Can someone tell me what parameters go into the signature base string that is used to create the "oauth_signature" parameter when Moodle 3.6.3 makes a call to an external tool?
I am writing a custom LTI Provider and have connected it to a Moodle external tool. When Moodle calls me, I get the POST parameters in the attachment (with some obfuscation).
I need the string that Moodle uses to create the "oauth_signature" so I can re-create it and verify. I know the string begins with:
"POST&https%3A%2F%2Fmy_url.com
but I need to know what other arguments Moodle puts into this string and in what order. That is, how to generate the string.
Please don't refer me to the IMS Global website because I am not a member and they don't seem to make their specs public as near as I can tell.
Thanks in advance, Brownell
