andyfmiller
commented
6 years ago Nice! I haven't reached the part of LTI 1.3 that uses OAuth2 yet (that will come when I get to services...hopefully soon).
Up to now, I've been focusing on basic launch which uses JWT signing (similar to LTI 1.1, but using RSA asymmetric keys). For that I'm using a mix of BouncyCastle.NetCore and System.IdentityModel.Tokens.Jwt. Creating, signing, and validating the basic launch request (LtiResourceLinkRequest) is really straightforward with these two libraries, and requires relatively little code.
Managing the keys is more work. I'm building a sample platform and a sample tool. Both will include key management, but I suspect every platform and every tool will need to implement their own custom management UI.
Hi, great to see Lti 1.3 being picked up. Compared to LtiLibrary, the oAuth1 will have to be replaced with oAuth2. In previous projects (not on github) I have used the oAuth implementation in https://github.com/restsharp/RestSharp I suppose reusing those classes can help :-)