req.signedCookies is empty on launch #166
Assignees
Labels
bug
Something isn't working
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the bug
Somehow the req.signedCookies is undefined during the resource /launch process.
Cookies are configured like below:
cookies: {
secure: true, // Set secure to true if the testing platform is in a different domain and https is being used
sameSite: 'None', // Set sameSite to 'None' if the testing platform is in a different domain and https is being used
domain: process.env.COOKIE_DOMAIN
}
This works on 1 test system and doesn't on a production/custom system.
Both instances are using moodle as platform .
Also, it doesn't see that the production instance is passing the ltik as request parameter but rather in the body, in 1 case the
Request Iss claim is undefined, in the second, it simply can't read the cookie.
Has anyone had this issue before? Does anyone know how to pass the ltik as request parameter in moodle?
Thank you for your help and kindness.
Expected behavior
A clear and concise description of what you expected to happen.
Provider logs
This log is when launching a resource:
2022-10-18T16:11:39.880Z provider:main Receiving request at path: /login
2022-10-18T16:11:39.880Z provider:main Receiving a login request from: https://moodlestg02.toolwire.com, clientId: Z7rCANX5axLaUQB
2022-10-18T16:11:39.883Z provider:main Redirecting to platform authentication endpoint
2022-10-18T16:11:39.884Z provider:main Target Link URI: https://lti.praxislxp.com/launch
2022-10-18T16:11:39.884Z provider:main Login request:
2022-10-18T16:11:39.885Z provider:main {
response_type: 'id_token',
response_mode: 'form_post',
id_token_signed_response_alg: 'RS256',
scope: 'openid',
client_id: 'Z7rCANX5axLaUQB',
redirect_uri: 'https://lti.praxislxp.com/launch',
login_hint: '2',
nonce: 'fwgjyae31a184vcd3ai2tjy2j',
prompt: 'none',
state: 'ecbb10244b80cd19283a16dde146dd42a42047b3fcd0c41fcd',
lti_message_hint: '33',
lti_deployment_id: '7'
}
2022-10-18T16:11:40.118Z provider:main Receiving request at path: /launch
2022-10-18T16:11:40.118Z provider:main Path does not match reserved endpoints
2022-10-18T16:11:40.118Z provider:main Cookies received:
2022-10-18T16:11:40.118Z provider:main [Object: null prototype] {
ltiaHR0cHM6Ly9tb29kbGVzdGcwMi50b29sd2lyZS5jb21aN3JDQU5YNWF4TGFVUUI3: '2',
stateecbb10244b80cd19283a16dde146dd42a42047b3fcd0c41fcd: 'https://moodlestg02.toolwire.com'
}
2022-10-18T16:11:40.118Z provider:main Received idtoken for validation
2022-10-18T16:11:40.118Z provider:auth Response state: ecbb10244b80cd19283a16dde146dd42a42047b3fcd0c41fcd
2022-10-18T16:11:40.119Z provider:auth Attempting to validate iss claim
2022-10-18T16:11:40.119Z provider:auth Request Iss claim: https://moodlestg02.toolwire.com
2022-10-18T16:11:40.119Z provider:auth Response Iss claim: https://moodlestg02.toolwire.com
2022-10-18T16:11:40.119Z provider:auth Attempting to retrieve registered platform
2022-10-18T16:11:40.123Z provider:auth Retrieving key from jwk_set
2022-10-18T16:11:40.322Z provider:auth Converting JWK key to PEM key
2022-10-18T16:11:40.323Z provider:auth Attempting to verify JWT with the given key
2022-10-18T16:11:40.324Z provider:auth Token signature verified
2022-10-18T16:11:40.324Z provider:auth Initiating OIDC aditional validation steps
2022-10-18T16:11:40.324Z provider:auth Validating if aud (Audience) claim matches the value of the tool's clientId given by the platform
2022-10-18T16:11:40.324Z provider:auth Aud claim: Z7rCANX5axLaUQB
2022-10-18T16:11:40.324Z provider:auth Checking alg claim. Alg: RS256
2022-10-18T16:11:40.324Z provider:auth Max age parameter: 10
2022-10-18T16:11:40.324Z provider:auth Checking iat claim to prevent old tokens from being passed.
2022-10-18T16:11:40.324Z provider:auth Iat claim: 1666109500
2022-10-18T16:11:40.324Z provider:auth Exp claim: 1666109560
2022-10-18T16:11:40.324Z provider:auth Current_time: 1666109500.324
2022-10-18T16:11:40.324Z provider:auth Time passed: 0.32399988174438477
2022-10-18T16:11:40.324Z provider:auth Validating nonce
2022-10-18T16:11:40.324Z provider:auth Nonce: fwgjyae31a184vcd3ai2tjy2j
2022-10-18T16:11:40.324Z provider:auth Tool's clientId: Z7rCANX5axLaUQB
2022-10-18T16:11:40.326Z provider:auth Storing nonce
2022-10-18T16:11:40.327Z provider:auth Initiating LTI 1.3 core claims validation
2022-10-18T16:11:40.328Z provider:auth Checking Message type claim
2022-10-18T16:11:40.328Z provider:auth Checking Target Link Uri claim
2022-10-18T16:11:40.328Z provider:auth Checking Resource Link Id claim
2022-10-18T16:11:40.328Z provider:auth Checking LTI Version claim
2022-10-18T16:11:40.328Z provider:auth Checking Deployment Id claim
2022-10-18T16:11:40.328Z provider:auth Checking Sub claim
2022-10-18T16:11:40.328Z provider:auth Checking Roles claim
2022-10-18T16:11:40.329Z provider:auth Successfully validated token!
2022-10-18T16:11:40.334Z provider:main Generating ltik
2022-10-18T16:11:40.334Z provider:main Redirecting to endpoint with ltik
2022-10-18T16:11:40.432Z provider:main Receiving request at path: /launch
2022-10-18T16:11:40.432Z provider:main Path does not match reserved endpoints
2022-10-18T16:11:40.432Z provider:main Cookies received:
2022-10-18T16:11:40.432Z provider:main [Object: null prototype] {
ltiaHR0cHM6Ly9tb29kbGVzdGcwMi50b29sd2lyZS5jb21aN3JDQU5YNWF4TGFVUUI3: '2'
}
2022-10-18T16:11:40.432Z provider:main Ltik found
2022-10-18T16:11:40.432Z provider:main Ltik successfully verified
2022-10-18T16:11:40.432Z provider:main validLtik= {
platformUrl: 'https://moodlestg02.toolwire.com',
clientId: 'Z7rCANX5axLaUQB',
deploymentId: '7',
platformCode: 'ltiaHR0cHM6Ly9tb29kbGVzdGcwMi50b29sd2lyZS5jb21aN3JDQU5YNWF4TGFVUUI3',
contextId: 'https%3A%2F%2Fmoodlestg02.toolwire.comZ7rCANX5axLaUQB74_29',
user: '2',
s: 'ecbb10244b80cd19283a16dde146dd42a42047b3fcd0c41fcd',
iat: 1666109500
}
2022-10-18T16:11:40.432Z provider:main Attempting to retrieve matching session cookie
2022-10-18T16:11:40.432Z provider:auth Valid session found
2022-10-18T16:11:40.436Z provider:main Passing request to next handler
Tue, 18 Oct 2022 16:11:40 GMT alai:routes /launch Registered Incumbent Id: 2489 with token:MjQ4OTphNTFkYzI1MTQ3ZDc0NWRmODFlMzM0ODdkM2YzNDljNzA0MjI5Y2Y= Redirecting to:
https://learning.praxislxp.com/alai/api/auth.jsp? coid=1090&embed=1&l=1&TWAuthorization=xxx%3D<ik=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwbGF0Zm9ybVVybCI6Imh0dHBzOi8vbW9vZGxlc3RnMDIudG9vbHdpcmUuY29tIiwiY2xpZW50SWQiOiJaN3JDQU5YNWF4TGFVUUIiLCJkZXBsb3ltZW50SWQiOiI3IiwicGxhdGZvcm1Db2RlIjoibHRpYUhSMGNITTZMeTl0YjI5a2JHVnpkR2N3TWk1MGIyOXNkMmx5WlM1amIyMWFOM0pEUVU1WU5XRjRUR0ZWVVVJMyIsImNvbnRleHRJZCI6Imh0dHBzJTNBJTJGJTJGbW9vZGxlc3RnMDIudG9vbHdpcmUuY29tWjdyQ0FOWDVheExhVVFCNzRfMjkiLCJ1c2VyIjoiMiIsInMiOiJlY2JiMTAyNDRiODBjZDE5MjgzYTE2ZGRlMTQ2ZGQ0MmE0MjA0N2IzZmNkMGM0MWZjZCIsImlhdCI6MTY2NjEwOTUwMH0.ywvG3loaGOUkRr6l3nSwE5cEO_PAA2sPw1ZeRf_cVJU<ilinkid=29<iurl=https%3A%2F%2Flti.praxislxp.com%2Fgrade
2022-10-18T16:11:42.804Z provider:main Receiving request at path: /launch
2022-10-18T16:11:42.804Z provider:main Path does not match reserved endpoints
2022-10-18T16:11:42.804Z provider:main Cookies received:
2022-10-18T16:11:42.804Z provider:main [Object: null prototype] {}
2022-10-18T16:11:42.804Z provider:main No ltik found
2022-10-18T16:11:42.804Z provider:main Request body: {}
2022-10-18T16:11:42.804Z provider:main Passing request to invalid token handler
Tue, 18 Oct 2022 16:11:42 GMT alai:server lti.onInvalidToken()
This is another log entry. signedCookies is undefined as well
2022-10-18T12:58:04.925Z provider:main Receiving request at path: /launch
2022-10-18T12:58:04.926Z provider:main Path does not match reserved endpoints
2022-10-18T12:58:04.926Z provider:main Cookies received:
2022-10-18T12:58:04.926Z provider:main [Object: null prototype] {}
2022-10-18T12:58:04.926Z provider:main Received idtoken for validation
2022-10-18T12:58:04.926Z provider:auth Response state: 033c0ace238ffa2965221228d8f62b660fe58e01ac134cb64e
2022-10-18T12:58:04.926Z provider:auth Attempting to validate iss claim
2022-10-18T12:58:04.926Z provider:auth Request Iss claim: undefined
2022-10-18T12:58:04.926Z provider:auth Response Iss claim: https://iso-testing.moodle.tituslearning.com
2022-10-18T12:58:04.927Z provider:main Deleting state cookie and Database entry
2022-10-18T12:58:04.928Z provider:auth Error: MISSING_VALIDATION_COOKIE
at Auth.validateToken (/u01/ltijs/node_modules/ltijs/dist/Utils/Auth.js:98:27)
at sessionValidator (/u01/ltijs/node_modules/ltijs/dist/Provider/Provider.js:400:38)
at Layer.handle [as handle_request] (/u01/ltijs/node_modules/express/lib/router/layer.js:95:5)
at trim_prefix (/u01/ltijs/node_modules/express/lib/router/index.js:328:13)
at /u01/ltijs/node_modules/express/lib/router/index.js:286:9
at Function.process_params (/u01/ltijs/node_modules/express/lib/router/index.js:346:12)
at next (/u01/ltijs/node_modules/express/lib/router/index.js:280:10)
at serveStatic (/u01/ltijs/node_modules/serve-static/index.js:75:16)
at Layer.handle [as handle_request] (/u01/ltijs/node_modules/express/lib/router/layer.js:95:5)
at trim_prefix (/u01/ltijs/node_modules/express/lib/router/index.js:328:13)
2022-10-18T12:58:04.928Z provider:main Passing request to invalid token handler
Tue, 18 Oct 2022 12:58:04 GMT alai:server lti.onInvalidToken()
Screenshots
Ltijs version
latest 5.9.0
NodeJS version
npm v 8.19.1
"dependencies": {
"dotenv": "^8.6.0",
"express": "^4.18.1",
"express-session": "^1.17.3",
"fs": "^0.0.1-security",
"ltijs": "^5.9.0",
"node-fetch": "^2.6.1"
}
Platform used
Moodle
Additional context
Add any other context about the problem here.
The text was updated successfully, but these errors were encountered: