LTI: Invalid Client key format

[ranjiGT]

Hi I am investigating on how to connect my LMS platform with INGinious-UNCode via LTI. I have done the LTI configurations from end for UNCode but it gives the following error while connecting:

Exception caught while validating request, (invalid_request) Invalid client key format..
2022-06-27 11:49:12,766 - inginious.webapp.pages - INFO - Couldn't validate LTI request
2022-06-27 11:49:12,767 - inginious.webapp.requests - INFO - 127.0.0.1:57602 - "HTTP/1.1 POST /lti/test/4aba3bc9-673e-40d6-9a1b-da485a4d4i7m" - 403 Forbidden

I read the https://github.com/UCL-INGI/INGInious/blob/v0.6/inginious/frontend/lti_request_validator.py and it mentions the length between (1, 30). I have created a key with length 16 using openssl rand -hex 16.

If anybody has experiences on this issue it will be very helpful for me to investigate and fix this issue ?

[anthonygego]

Hello,

Indeed, the length should be between 1 and 30 chars. The openssl rand -hex 16 command outputs 16 bytes in hexadecimal format: that means 32 chars. It's too long then.

Please note that you're asking questions about a fork on the upstream project. We may not have appropriate answers if the code has been changed and won't be able to help in debugging for the obvious same reason. I recommend you to ask questions on the appropriate repo first and come here if no answer was found, but we'll only be able to provide support for our own codebase.