Add a new variabble `lti11_legacy_user_id` in LTI 1.3 launches

We're adding the `lti11_legacy_user_id` variabble because is a constantly
request fom tool vendors that are working on the migration to LTI 1.3.

closes INTEROP-6214
flag=none

test-plan:
* Have a LTI 1.3 tool installed in your local Canvas, you can use the
lti-1.3.-test-tool for it.
* Launch the tool and ensure that under the JWT Decode that you see the
lti11_legacy_user_id variable as a String that matches with the current
user.

Change-Id: Id0efd2602111f99f0365ea95e2a8074c2ceca477
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/249755
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>
QA-Review: Weston Dransfield <wdransfield@instructure.com>
Product-Review: Karl Lloyd <karl@instructure.com>
Reviewed-by: Weston Dransfield <wdransfield@instructure.com>

gems/lti-advantage/lib/lti_advantage/messages/jwt_message.rb

@@ -17,6 +17,7 @@ module LtiAdvantage::Messages
       sub
       version
       target_link_uri
+      lti11_legacy_user_id
     ].freeze
 
     TYPED_ATTRIBUTES = {

gems/lti-advantage/lib/lti_advantage/serializers/jwt_message_serializer.rb

@@ -35,6 +35,7 @@ module LtiAdvantage::Serializers
       tool_platform
       version
       target_link_uri
+      lti11_legacy_user_id
     ).freeze
 
     DEEP_LINKING_CLAIMS = %w(

gems/lti-advantage/spec/lti_advantage/messages/deep_linking_request_spec.rb

@@ -38,7 +38,8 @@ module LtiAdvantage::Messages
           deep_link_return_url: 'http://test.com/return_url'
         ),
         roles: ['foo'],
-        target_link_uri: 'https://www.example.com'
+        target_link_uri: 'https://www.example.com',
+        lti11_legacy_user_id: 'bcf1466791073638f61073818abf1d32331fc893'
       )
     end
 

gems/lti-advantage/spec/lti_advantage/messages/resource_link_request_spec.rb

@@ -34,7 +34,8 @@ module LtiAdvantage::Messages
         nonce: '5a234202-6f0e-413d-8793-809db7a95930',
         resource_link: LtiAdvantage::Claims::ResourceLink.new(id: 1),
         roles: ['foo'],
-        target_link_uri: 'https://www.example.com'
+        target_link_uri: 'https://www.example.com',
+        lti11_legacy_user_id: 'bcf1466791073638f61073818abf1d32331fc893'
       )
     end
 

lib/lti/messages/jwt_message.rb

@@ -52,6 +52,7 @@ module Lti::Messages
       add_roles_claims! if include_claims?(:roles)
       add_custom_params_claims! if include_claims?(:custom_params)
       add_names_and_roles_service_claims! if include_names_and_roles_service_claims?
+      add_lti11_legacy_user_id!
 
       @expander.expand_variables!(@message.extensions)
       @message.validate! if validate_launch
@@ -138,6 +139,10 @@ module Lti::Messages
       @message.role_scope_mentor = current_observee_list if current_observee_list.present?
     end
 
+    def add_lti11_legacy_user_id!
+      @message.lti11_legacy_user_id = @tool.opaque_identifier_for(@user)
+    end
+
     def include_names_and_roles_service_claims?
       include_claims?(:names_and_roles_service) &&
         (@context.is_a?(Course) || @context.is_a?(Group)) &&

spec/lib/lti/messages/jwt_message_spec.rb

@@ -698,4 +698,12 @@ describe Lti::Messages::JwtMessage do
       it_behaves_like 'skips role scope mentor'
     end
   end
+
+  describe 'legacy user id claims' do
+    it 'sets the "lti11_legacy_user_id" claim' do
+      expected = decoded_jwt['https://purl.imsglobal.org/spec/lti/claim/lti11_legacy_user_id']
+
+      expect(expected).to eq tool.opaque_identifier_for(user)
+    end
+  end
 end

spec/support/names_and_roles_matchers.rb

@@ -113,6 +113,7 @@ module Lti::Ims::NamesAndRolesMatchers
         'https://purl.imsglobal.org/spec/lti/claim/message_type' => 'LtiResourceLinkRequest',
         'locale' => (user.locale || I18n.default_locale.to_s),
         'https://purl.imsglobal.org/spec/lti/claim/custom' => {},
+        "https://purl.imsglobal.org/spec/lti/claim/lti11_legacy_user_id" => tool.opaque_identifier_for(user)
       }.merge!(opts[:message_matcher].presence || {}).compact
     ]
   end