search

emory-libraries / avalon

Avalon Media System – Samvera Application
http://www.avalonmediasystem.org/
Apache License 2.0
0 stars 0 forks source link

Implement Canvas LTI Integration #46

Closed libdgg closed 3 years ago

libdgg commented 4 years ago

Need to address the outputs from the planning ticket here to ensure all the integration and functional aspects of Canvas/Avalon are met.

libdgg commented 4 years ago

Zo went through Devanshu's PR to integrate Shib. Zo is now able to understand the logic for LTI integration. Using Avalon documentation.

lovinscari commented 4 years ago

Need to set the environment variables for the LTI (Zo needs to set with Solomon) and Zo and Doug need to coordinate a meeting with Haynes.

lovinscari commented 4 years ago

Environment variables will come from Haynes and Zo has a pull request for the LTI integration

libdgg commented 4 years ago

Attending: HC, AZ, SH, DG

Canvas/LIT Meeting notes from 2020-11-02 (HC, AZ, SH, DG) ACTIONS

NOTE: environment variable stays the same NOTE: logging is most likely in a rails log in case we need to troubleshoot NOTE: do this connection work first then plan work with content

SolomonHD commented 4 years ago

I have added the appropriate env variables to all environments and emailed Haynes with the information he needs to add our config.

alexBLR commented 4 years ago

Message, when you log in with LTI successfully 'Successfully logged into the system'

Message, when you fail to log in with LTI: 'Contact a system administrator for more help or check the key/secret pair in your external tool settings.'

libdgg commented 4 years ago

I emailed Haynes to check on the status of the canvas test course on 11/06/2020. Haynes responded:

"I've got the test course configured and plugged in the avalon-prod settings. For the launch URL I used https://avreserves.libraries.emory.edu/users/auth/lti/callback as that's the provided endpoint combined with what appears in the wiki documentation. If our implementation is different then I'll need to know the correct setting. I can't do anything further because https://avreserves.libraries.emory.edu/ isn't accessible without a VPN."

@alexBLR and @SolomonHD please advise on next steps.

libdgg commented 3 years ago

I emailed Haynes to let him know the site is accessible now and to advise on next steps.

libdgg commented 3 years ago

Haynes launched the site and got an error. Update from Zo The error is happening on our side of things and related to User creation. It looks like all of the parameters are getting passed correctly from canvas. This is what we got:

Parameters: {"oauth_consumer_key"=>"avalon-prod", "oauth_signature_method"=>"HMAC-SHA1", "oauth_timestamp"=>"1605120449", "oauth_nonce"=>"dVnG2eRYIVOU6bHQNLsmKrFCw4w4FNpZS7TTHB1FmLM", "oauth_version"=>"1.0", "context_id"=>"b947a408302af0c107521f40094046e5d9ff6a2b", "context_label"=>"FA20_AVA_TEST_101", "context_title"=>"Avalon Test Course", "custom_canvas_enrollment_state"=>"", "ext_roles"=>"urn:lti:instrole:ims/lis/Administrator,urn:lti:instrole:ims/lis/Instructor,urn:lti:sysrole:ims/lis/User", "launch_presentation_document_target"=>"iframe", "launch_presentation_locale"=>"en", "launch_presentation_return_url"=>"https://canvas.emory.edu/courses/87211/external_content/success/external_tool_redirect", "lti_message_type"=>"basic-lti-launch-request", "lti_version"=>"LTI-1p0", "oauth_callback"=>"about:blank", "resource_link_id"=>"1d83b7b7857022908f728a8c853ef74926642e74", "resource_link_title"=>"Avalon Prod", "roles"=>"urn:lti:instrole:ims/lis/Administrator", "tool_consumer_info_product_family_code"=>"canvas", "tool_consumer_info_version"=>"cloud", "tool_consumer_instance_contact_email"=>"notifications@instructure.com", "tool_consumer_instance_guid"=>"Cv9zljwSCHryURcGdiNqvcWy9BR4Byb0Y8kA4Yq4:canvas-lms", "tool_consumer_instance_name"=>"Emory University", "user_id"=>"843b433637bf2e191d51eef7baaf678e26345761", "oauth_signature"=>"RpcND4/UzxqOMJRxLFAmuL9/cK0="}

It also successfully created a course on our side of things. The only problem we are having is creating a user on our side of things. I will address this issue today/tomorrow and deploy changes to production. That being said, a good first step would be for all of us to have access to the course on canvas so we can troubleshoot things on our side and get in touch on Monday.

libdgg commented 3 years ago

Update from Haynes that he has added folks to the course.

[Zo, Collin Solomon, Brad and Doug ] I've added all of you to the course as either a student or instructor. You'll probably receive an email invite, but you can also log directly into https://canvas.emory.edu and accept the invitation from the Dashboard that loads once logged in. For the sake of ease, I set the homepage of the course to show the Avalon links I created. Just click either one to launch the tool.

bwatson78 commented 3 years ago

PR made: https://github.com/emory-libraries/avalon/pull/110

bwatson78 commented 3 years ago

Another PR made: https://github.com/emory-libraries/avalon/pull/112

libdgg commented 3 years ago

FYI - Solomon let Haynes know the following via email on 11/18/2020 "The DNS of the arch and test environments have changed, they're both on the F5 like prod is. Can we get courses created for the avalon arch and test environments too?"

libdgg commented 3 years ago

Per the standup on 11/19/2020 Brad and Zo are working on this. If unable to resolve, we should loop in Phuong.

bwatson78 commented 3 years ago

Last PR made: https://github.com/emory-libraries/avalon/pull/118

I think it's worthwhile to document here the changes that we've made and what is in place to make this work:

  1. Make password unnecessary when logging via LTI (commits 785e50f8f67be9704bff6c08bfc91c4665768774 and 8514efafb8aed6041a5af0d76e1d11fa5817e2f6).
  2. Includes LTI::Context library from gem into the main application's controller (commit 576d4dcc2e2a3b06ca441134aa038e35ef891292).
  3. Overwrote the LTI standard callback method (commit 576d4dcc2e2a3b06ca441134aa038e35ef891292).
  4. Tried establishing LTI as provider in Omniauth::Builder initializer, but ran into many roadblocks there. In the end, we removed this code (commits ef416a1bc1fe997bba2c3c6b4324265e7ea7c261, 3ada0c3ac913d9219b73affc99d7d083b91c8bc7, 89d44adba09be6dbb9b2aac40575e6215400c2bc, ed3de1f501e56fe0db9f4c6437a37ab6c14b3c6e, and a17571d96cd982a6a8763e5c452de296c2eaae49).
  5. Corrected the method used to pull the needed course for the user (commits 179ef9505b06e400019e42cd766d3c28a1b847e4 and 1c38287abd6c849ed1a7b071021faec4c5aefe9b).
  6. Forced the creation of users to throw exceptions when validation fails (commit 7e50bf6ca09e777001819e5e66984bd1eb613fb2).
  7. Which leads us to the final PR above, that protects the creation of users if the OmniAuth details passed in lack an email value.

We've tested Production's behavior with the last PR's code and have seen that the uid element appears to be a random, key-like value, bit is confirmed to stay the same for each user after logging in and out multiple times. We have reached out to Haynes Chewning, our liason for Canvas/LTI, to confirm whether our everyday users will, indeed, have all of the users' metadata fields filled out when in Production is live (all test users appear to have none of those fields filled). Those fields are:

As of this comment, we haven't heard back from Haynes.

alexBLR commented 3 years ago

Canvas/LTI Testing In Arch.

Procedure:

  1. Login to the course https://canvas.emory.edu/courses/87758
  2. Click on Avalon Arch IFrame
  3. Report If you are successfully logged in into Avalon
libdgg commented 3 years ago

@zo I see Avalon in Canvas and in the upper right I see.

"47c1fe417ee12203eebb18370c8cb549bdfef8cc | Sign out"

I assume that confirms I have logged in per the text above.

libdgg commented 3 years ago

Canvas/LTI Testing In Prod and Test

Procedure:

  1. Login to the course https://canvas.emory.edu/
  2. Click on Avalon [course name]
  3. Report If you are successfully logged in into Avalon