Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix issues that bother Blackboard, update for php-jwt v6.10.0 #81

Open
wants to merge 4 commits into
base: master
Choose a base branch
from
Open

Fix issues that bother Blackboard, update for php-jwt v6.10.0 #81

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
9ff1359
Update to work with php-jwt v6.10.0
Jan 31, 2024
12cad49
In deep linking response, 'aud' should be a bare string
Jan 31, 2024
7472713
Omit 'custom' from Deep Linking response when it is empty
Jan 31, 2024
74395f0
Revise output_response_form() and get_response_jwt() to take a kid pa…
Jan 31, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 7 additions & 1 deletion README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -199,7 +199,7 @@ $resource = LTI\LTI_Deep_Link_Resource::new()

Everything is set to return the resource to the platform. There are two methods of doing this.

The following method will output the html for an aut-posting form for you.
The following method will output the html for an auto-posting form for you.
```php
$dl->output_response_form([$resource]);
```
Expand All @@ -209,6 +209,12 @@ Alternatively you can just request the signed JWT that will need posting back to
$dl->get_response_jwt([$resource]);
```

If you've created a JWKS endpoint with `LTI\JWKS_Endpoint::new()`, the kid used in the endpoint can be provided as an additional parameter.
```php
$dl->get_response_jwt([$resource], 'a_unique_KID');

```

## Calling Services
### Names and Roles Service

Expand Down
16 changes: 11 additions & 5 deletions src/lti/LTI_Deep_Link.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,10 +14,10 @@ public function __construct($registration, $deployment_id, $deep_link_settings)
$this->deep_link_settings = $deep_link_settings;
}

public function get_response_jwt($resources) {
public function get_response_jwt($resources, string $kid = null) {
$message_jwt = [
"iss" => $this->registration->get_client_id(),
"aud" => [$this->registration->get_issuer()],
"aud" => $this->registration->get_issuer(),
"exp" => time() + 600,
"iat" => time(),
"nonce" => 'nonce' . hash('sha256', random_bytes(64)),
Expand All @@ -27,11 +27,17 @@ public function get_response_jwt($resources) {
"https://purl.imsglobal.org/spec/lti-dl/claim/content_items" => array_map(function($resource) { return $resource->to_array(); }, $resources),
"https://purl.imsglobal.org/spec/lti-dl/claim/data" => $this->deep_link_settings['data'],
];
return JWT::encode($message_jwt, $this->registration->get_tool_private_key(), 'RS256', $this->registration->get_kid());

return JWT::encode(
$message_jwt,
$this->registration->get_tool_private_key(),
'RS256',
is_null($kid) ? $this->registration->get_kid() : $kid
);
}

public function output_response_form($resources) {
$jwt = $this->get_response_jwt($resources);
public function output_response_form($resources, string $kid = null) {
$jwt = $this->get_response_jwt($resources, $kid);
?>
<form id="auto_submit" action="<?= $this->deep_link_settings['deep_link_return_url']; ?>" method="POST">
<input type="hidden" name="JWT" value="<?= $jwt ?>" />
Expand Down
5 changes: 4 additions & 1 deletion src/lti/LTI_Deep_Link_Resource.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -76,8 +76,11 @@ public function to_array() {
"presentation" => [
"documentTarget" => $this->target,
],
"custom" => $this->custom_params,
];
if (count($this->custom_params) > 0) {
$resource["custom"] = $this->custom_params;
}

if ($this->lineitem !== null) {
$resource["lineItem"] = [
"scoreMaximum" => $this->lineitem->get_score_maximum(),
Expand Down
5 changes: 3 additions & 2 deletions src/lti/LTI_Message_Launch.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@

use Firebase\JWT\JWK;
use Firebase\JWT\JWT;
use Firebase\JWT\Key;

JWT::$leeway = 5;

Expand Down Expand Up @@ -220,7 +221,7 @@ private function get_public_key() {
foreach ($public_key_set['keys'] as $key) {
if ($key['kid'] == $this->jwt['header']['kid']) {
try {
return openssl_pkey_get_details(JWK::parseKey($key));
return openssl_pkey_get_details(JWK::parseKey($key, 'RS256')->getKeyMaterial());
} catch(\Exception $e) {
return false;
}
Expand Down Expand Up @@ -299,7 +300,7 @@ private function validate_jwt_signature() {

// Validate JWT signature
try {
JWT::decode($this->request['id_token'], $public_key['key'], array('RS256'));
JWT::decode($this->request['id_token'], new Key($public_key['key'], 'RS256'));
} catch(\Exception $e) {
var_dump($e);
// Error validating signature.
Expand Down