Welcome to the Learning Registry project! This document will get you rolling with creating, uploading, downloading, and verifying envelopes in and out of Learning Registry server. This tutorial should work on Windows, Linux, and Mac OS X machines.
Additional technical information about the Learning Registry may be found in the Quick Reference Guide
Before you start your 20-minute clock, you’ll need to make sure you’re set up properly. You need to know just enough Unix to be dangerous because you’ll be entering commands into the shell. That means in order to get up and running, you’ll need to have Python 2.7+ and GPG 2.0.17+ installed and accessible in your path. Depending upon your development platform, you may have to separately download and install some of the additional modules mentioned below.
Important
You must have GPG and Python in your path.
There are many ways to install pip and Python, including using virtualenv. If you’re going to program in Python you may want to consider doing so. However, the following cURL method is simple and should work anywhere:
curl -O http://python-distribute.org/distribute_setup.py python distribute_setup.py curl -O https://raw.github.com/pypa/pip/master/contrib/get-pip.py python get-pip.py
pip install LRSignature
GPG --gen-key
- Choose the kind of key you want. Default is “RSA and RSA.”
- Choose any key size. Default is 2048.
- Choose an expiration. For testing and many applications, “does not expire” is fine.
- Provide your name, email, and a comment as you wish to be identified with the key.
- Provide a passphrase. This step is very important. It should be hard to guess and you need to remember it without writing it down somewhere anyone can get a copy. The passphrase is what protects your GPG private key which is used to sign your documents on Learning Registry.
Windows
If you’re on Windows, you need to find out where your GPG keyring is stored so you can pass that path info to the LRSignature utility. An easy way to find out where the keyring is stored is with this command.
GPG --list-keysYou’ll see the path on the first line of the results. The path is everything but the file name. If you have a file path of:
"c:/Users/username/AppData/Roaming/GPG/pubring.GPG"
You should have a GPG keyring path similar to:
"c:/Users/username/AppData/Roaming/GPG"
GPG --fingerprint
E7E350E792BC9A16D7704408FF7F6E95B2A133FA
GPG --export --armor "E7E350E792BC9A16D7704408FF7F6E95B2A133FA" > public-key.txt
Let’s say you’re going to host it at http://myserver.com/GPG/public-key.txt. Upload that file to your web server in that location. Now your GPG system is all set up.
Don’t forget your passphrase or lose your GPG keyring file. Back them up securely as appropriate. If you lose either one, you can’t sign documents with that identity any longer. If someone steals both, they can sign documents that appear to belong to you.
The next step is to obtain a test JSON envelope that you can use as a test to upload into the Learning Registry.
You can read the full description of the envelope in the Learning Registry Technical Specification document.
{ "TOS": { "submission_TOS": "http://www.learningregistry.org/tos/cc0/v0-5/" }, "active": true, "doc_type": "resource_data", "doc_version": "0.49.0", "identity": { "curator": "", "owner": "", "submitter": "your name or organization here", "signer": "your name or org, if you're signing the document", "submitter_type": "agent" }, "keys": [ "science", "Newton", "apple", "what_ever_you_want" ], "payload_placement": "inline", "payload_schema": [ "hashtags", "describing", "resource_locator", "format" ], "resource_data": "Put anything like metadata, xml or whatever here", "resource_data_type": "metadata", "resource_locator": "URI_of_resource" }
You’re now ready to sign this document with LRSignature.
LRSignature offers two methods to sign your JSON document. The first method creates the signed document and saves to you a local file which you specify. The second method signs the document and then, rather than saving locally, published the signed document directly to the location you specify.
Note: The commands below have been separated into multiple lines of text for readability purposes.
Mac/Linux
cat test.json \| python -m LRSignature.cmd sign ↲ --key "E7E350E792BC9A16D7704408FF7F6E95B2A133FA" ↲ --key-location "http://myserver.com/GPG/public-key.txt" ↲ --passphrase "your secret passphrase" ↲ > test.signed.jsonWindows
Note that the word type below is a windows command that you must include.
type test.json \| python -m LRSignature.cmd sign ↲ --key "E7E350E792BC9A16D7704408FF7F6E95B2A133FA" ↲ --key-location "http://myserver.com/GPG/public-key.txt" ↲ --passphrase "your secret passphrase" ↲ --gnupghome "path\_to\_GPG\_keyring\_from\_above" ↲ > test.signed.jsonYou should now have a new text file “test.signed.json” which will be just like the “test.json” file except that it will have your signature block in it.
The web application for managing publish authorizations uses Mozilla Persona for email validation, so you will need to create a Persona account if you don’t have one. You will receive an email with a link to confirm your email address and then you should be able to login and set a Basic Auth publishing password.
Note
The Basic Auth password is NOT your Persona password. The new authorization mechanism also supports switching from Basic Auth to OAuth. A publishing authorization account is required for each node that you publish to.
To sign and publish a document run the following command, depending on your platform, from within the folder where your test.json document is saved.
Note: The commands below have been separated into multiple lines of text for readability purposes.
Mac/Linux
cat test.json \| python -m LRSignature.cmd sign ↲ --key "E7E350E792BC9A16D7704408FF7F6E95B2A133FA" ↲ --key-location "http://myserver.com/GPG/public-key.txt" ↲ --passphrase "your secret passphrase" ↲ --publish-url "http://sandbox.learningregistry.org/publish" ↲ --publish-username “your publish account username” ↲ --publish-password “your publish account password”Windows
Note that the word type below is a windows command that you must included:
type test.json \| python -m LRSignature.cmd sign ↲ --key "E7E350E792BC9A16D7704408FF7F6E95B2A133FA" ↲ --key-location "http://myserver.com/GPG/public-key.txt" ↲ --passphrase "your secret passphrase" ↲ --publish-url "http://sandbox.learningregistry.org/publish" ↲ --publish-username “your publish account username” ↲ --publish-password “your publish account password” ↲ --gnupghome "path\_to\_GPG\_keyring\_from\_above"In both instances you should see the following results though the doc_ID value will differ:
[{"document_results": [{"OK": true, "doc_ID": "761e70f774634030914fa45617fc8815"}], "OK": true}]
If downloading with a browser be sure to include the query string at the end of the URL. In this case, a Boolean value of true indicates that you wish to reference a document directly by it’s doc_ID created in the previous upload example.
Note
The commands below have been separated into multiple lines of text for readability purposes.
Web Browser
http://sandbox.learningregistry.org/harvest/getrecord?request_ID=(the doc_ID returned from the upload)&by_doc_ID=true
In the case of our example, this URL would be:
http://sandbox.learningregistry.org/harvest/getrecord?request_ID=761e70f774634030914fa45617fc8815&by_doc_ID=true
cURL
To directly save the document run the following command from within the folder where your test.signed.json document is saved. The downloaded document will be named test.download.json.
curl -o test.download.json "http://sandbox.learningregistry.org/harvest/getrecord?request_ID=761e70f774634030914fa45617fc8815&by_doc_ID=true"
Note
The commands below have been separated into multiple lines of text for readability purposes.
Mac/Linux
cat test.download.json \| python -m LRSignature.cmd verifyWindows
Note that the word type below is a Windows command that you must include:
type test.download.json \| python -m LRSignature.cmd verify ↲ --gnupghome "path\_to\_GPG\_keyring\_from\_above"In both instances you should see results like this:
{"results": [{"resource\_locator": "http://resource\_locator\_url\_will\_appear\_here", "verified": true}]}
OK! That’s a full round-trip. You created and uploaded a valid Learning Registry document, and then downloaded a copy back to your local machine.
At some point in you publishing endeavors, you may need to update or delete previously published document. You might need to do this because:
- A resource moved so you need to update the resource locator.
- Metadata/paradata for a resource is out-of-date and needs updating.
- A resource no longer exists so the resource data should be deleted.
- Something got erroneously published and needs replacement or removal.
Learning Registry V 0.50.1 introduces the concept of document replacement, where you may publish a new document to replace a previously published version. There are some caveats to this process:
- Replacement documents must be signed with the same private key as the original document.
- If replacment and original documents were signed by a node using proxy signing services, the submitter fields must also match.
- Replacement documents must indicate exactly which document they are replacing, using the doc_ID in the replaces field of the Resource Data Description Document. You may specify more than one doc_ID to replace.
Note: A node may specify a “super key” as a trusted signer which can serve as a mechanism to sign replacement documents where the original signing key is missing.
This process is identical to steps followed in Create the JSON File however you will be adding an additional field, replaces as an array of doc_ID, to the JSON document that contains your update.
{ "replaces": [ "doc_ID of original document" ], "TOS": { "submission_TOS": "http://www.learningregistry.org/tos/cc0/v0-5/" }, "active": true, "doc_type": "resource_data", "doc_version": "0.49.0", "identity": { "curator": "", "owner": "", "submitter": "your name or organization here", "signer": "your name or org, if you're signing the document", "submitter_type": "agent" }, "keys": [ "science", "Newton", "apple", "what_ever_you_want" ], "payload_placement": "inline", "payload_schema": [ "hashtags", "describing", "resource_locator", "format" ], "resource_data": "Your modified or updated data", "resource_data_type": "metadata", "resource_locator": "updated_URI_of_resource" }
You can now continue with the signing and publishing process detailed in Signing the Document
Removal of documents from Learning Registry follows a similar process as described in Updating a Learning Registry Document with the only difference being the contents of the published document.
An example of Learning Registry Delete Document is:
{ "replaces": [ "doc_ID of original document being deleted" ], "TOS": { "submission_TOS": "http://www.learningregistry.org/tos/cc0/v0-5/" }, "active": true, "doc_type": "resource_data", "doc_version": "0.49.0", "identity": { "curator": "", "owner": "", "submitter": "your name or organization here", "signer": "your name or org, if you're signing the document", "submitter_type": "agent" }, "payload_placement": "none" }
Again, to publish repeat the steps in Signing the Document to sign and publish to the Learning Registry node.
Let’s take a quick look at slicing data. For a more detailed look at slicing, see the Learning Registry - Slicing documentation. The “slice” function is an optional service in the Learning Registry that lets you easily pull down a set of documents from a node, based on certain criteria. At the time of this writing you can slice data using the following parameters:
Web Browser
http://sandbox.learningregistry.org/slice?any_tags=science
cURL
curl -o test.science.json "http://sandbox.learningregistry.org/slice?any_tags=science&ids_only=true"You should get results resembling those below. These results have been separated into multiple lines of text for readability purposes.
{ "replyStart":"2011-09-15 21:10:37.522239", "keyCount":1, "documents":[{"doc_ID": "761e70f774634030914fa45617fc8815"}], "resultCount":1, "replyEnd":"2011-09-15 21:10:37.908154" }In the case of multiple documents being found the results will resemble:
{ "replyStart":"2011-09-15 20:24:14.207687", "keyCount":1, "documents":[ {"doc_ID": "761e70f774634030914fa45617fc8815", ...etc.}, {"doc_ID": "85924442d9ab431b93732440940a3636", ...etc.}, {"doc_ID": "62c2ee17dbcd4899b373cd4cf63ae669", ...etc.} ], "resultCount":3, "replyEnd":"2011-09-15 20:24:15.170966" }When ids_only is set to true, Slice returns a JSON document which includes an array of document ID’s matching your parameters. The default value of ids_only is false and if not explicitly set to true will return the full documents.
In addition to the any_tags option you can submit specific parameters to narrow your search. For example, if you were only interested in documents posted after a specific date you could query based on the date of publication to Learning Registry by using the from field. The optional from field has a format of YYYY-MM-DD. For example, from=2011-09-15.
Another optional field is identity. This is the name of the person or organization that is the submitter, author, owner, or curator. An example is identity=US Dept of Education.
If I wished to locate items submitted by US Dept of Education on or after September 15, 2011 it would include from=2011-09-15 as well as identity=US Dept of Education. If you combine these options they are ANDed together.
Specifying a value for from and any_tags returns documents published on or after start_date and matching the tags you specify in the any_tags field.
Some Learning Registry nodes will have Flow Control enabled for Slice. This means that the node administrator has specified a limit on the number of results returned for a given query. In such cases, when results are returned, they will include a resumption_token field. The value of this field is a token that can be used as an argument to reSlice the node, after which the next page of results is returned.
Version | Date | Description |
---|---|---|
1.00 | 2011-06-16 | Initial version |
1.01 | 2011-06-23 | Minor cleanup, wording improvements |
1.02 | 2011-06-23 | Fixed bug (with temp workaround) in Unix/Mac command lines |
1.03 | 2011-09-16 | Added cURL examples. Updated sample code to latest implementation. Added Flow Control information to Slicing. General edits and formatting. |
1.04 | 2011-09-23 | Seperated Signing section into local and publish. Correct publish sample code error. |
1.05 | 2011-09-30 | Corrected Heading settings. |
1.06 | 2011-10-20 | Corrected request_ID case. |
1.07 | 2012-02-01 | Replaced references to lrtest02 with references to sandbox. |
1.08 | 2012-12-11 | Updated publish information to include authorization procedures. |
1.09 | 2013-03-21 | Converted into RestructuredText from the original version. Minor edits. Archive Copy (V 1.08) |
1.10 | 2013-03-26 | Added section on publishing replacement documents. |
Learning Registry in 20 Minutes or Less, V1.3. © 2011, US Dept of Education: CC-BY-3.0