This was causing media object failures for uses of the cloud kaltura
service, which began inserting these redirects recently.
fixes#7152
test plan: on an account that uses cloud kaltura, upload an audio or
video file, or do a canvas course import. verify that a MediaObject gets
created for that file.
Change-Id: Ia1380c012150329f09e1bdd0a17f0170e7bedfdc
Reviewed-on: https://gerrit.instructure.com/8544
Tested-by: Hudson <hudson@instructure.com>
Reviewed-by: Simon Williams <simon@instructure.com>
Hook into the redis library at a pretty low level, to try and do
everything we can to avoid erroring if redis goes down. This applies to
both redis-as-cache and redis-as-data-store.
test plan: Set up redis and caching in your local instance. Point it to
both an existing box on a port not running redis, and a non-existent IP.
In both situations, you should not see caching errors or redis data
errors. After the first error, it shouldn't attempt to hit redis again for 5
minutes.
Change-Id: I101b2d3d2123151b244eb82ba78b176ed1f4d5ad
Reviewed-on: https://gerrit.instructure.com/8097
Tested-by: Hudson <hudson@instructure.com>
Reviewed-by: Cody Cutrer <cody@instructure.com>
The qti exporter uses the "Qti" module namespace but was in
the lib folder 'qti_exporter'. This moves everything to a 'qti'
folder and renames the 'exporter' to 'converter' to match
the convention of migration tool converters
The specs also weren't in spec_canvas to the CI tool wouldn't
run them, they were moved and made to only run if the python
qti tool is available
Test plan:
* Import some qti packages and make sure the still work correctly
refs #5178
Change-Id: I9277f2c4ecb0845b21ecb2e00102543e18a77aef
Reviewed-on: https://gerrit.instructure.com/7138
Tested-by: Hudson <hudson@instructure.com>
Reviewed-by: Brian Palmer <brianp@instructure.com>
This uses redis to store the nonces as locks that expire after 90
minutes. Timestamps are epoch UTC values, as per the oauth spec.
testplan: send oauth requests to the api endpoint with the same nonce
more than once, or with a too-old timestamp
refs #5892
Change-Id: Id6130c2a07e206dad716673aa6adbe9d36565a7c
Reviewed-on: https://gerrit.instructure.com/6683
Tested-by: Hudson <hudson@instructure.com>
Reviewed-by: Brian Whitmer <brian@instructure.com>
closes#5880
We track failed attempts for both (pseudonym) and (pseudonym, ip) in
Redis, the latter with a lower threshold. If either threshold is
exceeded, the user can't attempt to login for a given time period
(default 5 minutes). This protects against brute force auth attacks.
We've hooked into Authlogic for this, so it should apply to everywhere a
user is logged in -- login screen, API basic auth, Respondus API, etc.
It doesn't apply to SSO auth, where the SSO authority is assumed to have
existing protection of its own.
I refactored the Respondus SOAP API to use Authlogic in a more standard
manner, to make this work.
Change-Id: I569823f83c5c2855526464da270426275eb857cd
Reviewed-on: https://gerrit.instructure.com/6428
Tested-by: Hudson <hudson@instructure.com>
Reviewed-by: Cody Cutrer <cody@instructure.com>
Reviewed-by: Zach Wily <zach@instructure.com>
This will allow a UI where the user doesn't need to identify
the type of package they're uploading. For now it's only used
for common cartridge/canvas cartridge packages.
refs #4153
Change-Id: I2488777316660c9af60f544884429de7355f358f
Reviewed-on: https://gerrit.instructure.com/5701
Tested-by: Hudson <hudson@instructure.com>
Reviewed-by: Cody Cutrer <cody@instructure.com>
Brian Palmer