oauth2.0 如何使用.NET Core发送LTI 1.3 LtiDeepLinkingResponse

1tu0hz3e  于 2023-05-16  发布在  .NET
关注(0)|答案(1)|浏览(288)

我们正在努力使用.NET核心发送LtiDeepLinkingResponse。获取错误为**{“errors”:{“jwt”:[{“attribute”:“jwt”,“type”:“JWT format is invalid”,“message”:“JWT format is invalid”}]}}**
我们指的是此处提供的解决方案https://github.com/LtiLibrary/LtiAdvantage
在代码中形成响应为

var Token = handler.ReadJwtToken(idToken);
 LtiDeepLinkRequest = new LtiDeepLinkingRequest(Token.Payload);
var response = new LtiDeepLinkingResponse
                {
                    Data = LtiDeepLinkRequest.DeepLinkingSettings.Data,
                    DeploymentId = LtiDeepLinkRequest.DeploymentId
                };

            var contentItems = new List<ContentItem>();
            var customParameters = LtiDeepLinkRequest.Custom;
            var platformId = "1000000101";

            List<UseCase> selectedUsecases = new List<UseCase>();
            selectedUsecases.Add(new UseCase
            {
                WebGLUrl = "our_web_page.html",
                Module = "ModuleName",
                Description = "Module Description",
                Topics = "Module Topics"
            });

            foreach (var useCase in selectedUsecases)
            {
                var url = Url.Page("/Index", null, new { platformId = platformId }, Request.Scheme);
                var contentItem = new LtiLinkItem
                {
                    Title = useCase.Module,
                    Text = useCase.Description,
                    Url = url,
                    Custom = new Dictionary<string, string>
                        {
                            { "activity_id", useCase.Id.ToString() }
                      
                        }
                };

                if (customParameters != null)
                {
                    foreach (var keyValue in LtiDeepLinkRequest.Custom)
                    {
                        contentItem.Custom.TryAdd(keyValue.Key, keyValue.Value);
                    }
                }
                contentItems.Add(contentItem);
            }

            response.ContentItems = contentItems.ToArray();
            response.AddClaim(new Claim(JwtRegisteredClaimNames.Iss, LtiDeepLinkRequest.Aud[0]));
            response.AddClaim(new Claim(JwtRegisteredClaimNames.Aud, LtiDeepLinkRequest.Iss));
            response.AddClaim(new Claim(JwtRegisteredClaimNames.Sub, LtiDeepLinkRequest.Sub));
            response.AddClaim(new Claim(JwtRegisteredClaimNames.Iat, EpochTime.GetIntDate(DateTime.UtcNow).ToString()));
            response.AddClaim(new Claim(JwtRegisteredClaimNames.Nbf, EpochTime.GetIntDate(DateTime.UtcNow.AddSeconds(-5)).ToString()));
            response.AddClaim(new Claim(JwtRegisteredClaimNames.Exp, EpochTime.GetIntDate(DateTime.UtcNow.AddMinutes(5)).ToString()));
            response.AddClaim(new Claim(JwtRegisteredClaimNames.Nonce, IdentityModel.CryptoRandom.CreateUniqueId(8)));

           RsaSecurityKey key = new RsaSecurityKey(RSA.Create());
        key.KeyId = "ourjwkskeyid";
        var credentials = new SigningCredentials(key, SecurityAlgorithms.RsaSha256);
        var header = new JwtHeader(credentials);
        var jwt = handler.WriteToken(new JwtSecurityToken(header, response));

            return Post("JWT", jwt, LtiDeepLinkRequest.DeepLinkingSettings.DeepLinkReturnUrl);

其他规定的方法是-

private static ContentResult Post(string name, string value, string url)
        {
            return new ContentResult
            {
                Content = "<html><head><title></title></head><body onload=\"document.contentitems.submit()\">"
                          + $"<form name=\"contentitems\" method=\"post\" action=\"{url}\">"
                          + $"<input type=\"hidden\" name=\"{name}\" value=\"{value}\" /></body></html>",
                ContentType = "text/html",
                StatusCode = StatusCodes.Status200OK
            };
        }

我们已确认有效载荷的格式正确。有效载荷为

{
          "https://purl.imsglobal.org/spec/lti/claim/message_type": "LtiDeepLinkingResponse",
          "https://purl.imsglobal.org/spec/lti/claim/version": "1.3.0",
          "iss": "1000000101",
          "aud": "https://canvas.instructure.com",
          "exp": "1674104792",
          "iat": "1674104492",
          "nonce": "gdT446jJTgc",
          "azp": "0omiNPx2v5Q",
          "https://purl.imsglobal.org/spec/lti/claim/deployment_id": "11767:105256654",
          "https://purl.imsglobal.org/spec/lti-dl/claim/content_items": [
            {
              "custom": {
                "activity_id": "0"
              },
              "text": "Module Description",
              "title": "ModuleName",
              "type": "ltiResourceLink",
              "url": "our_web_page.html"
            }
          ]
        }

你能告诉我这里面可能缺少什么吗?或任何.NET Core库参考,从中我们可以探索如何发送LtiDeepLinkingResponse

vmpqdwk3

vmpqdwk31#

您缺少索赔/数据
https://purl.imsglobal.org/spec/lti-dl/claim/data值必须与LtiDeepLinkedingRequest消息中https://purl.imsglobal.org/spec/lti-dl/claim/deep_linking_settings声明的data属性值匹配。如果在LtiDeepLinkingRequest消息中存在,则需要此声明。
https://www.imsglobal.org/spec/lti-dl/v2p0#data
使用LtiAdvantage Lib for C#,您可以使用LtiDeepLinkingRequest.DeepLinkingSettings.Data获取LtiDeepLinkingRequest中的数据
如果你以这种方式生成密钥:

RsaSecurityKey key = new RsaSecurityKey(RSA.Create());

您不会将它们保存在任何地方,平台将向您的工具JWKS URL发出请求,以获取公钥并验证签名。
查看您的参考文献中的PemHelper class以了解从哪里开始。

相关问题