Invalid LTI Signature
Got Invalid LTI Signature when delivering test in LTI application (Moodle 3.7 - TAO 3.3-rc01).
I have followed this guide (https://userguide.taotesting.com/3.1/advanced-features/lti-applications.html).
Please see if anything else needed to be done.
Stack trace as followed:
{code}Invalid signature {"exception":"[object] (IMSGlobal\LTI\OAuth\OAuthException(code: 0): Invalid signature at /var/www/html/vendor/imsglobal/lti/src/OAuth/OAuthServer.php:198)
[stacktrace]
/var/www/html/vendor/imsglobal/lti/src/OAuth/OAuthServer.php(84): IMSGlobal\LTI\OAuth\OAuthServer->check_signature(Object(IMSGlobal\LTI\OAuth\OAuthRequest), Object(IMSGlobal\LTI\OAuth\OAuthConsumer), Object(IMSGlobal\LTI\OAuth\OAuthToken))
/var/www/html/tao/models/classes/oauth/OauthService.php(123): IMSGlobal\LTI\OAuth\OAuthServer->verify_request(Object(IMSGlobal\LTI\OAuth\OAuthRequest))
/var/www/html/taoLti/models/classes/LtiAuthAdapter.php(76): oat\tao\model\oauth\OauthService->validate(Object(common_http_Request))
/var/www/html/taoLti/models/classes/LtiService.php(56): oat\taoLti\models\classes\LtiAuthAdapter->authenticate()
/var/www/html/taoLti/controller/ToolModule.php(66): oat\taoLti\models\classes\LtiService->startLtiSession(Object(common_http_Request))
/var/www/html/tao/models/classes/routing/ActionEnforcer.php(154): call_user_func_array(Array, Array)
/var/www/html/tao/models/classes/routing/TaoFrontController.php(86): oat\tao\model\
outing\ActionEnforcer->execute()
/var/www/html/tao/models/classes/mvc/Bootstrap.php(332): oat\tao\model\
outing\TaoFrontController->legacy(Object(common_http_Request))
/var/www/html/tao/models/classes/mvc/Bootstrap.php(172): oat\tao\model\mvc\Bootstrap->mvc()
/var/www/html/tao/models/classes/mvc/Bootstrap.php(234): oat\tao\model\mvc\Bootstrap->dispatchHttp()
/var/www/html/index.php(31): oat\tao\model\mvc\Bootstrap->dispatch()
{main}{code}
Comments
Looks like an authorization error - Invalid signature at /var/www/html/vendor/imsglobal/lti/src/OAuth/OAuthServer.php
Double check you have the correct information.
Hi all,
I have a similar problem. Intention is to integrate with Moodle but also getting same result using the IMS LTI Tool Consumer emulator.
I too have followed the guide..
Any thoughts welcome!
Thanks,
Tim
Just in case it's useful to anybody else, I found the issue I was having.
I'm using NGINX as a a reverse proxy and the host/port forms part of the oauth request, which is then different by the time it's validated.
Had to set the following in NGINX config:
proxy_set_header Host $host:$server_port;