LTI OAUTH 1.0 Signature Mismatch

Jump to solution
Community Novice


I created an LTI application with .Net. I have tried different libraries to create OAuth 1.0 signature, but it never matches with the one comes from Canvas. I checked it with this tool:  and it matches with the OAuth signature I generated, however not with the "signature" parameter comes from Canvas.

URL: https://localhost:44397/default.aspx

Consumer Key: orhun-123

Shared Secret: orhun-123

Nonce: nYrB8fqYrLsKd4Q1QharrvjBYb9zj03unlAU7urXg
Timestamp: 1536243035
Generated signature: Iyxdh5swIDAro/K7WbUWAjhOUI0=

Signature comes from Canvas:  z2tzUWURgkf6m56L7wrUyqe50wE=

Currently, I am using this code to generate the OAuth signature: 

OAuth-Signature-Validation-Tool/OAuthBase.cs at master · mashery/OAuth-Signature-Validation-Tool · G... 

Thank you,

1 Solution
Ok, i see now a few things. It looks like I need to have a space in the value for lis_person_name_full. It also looks like the page=lti needs to be added into the set of parameters. Additionally, it appears I was mistaken on how the keys need to be used (per your entries into the tool, the resulting hash string should just be 'clkey12345&'. Thank you so much for your help! With this I info I should be able to fix my implementation.

View solution in original post