ylqjgm
/
canvas-lms
mirror of https://github.com/instructure/canvas-lms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

use https for bigbluebutton API 

test plan: bigbluebutton should still work and requests to
 /bigbluebutton/api/... should go over https instead of http

closes CNVS-38120

Change-Id: I9c648371e521ee4d0a94cf50605a6a7e9420bb97
Reviewed-on: https://gerrit.instructure.com/118609
Tested-by: Jenkins
Reviewed-by: Venk Natarajan <vnatarajan@instructure.com>
QA-Review: Deepeeca Soundarrajan <dsoundarrajan@instructure.com>
Product-Review: Jeremy Stanley <jeremy@instructure.com>
This commit is contained in:
Jeremy Stanley 2017-07-11 16:37:36 -06:00
parent 65c8824655
commit e0668bb676
2 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/models/big_blue_button_conference.rb
View File

@ -159,7 +159,7 @@ class BigBlueButtonConference < WebConference
def generate_request(action, options)
query_string = options.to_query
query_string << ("&checksum=" + Digest::SHA1.hexdigest(action.to_s + query_string + config[:secret_dec]))
"http://#{config[:domain]}/bigbluebutton/api/#{action}?#{query_string}"
"https://#{config[:domain]}/bigbluebutton/api/#{action}?#{query_string}"
end
def send_request(action, options)

10
spec/models/big_blue_button_conference_spec.rb
View File

@ -57,8 +57,8 @@ describe BigBlueButtonConference do
params = {:fullName => user_factory.name, :meetingID => @conference.conference_key, :userID => user_factory.id}
admin_params = params.merge(:password => 'admin').to_query
user_params = params.merge(:password => 'user').to_query
expect(@conference.admin_join_url(@user)).to eql("http://bbb.instructure.com/bigbluebutton/api/join?#{admin_params}&checksum=" + Digest::SHA1.hexdigest("join#{admin_params}secret"))
expect(@conference.participant_join_url(@user)).to eql("http://bbb.instructure.com/bigbluebutton/api/join?#{user_params}&checksum=" + Digest::SHA1.hexdigest("join#{user_params}secret"))
expect(@conference.admin_join_url(@user)).to eql("https://bbb.instructure.com/bigbluebutton/api/join?#{admin_params}&checksum=" + Digest::SHA1.hexdigest("join#{admin_params}secret"))
expect(@conference.participant_join_url(@user)).to eql("https://bbb.instructure.com/bigbluebutton/api/join?#{user_params}&checksum=" + Digest::SHA1.hexdigest("join#{user_params}secret"))
end
it "should confirm valid config" do
@ -69,19 +69,19 @@ describe BigBlueButtonConference do
it "should recreate the conference" do
expect(@conference).to receive(:send_request).with(:create, anything).and_return(true)
expect(@conference.craft_url(@user)).to match(/\Ahttp:\/\/bbb\.instructure\.com\/bigbluebutton\/api\/join/)
expect(@conference.craft_url(@user)).to match(/\Ahttps:\/\/bbb\.instructure\.com\/bigbluebutton\/api\/join/)
# load a new instance to clear out @conference_active
@conference = WebConference.find(@conference.id)
expect(@conference).to receive(:send_request).with(:create, anything).and_return(true)
expect(@conference.craft_url(@user)).to match(/\Ahttp:\/\/bbb\.instructure\.com\/bigbluebutton\/api\/join/)
expect(@conference.craft_url(@user)).to match(/\Ahttps:\/\/bbb\.instructure\.com\/bigbluebutton\/api\/join/)
end
it "should not recreate the conference if it is active" do
expect(@conference).to receive(:send_request).once.with(:create, anything).and_return(true)
@conference.initiate_conference
expect(@conference.active?).to be_truthy
expect(@conference.craft_url(@user)).to match(/\Ahttp:\/\/bbb\.instructure\.com\/bigbluebutton\/api\/join/)
expect(@conference.craft_url(@user)).to match(/\Ahttps:\/\/bbb\.instructure\.com\/bigbluebutton\/api\/join/)
end
it "return nil if a request times out" do