Community help

ColinMurtaugh · ‎08-22-2017

Hi --

I'm interested in setting up single-signon between Canvas (using native Canvas authentication) and an R Shiny server. Has anyone done anything like this, either using LTI or some other mechanism? It seems to me that it might be possible to create an LTI wrapper around the R Shiny server, but before I go down that path I thought I'd try to find out if something like this already exists.

Alternatively, I was thinking that if I could find an LTI Authentication plugin for Nginx or Apache, maybe I could proxy the R Shiny server behind that.

Open to ideas if anyone has anything to suggest!

Thanks!

--Colin

jpoulos · ‎08-22-2017

The crux of LTI SSO is the ability of your web application to handle an incoming POST request from the LMS (Canvas in this case), generate an OAuth 1.0 signature, and match it against the signature that the LMS sends during the launch. You can then trust the source of the POST request and determine the user based on the LTI launch params that are being sent by the LMS.

It seems like there is some debate as to whether R Shiny is capable of handling incoming POST requests, but it appears that there is a way, but it seems kind of hacky: Accept HTTP Request in R shiny application - Stack Overflow

You'll also want to look at this: POST requests from another server · Issue #1718 · rstudio/shiny · GitHub

Assuming you can get a server that's "listening" for a POST request, you'll need to ensure it's coming from the LMS with OAuth 1.0. Finally, you'll just need to use the LTI launch parameters to identify who the user is and start their session/log them in.

I did some web searching and found this library that looks promising: GitHub - r-lib/httr: httr: a friendly http package for R. It allegedly handles a variety of http methods and even includes OAuth 1.0.

If you do end up going down this route, let us know if you have success!

Jesse Poulos

Partner Integrations Specialist

Instructure

View solution in original post

jpoulos · ‎08-22-2017

The crux of LTI SSO is the ability of your web application to handle an incoming POST request from the LMS (Canvas in this case), generate an OAuth 1.0 signature, and match it against the signature that the LMS sends during the launch. You can then trust the source of the POST request and determine the user based on the LTI launch params that are being sent by the LMS.

It seems like there is some debate as to whether R Shiny is capable of handling incoming POST requests, but it appears that there is a way, but it seems kind of hacky: Accept HTTP Request in R shiny application - Stack Overflow

You'll also want to look at this: POST requests from another server · Issue #1718 · rstudio/shiny · GitHub

Assuming you can get a server that's "listening" for a POST request, you'll need to ensure it's coming from the LMS with OAuth 1.0. Finally, you'll just need to use the LTI launch parameters to identify who the user is and start their session/log them in.

I did some web searching and found this library that looks promising: GitHub - r-lib/httr: httr: a friendly http package for R. It allegedly handles a variety of http methods and even includes OAuth 1.0.

If you do end up going down this route, let us know if you have success!

Jesse Poulos

Partner Integrations Specialist

Instructure

Anyone integrating Canvas with R Shiny (via LTI or otherwise)?

LTI

Donot have valid data to test certain APIs

Getting Canvas LTI Data

Is it posible to get the self_enrollment_code trou...

Display LTI content in pages from Editor LTI Place...

Media Plugin for Canvas LMS

UI for weekly progression idea

Is the ‘Enable self assessment’ field available in...

Canvas Rubrics API Criteria

api/v1/courses/sis_course_id:{id#}/sections - Not ...

add `desc` or `asc` to a few api calls that are al...

You're signed out

Anyone integrating Canvas with R Shiny (via LTI or otherwise)?

Community help

View our top guides and resources: