LTI integration get access token/ bearer token

LTI integration get access token/ bearer token

by Nurul Ain -
Number of replies: 3

Hi All, 

I have one question regarding the LTI integration with moodle, 

I do implement the LTI 1.3 feature connect to our system with Moodle, Successfully integrate the LTI 1.3.

Anyhow, to implement  Asignment and Grades services, we need to have the bearer/access token. 

We do stuck at this getting bearer token.  As I follow this step also didnt work at our site.

https://medium.com/@damithperera10/assignments-and-grades-integration-in-moodle-lms-lti-1-3-with-client-credentials-base-oauth-2-0-1594148382d4


Always return us the invalid request for this part.

Anyone know that is it we need to have some settings at Moodle?

Thanks, 

Nurul


(Edited by Jake Dallimore - original submission Thursday, January 20, 2022, 2:20 PM)

Average of ratings: -
In reply to Nurul Ain

Re: LTI integration get access token/ berer token

by Jake Dallimore -
Picture of Core developers Picture of Moodle HQ Picture of Particularly helpful Moodlers Picture of Peer reviewers Picture of Plugin developers Picture of Testers
Hi Nurul,

That's going to be hard to say, because mod/lti/token.php isn't very good at telling us what went wrong in situations like this. Your best bet is to debug that script directly with xdebug, provided you control the Moodle instance on a dev site (certainly looks like you do). it could be that the client_assertion isn't a valid JWT or that its signature can't be verified. It could also be that the JWT is missing one or more of the claims we need, like 'sub'. Stepping through the mod/lti/token.php code as you fire the request would be the way to go I think.

Hope that helps,
Jake
Average of ratings: -
In reply to Jake Dallimore

Re: LTI integration get access token/ berer token

by Nurul Ain -
Hi Jake,
Thanks for your reply.
Here is our signed jwt. As I see from our jwt, it actually already contains all the claims needed sub, iss, aud, iat, exp and jti
{
"kid": "7Zmk3dYEl9Tz9qr",
"typ": "JWT",
"alg": "RS256"
}
{
"sub": "7Zmk3dYEl9Tz9qr",
"iss": "7Zmk3dYEl9Tz9qr",
"aud": "https://*********/mod/lti/token.php",
"iat": 1642663812,
"exp": 1642664172,
"jti": "733df072c7224745b3e7fd7e63e921c2"
}

I'm not sure if anything that I missed out from our jwt.
Thanks,
Nurul
Average of ratings: -
In reply to Nurul Ain

Re: LTI integration get access token/ berer token

by Jake Dallimore -
Picture of Core developers Picture of Moodle HQ Picture of Particularly helpful Moodlers Picture of Peer reviewers Picture of Plugin developers Picture of Testers
Like I said, it's hard to know for sure without debugging the mod/lti/token.php code. I'd suggest doing that to find where $ok is being set to false and thus where it's failing.

Cheers,
Jake
Average of ratings: -