-
Notifications
You must be signed in to change notification settings - Fork 6
Fixes #2 - Initial commit to add OAuth support #98
Conversation
3f55b12
to
de8887c
Compare
I think I'll have some time to look at this tomorrow. |
Thanks @ssciolla ! We're frozen for new features for user testing next week so no rush, whenever you have time. I'm available most of tomorrow too if you wanted to chat about anything. This looks simple but it was a lot of trial and error to get here and it very likely has a few adjustments beyond the issues I mentioned. The next step of this is going to be using the token against the API #32 which I'm going to be working on next week. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I was able to get this to work, and I think it's okay to merge. I made some comments as appropriate.
I did notice that there was message about model changes not reflected in migrations related to canvas_oauth
; my guess is it's likely the library owners changed the Meta
without creating a new migration. Probably won't affect performance of our app, but we could open an issue in their repo. I'm a little (but perhaps not overly) concerned with relying on this package (no updates since 2020). If things get out of date, we may need to contribute.
Co-authored-by: Sam Sciolla <[email protected]>
Co-authored-by: Sam Sciolla <[email protected]>
Co-authored-by: Sam Sciolla <[email protected]>
This adds support for OAuth. There is some configuration needed for this to work.
Testing this app for LTI locally if you were doing that is kind of a pain. If you use the development mode. You need ngrok with 2 URL's as described on https://github.com/tl-its-umich-edu/canvas-app-explorer/wiki/Configuring-LTI-1.3. If you restart Ngrok you'll have to both change Canvas and the value in the .env. Alternatively you can use the docker-compose-openshift-test-yml which only needs a single port but doesn't auto reload.
To test the OAuth you'll have to generate an API key (scopes don't matter yet) and have the redirect URL setup as
https://<ngrok.address>/oauth/oauth-callback
Then add the values of the developer key to settings the env in
There are at least 2 big improvements than can be made on this
AUTHENTICATION_BACKEND
. Currently this uses the default['django.contrib.auth.backends.ModelBackend']
and logs in the user through this backend. We should have a custom one for LTI. This will likely be a separate issue and is one we've wanted for other apps like MYLA as well. Write Custom AUTHENTICATION_BACKEND for PyLTI13 #119This was a sample from one LTI project. https://github.com/wachjose88/django-lti-provider-auth/blob/master/lti_provider/backends.py
Here was another: https://github.com/ccnmtl/django-lti-provider/blob/master/lti_provider/auth.py