-
Notifications
You must be signed in to change notification settings - Fork 17
Migration from 4.x to 5.x
You can find below the list of new features offered by version 5.x.
Version 5.x provides now a LtiServiceServer component:
- implements PSR-15 RequestHandlerInterface
- decorates any LtiServiceServerRequestHandlerInterface implementation
- automates service access token and scopes validation
- automates service request method validation
- automates service request content type validation
- automates service logs
To use it, first create your LtiServiceServerRequestHandlerInterface implementation:
<?php
use OAT\Library\Lti1p3Core\Registration\RegistrationInterface;
use OAT\Library\Lti1p3Core\Service\Server\Handler\LtiServiceServerRequestHandlerInterface;
use Psr\Http\Message\ServerRequestInterface;
use Psr\Http\Message\ResponseInterface;
$handler = new class() implements LtiServiceServerRequestHandlerInterface
{
public function getServiceName(): string
{
return 'some-service';
}
public function getAllowedContentType(): ?string
{
return 'some-content-type';
}
public function getAllowedMethods(): array
{
return ['GET']
}
public function getAllowedScopes(): array
{
return ['some-scope'];
}
public function handleServiceRequest(
RegistrationInterface $registration,
ServerRequestInterface $request
): ResponseInterface {
// handler logic
}
};To then expose it in your service endpoint using the LtiServiceServer:
<?php
use OAT\Library\Lti1p3Core\Registration\RegistrationRepositoryInterface;
use OAT\Library\Lti1p3Core\Security\OAuth2\Validator\RequestAccessTokenValidator;
use OAT\Library\Lti1p3Core\Service\Server\LtiServiceServer;
use Psr\Http\Message\ServerRequestInterface;
/** @var ServerRequestInterface $request */
$request = ...
/** @var RegistrationRepositoryInterface $repository */
$repository = ...
$validator = new RequestAccessTokenValidator($repository);
$handler = ...
$server = new LtiServiceServer($validator, $handler);
// Generates an authenticated service response
$response = $server->handle($request);Note: this abstraction layer is used in core based libraries (NRPS, basic outcome, etc), you can find there usage examples if needed.
Version 5.x provides now Psalm support.
Globally, top level classes of the library and their usage did not change, ensuring the migration to the version 5.x to be straightforward.
But version 5.x introduce some methods signatures changes, as well as classes names and namespaces fixes, listed below.
If you override core components, overall nullable contructor / methods parameters have been fixed with ? usage.
For example: __construct(?string $parameter = null){}.
Also, the UserAuthenticatorInterface now allows to work with the launch registration:
use OAT\Library\Lti1p3Core\Registration\RegistrationInterface;
use OAT\Library\Lti1p3Core\Security\User\Result\UserAuthenticationResultInterface;
interface UserAuthenticatorInterface
{
public function authenticate(
RegistrationInterface $registration,
string $loginHint
): UserAuthenticationResultInterface;
}Note: the OidcAuthenticator has been updated to provide the registration to your UserAuthenticatorInterface implementation.
- moved Service\Server namespace content into Security\OAuth2
- moved UserAuthenticationResultInterface in Result sub namespace
- moved UserAuthenticationResult in Result sub namespace
- renamed JwksServer into JwksRequestHandler
- renamed OidcInitiationServer into OidcInitiationRequestHandler
- renamed OidcAuthenticationServer into OidcAuthenticationRequestHandler
- renamed AccessTokenRequestValidator into RequestAccessTokenValidator
- renamed AccessTokenRequestValidatorResult into RequestAccessTokenValidatorResult
- renamed ServiceClientInterface into LtiServiceClientInterface
- renamed ServiceClient into LtiServiceClient