Allow LTI clients to specify a redirect target

app/controllers/sessions_controller.rb

@@ -20,9 +20,13 @@ class SessionsController < ApplicationController
   def create_through_lti
     store_lti_session_data(consumer: @consumer, parameters: params)
     store_nonce(params[:oauth_nonce])
-    redirect_to(implement_exercise_path(@exercise),
-                notice: t("sessions.create_through_lti.session_#{lti_outcome_service?(@exercise.id, @current_user.id , @consumer.id) ? 'with' : 'without'}_outcome",
-                consumer: @consumer))
+    if params[:redirect_target]
+      redirect_to(params[:redirect_target])
+    else
+      redirect_to(implement_exercise_path(@exercise),
+                  notice: t("sessions.create_through_lti.session_#{lti_outcome_service?(@exercise.id, @current_user.id , @consumer.id) ? 'with' : 'without'}_outcome",
+                  consumer: @consumer))
+    end
   end
 
   def destroy