value you need. If you are able to set one or more custom parameters to the values you need..."

No, the platform can't provide custom values in the launch request (I don't think), and I need to be able to give them one link that is the same 'catch-all' for any request coming from there.

But I think if I understand correctly (will get back to it soon!), your plugin already does everything we need, because it takes an LTI request and creates a user if the user doesn't exist, and it attaches the "platform key" to the created username. It automatically logs them in and sends them (all LTI requests) to a specific URL (the LTI homepage in the plugin options, correct?). I should be able to use that prepended 'Platform Key' in the username to do any "post-LTI" processing, and it can be made Platform-specific easily because of that characteristic.

I still don't have complete information from the other end (the VLE provider that sends the LTI requests). I do not think I will need to coordinate/transfer any additional parameters like groups or classes from within their system, as anything that comes from their system will be in one group/class on our end. Additionally, I do not think the "Learning Manager users" (the teachers) will be logging in via LTI requests. They will be able to access a fully-featured 'free-world' version of the same application, and they will have group management features accessible to them.

I think the plugin just needs to be able to create the users as it does. Perhaps if additional data needs to be transferred, then I can try to do like you said and have different links they use which transfer the custom parameters in the query.

Let me know if I am misunderstanding something. I should be able to return to this project tomorrow and this weekend.

Thank you again! This is awesome and appears to be exactly what we needed. Please let me know how else I can help you and I will be happy to do so.

.....Digression: ..... can this same plugin be used to coordinate my Wordpress site with a Moodle site? I noticed you have done some work with Moodle...we have used Moodle in two different instances in the past, before moving to Wordpress/Learndash. However, if this can make my Wordpress site work like a "single-sign on" for a Moodle application, that would be very cool!!

[spvickers]

@pacesetter-cm, the resource link ID is a unique ID for the link in the platform which was clicked to generate the launch message. This is a required parameter for all launch messages and is generated by the platform.

The LTI spec allows for custom parameters to be included in launch messages and all certified platforms support this, so you are able to include any data meaningful to the tool within the message. Note that, for custom parameters for a specific link, Canvas may require these to be set using a Deep Linking message - I have not seen any UI for setting them within a course. The alternative is to include the parametes in the query string, but note that Canvas does not sign messages with query parameters properly unless you set the "oauth_compliant" property to "true" when configuring it (this does not apply when using LTI 1.3).

This plugin can be used with any LTI-compliant platform, including Moodle.

I am just waiting for the update to pass the WordPress approval process so it can be included in their directory, before releasing the latest version. Note that this will not be compatible with the version you have used for testing, so I recommend that you wait before using it on any production servers.

[pacesetter-cm]

Hey again, and thanks again for the extra explanations. I was able to have a test today with the lti VLE we are trying to set this up for. Everything seems to be working fine, and I did get more information on the user roles within their system - from their client app (within labs), there are the following user role types, which seem like custom ones(?):

• "incarcerated student"
• "manager"
• "teacher"
• "non-editing teacher"

Within our WP site LTI Options, we are having "Staff" map to Learning Manager (Wordpress/Learndash Group Leader, and all others ("Student," and "Other") map to Subscriber which is our student role (also the Wordpress default role and Learndash default student role).

The plugin is putting everyone that has any "Staff" role (Teacher/N.E. Teacher/Manager) in as our group leader role correctly. And it is putting their Incarcerated Student as subscriber correctly.

It also is doing so without the user email address, which wordpress doesn't require but some plugins require anyways, and this is very helpful...

Thank you again. we had a (semi)formal test today and it is all working as intended!

Two questions:

1. Are there any limits to the number of 'platforms'?

In our testing today, we found we may need to actually have a different platform set up for each different "location" that will be connecting on the other end. They are not sending data in their application with respect to group associations but we would like to have them 'automatically enrolled' in the correct group (at the actual customer's request, third-party correctional education agency).

In order to do this (and they are not sending groups in the request from their application), then do I need to make multiple "platforms"? or could I just send them different links to use in different places (which send different "group" parameters to use); for example, they put the link http://PlatformToolProvider/?lti&group=facilityA at all of the their application terminals at "facility A", and I can have my site see which facility they are coming from that way and find the correct group for them. (I hope this makes sense)

I know I can use different LTI platforms to prepend different Unique Keys to the usernames, which I can also use to determine and enroll the correct groups automatically- but is there a practical limit to the number of providers I can add/maintain with wordpress-lti?

2. Secondly, do you have any additional info regarding your wait time for WordPress approval? It looks like this is going to work very well for our purposes, but I definitely want to have the recommended version in place before they begin implementing any connections from the inmate learning labs...

TY!

[spvickers]

In answer to your questions:

1. There are no practical limits to the number of platforms that you can configure.
2. I am hopeful that the plugin will complete the review this week; my apologies for the delay, their reply got caught by my SPAM filter.

Whilst the role vocabulary can be extended by a platform, to be compliant with the LTI 1.3 spec, it must send at least one of those prescribed in the spec. The plugin will only recognise roles from the spec.

An alternative to adding a query parameter to the launch URL is to use a custom parameter; this is the standard mechanism for passing additional data in an LTI message.

[spvickers]

Version 3.0.0 of this plugin has now been released and can now also be installed from the WordPress plugin repository. This version adds support for non-multisite instances of WordPress. Check the documentation for details on how to install/upgrade it.

[pacesetter-cm]

Just wanted to send this update that this plugin has worked wonderfully. Thank you again!

[spvickers]

@pacesetter-cm, thank you so much for your feedback. It is great to know that it is working well for you. Feel free to open another issue if you have any other suggestions for changes.