-
-
Save matthanger/1171921 to your computer and use it in GitHub Desktop.
<?php | |
# ------------------------------ | |
# START CONFIGURATION SECTION | |
# | |
$launch_url = "https://lti.tools/test/tp.php"; | |
$key = "12345"; | |
$secret = "secret"; | |
$launch_data = array( | |
"user_id" => "292832126", | |
"roles" => "Instructor", | |
"resource_link_id" => "120988f929-274612", | |
"resource_link_title" => "Weekly Blog", | |
"resource_link_description" => "A weekly blog.", | |
"lis_person_name_full" => "Jane Q. Public", | |
"lis_person_name_family" => "Public", | |
"lis_person_name_given" => "Given", | |
"lis_person_contact_email_primary" => "[email protected]", | |
"lis_person_sourcedid" => "school.edu:user", | |
"context_id" => "456434513", | |
"context_title" => "Design of Personal Environments", | |
"context_label" => "SI182", | |
"tool_consumer_instance_guid" => "lmsng.school.edu", | |
"tool_consumer_instance_description" => "University of School (LMSng)" | |
); | |
# | |
# END OF CONFIGURATION SECTION | |
# ------------------------------ | |
$now = new DateTime(); | |
$launch_data["lti_version"] = "LTI-1p0"; | |
$launch_data["lti_message_type"] = "basic-lti-launch-request"; | |
# Basic LTI uses OAuth to sign requests | |
# OAuth Core 1.0 spec: http://oauth.net/core/1.0/ | |
$launch_data["oauth_callback"] = "about:blank"; | |
$launch_data["oauth_consumer_key"] = $key; | |
$launch_data["oauth_version"] = "1.0"; | |
$launch_data["oauth_nonce"] = uniqid('', true); | |
$launch_data["oauth_timestamp"] = $now->getTimestamp(); | |
$launch_data["oauth_signature_method"] = "HMAC-SHA1"; | |
# In OAuth, request parameters must be sorted by name | |
$launch_data_keys = array_keys($launch_data); | |
sort($launch_data_keys); | |
$launch_params = array(); | |
foreach ($launch_data_keys as $key) { | |
array_push($launch_params, $key . "=" . rawurlencode($launch_data[$key])); | |
} | |
$base_string = "POST&" . urlencode($launch_url) . "&" . rawurlencode(implode("&", $launch_params)); | |
$secret = urlencode($secret) . "&"; | |
$signature = base64_encode(hash_hmac("sha1", $base_string, $secret, true)); | |
?> | |
<html> | |
<head></head> | |
<!-- <body onload="document.ltiLaunchForm.submit();"> --> | |
<body> | |
<form id="ltiLaunchForm" name="ltiLaunchForm" method="POST" action="<?php printf($launch_url); ?>"> | |
<?php foreach ($launch_data as $k => $v ) { ?> | |
<input type="hidden" name="<?php echo $k ?>" value="<?php echo $v ?>"> | |
<?php } ?> | |
<input type="hidden" name="oauth_signature" value="<?php echo $signature ?>"> | |
<button type="submit">Launch</button> | |
</form> | |
<body> | |
</html> |
Hi, why do you double-encode the launch params on line 53 and line 56?
Hi, I tried to implement this Script but I only get an error by Moodle (this is used as LTI Provider): Invalid signature ours= Gi32FwbHmUJVnMuP/QR3isXRMWA= yours=9nAEE7fPnF/9T657HiRis6PmVqU=
What can I do?
I have exactly the same problem as @rschrenk.
I got a signature mismatch aswell. I found the reason for it:
From https://www.imsglobal.org/specs/ltiv1p0/implementation-guide#toc-21:
Notice that all of the POST values, including the submit button, are included in the base string (i.e., the string signed by OAuth).
Just add "submit" => "Launch"
to the end of $launch_data
.
How can I get info from the LTI provider?
Hi all, this gist is pretty old at this point. You may want to look elsewhere, or at the LTI Implementation Guide: http://www.imsglobal.org/specs/ltiv1p1/implementation-guide
Here are other resources that might be useful:
I got a signature mismatch aswell. I found the reason for it:
From https://www.imsglobal.org/specs/ltiv1p0/implementation-guide#toc-21:
Notice that all of the POST values, including the submit button, are included in the base string (i.e., the string signed by OAuth).
Just add
"submit" => "Launch"
to the end of$launch_data
.
this doesn't seems to resolve the issue, can some one tell me the fix please, am looking for a LTI consumer only
@matthanger pls review this
I was able to fix the issue, the issue I see is invalid signature, because I have added param in lunch url
@yousufttp can you please let me know how you fixed the issue .
Thank you very much, it is working
How can I get a response from the LTI provider?
if you're getting LTI request from different source make sure to unset param
unset($launch_data['oauth_signature'])
More developer support for IMS Basic LTI: http://www.imsglobal.org/developers/BLTI/