LTI shows login screen of another platform

LTI shows login screen of another platform

by Parul Prakash -
Number of replies: 3

Hi,

I have seen the "https://moodle.org/mod/forum/discuss.php?d=345828" LIT Authentication post..but still m not able to resolve this error.

I am using Moodle Moodle 3.9.1+ as LTI Provider and Moodle 3.10.1+ as LTI Consumer both are on http server

I have done all the steps required for configuring LTI in both moodle 

but when I integrate the LTI on I am getting redirected to the login page of other site.

Although I can see the enrolled users in LTI provider site


Attachment Screenshot 2021-02-15 at 2.14.06 PM.png
Average of ratings: -
In reply to Parul Prakash

Re: LTI shows login screen of another platform

by Jeremy Schulz -
Picture of Core developers
I have the same problem, too and i have looked through the post mentioned above with no results.

My provider is a moddle 35 and my consumer is a moodle 39.
And whenever I select the Launch Container as either "Embed" or "Embed, without blocks" it shows the login screen
and when I select "Existing window" or "New window" it works perfectly fine and asks me for the Data Protection confirmation as it should for new users.

In both cases I can see the account created by LTI on the Provider moodle.
And obviously there is nothing wrong with the url's because it works in new windows but for completeness sake,
The url generated and used after saving the cartridge url ends with "/enrol/lti/tool.php?id=".

So obviously there seem to be a problem with passing the login data to the frame or something.
Does anybody have any help for that?


EDIT:
So basically the same problem as described here (https://moodle.org/mod/forum/discuss.php?d=421351). Though there is no answer either sad
Average of ratings: -
In reply to Jeremy Schulz

Re: LTI shows login screen of another platform

by Jeremy Schulz -
Picture of Core developers

Here are the access logs for the provider moodle if that is important:

When the "Embed" option is selected it goes directly from course view to login:

"POST /enrol/lti/tool.php?id=1 HTTP/2.0" 303 753 "<consumer-Moodle url>" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.77 Safari/537.36"
"GET /course/view.php?id=3 HTTP/2.0" 303 634 "<consumer-Moodle url>" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.77 Safari/537.36"
"GET /login/index.php HTTP/2.0" 200 22343 "<consumer-Moodle url>" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.77 Safari/537.36"


while when using the a "Window" option it takes the user to policy acceptance as it should:

"POST /enrol/lti/tool.php?id=1 HTTP/2.0" 303 753 "<consumer-Moodle url>" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.77 Safari/537.36"
"GET /course/view.php?id=3 HTTP/2.0" 303 573 "<consumer-Moodle url>" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.77 Safari/537.36"
"GET /admin/tool/policy/index.php HTTP/2.0" 303 840 "<consumer-Moodle url>" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.77 Safari/537.36"
"GET /admin/tool/policy/view.php?versionid=1&returnurl=https%3A%2F%2F<provider-Moodle url>%2Fadmin%2Ftool%2Fpolicy%2Findex.php&numpolicy=1&totalpolicies=1 HTTP/2.0" 200 71005 "<consumer-Moodle url>" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.77 Safari/537.36"




EDIT1:

Okay actually this error seems to only occur when using incognito mode to access the consumer moodle and then clicking on the lti item and it works as expected in guest or normal mode, so I guess it is fine.
I assume this is due to the fact that chrome introduced the blocking of third party apps by default some time back (https://support.google.com/chrome/answer/9977812?hl=en) but that is just a guess.

Average of ratings: -
In reply to Jeremy Schulz

Re: LTI shows login screen of another platform

by Jake Dallimore -
Picture of Core developers Picture of Moodle HQ Picture of Particularly helpful Moodlers Picture of Peer reviewers Picture of Plugin developers Picture of Testers
Hi Jeremy,

Yes, this could be a cause of the problem, depending which version of chrome you're using and how it's configured. We addressed the chrome samesite cookies issue a while back, but it looks like you're running 3.9 so that shouldn't be a problem. You'll want to consider upgrading that 3.5 site though, since that is now out of support.

That said, I've had reports from a few sources of tool launch issues from versions of Moodle which should have received that patch, so there may be more to it. If you find yourself in that situation, please check out the response headers in the browser dev tools and post back here if you find any 'Set-Cookie' headers there. That seems to be the symptom to a potential problem that I've yet to track down.

Thanks
Jake
Average of ratings: -