Found this content helpful? Log in or sign up to leave a like!
LTI - Public JWK URL (CanvasHttp::InsecureUriError)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
I am in the process of configuring my LTI tool with Canvas. Login, Launch, Deep Link, and resource selection are successful. When clicking on an assignment (using AGS), my tool checks to see if if the assignment has been completed already by checking to see if a grade exists. When requesting the access token from Canvas, I get the following error:
Error getting access token: HTTP response [https://canvas2.atlantaflight.io/login/oauth2/token]: 400 - {"error":"invalid_request","error_description":"JWK Error: CanvasHttp::InsecureUriError"}
At first glance, it would seem that my tool does not have the appropriate SSL but I've attached a screenshot of a current certificate.
Additionally, if I configure a Public JWK, it works but I would like to have it configured with a Public JWK URL instead. I have a local instance of Canvas configured via a proxy and SSL certificate. I've noticed that my JWKS endpoint isn't even reached so I'm not sure what Canvas is looking for.
Here is my JWKS endpoint: https://lti-1.groundschool.com/.well-known/jwks
It returns this:
{"keys":[{"e":"AQAB","kid":"MtBbEE_yeR0t5WBo0b24EEn3sriIvtEyZ64WNIxfFao","kty":"RSA","n":"x-CY42LsPMIjJq8Pz57OVHOXcm7-O5eWjtnl5VuKgnLA27yWLJoU_DP8WGhTgKDE5OzwdwGG5BKjatXyvzv8bKBery2BD0CFQxLKo6ZQCksP89rXbw4llZsaETSpdVAgxpWRyTJ1_o8lHeHuXcWhMF_-T1DgB7wvy7ZYdpAhOKXeuGR9MpND2xL5q2o49vF4QGMHETJB-XQTLlZSjiMCvAEDQfJoyxYIfc6Qxq8f3EkVT9Ov13k9g3OjiQneoWIkm9jmUngEfVa0c9qEw3A-vOKYZRJbEECGp1Tkwr5TG315hwnOgK4x9DDSfPMkXOjEJ3yp5qrqJHYGLK0IOIwBtw","alg":"RS256","use":"sig"}]}
Alternatively, if I manually set the Public JWK as this, I am able to successfully get an access token:
{
"e": "AQAB",
"n": "x-CY42LsPMIjJq8Pz57OVHOXcm7-O5eWjtnl5VuKgnLA27yWLJoU_DP8WGhTgKDE5OzwdwGG5BKjatXyvzv8bKBery2BD0CFQxLKo6ZQCksP89rXbw4llZsaETSpdVAgxpWRyTJ1_o8lHeHuXcWhMF_-T1DgB7wvy7ZYdpAhOKXeuGR9MpND2xL5q2o49vF4QGMHETJB-XQTLlZSjiMCvAEDQfJoyxYIfc6Qxq8f3EkVT9Ov13k9g3OjiQneoWIkm9jmUngEfVa0c9qEw3A-vOKYZRJbEECGp1Tkwr5TG315hwnOgK4x9DDSfPMkXOjEJ3yp5qrqJHYGLK0IOIwBtw",
"alg": "RS256",
"kid": "MtBbEE_yeR0t5WBo0b24EEn3sriIvtEyZ64WNIxfFao",
"kty": "RSA",
"use": "sig"
}
I would appreciate any guidance on what I can look into. The tool currently works with Moodle and D2L but has a similar error with Blackboard. Thanks in advance!
