Implement LTI Advantage NRPS GET request

[20wildmanj]

Description

• Implements Oauth2 Access Token Request and subsequent LTI NRPS call in lti_nrps_controller.rb
• update validate_jwt_signature in lti_launch_controller to call the platform_public_jwks_url if the configuration variable is set, to pull platform public jwks from an endpoint to get all possible public keys to verify the ID Token JWT from the platform
  • Platforms such as Canvas use a set of JWKs to sign their JWTs, so we need to have on hand all possible public JWKs
• update .env.template to store Autolab's private key if on production
• update misc HTTP headers, params to match what Canvas expects (the LTI testing tool is not comprehensive in checking all parameters)
• Created lti_launch_initialize in users_controller to handle launching course linking page lti_launch_initialize.html.erb
• Created lti_launch_link_course in users_controller to create a LtiCourseDatum representing the link between an LTI course and an Autolab course
• Created LtiCourseDatum table to store course_id, context_id, last_synced, and membership_url to store data necessary for link between LTI course and Autolab course

Please take a look at the LMS Integration Design Doc, NRPS Query for more details.

How Has This Been Tested?

• Go to /config and run:
  cp lti_settings.yml.template lti_settings.yml
• Fill in lti_settings.yml for development
  • iss: "https://lti-ri.imsglobal.org/"
  • developer_key: "lti.app.client_id"
  • auth_url: "https://lti-ri.imsglobal.org/platforms/3644/authorizations/new"
  • Do not modify platform_public_jwks_url, platform_oauth2_access_token_url, and tool_private_key as these are all set up to work with the LTI testing tool
• If you haven't linked the Autolab course you'd like to make the NRPS request from, execute a launch from the LTI testing tool
  • Look at the previous PR Implement Initial LTI 1.3 Launch #1635 to understand how to do an LTI Launch
  • Quick link to select a user to make a launch: Resource Link to Autolab
• Once you have successfully launched, autolab, you should be redirected to a screen that allows you to choose a course:

- After linking, you should get a confirmation flash

• Go to the course you linked, go to "Manage Course" and then "Manage Course Users"

- Click the refresh button

• You should see a JSON response similar to below
  

NOTE: some things cannot be tested on the LTI Reference tool, such as filtering only for students, and for testing of pagination. These settings can only really be tested on Nightly with CMU Canvas as the platform.

Types of changes

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to change)

Checklist:

• I have run rubocop for style check. If you haven't, run overcommit --install && overcommit --sign to use pre-commit hook for linting
• I have updated the documentation accordingly, included in this PR

Other issues / help required

If unsure, feel free to submit first and we'll help you along.

[damianhxy]

Successfully followed steps (However, had to set iss in lti_settings.yml to "https://lti-ri.imsglobal.org" instead (no trailing slash)

[damianhxy]

Generally lgtm, however unlink_course is currently vulnerable to CSRF attacks.

Left several comments, mostly consisting of nits

[damianhxy]

Changes look good, left one last comment but otherwise lgtm!