Uploaded image for project: 'Sakai'
  1. Sakai
  2. SAK-44886

LTI Advantage "Manually map Sakai roles to IMS roles." only works for launch and not for NRPS

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Verified
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 20.0, 21.0
    • Fix Version/s: 22.0 [Tentative]
    • Component/s: BasicLTI
    • Labels:
    • Test Plan:
      Hide
      1. Set up LTI 1.3/Advantage with an tool (Chuck Suggests the LMS Test tool as it is the easiest way to get an NRPS request to happen)
      2. Fill out "Manually map Sakai roles to IMS roles." with "Instructor:Learner"
      3. Launch as a Sakai instructor and see that the user's role claim returns Learner/http://purl.imsglobal.org/vocab/lis/v2/membership#Learner
      4. Make request to NRPS and see that the Sakai instructor (from step 3) has a role of:

      Take a look at the newly added documentation in

      https://github.com/sakaiproject/sakai/blob/498a6429b57078da9c7747bc15d254a396fb7b08/basiclti/docs/LTIROLES.md

      To see some possible other (and more complex) mapping formats to test.  Once this is merged into master, the above link will be moved into:

      https://github.com/sakaiproject/sakai/tree/master/basiclti/docs

      Also when you are in a project site, the Sakai roles are 'access' and 'maintain'

       

      Show
      Set up LTI 1.3/Advantage with an tool (Chuck Suggests the LMS Test tool as it is the easiest way to get an NRPS request to happen) Fill out "Manually map Sakai roles to IMS roles." with "Instructor:Learner" Launch as a Sakai instructor and see that the user's role claim returns Learner/ http://purl.imsglobal.org/vocab/lis/v2/membership#Learner Make request to NRPS and see that the Sakai instructor (from step 3) has a role of: before bug is fixed: Instructor/ http://purl.imsglobal.org/vocab/lis/v2/membership#Instructor   when bug is fixed: Learner/ http://purl.imsglobal.org/vocab/lis/v2/membership#Learner Take a look at the newly added documentation in https://github.com/sakaiproject/sakai/blob/498a6429b57078da9c7747bc15d254a396fb7b08/basiclti/docs/LTIROLES.md To see some possible other (and more complex) mapping formats to test.  Once this is merged into master, the above link will be moved into: https://github.com/sakaiproject/sakai/tree/master/basiclti/docs Also when you are in a project site, the Sakai roles are 'access' and 'maintain'  

      Description

      "Manually map Sakai roles to IMS roles." is not respected in NRPS (name and roles provisioning service), however it is respected during the launch. If I'm not mistaken, they should be consistent across the two.

      Launch JWT:

      Note that roles claim returns *http://purl.imsglobal.org/vocab/lis/v2/membership#Learner* (expected):

       

      {
        "iss": "https://dev1.sakaicloud.com",
        "aud": "75fdaaec-7525-4dcd-bf9e-c091dbdda99a",
        "sub": "https://dev1.sakaicloud.com/user/c9bf7295-3bd4-4ff1-b5b1-aed8ae75748a",
        "nonce": "7ea3c29012ad07da6143",
        "iat": 1610479011,
        "exp": 1610482611,
        "https://purl.imsglobal.org/spec/lti/claim/deployment_id": "1",
        "https://purl.imsglobal.org/spec/lti/claim/target_link_uri": "https://www.gradescope.com/auth/lti/1_3/callback",
        "https://purl.imsglobal.org/spec/lti/claim/message_type": "LtiResourceLinkRequest",
        "https://purl.imsglobal.org/spec/lti/claim/version": "1.3.0",
        "email": "instructor@example.com",
        "name": "Instructor User",
        "locale": "en",
        "https://purl.imsglobal.org/spec/lti/claim/custom": {},
        "https://purl.imsglobal.org/spec/lti/claim/roles": [
          "http://purl.imsglobal.org/vocab/lis/v2/membership#Learner"
        ],
        "https://purl.imsglobal.org/spec/lti/claim/role_scope_mentor": [],
        "https://purl.imsglobal.org/spec/lti/claim/launch_presentation": {
          "document_target": "iframe",
          "return_url": "https://dev1.sakaicloud.com/imsoidc/lti11/return-url/site/f4f399dd-002f-4e79-9ddf-c0635346744d",
          "css_url": "https://dev1.sakaicloud.com/library/skin/tool_base.css"
        },
        "https://purl.imsglobal.org/spec/lti/claim/resource_link": {
          "id": "content:48",
          "title": "GS 1.3",
          "description": "GS 1.3"
        },
        "https://purl.imsglobal.org/spec/lti/claim/context": {
          "id": "f4f399dd-002f-4e79-9ddf-c0635346744d",
          "label": "Karen's Course",
          "title": "Karen's Course",
          "type": [
            "http://purl.imsglobal.org/vocab/lis/v2/course#CourseOffering"
          ]
        },
        "https://purl.imsglobal.org/spec/lti/claim/tool_platform": {
          "name": "Sakai",
          "description": "https://dev1.sakaicloud.com",
          "url": "https://dev1.sakaicloud.com",
          "product_family_code": "sakai",
          "version": "22-SNAPSHOT"
        },
        "https://purl.imsglobal.org/spec/lti/claim/lis": {
          "person_sourcedid": "instructoruser",
          "course_offering_sourcedid": "f4f399dd-002f-4e79-9ddf-c0635346744d",
          "course_section_sourcedid": "f4f399dd-002f-4e79-9ddf-c0635346744d",
          "version": [
            "1.0.0",
            "1.1.0"
          ]
        },
        "https://purl.imsglobal.org/spec/lti-ags/claim/endpoint": {
          "scope": [
            "https://purl.imsglobal.org/spec/lti-ags/scope/lineitem"
          ],
          "lineitems": "https://dev1.sakaicloud.com/imsblis/lti13/lineitems/fc5cca6120d0a1ae1c1cdfa4233afd554f608b9a684f0f7340c19df7424ab850:::f4f399dd-002f-4e79-9ddf-c0635346744d:::content:48",
          "lineitem": "https://dev1.sakaicloud.com/imsblis/lti13/lineitem/fc5cca6120d0a1ae1c1cdfa4233afd554f608b9a684f0f7340c19df7424ab850:::f4f399dd-002f-4e79-9ddf-c0635346744d:::content:48"
        },
        "https://purl.imsglobal.org/spec/lti-nrps/claim/namesroleservice": {
          "context_memberships_url": "https://dev1.sakaicloud.com/imsblis/lti13/namesandroles/fc5cca6120d0a1ae1c1cdfa4233afd554f608b9a684f0f7340c19df7424ab850:::f4f399dd-002f-4e79-9ddf-c0635346744d:::content:48",
          "service_versions": [
            "2.0"
          ]
        }
      }
      

       

      NRPS (name and roles provisioning service):

      Note that Instructor User's role is *http://purl.imsglobal.org/vocab/lis/v2/membership#Instructor* here (unexpected):

       

      {
       "id" : "http://TODO.wtf.com/we_eliminated_json_ld_but_forgot_to_remove_this",
       "context" : 
      {
        "id" : "f4f399dd-002f-4e79-9ddf-c0635346744d",
        "title" : "Karen's Course"
      },
       "members": [
      {
        "sakai_ext" : {
          "lis_result_sourcedid" : "8034aaee636bf5292c93b5b584608acea075cb98bcaf038dbb3b98f17befa093:::c9bf7295-3bd4-4ff1-b5b1-aed8ae75748a:::content:48"
        },
        "user_id" : "https://dev1.sakaicloud.com/user/c9bf7295-3bd4-4ff1-b5b1-aed8ae75748a",
        "roles" : [ "http://purl.imsglobal.org/vocab/lis/v2/membership#Instructor" ],
        "name" : "Instructor User",
        "given_name" : "Instructor",
        "family_name" : "User",
        "lti11_legacy_user_id" : "c9bf7295-3bd4-4ff1-b5b1-aed8ae75748a",
        "lis_person_sourcedid" : "instructoruser",
        "email" : "instructor@example.com",
        "status" : "Active"
      },
      {
        "sakai_ext" : {
          "lis_result_sourcedid" : "511f7580da0eea0bb25d9faa6d76dfbcccdf004de1a5aee252456b3943e828d5:::admin:::content:48"
        },
        "user_id" : "https://dev1.sakaicloud.com/user/admin",
        "roles" : [ "http://purl.imsglobal.org/vocab/lis/v2/membership#Instructor" ],
        "name" : "Sakai Administrator",
        "given_name" : "Sakai",
        "family_name" : "Administrator",
        "lti11_legacy_user_id" : "admin",
        "lis_person_sourcedid" : "admin",
        "email" : "admin@example.com",
        "status" : "Active"
      }
       ] }
      

       

      Note: I've only tested this in Sakai 21 and Sakai 20, but this issue may not be limited to just those two. I'm aware that mapping instructor to learning is unusual, but this is simply an example.

        Gliffy Diagrams

          Zeplin

            Attachments

              Activity

                People

                Assignee:
                csev Charles Severance
                Reporter:
                karenling Karen Ling
                Votes:
                0 Vote for this issue
                Watchers:
                6 Start watching this issue

                  Dates

                  Created:
                  Updated:
                  Resolved:

                    Git Integration