Issues getting the connection to work with Canvas in a docker container

[brettjforsyth]

Been hacking away all day on this and have hit an impasse

Setup Canvas running in docker as per their quick start Automated Setup URL is http://canvas.docker no ssl - https://github.com/instructure/canvas-lms/wiki/Quick-Start Developer Key setup

localhost wasn't working so changed it to IP

settings in the demo server index.js await lti.registerPlatform({ url: 'http://canvas.docker', name: 'canvas', clientId: '10000000000002', authenticationEndpoint: 'http://canvas.docker/api/lti/authorize_redirect', accesstokenEndpoint: 'http://canvas.docker/login/oauth2/token', authConfig: { method: 'JWK_SET', key: 'http://canvas.docker/api/lti/security/jwks' } }) }

I have the .env setup with my DB and LTI_Key from the dev key

Getting this as output on connection

provider:main Receiving request at path: /login +2m
  provider:main Receiving a login request from: https://canvas.instructure.com +0ms
  provider:main Redirecting to platform authentication endpoint +5ms
  provider:main Target Link URI:  http://127.0.0.1:3000 +1ms
  provider:main Login request:  +0ms
  provider:main {
  provider:main   response_type: 'id_token',
  provider:main   response_mode: 'form_post',
  provider:main   id_token_signed_response_alg: 'RS256',
  provider:main   scope: 'openid',
  provider:main   client_id: '10000000000002',
  provider:main   redirect_uri: 'http://127.0.0.1:3000',
  provider:main   login_hint: '535fa085f22b4655f48cd5a36a9215f64c062838',
  provider:main   nonce: 'u2lb61yomz69ts5z2mgmzxnpk',
  provider:main   prompt: 'none',
  provider:main   state: '696337eac5f253ccac22dbba2a5437fa5be05fc6f7688b0055',
  provider:main   lti_message_hint: 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ2ZXJpZmllciI6IjQ1YzQxMjEwNjIzZTZhMWUxNDY4OWUwYzBmZTAzNWY4NzE2YzJjYzQzYjAwNDJhOWY0YTBkMWEwY2M3NDUzMzQ3YzliMmEzOTY4MGY1ZTk5MDczOTI0ZWRiOTAxMjU0MDYxNzRmZTk0NDUwYzk5NmQxYjA4Mjk0MTMwM2FhYTkyIiwiY2FudmFzX2RvbWFpbiI6ImNhbnZhcy5kb2NrZXIiLCJjb250ZXh0X3R5cGUiOiJDb3Vyc2UiLCJjb250ZXh0X2lkIjoxMDAwMDAwMDAwMDAwMSwiZXhwIjoxNjIwNjc2MjI0fQ.Admb_HtShHIbZTeLG1olKYRg_d2irpnc5OpGJ6qMN5s'
  provider:main } +0ms
  provider:main Receiving request at path: / +343ms
  provider:main Path does not match reserved endpoints +0ms
  provider:main Cookies received:  +0ms
  provider:main [Object: null prototype] {
  provider:main   state696337eac5f253ccac22dbba2a5437fa5be05fc6f7688b0055: 'https://canvas.instructure.com'
  provider:main } +0ms
  provider:main Deleting state cookie and Database entry +0ms
  provider:main No ltik found +2ms
  provider:main Request body:  [Object: null prototype] {
  utf8: '✓',
  authenticity_token: 'u+sgmaRUp29bgMPgPYrhwYCHUbwN5kdIID6mopLAY+f0gnLc0mXtC23q9I5s7ZSt0LAn2HzWLgdQdd7N9Io1hA==',
  error: 'launch_no_longer_valid',
  error_description: 'The launch has either expired or already been consumed',
  state: '696337eac5f253ccac22dbba2a5437fa5be05fc6f7688b0055'
} +0ms
  provider:main Passing request to invalid token handler +0ms

I saw the other note that this is likely due to redis config issues but I am stumped. There is a redis instance that gets booted when you bring up the canvas environment. All of the end points are working except http://canvas.docker/login/oauth2/token which has route error

I also tried following the info in https://community.canvaslms.com/t5/Developers-Group/Canvas-LTI-1-3-Error-Unknown-Key-Type/td-p/389023 but either I am missing something or it doesn't work on the docker version of canvas.

Thoughts? Am I missing something obvious?

[Cvmcosta]

Hello @brettjforsyth, this is most likely not an issue with Ltijs, the only other time i encountered this issue it was caused by misconfiguration of redis caching. I have a couple of questions but i am not sure how to approach this issue:

• Are you sure that this instance goes through the Redis and Dynamic Settings configuration steps of Canvas? Both are needed in order for LTI to work properly.
• In your registration code you are registering http://canvas.docker as the URL, but in the logs you are receiving requests at the standard https://canvas.instructure.com, i assume you also registered the Platform with the correct URL (Canvas uses multi tenancy, so every instance sends the same issuer claim).

Apart from that i don't see any issues with your configuration. That being said, i was able to consistently get a local version of Canvas to work by installing it manually instead of using docker. Many of the docker versions of Canvas have issues with LTI, including the widely used Bitnami version, due to the installation steps i mentioned above.

[brettjforsyth]

HI @Cvmcosta,

Yeah apologies about the bug flag. I also don't think this is an issue with ltijs. I had just seen your replies to some of the other closed issues and figured you might have some insights.

I am not 100% certain that it is going through redis and dynamic settings. I have checked all the config files and they appear correct. However I am beginning to suspect the host needs to change as when I try to run redis-cli it won't connect. I'll report back after messing about a little bit. I think this is likely the crux of the whole issue.

As for the https://canvas.instructure.com I saw that as well but not sure why that would be coming up. Where would that potentially be misconfigured?

Regards,

Brett

[Cvmcosta]

Hello, sorry for taking too long to reply. I don't really think that the Canvas URLs are misconfigured. And even if they were it wouldn't cause the issues you were getting.

[joecrop]

It turns out there is a fix for this. You have to get the canvas install just right. Here's a good writeup: https://community.canvaslms.com/t5/Canvas-Developers-Group/Canvas-LTI-1-3-Error-Unknown-Key-Type/m-p/390285#M6345