passport-lti

Build Status npm version

Passport-flavored LTI authentication middleware for express.

LTIStrategy

Options :

  • createProvider : createProvider is an optional function, which delegate the check of a Tool Consumer's identity to an higher level.

    This function is assumed to request a database to retrieve the consumer secret based on the consumer key, and call the callback parameter with an LTI provider, or a standard node error in err if a system error occured, or a string error if the error is handled at an higher level, and the process is just intended to stop. Use either this function or the hardcoded key / secret. This one gets priority over the hardcoded key / secret.

     @param {Function} createProvider 
         @param {Object} req
         @param {Function} callback
             @param {Object || String} err
             @param {Object} provider
    
  • consumerKey : Hardcoded consumer key.
  • consumerSecret : Hardcoded consumer secret.

Usage

With hardcoded key / secret

var passport = require('passport');
var LTIStrategy = require('passport-lti');
var strategy = new LTIStrategy({
    consumerKey: 'testconsumerkey',
    consumerSecret: 'testconsumersecret'
    // pass the req object to callback
    // passReqToCallback: true,
    // https://github.com/omsmith/ims-lti#nonce-stores
    // nonceStore: new RedisNonceStore('testconsumerkey', redisClient)
}, function(lti, done) {
    // LTI launch parameters
    // console.dir(lti);
    // Perform local authentication if necessary
    return done(null, user);
});
passport.use(strategy);

With dynamic provider

var passport = require('passport');
var lti = require("ims-lti");
var LTIStrategy = require('passport-lti');
var strategy = new LTIStrategy({
    createProvider : function (req, done) {
        // Lookup your LTI customer in your DB with req's params, and get its secret
        // Dummy DB lookup
        DAO.getConsumer(
            req.body.oauth_consumer_key,
            function callback (err, consumer){
                if(err){
                    // Standard error, will crash the process
                    return done(err);
                }

                if(consumer.is_authorized){
                    var consumer = new lti.Provider(consumer_db.oauth_consumer_key, consumer_db.oauth_consumer_secret);
                    return done(null, consumer);
                }
                else {
                    // String error, will fail the strategy (and not crash it)
                    return done("not_authorized");
                }
            }
        );
    }
);

passport.use(strategy);

Tests

$ npm test
Supported by

SEARCH FOR STRATEGIES

0STRATEGIES