- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Starting with LTI 1.3
Hello, I am new to LTI development and I am currently trying to get my first "Hello World" on LTI 1.3, but I have encountered some difficulties.
I have integrated a test application that I found on github to make sure I understand the configuration parameters, after solving a couple of problems I have succeeded.
The problem with this application is that it does not have very clean code to be able to carry this to a framework such as laravel or similar, for which I find myself in the need to understand the integration flow in detail in order to create my own work environment.
The problem comes because I am not receiving the id_token after executing my query, failing that I get an "authenticity_token" next to "login_required", which I don't understand exactly what it means.
My connection code looks like this:
require_once("vendor/autoload.php");
use GuzzleHttp\Client;
// This constant are obtained from LMS platform.
define('PLATFORM_ID', 'https://canvas.beta.instructure.com');
define('CLIENT_ID', 'MY_CLIENT_ID');
define('DEPLOYMENT_ID', 'MY_DEPLOYMENT_ID');
define('AUTHENTICATION_URL', 'https://canvas.beta.instructure.com/api/lti/authorize_redirect');
define('PLATFORM_JSON_WEBKEY_URL', 'https://canvas.beta.instructure.com/api/lti/security/jwks');
// STEP 1
// Receiving authentication parameters
print_r($_REQUEST);
// die;
// STEP 2
// Creating authentication request
if(isset($_REQUEST['iss']) && isset($_REQUEST['login_hint']) && isset($_REQUEST['lti_message_hint'])){
$nonce = getRandomString();
$params = array(
'client_id' => CLIENT_ID,
'login_hint' => $_REQUEST['login_hint'],
'lti_message_hint' => $_REQUEST['lti_message_hint'],
'nonce' => $nonce,
'prompt' => 'none',
'redirect_uri' => "http://localhost/clean_integration/connect.php",
'response_mode' => 'form_post',
'response_type' => 'id_token',
'scope' => 'openid',
'state' => $nonce
);
$options = [
'form_params' => $params
];
try{
$client = new Client();
$res = $client->request('POST', AUTHENTICATION_URL, $options);
echo $res->getBody();
}catch(Exception $e){
die("Exception: {$e}");
}
}
function getRandomString($length = 8){
$chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
$value = '';
$charsLength = strlen($chars) - 1;
for ($i = 1; $i <= $length; $i++) {
$value .= $chars[rand(0, $charsLength)];
}
return $value;
}
When my app start,
Array
(
[iss] => https://canvas.beta.instructure.com
[login_hint] => HINT
[client_id] => CLIENT_ID
[target_link_uri] => http://localhost/clean_integration/connect.php
[lti_message_hint] => HASH1.HASH2.HASH3
[canvas_region] => us-east-1
)
After running my request I get the following, when actually I should get the token id (From what I understand I could be wrong at this point)
Array
(
[utf8] => ✓
[authenticity_token] => SOME TOKEN THAT IS NOT JWT
[error] => login_required
[error_description] => Must have an active user session
[state] => 9kofXdDs
)
If anyone can help me with the following questions I am very grateful.
1 - What am I doing wrong so that the token id with the user and resource data does not return? Am I missing a step?
2.- How can I use the member service (LTI Adventage)
