Moodle in English: How to write an authentication for an external tool (LTI tool provider side) ?

How to write an authentication for an external tool (LTI tool provider side) ?

by Benoît M - Tuesday, 16 January 2018, 10:47 PM

Hi,

I have an external PHP app (tool provider) that I want to use with our Moodle as an external tool activity.

I configure the Launch URL,Secure launch URL,Consumer key, Shared secret,etc...

When I click on the link, it opens successfully my app launching a post request with the following information (dumped from my browser debug tool):

oauth_version:1.0
oauth_nonce:2f025d85fdcaaee29bbe371fb81b19b1
oauth_timestamp:1516112873
oauth_consumer_key:clef_client
resource_link_title:test exernal tool
resource_link_description:
user_id:48521
lis_person_sourcedid:
roles:Instructor,urn:lti:sysrole:ims/lis/Administrator,urn:lti:instrole:ims/lis/Administrator
context_id:109
context_label:Cours de test
...
custom_foo:bar
launch_presentation_document_target:fram
launch_presentation_return_url:https://moodle.local/mod/lti/return.php?course=109&launch_container=5&instanceid=145&sesskey=UR71TFv0Bv
oauth_signature_method:HMAC-SHA1
oauth_signature:56oSlZxu0di36xhQhmCpIXmi5kw=

I would like now to write authentication code on my external tool side according to this documentation:

If I understand well the schema, I should check that the oauth_signature ('56oSlZxu0di36xhQhmCpIXmi5kw=') using the shared secred and other attributes on my app side?

Am I right?

How can I achieve that? Is there any lib to that?

A PHP snippet will be welcome.

greetings,

ben

Average of ratings: -

Re: How to write an authentication for an external tool (LTI tool provider side) ?

by Joost van der Borg - Wednesday, 17 January 2018, 4:57 PM

IMS has a PHP library for this on GitHub: https://github.com/IMSGlobal/LTI-Tool-Provider-Library-PHP which can help with this, or at least provide an example of a working implementation. More generally, documentation for LTI can be found at https://www.imsglobal.org/activity/learning-tools-interoperability.

Average of ratings: -

Re: How to write an authentication for an external tool (LTI tool provider side) ?

by Benoît M - Wednesday, 17 January 2018, 9:45 PM

Hi Joost,

thanks for your answer!

This looks good, I am testing this lib, I will try to post an answer if the result is successfull.

There is a wiki for this lib directly at github.

greetings,

ben

Average of ratings: -

Re: How to write an authentication for an external tool (LTI tool provider side) ?

by Benoît M - Friday, 19 January 2018, 9:30 PM

This lib is finally working, I wrote some doucmentation on this wiki.

Greetings,

ben

Average of ratings: -

LTI and Moodle

How to write an authentication for an external tool (LTI tool provider side) ?

How to write an authentication for an external tool (LTI tool provider side) ?

Re: How to write an authentication for an external tool (LTI tool provider side) ?

Re: How to write an authentication for an external tool (LTI tool provider side) ?

Re: How to write an authentication for an external tool (LTI tool provider side) ?

Empowering educators to improve our world

Moodle

Support

Get Involved

Contributions

Downloads

Tracker

Development

Empowering educators to improve our world