yesod-auth-lti13-0.2.0.3: A yesod-auth plugin for LTI 1.3
Safe HaskellNone
LanguageHaskell2010

Yesod.Auth.LTI13

Description

A Yesod authentication module for LTI 1.3 See example/Main.hs for a sample implementation.

Configuration:

Synopsis

Integration with your site

authLTI13 :: YesodAuthLTI13 m => AuthPlugin m Source #

Auth plugin. Add this to appAuthPlugins to enable this plugin.

authLTI13WithWidget :: YesodAuthLTI13 m => ((Route Auth -> Route m) -> WidgetFor m ()) -> AuthPlugin m Source #

Auth plugin. The same as authLTI13 but you can provide your own template for the login hint page.

class YesodAuth site => YesodAuthLTI13 site where Source #

Callbacks into your site for LTI 1.3

Methods

checkSeenNonce :: Nonce -> AuthHandler site Bool Source #

Check if a nonce has been seen in the last validity period. It is expected that nonces given to this function are stored somewhere, returning False, then when seen again, True should be returned. See the <http://www.imsglobal.org/spec/security/v1p0/#authentication-response-validation relevant section of the IMS security specification> for details.

retrievePlatformInfo :: (Issuer, Maybe ClientId) -> AuthHandler site PlatformInfo Source #

Get the configuration for the given platform.

It is possible that the relation between Issuer and ClientId is 1 to n rather than 1 to 1, for instance in the case of cloud hosted Canvas. You *must* therefore key your PlatformInfo retrieval with the pair of both and throw an error if there are multiple ClientId for the given Issuer and the ClientId is Nothing.

retrieveOrInsertJwks Source #

Arguments

:: IO ByteString

an IO which, if evaluated, will make a new Jwk set

-> AuthHandler site ByteString 

Retrieve JWKs list from the database or other store. If not present, please create a new one by evaluating the given IO, store it, and return it.

credsExtra getters

getLtiIss :: CredsExtra -> Maybe Issuer Source #

Gets the iss for the given credsExtra.

getLtiSub :: CredsExtra -> Maybe Issuer Source #

Gets the sub for the given credsExtra

getLtiToken :: CredsExtra -> Maybe LtiTokenClaims Source #

Gets and decodes the extra token claims with the full LTI launch information from a credsExtra

Data model

Token data

newtype LtiTokenClaims #

An object representing in the type system a token whose claims have been validated.

Constructors

LtiTokenClaims 

Fields

Instances

Instances details
Eq LtiTokenClaims 
Instance details

Defined in Web.LTI13

Methods

(==) :: LtiTokenClaims -> LtiTokenClaims -> Bool #

(/=) :: LtiTokenClaims -> LtiTokenClaims -> Bool #

Show LtiTokenClaims 
Instance details

Defined in Web.LTI13

Methods

showsPrec :: Int -> LtiTokenClaims -> ShowS #

show :: LtiTokenClaims -> String #

showList :: [LtiTokenClaims] -> ShowS #

data UncheckedLtiTokenClaims #

LTI specific claims on a token. You should not accept this type, and instead prefer the newtype LtiTokenClaims which has had checking performed on it.

Constructors

UncheckedLtiTokenClaims 

Fields

Instances

Instances details
Eq UncheckedLtiTokenClaims 
Instance details

Defined in Web.LTI13

Methods

(==) :: UncheckedLtiTokenClaims -> UncheckedLtiTokenClaims -> Bool #

(/=) :: UncheckedLtiTokenClaims -> UncheckedLtiTokenClaims -> Bool #

Show UncheckedLtiTokenClaims 
Instance details

Defined in Web.LTI13

Methods

showsPrec :: Int -> UncheckedLtiTokenClaims -> ShowS #

show :: UncheckedLtiTokenClaims -> String #

showList :: [UncheckedLtiTokenClaims] -> ShowS #

ToJSON UncheckedLtiTokenClaims 
Instance details

Defined in Web.LTI13

Methods

toJSON :: UncheckedLtiTokenClaims -> Value #

toEncoding :: UncheckedLtiTokenClaims -> Encoding #

toJSONList :: [UncheckedLtiTokenClaims] -> Value #

toEncodingList :: [UncheckedLtiTokenClaims] -> Encoding #

FromJSON UncheckedLtiTokenClaims 
Instance details

Defined in Web.LTI13

Methods

parseJSON :: Value -> Parser UncheckedLtiTokenClaims #

parseJSONList :: Value -> Parser [UncheckedLtiTokenClaims] #

data ContextClaim #

LTI spec § 5.4.1 context claim

Constructors

ContextClaim 

Fields

Instances

Instances details
Eq ContextClaim 
Instance details

Defined in Web.LTI13

Methods

(==) :: ContextClaim -> ContextClaim -> Bool #

(/=) :: ContextClaim -> ContextClaim -> Bool #

Show ContextClaim 
Instance details

Defined in Web.LTI13

Methods

showsPrec :: Int -> ContextClaim -> ShowS #

show :: ContextClaim -> String #

showList :: [ContextClaim] -> ShowS #

ToJSON ContextClaim 
Instance details

Defined in Web.LTI13

Methods

toJSON :: ContextClaim -> Value #

toEncoding :: ContextClaim -> Encoding #

toJSONList :: [ContextClaim] -> Value #

toEncodingList :: [ContextClaim] -> Encoding #

FromJSON ContextClaim 
Instance details

Defined in Web.LTI13

Methods

parseJSON :: Value -> Parser ContextClaim #

parseJSONList :: Value -> Parser [ContextClaim] #

data LisClaim #

LTI spec § D LIS claim

Constructors

LisClaim 

Fields

Instances

Instances details
Eq LisClaim 
Instance details

Defined in Web.LTI13

Methods

(==) :: LisClaim -> LisClaim -> Bool #

(/=) :: LisClaim -> LisClaim -> Bool #

Show LisClaim 
Instance details

Defined in Web.LTI13

Methods

showsPrec :: Int -> LisClaim -> ShowS #

show :: LisClaim -> String #

showList :: [LisClaim] -> ShowS #

ToJSON LisClaim 
Instance details

Defined in Web.LTI13

Methods

toJSON :: LisClaim -> Value #

toEncoding :: LisClaim -> Encoding #

toJSONList :: [LisClaim] -> Value #

toEncodingList :: [LisClaim] -> Encoding #

FromJSON LisClaim 
Instance details

Defined in Web.LTI13

Methods

parseJSON :: Value -> Parser LisClaim #

parseJSONList :: Value -> Parser [LisClaim] #

data Role #

Roles in the target context (≈ course/section); see LTI spec § A.2.2 and LTI spec § 5.3.7 for details

Constructors

Administrator 
ContentDeveloper 
Instructor 
Learner 
Mentor 
Other Text 

Instances

Instances details
Eq Role 
Instance details

Defined in Web.LTI13

Methods

(==) :: Role -> Role -> Bool #

(/=) :: Role -> Role -> Bool #

Show Role 
Instance details

Defined in Web.LTI13

Methods

showsPrec :: Int -> Role -> ShowS #

show :: Role -> String #

showList :: [Role] -> ShowS #

ToJSON Role 
Instance details

Defined in Web.LTI13

Methods

toJSON :: Role -> Value #

toEncoding :: Role -> Encoding #

toJSONList :: [Role] -> Value #

toEncodingList :: [Role] -> Encoding #

FromJSON Role 
Instance details

Defined in Web.LTI13

Methods

parseJSON :: Value -> Parser Role #

parseJSONList :: Value -> Parser [Role] #

Anonymization

anonymizeLtiTokenForLogging :: UncheckedLtiTokenClaims -> AnonymizedLtiTokenClaims #

Removes PII of the user from the token, retaining only information about the system in general or the context.

Fields that are Maybe are kept as Maybe, with the contents replaced with "**" if they were Just and otherwise kept as Nothing.

newtype AnonymizedLtiTokenClaims #

LTI token claims from which all student data has been removed. For logging.

Constructors

AnonymizedLtiTokenClaims UncheckedLtiTokenClaims 

Instances

Instances details
Eq AnonymizedLtiTokenClaims 
Instance details

Defined in Web.LTI13

Methods

(==) :: AnonymizedLtiTokenClaims -> AnonymizedLtiTokenClaims -> Bool #

(/=) :: AnonymizedLtiTokenClaims -> AnonymizedLtiTokenClaims -> Bool #

Show AnonymizedLtiTokenClaims 
Instance details

Defined in Web.LTI13

Methods

showsPrec :: Int -> AnonymizedLtiTokenClaims -> ShowS #

show :: AnonymizedLtiTokenClaims -> String #

showList :: [AnonymizedLtiTokenClaims] -> ShowS #

Auth

data PlatformInfo #

Preregistered information about a learning platform

Constructors

PlatformInfo 

Fields

type Issuer = Text #

Issuer/iss field

type ClientId = Text #

client_id, one or more per platform; LTI spec § 3.1.3

type Nonce = ByteString #