-
Notifications
You must be signed in to change notification settings - Fork 91
CMI 5 Subgroup Meeting Notes – Dec 8th, 2023
cmi5 Subgroup Meeting Notes – Dec 8th, 2023
- Andy Johnson
- Bill McDonald
- Boon Chang
- Christopher Thompson
- Florian Tolk
- Franklin Ludgood
- George Vilches
- Henry Ryng
- Jim Taite
- Martin Koob
- Megan Bohland
- Simon Hsu
"Derived Requirements" Review
The group continued its review of "Derived Requirements" (from CATAPULT documentation) to identify areas of the spec that may need revision:
8.1.2.0-5 (d) The LMS must reject HTTP requests made to the endpoint that do not contain the authorization token in the Authorization headers.
- This is the token to use to access the LRS
- endpoint = LRS’s API (endpoint + Resources) or endpoint ?
- What about the xAPI “about” resource? Uncertain if “about” needs to be an exception in order for the AU make a determination on how to communicate with the LRS (XAPI 1.x vs XAPI 2.0)
- HTTP error code for rejection? 401 Unauthorized ?
- Review Catapult
8.1.3.0-3 (d) The LMS must reject xAPI requests that require an "actor" or "agent" that do not include the "actor" value as provided to the AU.
- AU must use the actor object “as-is” from the Launch URL parameter provided by the LMS
- HTTP error code for rejection? 400 Bad Request ?
- Review Catapult
8.1.4.0-3 (d) The LMS must reject xAPI request that require a "registration" that do not include the "registration" value as provided to the AU.
- Agreed
- HTTP error code for rejection? 400 Bad Request ?
- Review Catapult
11.0.0.0-3 (d1) The LMS must track that the AU has retrieved the learner preferences document.
- Not really actionable?
11.0.0.0-3 (d2) The LMS must reject initialized statement received before the learner preferences document has been retrieved.
- Actionable
- HTTP error code for rejection? 400 Bad Request ?
11.0.0.0-5 (d) The LMS must reject requests from the AU to set the Agent Profile document that are not JSON, or whose content is not an object, or whose content does not include the two named properties.
- Specific to the cmi5LearnerPreferences document only
- Do we allow additional properties – make it extensible ?
- HTTP error code for rejection? 400 Bad Request ?
11.1.0.0-1 (d) The LMS must reject requests from the AU to set the Agent Profile document if the languagePreference value is not a comma separated list of RFC 5646 language tags.
- HTTP error code for rejection?
13.1.2.0-1 (d) The LMS must reject course structure data that has a block with an "id" value that is duplicated in the course structure.
- At import time – the LMS should “do something”
- Should not prescribe what to do
- it would be difficult to define standard behavior
HTTP Error Code Discussion
The group also discussed what HTTP error codes should be used by the LMS/LRS when "rejecting" statements:
Catapult "Philosophy" on Error codes:
- 400 vs 403 Error codes were the biggest grey area
- Agent profile without actor = 400 error
- Anything else = 403 error
- Things that violate transport portion of xAPI are 400 errors
- If it is a cmi5 data validation problem then the error code is 403
- 400 are generally for “syntax” errors – 403 are generally for “semantic” errors when it comes to cmi5