smadbe
commented
4 years ago As discussed on Slack today, let's go to another option: when receiving the login_id from the LTI redirect, instead of checking a stored loginID, call a backend service (using the stored token) to get the login_id and verify it.
Motivations
For the LTI workflow, the frontend needs to know, when storing a token, what login_id (so id in the auth platform) it is for, so that he can skip reauthentication when a user shows up again.
Subtasks
In the login callback service, add
user_idandlogin_idto the output.