Compatibility with Moodle
martinsam opened this issue · 11 comments
After many tries I still don't understand the problem between Moodle and pylti1.3.
I able to manage LMS moodle 3.11 with LTI plugin WP, LTI handshake is good.
Add LTI Advantage : I use "auto registration/configuration" when everyone is compatible it is happiness. This is not the case of Pylti1.3, but not blocking. -> You have understood this mechanism saves time and avoids filling out a form and making mistakes
I need your help, I can't get PyLti1.3 to work with Moodle. I have a strange behavior.
Moodle : says one and only thing : Invalid Request
Here is a summary of the requests when it goes well with WP LTI TOOL plugin , I use like a "good example" :
POST Status code 200 ?lti-tool -> TOOL
params:
POST 200 auth.php -> LMS
POST 302 ?lti-tool
Here is a summary of the requests when it goes wrong with pyLTI1.3 :
POST 200 /login/ --> TOOL pylti1.3
GET 302 http://xxxx:9001/login/
GET 404 auth.php
Moodle would not be compatible with the GET method used by pyLti ?
I use this module with Moodle ok. Check your Moodle logs, it might tell you why the request is invalid.
I've also got it working - between moodle and a django app as the tool.
I have three communications between moodle & my tool:
- a
POSTcall to login - a
GETcall to login - a
POSTcall tolaunch
I've also got it working with either the public key hard-coded in the moodle-conf, or with the jwks call
Moodle is configured thus:
Platform ID: https://moodle.example.com/
Client ID: 1234567890abc
Deployment ID: 3
Public keyset URL: https://moodle.example.com/mod/lti/certs.php
Access token URL: https://moodle.example.com/mod/lti/token.php
Authentication request URL: https://moodle.example.com/mod/lti/auth.php
After looking at the moodle errors I realized that I had entered the wrong url for "Redirect URL" in Manage tools.
/launch and not "/login" ...
Side Python :
"deployment_ids": ["24"] and not "deployment_ids": [24]
I have a last "not" blocking error
Python Side (GET- 500) :
LtiException at /api/scoreboard/lti1p3-launch-72d49269-5020-4e10-ad4a-404e09f6d528/
Missing required scope
I haven't implemented the scoreboard code - I think it's game specific.
Have you seen these - I think they drove the php code from which the python stuff was inspired:
LTI Spotlight: Build A Tool With Martin Lenord—Part 1 - LTI 1.3 Launch
LTI Spotlight: Build A Tool With Martin Lenord—Part 2 - Deep Linking Capabilities
LTI Spotlight: Build A Tool With Martin Lenord—Part 3 - Assignment & Grades Service
LTI Spotlight: Build A Tool With Martin Lenord—Part 4 - Names & Roles Provisioning Service
I'm trying to achieve what you guys achieved, but I'm getting this error:
pylti1p3-django-example | [20/Apr/2022 12:48:21] "POST /login/ HTTP/1.1" 200 3198
pylti1p3-django-example | [20/Apr/2022 12:48:22] "GET /login/?lti1p3_new_window=1&iss=http%3A%2F%2Flocalhost&login_hint=2&target_link_uri=http%3A%2F%2Fgame%3A9001%2Flaunch<i_message_hint=2<i_deployment_id=1&client_id=AhAqV0N4rEuwF8e HTTP/1.1" 302 0
pylti13-django-example-moodle-1 | 172.26.0.1 - - [20/Apr/2022:12:48:22 +0000] "GET /mod/lti/auth.php?scope=openid&response_type=id_token&response_mode=form_post&prompt=none&client_id=AhAqV0N4rEuwF8e&redirect_uri=http%3A%2F%2Fgame%3A9001%2Flaunch&state=state-6cdff22b-68e6-4aea-88b2-8cd9eaa756a7&nonce=0caf3ddf6b0241a88ae5957c21de507929b614c8c0a811ec821b0242ac1a0004&login_hint=2<i_message_hint=2 HTTP/1.1" 404 126046
And I can't figure out if it's a configuration issue or a networking issue with Docker (running both this project and moodle with Docker on Mac).
This is what I added to game.json:
"http://localhost": [{
"default": true,
"client_id": "AhAqV0N4rEuwF8e",
"auth_login_url": "http://localhost/mod/lti/auth.php",
"auth_token_url": "http://localhost/mod/lti/token.php",
"key_set_url": "http://localhost/mod/lti/certs.php",
"key_set": null,
"private_key_file": "private.key",
"public_key_file": "public.key",
"deployment_ids": [1]
}]
This is my config in Moodle:
Tool URL: http://127.0.0.1:9001
Public keyset: http://127.0.0.1:9001/jwks
Inititate login URL: http://127.0.0.1:9001/login
Redirection (URI(s)): http://127.0.0.1:9001/launch
I'm trying all sort of combinations but still can't make it work. I'd appreciate if you can point me in the right direction @martinsam @perllaghu
Good Config in MOODLE :
- Tool URL: http://127.0.0.1:9001/launch/
- Public keyset: http://127.0.0.1:9001/jwks/
- Inititate login URL: http://127.0.0.1:9001/login/
- Redirection (URI(s)): http://127.0.0.1:9001/launch/
Good Config in Python/Django (game.json) -> for me..
"http://xxx/moodle311": [{
"default": true,
"client_id": "kbsxtvmvKKNtLMJ",
"auth_login_url": "http://xxxx/moodle311/mod/lti/auth.php",
"auth_token_url": "http://xxx/moodle311/mod/lti/token.php",
"key_set_url": "http://xxx/moodle311/mod/lti/certs.php",
"key_set": "",
"private_key_file": "private.key",
"public_key_file": "public.key",
"deployment_ids": ["24"]
}]
}
For the poor soul that may stumble upon this with the same problem.
I made it work with @martinsam configuration pattern (thanks!), and on top of that I had to do a few things:
Because I'm running both this service and moodle on Docker (in the same network), this is how my game.json looks like:
{
"http://localhost": [{
"default": true,
"client_id": "kmyQBKCO6h9bTxA",
"auth_login_url": "http://localhost//mod/lti/auth.php",
"auth_token_url": "http://localhost/mod/lti/token.php",
"key_set_url": "http://moodle:8080/mod/lti/certs.php",
"key_set": "",
"private_key_file": "private.key",
"public_key_file": "public.key",
"deployment_ids": ["1"]
}]
}
Notice for some URLs I use localhost (these are browser->container) and for others moodle:8080 (these are container->container)
It also seems like I'm running an old version of Moodle (https://hub.docker.com/r/bitnami/moodle) and I had to add this env var to the python service:
environment:
# This is needed because Moodle is still using openssl 1.02
- CRYPTOGRAPHY_ALLOW_OPENSSL_102=1
If there is no issue left perhaps you could close this @martinsam ?