402: properly cast string course_id to number for global variable (#409)

* 402: properly cast string course_id to number for global variable * better error handling from conversion, log other custom variables * fix whitespace
tl-its-umich-edu · Feb 19, 2024 · 91f344a · 91f344a
1 parent 74c449c
commit 91f344a
Showing 1 changed file with 21 additions and 11 deletions.
diff --git a/ccm_web/server/src/lti/lti.service.ts b/ccm_web/server/src/lti/lti.service.ts
@@ -61,10 +61,10 @@ export class LTIService implements BeforeApplicationShutdown {
       const customLTIVariables = token.platformContext.custom
       if (customLTIVariables.login_id === undefined || customLTIVariables.course_id === undefined ||
         customLTIVariables.roles === undefined || customLTIVariables.is_root_account_admin === undefined) {
-        return createLaunchErrorResponse(res, 'please check the LTI configuration in Canvas.')
+        return createLaunchErrorResponse(res, 'One or more required custom LTI variables were not defined. Please check the LTI configuration in Canvas.')
       }
       const loginId = customLTIVariables.login_id as string
-      const courseId = customLTIVariables.course_id as number
+      const courseId = customLTIVariables.course_id as string
       const roles = customLTIVariables.roles as string
       const isRootAdmin = customLTIVariables.is_root_account_admin as boolean
 
@@ -94,16 +94,26 @@ export class LTIService implements BeforeApplicationShutdown {
         logger.error(`Something went wrong while creating user with loginId ${loginId}: ${logMessageEnding}`)
         return createLaunchErrorResponse(res)
       }
-      // More data will be added to the session here later
-      const course = {
-        id: courseId,
-        roles: (roles.length > 0) ? roles.split(',') : [] // role won't be empty but adding a validation for safety
-      }
-      const sessionData = {
-        course: course,
-        isRootAdmin: isRootAdmin
+
+      try {
+        // More data will be added to the session here later
+        const course = {
+          id: Number(courseId),
+          roles: (roles.length > 0) ? roles.split(',') : [] // role won't be empty but adding a validation for safety
+        }
+        const sessionData = {
+          course: course,
+          isRootAdmin: isRootAdmin
+        }
+        req.session.data = sessionData
+      } catch (e) {
+        const logMessageEnding = e instanceof Error
+          ? `error ${String(e.name)} due to ${String(e.message)}`
+          : String(e)
+        logger.error(`Failed to build session data with course ID ${courseId} and roles ${roles}: ${logMessageEnding}`)
+        return createLaunchErrorResponse(res)
       }
-      req.session.data = sessionData
+
       req.session.save((err) => {
         if (err !== null) {
           logger.error('Failed to save session data due to error: ', err)