AnsweredAssumed Answered

LTI OAUTH 1.0 Signature Mismatch

Question asked by Orhun Karapinar on Sep 6, 2018
Latest reply on Sep 19, 2018 by Orhun Karapinar



I created an LTI application with .Net. I have tried different libraries to create OAuth 1.0 signature, but it never matches with the one comes from Canvas. I checked it with this tool:  and it matches with the OAuth signature I generated, however not with the "signature" parameter comes from Canvas.


URL: https://localhost:44397/default.aspx

Consumer Key: orhun-123

Shared Secret: orhun-123

Nonce: nYrB8fqYrLsKd4Q1QharrvjBYb9zj03unlAU7urXg
Timestamp: 1536243035
Generated signature: Iyxdh5swIDAro/K7WbUWAjhOUI0=

Signature comes from Canvas:  z2tzUWURgkf6m56L7wrUyqe50wE=


Currently, I am using this code to generate the OAuth signature: 

OAuth-Signature-Validation-Tool/OAuthBase.cs at master · mashery/OAuth-Signature-Validation-Tool · GitHub 


Thank you,