def ready(self):
from django_lti_tool_provider.views import LTIView # noqa
import peerinst.signals # noqa
from .lti import ApplicationHookManager # noqa
from .scheduled import start_scheduled_events
LTIView.register_authentication_manager(ApplicationHookManager())
try:
start_scheduled_events()
except OperationalError:
logging.getLogger("peerinst-scheduled").warning(
"The migrations have to be run before the scheduled event "
"may work.")
for setting in self.required_settings:
if (not hasattr(settings, setting)
or getattr(settings, setting) == ""):
raise ImproperlyConfigured(
f"{setting} {_('missing from settings.py')}")
_url = urlparse(settings.DEFAULT_SCHEME_HOST_PORT)
if _url.hostname not in settings.ALLOWED_HOSTS:
raise ImproperlyConfigured(
f"{_url.netloc} is not in ALLOWED_HOSTS")
def test_force_login_change(self, patched_send_lti_received):
self.assertFalse(User.objects.exclude(id=1))
payload = self.get_correct_lti_payload()
request = self.send_lti_request(payload, client=RequestFactory())
engine = import_module(settings.SESSION_ENGINE)
request.session = engine.SessionStore()
request.user = None
user = self._authentication_hook(request, username='******')
request.session.save()
self.assertEqual(request.user, user)
LTIView.as_view()(request)
# New user creation not actually available during tests.
self.assertTrue(request.user)
new_user = User.objects.exclude(username='******')[0]
self.assertEqual(request.user, new_user)
# Verify a new user is not created with the same data if re-visiting.
request = self.send_lti_request(payload, client=RequestFactory())
request.session = engine.SessionStore()
request.user = None
user = authenticate(username=new_user.username, password='******')
self.assertTrue(user)
login(request, user)
LTIView.as_view()(request)
self.assertEqual(request.user, user)
self.assertEqual(user, new_user)
self.assertEqual(LtiUserData.objects.all().count(), 1)
def test_force_login_change(self, patched_send_lti_received):
self.assertFalse(User.objects.exclude(id=1))
payload = self.get_correct_lti_payload()
request = self.send_lti_request(payload, client=RequestFactory())
engine = import_module(settings.SESSION_ENGINE)
request.session = engine.SessionStore()
request.user = None
user = authentication_hook(request, username='******')
request.session.save()
self.assertEqual(request.user, user)
LTIView.as_view()(request)
# New user creation not actually available during tests.
self.assertTrue(request.user)
new_user = User.objects.exclude(username='******')[0]
self.assertEqual(request.user, new_user)
# Verify a new user is not created with the same data if re-visiting.
request = self.send_lti_request(payload, client=RequestFactory())
request.session = engine.SessionStore()
request.user = None
user = authenticate(username=new_user.username, password='******')
self.assertTrue(user)
login(request, user)
LTIView.as_view()(request)
self.assertEqual(request.user, user)
self.assertEqual(user, new_user)
self.assertEqual(LtiUserData.objects.all().count(), 1)
def ready(self):
register(check_return_url)
if (hasattr(settings, "COURSE_FLOW_LTI_ACCESS")
and settings.COURSE_FLOW_LTI_ACCESS):
from django_lti_tool_provider.views import LTIView # noqa
from .lti import ApplicationHookManager # noqa
LTIView.register_authentication_manager(ApplicationHookManager())
def ready(self):
import peerinst.signals # noqa
from django_lti_tool_provider.views import LTIView # noqa
from .lti import ApplicationHookManager # noqa
from .scheduled import start_scheduled_events
LTIView.register_authentication_manager(ApplicationHookManager())
try:
start_scheduled_events()
except OperationalError:
logging.getLogger("peerinst-scheduled").warning(
"The migrations have to be run before the scheduled event "
"may work.")
def setUp(self):
self.client = Client()
self.hook_manager = Mock(spec=AbstractApplicationHookManager)
self.hook_manager.vary_by_key = Mock(return_value=None)
self.hook_manager.optional_lti_parameters = Mock(return_value={})
LTIView.register_authentication_manager(self.hook_manager)
def authentication_hook(self, request, user_id=None, username=None, email=None, extra_params=None):
extra = extra_params if extra_params else {}
# automatically generate password from user_id
password = self._generate_password(user_id, settings.PASSWORD_GENERATOR_NONCE)
# username and email might be empty, depending on how edX LTI module is configured:
# there are individual settings for that + if it's embedded into an iframe it never sends
# email and username in any case
# so, since we want to track user for both iframe and non-iframe LTI blocks, username is completely ignored
uname = self._compress_user_name(user_id)
email = email if email else user_id+'@localhost'
try:
User.objects.get(username=uname)
except User.DoesNotExist:
try:
User.objects.create_user(username=uname, email=email, password=password)
except IntegrityError as e:
# A result of race condition of multiple simultaneous LTI requests - should be safe to ignore,
# as password and uname are stable (i.e. not change for the same user)
logger.info("IntegrityError creating user - assuming result of race condition: %s", e.message)
authenticated = authenticate(username=uname, password=password)
login(request, authenticated)
def vary_by_key(self, lti_data):
return ":".join(str(lti_data.get(k, '')) for k in self.LTI_KEYS)
LTIView.register_authentication_manager(ApplicationHookManager())
def update_staff_user(self, user):
"""
Updates user to acknowledge he is a staff member
:param django.contrib.auth.models.User user:
:return: None
"""
user.is_staff = True
user.user_permissions.add(*get_permissions_for_staff_user())
user.save()
def vary_by_key(self, lti_data):
return ":".join(str(lti_data[k]) for k in self.LTI_KEYS)
def optional_lti_parameters(self):
"""
Return a dictionary of LTI parameters supported/required by this AuthenticationHookManager in addition
to user_id, username and email. These parameters are passed to authentication_hook method via kwargs.
This dictionary should have LTI parameter names (as specified by LTI specification) as keys; values are used
as parameter names passed to authentication_hook method, i.e. it allows renaming (not always intuitive) LTI spec
parameter names.
Example:
# renames lis_person_name_given -> user_first_name, lis_person_name_family -> user_lat_name
{'lis_person_name_given': 'user_first_name', 'lis_person_name_family': 'user_lat_name'}
"""
return {"roles": "roles"}
LTIView.register_authentication_manager(ApplicationHookManager())
def ready(self):
from django_lti_tool_provider.views import LTIView # noqa
from .lti import ApplicationHookManager # noqa
LTIView.register_authentication_manager(ApplicationHookManager())
def setUp(self):
self.client = Client()
self.hook_manager = Mock(spec=AbstractApplicationHookManager)
self.hook_manager.vary_by_key = Mock(return_value=None)
LTIView.register_authentication_manager(self.hook_manager)
