Closed Rohi145 closed 5 years ago
viveklm
commented
5 years ago @Rohi145: Did you resolved your issue, I am facing this issue. when launching deep link
{"errors":{"jwt":[{"attribute":"jwt","type":"JWT verification failure","message":"JWT verification failure"}]}}
Getting following error not sure what value and where to set private_key_file??
@MartinLenord @jrissler : I would greatly appreciate it if you kindly give me some feedback.
MartinLenord
commented
5 years ago Hey @Rohi145 Sorry for the slow reply.
id_token validates that the request was signed by Canvas. To know who the request was signed for, you must look at the deployment_id. I you don't recognise the deployment_id, you should allow the user to prove who they are (e.g. logging in as an administrator) then you can link the deployment_id to your own account.@viveklm if you are looking for the config, it lives here https://github.com/IMSGlobal/lti-1-3-php-library/blob/master/src/game_example/db/configs/example.json the private keys that are referenced live in https://github.com/IMSGlobal/lti-1-3-php-library/tree/master/src/game_example/db
Rohi145
commented
5 years ago @MartinLenord ,
Hey @Rohi145 Sorry for the slow reply.
- If i understand the question correctly, the signature on the
id_tokenvalidates that the request was signed by Canvas. To know who the request was signed for, you must look at thedeployment_id. I you don't recognise thedeployment_id, you should allow the user to prove who they are (e.g. logging in as an administrator) then you can link thedeployment_idto your own account.
-----Before id_token generation when login is initiated, we get some parameters from respective LMS (ex.login_hint, issuer, etc.).We need to know during this time, which parameter is used to help for valid instructor verification before OIDC launch.
I would greatly appreciate it if you kindly give me some feedback.
MartinLenord
commented
5 years ago The initial OIDC launch is unsigned. You will be given the issuer that can be used along with the url used to login to identify the client id and url to return to. You cannot validate the user at this point as no user information is passed, also this launch isn't signed so you cannot use the information in it to do any actions except redirect back to the platform.
Verifying the user must be done on the id_token launch as that request is signed
Rohi145
commented
5 years ago @MartinLenord
Thanks for info,
Means as of now, In LTI 1.3 we need to authenticate the user from client id and deployment id? Because consumer key is not part of LTI 1.3.
MartinLenord
commented
5 years ago Yes, you will have issuer ->client_id -> deployment_id to identify a user
Rohi145
commented
4 years ago Hello, Martin I hope you are doing well. After implementing LTI advantage in BB, moodle, D2l, Now I am trying to integrate in canvas: I have a few questions please guide me about that.
Please guide me asap. Thanks.
MartinLenord
commented
4 years ago Hi @Rohi145 Canvas does not currently support returning multiple content items in deep linking They also do not correctly support custom parameters in deep linking
eagle-13
commented
3 years ago Hi, Martin. Nice to know you. I am encountered the error while integrating this example with canvas. Canvas error is like this: response_code: 500 request_id: f04ccfc1-e8ef-4b10-8fd3-5380adb6da5d session_id: ceff9b8a92767421033527825eed644c meta_headers: '''' format: !ruby/object:Mime::Type synonyms:
Finally, At page, it displays error: while(1);{"errors":[{"message":"An error occurred.","error_code":"internal_server_error"}],"error_report_id":753}
What' matter? How to fix it? Please help me asap. Thanks.
Hi, We have a doubt regarding LTI 1.3 in canvas as follows: