search

Cvmcosta / ltijs

Turn your application into a fully integratable LTI 1.3 tool provider.
https://cvmcosta.github.io/ltijs/
Apache License 2.0
306 stars 70 forks source link

DeepLink error only in Moodle v 4.3 #224

Open elmitxel opened 6 months ago

elmitxel commented 6 months ago

When I add a resource with deeplink in moodle 4.3 I get this error.

Exception - mod_lti\local\ltiopenid\jwks_helper::fix_jwks_alg(): Argument #1 ($jwks) must be of type array, null given, called in [dirroot]/mod/lti/locallib.php on line 1335

In version 4.1 of Moodle everything is ok.

Provider logs provider:main Receiving request at path: /login +17s provider:main Receiving a login request from: http://localhost/moodle44, clientId: rWofqfK6k15BKO5 +0ms provider:main Redirecting to platform authentication endpoint +8ms provider:main Target Link URI: http://localhost:3000 +0ms provider:main Login request: +0ms provider:main { provider:main response_type: 'id_token', provider:main response_mode: 'form_post', provider:main id_token_signed_response_alg: 'RS256', provider:main scope: 'openid', provider:main client_id: 'rWofqfK6k15BKO5', provider:main redirect_uri: 'http://localhost:3000', provider:main login_hint: '2', provider:main nonce: 'wbueayl8uda77f1y1eteslb3b', provider:main prompt: 'none', provider:main state: '701a5769284311ba4870da99b7fc54a7f7fdd1b3f236e441dc', provider:main lti_message_hint: '{"launchid":"ltilaunch_ContentItemSelectionRequest1567951624"}', provider:main lti_deployment_id: '3' provider:main } +1ms provider:main Receiving request at path: / +42ms provider:main Path does not match reserved endpoints +0ms provider:main Cookies received: +0ms provider:main [Object: null prototype] { provider:main 'ltiaHR0cDovL2xvY2FsaG9zdC9tb29kbGU0NGhBVWd5a0pETnlFUlZwcjE%3D': '2', provider:main 'ltiaHR0cDovL2xvY2FsaG9zdC9tb29kbGU0NEJmekxJak9vZWJnODM0STI%3D': '2', provider:main 'ltiaHR0cDovL2xvY2FsaG9zdC9tb29kbGVvRkdCeU5ITHB6akFIc1M2Mg%3D%3D': '2', provider:main 'ltiaHR0cDovL2xvY2FsaG9zdC9tb29kbGU0NHJXb2ZxZks2azE1QktPNTM%3D': '2', provider:main state701a5769284311ba4870da99b7fc54a7f7fdd1b3f236e441dc: 'http://localhost/moodle44' provider:main } +0ms provider:main Received idtoken for validation +1ms provider:auth Response state: 701a5769284311ba4870da99b7fc54a7f7fdd1b3f236e441dc +0ms provider:auth Attempting to validate iss claim +0ms provider:auth Request Iss claim: http://localhost/moodle44 +0ms provider:auth Response Iss claim: http://localhost/moodle44 +0ms provider:auth Attempting to retrieve registered platform +0ms provider:auth Retrieving key from jwk_set +3ms provider:auth Converting JWK key to PEM key +11ms provider:auth Attempting to verify JWT with the given key +0ms provider:auth Token signature verified +1ms provider:auth Initiating OIDC aditional validation steps +0ms provider:auth Validating if aud (Audience) claim matches the value of the tool's clientId given by the platform +1ms provider:auth Aud claim: rWofqfK6k15BKO5 +0ms provider:auth Checking alg claim. Alg: RS256 +0ms provider:auth Max age parameter: 10 +0ms provider:auth Checking iat claim to prevent old tokens from being passed. +0ms provider:auth Iat claim: 1715603109 +0ms provider:auth Exp claim: 1715603169 +0ms provider:auth Current_time: 1715603109.946 +0ms provider:auth Time passed: 0.9460000991821289 +0ms provider:auth Validating nonce +0ms provider:auth Nonce: wbueayl8uda77f1y1eteslb3b +0ms provider:auth Tool's clientId: rWofqfK6k15BKO5 +0ms provider:auth Storing nonce +1ms provider:auth Initiating LTI 1.3 core claims validation +5ms provider:auth Checking Message type claim +0ms provider:auth Checking LTI Version claim +0ms provider:auth Checking Deployment Id claim +0ms provider:auth Checking Sub claim +0ms provider:auth Checking Roles claim +0ms provider:auth Successfully validated token! +23ms provider:main Generating ltik +31ms provider:main Redirecting to endpoint with ltik +1ms provider:main Receiving request at path: / +3ms provider:main Path does not match reserved endpoints +0ms provider:main Cookies received: +0ms provider:main [Object: null prototype] { provider:main 'ltiaHR0cDovL2xvY2FsaG9zdC9tb29kbGU0NGhBVWd5a0pETnlFUlZwcjE%3D': '2', provider:main 'ltiaHR0cDovL2xvY2FsaG9zdC9tb29kbGU0NEJmekxJak9vZWJnODM0STI%3D': '2', provider:main 'ltiaHR0cDovL2xvY2FsaG9zdC9tb29kbGVvRkdCeU5ITHB6akFIc1M2Mg%3D%3D': '2', provider:main 'ltiaHR0cDovL2xvY2FsaG9zdC9tb29kbGU0NHJXb2ZxZks2azE1QktPNTM%3D': '2' provider:main } +1ms provider:main Ltik found +0ms provider:main Ltik successfully verified +0ms provider:main Attempting to retrieve matching session cookie +0ms provider:auth Valid session found +13ms provider:main Passing request to next handler +3ms provider:main Redirecting to: /deeplink +1ms provider:main Changing context token path to: /deeplink +0ms provider:main Receiving request at path: /deeplink +5ms provider:main Path does not match reserved endpoints +0ms provider:main Cookies received: +0ms provider:main [Object: null prototype] { provider:main 'ltiaHR0cDovL2xvY2FsaG9zdC9tb29kbGU0NGhBVWd5a0pETnlFUlZwcjE%3D': '2', provider:main 'ltiaHR0cDovL2xvY2FsaG9zdC9tb29kbGU0NEJmekxJak9vZWJnODM0STI%3D': '2', provider:main 'ltiaHR0cDovL2xvY2FsaG9zdC9tb29kbGVvRkdCeU5ITHB6akFIc1M2Mg%3D%3D': '2', provider:main 'ltiaHR0cDovL2xvY2FsaG9zdC9tb29kbGU0NHJXb2ZxZks2azE1QktPNTM%3D': '2' provider:main } +1ms provider:main Ltik found +0ms provider:main Ltik successfully verified +0ms provider:main Attempting to retrieve matching session cookie +0ms provider:auth Valid session found +10ms provider:main Passing request to next handler +4ms provider:main Receiving request at path: /resources +109ms provider:main Path does not match reserved endpoints +0ms provider:main Cookies received: +0ms provider:main [Object: null prototype] { provider:main 'ltiaHR0cDovL2xvY2FsaG9zdC9tb29kbGU0NGhBVWd5a0pETnlFUlZwcjE%3D': '2', provider:main 'ltiaHR0cDovL2xvY2FsaG9zdC9tb29kbGU0NEJmekxJak9vZWJnODM0STI%3D': '2', provider:main 'ltiaHR0cDovL2xvY2FsaG9zdC9tb29kbGVvRkdCeU5ITHB6akFIc1M2Mg%3D%3D': '2', provider:main 'ltiaHR0cDovL2xvY2FsaG9zdC9tb29kbGU0NHJXb2ZxZks2azE1QktPNTM%3D': '2' provider:main } +0ms provider:main Ltik found +0ms provider:main Ltik successfully verified +1ms provider:main Attempting to retrieve matching session cookie +0ms provider:auth Valid session found +114ms provider:main Passing request to next handler +4ms provider:main Receiving request at path: /deeplink +2s provider:main Path does not match reserved endpoints +0ms provider:main Cookies received: +0ms provider:main [Object: null prototype] { provider:main 'ltiaHR0cDovL2xvY2FsaG9zdC9tb29kbGU0NGhBVWd5a0pETnlFUlZwcjE%3D': '2', provider:main 'ltiaHR0cDovL2xvY2FsaG9zdC9tb29kbGU0NEJmekxJak9vZWJnODM0STI%3D': '2', provider:main 'ltiaHR0cDovL2xvY2FsaG9zdC9tb29kbGVvRkdCeU5ITHB6akFIc1M2Mg%3D%3D': '2', provider:main 'ltiaHR0cDovL2xvY2FsaG9zdC9tb29kbGU0NHJXb2ZxZks2azE1QktPNTM%3D': '2' provider:main } +0ms provider:main Ltik found +0ms provider:main Ltik successfully verified +1ms provider:main Attempting to retrieve matching session cookie +0ms provider:auth Valid session found +2s provider:main Passing request to next handler +9ms provider:deepLinkingService Starting deep linking process +0ms provider:deepLinkingService Building basic JWT body +4ms provider:deepLinkingService Sanitizing content item array based on the platform's requirements: +0ms provider:deepLinkingService Accepted Types: ltiResourceLink +0ms provider:deepLinkingService Accepts Mutiple: true +0ms provider:deepLinkingService Received content items: +0ms provider:deepLinkingService [ provider:deepLinkingService { provider:deepLinkingService type: 'ltiResourceLink', provider:deepLinkingService title: 'Mapa mental cerebral', provider:deepLinkingService url: 'http://localhost:3000?data=vista', provider:deepLinkingService custom: { id: 1 } provider:deepLinkingService } provider:deepLinkingService ] +0ms provider:deepLinkingService Content items to be sent: +1ms provider:deepLinkingService [ provider:deepLinkingService { provider:deepLinkingService type: 'ltiResourceLink', provider:deepLinkingService title: 'Mapa mental cerebral', provider:deepLinkingService url: 'http://localhost:3000?data=vista', provider:deepLinkingService custom: { id: 1 } provider:deepLinkingService } provider:deepLinkingService ] +0ms

Screenshots If applicable, add screenshots to help explain your problem.

Ltijs version

NodeJS version

Platform used

Additional context

elmitxel commented 6 months ago

Deeplink44.pdf

elmitxel commented 6 months ago

Moodle log:

Output buffer: string(3) "

Blocked http://localhost:3000/keys: The URL is blocked. [user 2]
  • line 111 of /lib/classes/event/url_blocked.php: call to debugging()
  • line 785 of /lib/classes/event/base.php: call to core\event\url_blocked->validate_before_trigger()
  • line 3962 of /lib/filelib.php: call to core\event\base->trigger()
  • line 3785 of /lib/filelib.php: call to curl->trigger_url_blocked_event()
  • line 4052 of /lib/filelib.php: call to curl->request()
  • line 1616 of /lib/filelib.php: call to curl->get()
  • line 1332 of /mod/lti/locallib.php: call to download_file_content()
  • line 1394 of /mod/lti/locallib.php: call to lti_verify_with_keyset()
  • line 3447 of /mod/lti/locallib.php: call to lti_verify_jwt_signature()
  • line 57 of /mod/lti/contentitem_return.php: call to lti_convert_from_jwt()

Warning: Undefined array key "http_code" in /var/www/html/moodle44/lib/filelib.php on line 1693
cURL request for "http://localhost:3000/keys" failed, HTTP response code: Unknown cURL error
  • line 1694 of /lib/filelib.php: call to debugging()
  • line 1332 of /mod/lti/locallib.php: call to download_file_content()
  • line 1394 of /mod/lti/locallib.php: call to lti_verify_with_keyset()
  • line 3447 of /mod/lti/locallib.php: call to lti_verify_jwt_signature()
  • line 57 of /mod/lti/contentitem_return.php: call to lti_convert_from_jwt()

siddrcrelias commented 6 months ago

Yes , I was getting this error as well.. but I managed to fix it.. can you share your lti.setup configuration..also it will not work locally over http You need to host moodle on a seperate domain over https ...may be use sandbox moodle...and you can host your service using ngrok..then setup as 

lti.setup(
      this.configService.get('LTI_KEY'),//key needs to be more than 16 char length
      {
        plugin: db,
      },
      {
        appRoute: '/',
        invalidTokenRoute: '/invalidtoken', 
        sessionTimeoutRoute: '/sessionTimeout', 
        keysetRoute: '/keys',
        loginRoute: '/login',
        dynRegRoute: '/registration',
        tokenMaxAge: +process.env.TOKEN_MAX_AGE, // might need to change this to a more bigger value
        staticPath: path.join(__dirname, './public'), // Path to static files
        ltiaas: true, 
        cookies: {
          secure: process.env.COOKIE_SECURE === 'true',
          sameSite: process.env.COOKIE_SAME_SITE,
        },
      },
    );

Please note I am not using devMode Once you have a setup like above, things should work fine