added roles and student id

common/lib/xmodule/xmodule/lti_module.py

@@ -41,6 +41,8 @@ class LTIModule(LTIFields, XModule):
 
     def get_html(self):
         """ Renders parameters to template. """
+
+        # these params do not participate in oauth signing
         params = {
             'lti_url': self.lti_url,
             'element_id': self.location.html_id(),
@@ -55,15 +57,21 @@ class LTIModule(LTIFields, XModule):
             client_key=unicode(self.client_key),
             client_secret=unicode(self.client_secret)
         )
+
+        # @ned - why  self.runtime.anonymous_student_id is None in dev env?
+        user_id = self.runtime.anonymous_student_id
+        user_id = user_id if user_id else 'default_user_id'
+
         # must have parameters for correct signing from LTI:
         body = {
-            'user_id': 'default_user_id',
+            'user_id': user_id,
             'oauth_callback': 'about:blank',
             'lis_outcome_service_url': '',
             'lis_result_sourcedid': '',
             'launch_presentation_return_url': '',
             'lti_message_type': 'basic-lti-launch-request',
             'lti_version': 'LTI-1p0',
+            'role': 'student'
         }
         # This is needed for body encoding:
         headers = {'Content-Type': 'application/x-www-form-urlencoded'}
@@ -80,12 +88,15 @@ class LTIModule(LTIFields, XModule):
         params[u'oauth_nonce'] = params[u'OAuth oauth_nonce']
         del params[u'OAuth oauth_nonce']
 
+        params['user_id'] = body['user_id']
+
         # 0.14.2 (current) version of requests oauth library encodes signature,
         # with 'Content-Type': 'application/x-www-form-urlencoded'
         # so '='' becomes '%3D'.
         # We send form via browser, so browser will encode it again,
         # So we need to decode signature back:
         params[u'oauth_signature'] = urllib.unquote(params[u'oauth_signature']).decode('utf8')
+
         return params
 
 

lms/djangoapps/courseware/mock_lti_server/mock_lti_server.py

@@ -33,6 +33,7 @@ class MockLTIRequestHandler(BaseHTTPRequestHandler):
         if self._is_correct_lti_request():
             correct_keys = [
                 'user_id',
+                'role',
                 'oauth_nonce',
                 'oauth_timestamp',
                 'oauth_consumer_key',

lms/djangoapps/courseware/mock_lti_server/test_mock_lti_server.py

@@ -52,6 +52,7 @@ class MockLTIServerTest(unittest.TestCase):
         """
         request = {
             'user_id': 'default_user_id',
+            'role': 'student',
             'oauth_nonce': '',
             'oauth_timestamp': '',
             'oauth_consumer_key': 'client_key',

lms/templates/lti.html

@@ -22,7 +22,8 @@
         <input name="oauth_signature_method" value="HMAC-SHA1" />
         <input name="oauth_timestamp" value="${oauth_timestamp}" />
         <input name="oauth_version" value="1.0" />
-        <input name="user_id" value="default_user_id" />
+        <input name="user_id" value="${user_id}" />
+        <input name="role" value="student" />
         <input name="oauth_signature" value="${oauth_signature}" />
 
         <input type="submit" value="Press to Launch" />