OAuth signature from Moodle 2.9 does not match signature built from pylti #52
Comments
|
@sayeghr Please paste the complete contents of your terminal console for the error you describe. (You can alternately create a gist of the output and share a link to the gist). |
|
TL;DR: It probably is a missing slash in your tool URL. It turns out between Flask and Moodle there is some finickiness about using the right URLs. After a fair amount of time debugging with @pwilkins I finally got things instrumented enough to find out at least what our issue is with a bit of luck. It turns out that if you leave out a trailing / on your `Tool base URL: The settings in the screenshot were tested to work with the default flask sample app and Moodle 2.9. |
|
Thank you very much for the thorough reply. I can confirm that adding the / in moodle made the difference and I am now able to get further along. However, I am now coming across a different issue. PyLTI now seems to fail with an LTIRoleException('Not authorized.') but the endpoint has only the @LTI(request='initial', error=error, app=app). See the console below: werkzeug - * Running on http://localhost:5000/ pylti.common - params {'lti_version': u'LTI-1p0', 'lis_result_sourcedid': u'{"data":{"instanceid":"2","userid":"2","typeid":"2","launchid":315235773},"hash":"f9f476fa569f7ac34a3ea4c0c1c5e23133a02f018cc10b2f2d0ab358538bbc18"}', 'resource_link_description': u'', 'tool_consumer_info_version': u'2015051101.02', 'tool_consumer_instance_guid': u'localhost', 'oauth_signature': u'Gn+vuhHeYWoVwhnj01iBTOz0BLE=', 'context_label': u'LTI test', 'lti_message_type': u'basic-lti-launch-request', 'ext_user_username': u'admin', 'lis_person_name_full': u'- Admin -', 'context_title': u'LTI Test', 'user_id': u'2', 'oauth_consumer_key': u'consumer_key', 'launch_presentation_locale': u'en', 'context_id': u'4', 'lis_outcome_service_url': u'http://localhost:8888/moodle29/mod/lti/service.php', 'tool_consumer_info_product_family_code': u'moodle', 'oauth_callback': u'about:blank', 'lis_person_name_family': u'-', 'oauth_nonce': u'7dd9d73ea2f48ca0441da355b464da41', 'oauth_timestamp': u'1440613509', 'resource_link_title': u'LTI Second Test', 'oauth_signature_method': u'HMAC-SHA1', 'oauth_version': u'1.0', 'lis_course_section_sourcedid': u'', 'lis_person_sourcedid': u'', 'tool_consumer_instance_name': u'Moodle 2.9', 'resource_link_id': u'2', 'lis_person_contact_email_primary': u'admin@localhost', 'roles': u'Instructor,urn:lti:sysrole:ims/lis/Administrator,urn:lti:instrole:ims/lis/Administrator', 'context_type': u'CourseSection', 'ext_lms': u'moodle-2', 'lis_person_name_given': u'- Admin', 'launch_presentation_return_url': u'http://localhost:8888/moodle29/mod/lti/return.php?course=4&launch_container=3&instanceid=2&sesskey=eCECu2TrUe', 'launch_presentation_document_target': u'iframe'} |
|
The MIT LTI flask sample seems to work with Moodle now. I will now close the issue, thanks. |
|
I'd like to follow up on this since I've spent several hours debugging the same issue. I'm using Moodle 3.1 and connecting to the sample flask server. I disabled debugging in the flask server, which also disables the automatic adding-on of the missing "/". When I do that, and omit the trailing "/" in the moodle LTI config, the LTI call fails as expected. When I add it, I get the same issue with the consumer_key as noted above. I am able to use the sample tool provider at http://ltiapps.net/test/tp.php with no problems when Moodle is the tool consumer. Likewise, I can use the sample tool consumer at http://ltiapps.net/test/tc.php against the PyLTI tool provider with no problems. But, I'm having no love at all getting Moodle to talk to the PyLTI tool provider out of the box. The only change I made was to remove the specific version requirement of uWSGI because that does not build on Ubuntu ( see https://github.com/dirkcgrunwald/mit_lti_flask_sample/blob/master/requirements.txt ). I'm going to try using Centos (in docker) as that appears to be the preferred build environment. Also, in the current version, it appears that a file "consumer_key.pem" is written in the local directory when running the server -- is this intended? |
|
After 2 days of research on this, I finally find this post! I am writing this because I am using Node, Express and a package called IMS-LTI (https://www.npmjs.com/package/ims-lti). It had the exact same issue with the trailing |
Hi there,
Not sure if I am doing something wrong but I have set up a moodle instance on my local machine to use the consumer key:
__consumer_key__and secret key:__lti_secret__with the mit_lti_flask_sample app and I am finding that hitting the / endpoint causes a pylti.flask - verify_request failed error.I used some breakpoints and I found that the oauth signature that moodle is sending does not match the signature that is being built by pylti. Do you have any insight as to what might be going on here?
The text was updated successfully, but these errors were encountered: