Hi, I have been working on getting a custom tool to work with LTI (beginning specifically with launching from Canvas) for a while and have been unsuccessful. I have gotten as far as configuring the developer key such that I can launch from the course navigation and see the login payload. However, when I send an authentication request with the required variables (according to http://www.imsglobal.org/spec/security/v1p0/#step-2-authentication-request), I do not see the launch payload (using the LTI Debugger extension in Chrome), and I get a response of "1" alongside a message saying "500 Internal Server Error If you are the administrator of this website, then please read this web application's log file and/or the web server's log file to find out what went wrong." 

Can anyone provide guidance on how to configure the authentication request? I'm not entirely sure what to put for the "state" and "nonce" values, so perhaps that is part of my problem.