Skip to content
CASA on Rails is UCLA's Rails implementation of the CASA specification.
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.
app merged changes from previous commit from upstream repo Jun 11, 2019
bin Initial commit Apr 7, 2015
blocks made rest of app page responsive for mobile views Mar 19, 2019
config Issue #43 - Use HTTPS for URL generators by default Jun 3, 2019
db Support for customized privacy policy text Aug 28, 2018
log Initial commit Apr 7, 2015
public Issue #185 - Update UCLA favicon Apr 12, 2019
vendor/assets Initial commit Apr 7, 2015
.gitignore Closes #101. Cleans up URI validation. Apr 13, 2016
.ruby-version Vulnerability dependency update Jul 24, 2018
Blockfile.rb Initial commit Apr 7, 2015
Gemfile new infobar (rose didn't like) Mar 6, 2019
Gemfile.lock new infobar (rose didn't like) Mar 6, 2019
LICENSE Initial commit Apr 7, 2015 Typo Aug 28, 2018
bower.json Force Thin to log timestamps. Oct 9, 2015
package-lock.json Vulnerability dependency update Jul 24, 2018

CASA On Rails

This application is a simple, easy-to-use app store that presents an storefront for finding and selecting apps, implements the Community App Sharing Architecture protocol, provides a mobile app dashboard using Web Storage, and supports integration with learning management systems through LTI Content-Item.

This application is under development and not intended for production use at this time.



The Community App Sharing Architecture (CASA) provides a mechanism for discovering and sharing metadata about web resources such as websites, mobile apps and LTI tools. It models real-world decision-making through extensible attributes, filter and transform operations, flexible peering relationships, etc.


From the storefront, several different mechanisms are available:

  1. Launch the application directly
  2. Reply to an LTI Consumer with the ContentItemSelectionResponse message
  3. Add to Web Storage and present as a mobile dashboard

Additionally, CASA endpoints are exposed for:


This application provides the following:

  • A basic app store with apps and categories
  • Browse categories and search by string for list of apps
  • View details about and launch an app
  • App submission by authenticated users
  • Administer apps, categories, inbound peers and users
  • Publish apps to outbound peers
  • Receive apps from inbound peers with translation and squashing
  • Relay apps received from inbound peers to outbound peers
  • Provide apps to local outlets
  • Provide apps via LTI ContentItemSelectionResponse message
  • Provide apps via a mobile dashboard back by Web Storage

Additional features are planned:

  • Filter and transform apps received from inbound peers and before sharing with outbound peers
  • Mapping of inbound categories and tags to local categories
  • Definition of authorization requirements for local outlets and outbound adjacent peers
  • Journaling of changes to propagating apps


This application is a reduced and opinionated implementation of CASA. For a more overarching (but also more complex and challenging) implementation, the CASA reference implementation may be useful. A series of gems were developed during the process of building this reference implementation, and they may be useful in some contexts as well.


The Basic steps below must be run prior to database migration and seeding, or your default site will not be created!


Set your CASA engine UUID and user contact information in your environment configuration file, such as:

Rails.application.configure do

  # ..

  # Community App Sharing Architecture configuration = {
    :engine => {
      :uuid => 'dd8c99e2-fe5b-4911-a815-73c17b46d3fc'

  # Local configuration = {
    :user_contact => { :name => 'John Doe', :email => '' }

  # ..


Shibboleth Login via OAuth2 Bridge

This application supports Shibboleth login via the Shibboleth-OAuth2 Bridge by Eric Bollens.

Once the bridge is installed on your web server, add the following to your environment configuration:

Rails.application.configure do

  # ..

  config.oauth2 = {
      :provider => {
          :shibboleth => {
              :enabled => true,
              :key => 'demo',
              :secret => 'secret',
              :properties => {
                  :site => '',
                  :authorize_url => '/oauth2/authorize',
                  :token_url => '/oauth2/access_token'
              :routes => {
                  :get_user => '/oauth2/user'
              :restrict_to => {
                  :eduPersonPrincipalName => [
                    # users by eduPersonPrincipalName that are allowed to submit apps
                  :eduPersonScopedAffiliation => [
                    # eduPersonScopedAffiliations that are allowed to submit apps

  config.login_route = [:session_oauth2_launch_url, :shibboleth]

  # ..


This configuration makes it possible for users with the eduPersonAffiliation to log in and submit applications for review.


System Dependencies

  • Ruby 2.1+
  • Node.js 0.10+
  • Java 1.6+
  • MySQL 5.0+, PostgreSQL 8.4+ and SQLite 3.6.16+ *
  • ElasticSearch 1.0+

*To use a database besides MySQL, update Gemfile accordingly

Manged Dependencies

For Ruby packages:


For Node packages:

npm install

Build Web Assets

To build web assets:

bundle exec blocks build

Configure Rails App


  • config/database.yml to set the database configuration
  • config/environments/*.rb to set the and variables

Setup Database

bundle exec bin/rake db:migrate
bundle exec bin/rake db:seed


CASA on Rails is a standard Rails server. Once you ensure that the database and Elasticsearch are running, start it as you'd usually start a Rails server.

Docker Container

CASA on Rails now has a docker container to facilitate getting started developing or testing the project. Visit the docker hub page for more details.


CASA On Rails is open-source and licensed under the AFFERO GENERAL PUBLIC LICENSE. The full text of the license may be found in the LICENSE file.

You can’t perform that action at this time.