The LTI working group has added a new login flow to the specification and Sakai need to implement the new flow to be compliant with LTI 1.3.
I will try to keep this in a single JIRA to simplify back-porting to Sakai-19. Subtasks:
Add OIDC-required data model items to the lti_tools table
When state parameter is missing, redirect to configured third-party OIDC endpoint as appropriate, login_hint includes signed information about user and resource link, target_link_uri is the ultimate LTI launch URL within the tool
Add OIDC authorization endpoint to receive the authorization request, check for state parameter, verify contents of the login_hint, and prepare the actual lti_launch including the state value.