[Building Sakai] LTI Consumer
Steve Swinsburg
steve.swinsburg at gmail.com
Tue Feb 7 02:17:32 PST 2012
Unless the other end is storing the image_url that is sent, it shouldn't need to be public, because only the user that is performing the launch will see their own image - when would other users get that data?
I do see an issue if multiple LMS's launch the same external tool though, and the remote tool does store some data. For example if you launched an external forums tool, and it stored what your image_url is so that other users can see who is posting etc.
The Profile2 image entity provider makes the same privacy checks that the tool does, returning the default if the requirements aren't met, but it requires the requestor to have a session.
I've been thinking of adding a public setting to Profile2, this could be one field that has it. Then the provider could return the default image if it isn't public.
Thoughts?
cheers,
Steve
On 07/02/2012, at 8:42 PM, Adrian Fish wrote:
> No, it's not always public. Why should an image provided by the consumer have to be public? That seems a bit weird. Is it just because of technical difficulty with authn?
>
> On 07/02/2012 03:47, csev wrote:
>>
>> Yeah - this is a great idea. Is the image always a public URL? That is the rule for user_image
>>
>> /Chuck
>>
>> On Feb 6, 2012, at 5:57 PM, Steve Swinsburg wrote:
>>
>>> Hi Adrian,
>>>
>>> Trunk doesn't, debug info below. Submit a Jira for it, this is trivial given the entity provider for profile2 images. Could be (de)activated in sakai.properties for those that don't deploy Profile2.
>>>
>>> cheers,
>>> Steve
>>>
>>> BasicLTI Endpoint
>>> http://www.imsglobal.org/developers/BLTI/tool.php
>>>
>>> BasicLTI Parameters:
>>> context_id=mercury
>>> context_label=mercury site
>>> context_title=mercury site
>>> ext_basiclti_submit=Press to continue to external tool.
>>> ext_lms=sakai-Revision: 104456
>>> ext_sakai_server=http://nightly2.sakaiproject.org:8082
>>> ext_sakai_serverid=localhost
>>> ext_sakai_session=ec946093d414b298b2541a0796b456be897b2d0f0e4d740714c7a7bbbc29ee85596e093fb68a1169
>>> launch_presentation_css_url=http://nightly2.sakaiproject.org:8082/library/skin/default/tool.css
>>> launch_presentation_locale=en_US
>>> lti_message_type=basic-lti-launch-request
>>> lti_version=LTI-1p0
>>> oauth_callback=about:blank
>>> oauth_consumer_key=12345
>>> oauth_nonce=41376130897586986
>>> oauth_signature=qCXvkcP9AZkIn0C7k+qtckhiNv0=
>>> oauth_signature_method=HMAC-SHA1
>>> oauth_timestamp=1328568918
>>> oauth_version=1.0
>>> resource_link_id=64249e85-9e70-45b5-8d35-38f731feab37
>>> roles=Instructor
>>> tool_consumer_info_product_family_code=Revision: 104456
>>> tool_consumer_info_version=Revision: 104456
>>> user_id=admin
>>>
>>>
>>> On 07/02/2012, at 9:34 AM, Adrian Fish wrote:
>>>
>>>> Does anybody know whether the latest LTI consumer sends the user_image
>>>> parameter? It could send the direct url of the user's profile picture,
>>>> but my version doesn't.
>>>>
>>>> Cheers,
>>>> Adrian.
>>>>
>>>> --
>>>> ==================================
>>>> Adrian Fish
>>>> Software Engineer
>>>> B66 Management School
>>>> Lancaster University
>>>> Lancaster
>>>> LA1 4YW
>>>>
>>>> http://www.sakaiproject.org
>>>> http://confluence.sakaiproject.org/display/YAFT/Yaft
>>>> http://confluence.sakaiproject.org/display/CLOG/Home
>>>> http://confluence.sakaiproject.org/display/BBB/Home
>>>>
>>>> _______________________________________________
>>>> sakai-dev mailing list
>>>> sakai-dev at collab.sakaiproject.org
>>>> http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
>>>>
>>>> TO UNSUBSCRIBE: send email to sakai-dev-unsubscribe at collab.sakaiproject.org with a subject of "unsubscribe"
>>>
>>> _______________________________________________
>>> sakai-dev mailing list
>>> sakai-dev at collab.sakaiproject.org
>>> http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
>>>
>>> TO UNSUBSCRIBE: send email to sakai-dev-unsubscribe at collab.sakaiproject.org with a subject of "unsubscribe"
>>
>
> --
> ==================================
> Adrian Fish
> Software Engineer
> B66 Management School
> Lancaster University
> Lancaster
> LA1 4YW
>
> http://www.sakaiproject.org
> http://confluence.sakaiproject.org/display/YAFT/Yaft
> http://confluence.sakaiproject.org/display/CLOG/Home
> http://confluence.sakaiproject.org/display/BBB/Home
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://collab.sakaiproject.org/pipermail/sakai-dev/attachments/20120207/1cf826bb/attachment.html
More information about the sakai-dev
mailing list