Uploaded image for project: 'Sakai'
  1. Sakai
  2. SAK-40881

Add state flow and OpenID Connect to LTI Advantage

    Details

    • 19 status:
      Resolved
    • Conversion Script Required:
      Yes
    • Test Plan:
      Hide

      Please add a Test Plan here.

      Show
      Please add a Test Plan here.

      Description

      The LTI working group has added a new login flow to the specification and Sakai need to implement the new flow to be compliant with LTI 1.3.

      https://tools.ietf.org/html/draft-bradley-oauth-jwt-encoded-state-08

      I will try to keep this in a single JIRA to simplify back-porting to Sakai-19.  Subtasks:

       Add OIDC-required data model items to the lti_tools table

       When state parameter is missing, redirect to configured third-party OIDC endpoint as appropriate, login_hint includes signed information about user and resource link, target_link_uri is the ultimate LTI launch URL within the tool

       Add OIDC authorization endpoint to receive the authorization request, check for state parameter, verify contents of the login_hint, and prepare the actual lti_launch including the state value.

       

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                csev Charles Severance
                Reporter:
                csev Charles Severance
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Git Source Code