Uploaded image for project: 'Sakai'
  1. Sakai
  2. SAK-41398

Add Database Column to Support Tool KeySet URLs

    Details

    • Type: Task
    • Status: CLOSED
    • Priority: Major
    • Resolution: Non-Issue
    • Affects Version/s: None
    • Fix Version/s: 19.0
    • Component/s: None
    • Labels:
      None
    • Test Plan:
      Hide

      Please add a Test Plan here.

      Show
      Please add a Test Plan here.

      Description

      While it is not a required LTI 1.3 feature, it is highly desirable to allow LTI 1.3 tools to communicate their public key by supplying a keyset url like:

      https://test.tsugicloud.org/tsugi/lti/keyset?key_id=6

      Instead of hand-pasting a Public Key from the Tool's UI into Sakai's UI, the keyset url is entered.  This both reduces the possibility of error in pasting but more importantly it allows the tool to rotate its public / private pair without requiring any action on the part of the Sakai system administrator.    This allows easy recovery from leaked private keys and allows tools to have scheduled key auto-rotation.

      This is a highly desirable feature and is likely to be part of LTI 1.3.1 and some platform / LMS vendors will prefer this approach because of enhanced security.

      I would like the data model changes put into Sakai 19 as soon as possible.   I will separate the data model and UI/runtime changes and release it in an early dot release of Sakai 19.

       

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                csev Charles Severance
                Reporter:
                csev Charles Severance
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Git Source Code