This ruby library is to help create Tool Providers and Tool Consumers for the IMS LTI standard.
This is packaged as the
ims-lti rubygem, so you can just add the dependency to
your Gemfile or install the gem on your system:
gem install ims-lti
To require the library in your project:
To validate the OAuth signatures you need to require the appropriate request proxy for your application. For example:
# For a Sinatra or a Rails 3 app: require 'oauth/request_proxy/rack_request' # You also need to explicitly enable OAuth 1 support in the environment.rb or an initializer: OAUTH_10_SUPPORT = true # For a Rails 2.3 app: require 'oauth/request_proxy/action_controller_request'
For further information see the oauth-ruby project.
This readme won't cover the LTI standard, just how to use the library. It will be very helpful to read the LTI documentation
In LTI there are Tool Providers (TP) and Tool Consumers (TC), this library is useful for implementing both. Here is an overview of the communication process: LTI 1.1 Introduction
This library doesn't help you manage the consumer keys and secrets. The POST
headers/parameters will contain the
oauth_consumer_key and your app can use
that to look up the appropriate
Your app will also need to manage the OAuth nonce to make sure the same nonce isn't used twice with the same timestamp. Read the LTI documentation on OAuth.
As a TP your app will receive a POST request with a bunch of LTI launch data and it will be signed with OAuth using a key/secret that both the TP and TC share. This is covered in the LTI security model
Here is an example of a simple TP Sinatra app using this gem: LTI Tool Provider
Once you find the
oauth_consumer_secret based on the
the request, you can initialize a
ToolProvider object with them and the post parameters:
# Initialize TP object with OAuth creds and post parameters provider = IMS::LTI::ToolProvider.new(consumer_key, consumer_secret, params) # Verify OAuth signature by passing the request object if provider.valid_request?(request) # success else # handle invalid OAuth end
Once your TP object is initialized and verified you can load your tool. All of the
is available in the TP object along with some convenience methods like
which will try to find the name from the 3 potential name launch data attributes.
If your TP provides some kind of assessment service you can write grades back to the TC. This is documented in the LTI docs here.
You can check whether the TC is expecting a grade write-back:
if provider.outcome_service? # ready for grade write-back else # normal tool launch without grade write-back end
To write the grade back to the TC your tool will do a POST directly back to the URL the TC passed in the launch data. You can use the TP object to do that for you:
# post the score to the TC, score should be a float >= 0.0 and <= 1.0 # this returns an OutcomeResponse object response = provider.post_replace_result!(score) if response.success? # grade write worked elsif response.processing? elsif response.unsupported? else # failed end
You can see the error code documentation here.
Here is an example of a simple TC Sinatra app using this gem: LTI Tool Consumer