Refs: FC-0012 OEP-58

* feat: translation safe pii dialogue

* feat: extract translations

* Adds lti_1p3_redirect_uris to XBlock
* Adds lti_1p3_redirect_uris to LTIConfiguration model
* Asserts redirect_uri from preflight response in valid redirect uris during preflight validation
* To minimize disruption for previous versions, uses current launch url and deep linking url as default registered redirect_uris if redirect_uris is not explicitly set

This commit fixes inappropriate instructions displayed when collecting PII sharing consent before an inline LTI launch. Previously, the instructions said, "Click OK to have your [username (and) e-mail address] sent to a 3rd party application. Click Cancel to return to this page without sending your information." The latter sentence does not make sense in the context of an inline launch, because there is no cancel button. This commit modifies the inline PII sharing consent dialog to say, "Click OK to have your [username (and) e-mail address] sent to a 3rd party application.""

The code in this repo has been updated to work with bleach 6.0.0 and
will break with older versions so make that dependency clear in base.in
and do a major version update.

The code in this repo has been updated to work with bleach 6.0.0 and
will break with older versions so make that dependency clear in base.in
and do a major version update.

The `bleach` library now expects sets as input for a few parameters and
their defaults have been updated to reflect that.  So we needed to do
some set unions instead of adding lists together in a few places.

Details of the changes can be found here: https://bleach.readthedocs.io/en/latest/changes.html#version-6-0-0-january-23rd-2023

This commit fixes a bug in the PII sharing consent dialog.

The bug resulted in bizarre behavior when there were more than one LTI component in a unit. For example, if there were two LTI inline launches in a unit, two "OK" button would appear in a single component, instead of in their respective components. Another example is that clicking the "View resource in a [modal|new] window" buttons under two LTI components resulted in the "OK" and "Cancel" buttons as well as the PII sharing prompt appearing in a single component, instead of in their respective components.

This is because the dialog-container div that is dynamically created in the Javascript was not scoped to the LTI component, so there was a div with a id of "dialog-container" for each component configured to share PII. When dynamically inserting and removing buttons and the PII sharing prompt, the Javascript would simply find the first div with the dialog-container ID and operate on it, instead of the div appropriate to the component the user is interacting with.

* fix: Tool can only push grade to value in config

Before this commit, LTI tools were able to push grades to any block
simply by modifying or creating a new line item with a `resource_link_id` containing a valid block.

This commit closes that loophole and resolves
security advisory GHSA-7j9p-67mm-5g87.

* chore: create release version

Co-authored-by: Zach Hancock <zhancock@edx.org>

Allows independent configuration of the base URL used for LTI API requests and LTI browser flow. This primarily aids local development because we no longer have to tunnel the entire LMS in order to test against the IMS tools.

This commit enables sharing username and email in LTI 1.3 basic launches.

This commit adds preferred_username and email as attributes of the Lti1p3LaunchData. The application or context that instantiates Lti1p3LaunchData is responsible for ensuring that username and email can be sent via an LTI 1.3 launch and supplying these data, if appropriate.

This commit sends username and email as part of an LTI 1.3 basic launch when the XBlock fields ask_to_send_username and ask_to_send_email are set to True, respectively.

Code was also added to block the transmission of username and email in both LTI 1.1 and LTI 1.3 launches if the value of the lti_access_to_learners_editable method of the LTI configuration service (i.e. the value of the CourseAllowPIISharingInLTIFlag ConfigurationModel) returns False, as originally intended and documented in the "Unified Flag for Enabling Sharing of PII in LTI
" decision record. However, the LTI configuration service is not currently available or defined in all runtime contexts, so this behavior only works when editing the XBlock in Studio (i.e. the studio_view). It does not work from the XBlock preview in Studio (i.e. the author_view) or from the LMS (i.e. the student_view).

The impact of this is that the ask_to_send_username and ask_to_send_email fields will be hidden in LTI XBlocks in courses for which an instance of the CourseAllowPIISharingInLTIFlag ConfigurationModel does not exist or for which an existing instance of the CourseAllowPIISharingInLTIFlag ConfigurationModel is disabled. If there already exists an instance of the CourseAllowPIISharingInLTIFlag ConfigurationModel for a course, then disabling the flag will only hide the ask_to_send_username and ask_to_send_email in the LTI XBlock edit menu. It will not prevent the transmission of username or email via the launch in Studio preview or via the launch in the LMS. If a course has already set ask_to_send_username or ask_to_send_email to True in the XBlock edit menu, that information will continue to be sent via the LTI 1.1 or LTI 1.3 launch.

We plan to fix this bug in the future.

This commit fixes a bug in the way that the the form_url is used in the Javascript.

For LTI modal launches in the courseware microfrontend (MFE), the Javascript prepends the value of window.location.origin to the form_url when sending a message via postMessage to window.parent.

This is because the form_url included in the template by the XBlock handler does not include a port and hostname for LTI 1.1 launches.

In LTI 1.3, however, the form_url should include the port and hostname, because it's user input (e.g. fields on the XBlock). Because of this, LTI 1.3 modal launches do not work, because the Javascript appends a port and hostname to a URL that already has a port and hostname, resulting in something like "http://localhost:18000http//localhost..."

This commit changes the way that the launch URL is calculated by the Javascript. The version of LTI being used is included in the template by the Python code, which is read by the Javascript. The Javascript then adds the port and hostname for LTI 1.1 form URLs but not for LTI 1.1 form URLs.

This commit removes the request_cached decorator on the method lti_access_to_learners_editable. The caching was not working correctly. It appeared that the cached value was not being recomputed on a per-request basis, which meant that the cached value was not successfully being updated. Also, the initial cached value was computed incorrectly. The effect was that the PII sharing XBlock fields were always being displayed in Studio and CourseAllowPIISharingInLTIFlag instances were not being created for courses that had PII sharing XBlocks that did not already have CourseAllowPIISharingInLTIFlag instances.

Note that this commit fixes the backwards compatibility of the CourseAllowPIISharingInLTIFlag. This means that CourseAllowPIISharingInLTIFlag will now be created for all courses that contain an LTI XBlock that shares username and/or email for which a CourseAllowPIISharingInLTIFlag does not already exist.

Time was spent on determining why the caching was failing, but it was challenging. If the issue is in the request_cached decorator, then the impact of changing it is large - it's used elsewhere in the platform. The need for a fix was urgent, and the supposed performance enhancement of leaving the caching in doesn't justify delaying a fix.

This commit replaces the consent modal that appears before personally identifiable information (PII) is shared via an LTI launch with an inline consent dialog. The consent dialog better supports the three LTI launch types (i.e. inline, modal, and new_window). This commit also fixes a bug where the PII consent modal was not being displayed for inline or modal launches.

We would like to enable PII in an LTI1.3 launch but turning that flag on would allow the tool to grab PII for the entire course roster via NRPS. We have not fully evaluated the privacy concerns if that is allowed. For the time being this platform setting can wholly disable PII over NRPS to avoid the issue

* fix: remove lms specific waffle check

In #307, we added the ability to send a stable, static user identifier (i.e. external user ID) to fix failed launches with the QwikLabs tool. This is because the QwikLabs tool did not work with the course-anonymized user IDs we used to send (i.e. anonymous user IDs). Inadvertently, this change broke the LTI 1.1 Basic Outcomes Service and the LTI 2.0 Result Service for courses that use the external user ID (i.e. they have the lti_consumer.enable_external_user_id_1p1_launches CourseWaffleFlag enabled). The Basic Outcomes Service and Result Service handle grade pass backs. Because we now have two ways to identify a user in LTI 1.1/2.0, we must update the Basic Outcomes Service and Result Service to support both. This commit fixes this bug.

the block is not loadable in exams so clean fails in that IDA, but
we shouldn't need the block to ask a question about the course

Replaces usages of runtime.course_id with runtime.scope_ids.usage_id.context_key.

The hostname used to construct the resource link ID is moved from using
a runtime attribute to the LMS_BASE setting.

The `rebind_noauth_module_to_user` function is deprecated in the core
edx-platform [1]. This is now replaced with a "rebind_user" service.
This commit brings this change to the LTI Consumer XBlock.

[1] - https://github.com/openedx/edx-platform/pull/30320/

The OAuthlib 1.0 Client's get_oauth_params fails when processing Webob
request object with the body stored as a binary instead of string.
This commit replaces the client function with a different one which
doesn't involve body hashing, as the body hash is calculated explicitly.

This commit introduces a new CourseWaffleFlag lti_consumer.enable_external_user_id_1p1_launches. When this flag is enabled for a course, LTI 1.1 XBlock launches in that course will send the user's external_user_id as the user_id attribute of the launch. external_user_id is the user's external user ID as defined, created, and stored by the external_user_ids Djangoapp in the edx-platform. When this waffle is not enabled for a course - the default case - LTI 1.1 XBlock launches in that course will continue to send the user's anonymous_user_id as the user_id attribute of the launch, as before.

This provides an opt-in opportunity for courses to send a consistent, static, and opaque user identifier in an LTI 1.1 XBlock launch. This may be necessary for integration with LTI tools that require such an identifier.

Please be aware that toggling this flag in a running course carries the risk of breaking the LTI integrations in the course. This flag should also only be enabled for new courses in which no LTI attempts have been made.

  * Adds an Lti1p3ProctoringLaunchData data class. It should be included as an attribute of the Lti1p3LaunchData
    data class to provide necessary proctoring data for a proctoring launch.
  * Adds an LtiProctoringConsumer class. This class is used to generate LTI proctoring launch requests and to decode
    and validate the JWT send back by the Tool with the LtiStartAssessment message.
  * Adds an lti_1p3_proctoring_enabled BooleanField to the LtiConfiguration model. This field controls whether
    proctoring is enabled for a particular LTI integration.
  * Modifies the launch_gate_endpoint to support LtiStartProctoring and LtiEndAssessment LTI launch messages.
  * Adds an start_proctoring_assessment_endpoint to support LtiStartAssessment messages from the Tool.
  * Adds an LTI_1P3_PROCTORING_ASSESSMENT_STARTED signal. This signal is emitted when the LtiStartAssessment message is
    sent from the Tool to inform users of the library that the LtiStartAssessment message has been received.

For the config model we do not need to go as far as binding the block
to the user and already get enough data out of the modulestore to
satisfy the storage on the xblock case. Add a new function to get that
much xblock only.

For the limited cases where we are using the block more directly as a
block we maintain the old function.

Also includes a fix to test_views that was closing the wrong level
mock and leaving an open patch into other tests.

... without messing up the rest of your world by changing the LMS base
URL for everyone. Meant for ngrok testing of LTI 1.3.

these functions require the LMS environment which is not available in test so
they are generally mocked away. Mark them as such.

Note that this uses config_id (the UUID) not config.id (the int)

This required a way to get config_id if we only have the block.

And it means that we are more likely to go through load_block_as_user
because we have not created the config off the block even when calling
from the block (since the block has to go through that config ID).

A lot of tests had to be updated to have more complete configuration
setup because config_id is now load bearing.