I am developing an LTI 1.3 tool to work with Moodle. Currently whenever I try and obtain an access token from mod/lti/token.php I get back
-----BEGIN RSA PRIVATE KEY-----
-----END RSA PRIVATE KEY-----
-----BEGIN PUBLIC KEY-----
-----END PUBLIC KEY-----
without knowing a little more about the exact params (client_assertion, client_assertion_type, grant_type, scope) that are being passed in the
mod/lti/token.php request, it is hard to imagine what's failing exactly.
Given the error (invalid_client), it seems that the problem must be somewhere within this block of code:
So, surely there is where you should add some debugging, like
error_log() calls to see them in your web server error logs.
Coincidentally... this week I've been testing some new LTI code (membership support...) involving the use of some tools out there for testing purposes and haven't got that "invalid_client" error myself (and I was using TP's public keys).
If you find yourself unable to find the exact cause and fix it... you always can fill a new issue in the Tracker, providing as many details as possible, in order to make the exact environment and, hopefully, the problem easy to reproduce.
Also, I've performed some searches in the Tracker to see if something similar has been already reported but haven't found anything, so far.
But is there some kind of security measure thats in play? Does it check the file against something to ensure its not edited?
Not that I can imagine, I (any dev) does that all over the time and the files are just "recompiled" and processed. Maybe there is some extension in your site configured to don't accept modifications, or requiring PHP's opcaches to be cleaned... but I really cannot imagine anything.
Maybe an alternative approach that you could follow is to install a moodle instance locally, in your computer, then use ngrok to make it accesible from outside (from your tool provider) and try to reproduce/debug locally.
Of course, the Tracker way commented above, is still available, given all the details to reproduce the problem are added there.
I tried to add to the tracker, it keeps telling me: Dear Moodler, before creating a new issue you need to demonstrate that you have searched among the existing issues to see if it's already been filed. Please find a similar issue from among the open issues and either start watching it or vote for it.
Ive searched for a similar issue and there were none. But it still will not let me add a new one.
In the mean time I have attached a postman script showing the exact problem I am having.
either start watching it or vote for it
Try this for some other issue that might be relevant to you.