LinkedIn Learning LTI 身份验证失败
LinkedIn Learning LTI failed authentication
我正在尝试通过 LTI 连接集成 LinkedIn Learning 单点登录,但是我总是遇到响应:LTI_FAILED_AUTHENTICATION.
LinkedIn Learning - LTI_FAILED_AUTHENTICATION
当我在 Saltire 测试平台上测试时,它运行得很奇怪。
参数与我从以下代码发送的内容相匹配:
Saltire LTI Success authentication
尝试将 oauth_nonce、timestamp 和 oauth_signature 的值从 Saltire 复制到我的页面,这也奏效了,这排除了域白名单要求的可能性.
LinkedIn 支持人员回来说生成的签名似乎有问题,但我不确定它有什么问题,因为它是由传递的参数生成的。
我的页面中是否存在我没有看到的错误设置?
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta http-equiv="X-UA-Compatible" content="ie=edge">
<meta name="robots" content="noindex" />
<title>Access LinkedIn Learning</title>
<script src="bundle.js"></script>
</head>
<body>
<form id="id_frmConnect" name="frmConnect" enctype="application/x-www-form-urlencoded">
</form>
<script>
var oauth = require('oauth-sign');
var action = 'https://www.linkedin.com/checkpoint/enterprise/login/[accountID]?application=learning&redirect=https://www.linkedin.com/learning/me';
var method = 'POST';
var consumer_key = '************';
var consumer_secret = '************';
var timestamp = Math.round(Date.now() / 1000);
var params = {
lti_message_type: 'basic-lti-launch-request',
lti_version: 'LTI-1p0',
oauth_callback: 'about:blank',
oauth_consumer_key: consumer_key,
oauth_nonce: btoa(timestamp),
oauth_signature_method: 'HMAC-SHA1',
oauth_timestamp: timestamp,
oauth_version: '1.0',
user_id: 'S495696'
};
var signature = oauth.hmacsign(method, action, params, consumer_secret);
params.oauth_signature = signature;
var form = document.querySelector("#id_frmConnect");
form.action = action;
form.method = method;
for (var name in params) {
var node = document.createElement("input");
node.type = 'hidden';
node.name = name;
node.value = params[name];
form.appendChild(node);
}
</script>
</body>
</html>
我想通了这个问题。通过使用 Saltire test tool, I was able to verify that my signature was generated correctly when using their testing URL: https://lti.tools/saltire/tp
你可以在这里玩一个例子:https://learningcom.github.io/ltitest/index.html
所以在查看了 LinkedIn URL 之后,我发现生成的签名带有不必要的长 URL,其中包含 参数 。
已删除:?application=learning&redirect=https://www.linkedin.com/learning/me
因此,我将 URL 缩短为:
var action = 'https://www.linkedin.com/checkpoint/enterprise/login/[accountID]';
不再有错误!
我正在尝试通过 LTI 连接集成 LinkedIn Learning 单点登录,但是我总是遇到响应:LTI_FAILED_AUTHENTICATION.
LinkedIn Learning - LTI_FAILED_AUTHENTICATION
当我在 Saltire 测试平台上测试时,它运行得很奇怪。
参数与我从以下代码发送的内容相匹配: Saltire LTI Success authentication
尝试将 oauth_nonce、timestamp 和 oauth_signature 的值从 Saltire 复制到我的页面,这也奏效了,这排除了域白名单要求的可能性.
LinkedIn 支持人员回来说生成的签名似乎有问题,但我不确定它有什么问题,因为它是由传递的参数生成的。
我的页面中是否存在我没有看到的错误设置?
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta http-equiv="X-UA-Compatible" content="ie=edge">
<meta name="robots" content="noindex" />
<title>Access LinkedIn Learning</title>
<script src="bundle.js"></script>
</head>
<body>
<form id="id_frmConnect" name="frmConnect" enctype="application/x-www-form-urlencoded">
</form>
<script>
var oauth = require('oauth-sign');
var action = 'https://www.linkedin.com/checkpoint/enterprise/login/[accountID]?application=learning&redirect=https://www.linkedin.com/learning/me';
var method = 'POST';
var consumer_key = '************';
var consumer_secret = '************';
var timestamp = Math.round(Date.now() / 1000);
var params = {
lti_message_type: 'basic-lti-launch-request',
lti_version: 'LTI-1p0',
oauth_callback: 'about:blank',
oauth_consumer_key: consumer_key,
oauth_nonce: btoa(timestamp),
oauth_signature_method: 'HMAC-SHA1',
oauth_timestamp: timestamp,
oauth_version: '1.0',
user_id: 'S495696'
};
var signature = oauth.hmacsign(method, action, params, consumer_secret);
params.oauth_signature = signature;
var form = document.querySelector("#id_frmConnect");
form.action = action;
form.method = method;
for (var name in params) {
var node = document.createElement("input");
node.type = 'hidden';
node.name = name;
node.value = params[name];
form.appendChild(node);
}
</script>
</body>
</html>
我想通了这个问题。通过使用 Saltire test tool, I was able to verify that my signature was generated correctly when using their testing URL: https://lti.tools/saltire/tp
你可以在这里玩一个例子:https://learningcom.github.io/ltitest/index.html
所以在查看了 LinkedIn URL 之后,我发现生成的签名带有不必要的长 URL,其中包含 参数 。
已删除:?application=learning&redirect=https://www.linkedin.com/learning/me
因此,我将 URL 缩短为:
var action = 'https://www.linkedin.com/checkpoint/enterprise/login/[accountID]';
不再有错误!