UsingWW: LTI 1.3 with WeBWorK 2.19

I am trying to get WW 2.19 working with LTI 1.3 with BrightSpace. I followed all the steps in the wiki and now getting stuck here -

[Fri Aug 30 10:44:32.208205 2024] (eval): We need to get a course environment (with or without a courseID!)

[Fri Aug 30 10:44:32.217551 2024] (eval): Here's the course environment: WeBWorK::CourseEnvironment=HASH(0x5564fd357950)

[Fri Aug 30 10:44:32.262864 2024] (eval): Using user_authen_module WeBWorK::Authen::Basic_TheLastOption: WeBWorK::Authen::Basic_TheLastOption=HASH(0x5564f71440a0)

[Fri Aug 30 10:44:32.263013 2024] (eval): We got a courseID from the route, now we can do some stuff:

[Fri Aug 30 10:44:32.263147 2024] (eval): ...we can create a database object...

[Fri Aug 30 10:44:32.307380 2024] (eval): (here's the DB handle: WeBWorK::DB=HASH(0x5564f7143fc8))

[Fri Aug 30 10:44:32.307563 2024] WeBWorK::Authen::verify: BEGIN VERIFY

[Fri Aug 30 10:44:32.307704 2024] WeBWorK::Authen::do_verify: db ok

[Fri Aug 30 10:44:32.307824 2024] WeBWorK::Authen::get_credentials: self is WeBWorK::Authen::Basic_TheLastOption=HASH(0x5564f71440a0)

[Fri Aug 30 10:44:32.308403 2024] WeBWorK::Authen::fetchCookie: fetchCookie: Session cookie does not contain valid information. Returning nothing.

[Fri Aug 30 10:44:32.308681 2024] WeBWorK::Authen::verify: END VERIFY

[Fri Aug 30 10:44:32.308793 2024] WeBWorK::Authen::verify: result 0

[Fri Aug 30 10:44:32.308925 2024] (eval): Bad news: authentication failed!

[Fri Aug 30 10:44:32.309015 2024] (eval): Rendering WeBWorK::ContentGenerator::Login

I have set $session_management_via = "key"; and $useSessionCookie = 0; in localOverrides.conf

I was wondering why this is still trying to use a session cookie? Am I missing something? Thanks a lot.

Balagopal

Re: LTI 1.3 with WeBWorK 2.19

by Glenn Rice - Friday, 30 August 2024, 12:46 PM

Your log shows that the WeBWorK::Authen::Basic_TheLastOption authentication module is being used, and not the WeBWorK::Authen::LTIAdvantage module. So the first think you need to do is check what you have set for the $authen{user_module}. If you have included authen_LTI.conf in localOverrides.conf, then make sure that you aren't also setting the $authen{user_module} to something else than what that file sets it to after that in localOverrides.conf.

As to the cookie question, fetchCookie is called regardless of what you have $session_management_via set to. It is correctly returning nothing because there is no cookie. Note that $session_management_via = "key" does not mean do not use cookies at all. It only means that the session will be managed via the database session instead of with cookies by default. If a user checks the "Remember Me" checkbox on the login page, then cookies are still used.

Why are you using $session_management_via = "key" though? That is less secure than the "session_cookie" setting.

Re: LTI 1.3 with WeBWorK 2.19

by Balagopal Pillai - Friday, 30 August 2024, 4:23 PM

Thanks Glenn. It turned out that I didn't enable authen_LTI.conf in localOverrides.conf! Now the error message has changed to the following -

[Fri Aug 30 17:09:23.966308 2024] (eval): We need to get a course environment (with or without a courseID!)
[Fri Aug 30 17:09:23.974824 2024] (eval): Here's the course environment: WeBWorK::CourseEnvironment=HASH(0x55ec1fa036f0)
[Fri Aug 30 17:09:24.22272 2024] (eval): Using user_authen_module WeBWorK::Authen::LTIAdvantage: WeBWorK::Authen::LTIAdvantage=HASH(0x55ec1faabd80)
[Fri Aug 30 17:09:24.22420 2024] (eval): We got a courseID from the route, now we can do some stuff:
[Fri Aug 30 17:09:24.22524 2024] (eval): ...we can create a database object...
[Fri Aug 30 17:09:24.65061 2024] (eval): (here's the DB handle: WeBWorK::DB=HASH(0x55ec18f72258))
[Fri Aug 30 17:09:24.65371 2024] WeBWorK::Authen::LTIAdvantage::verify: The LTI Advantage login route was accessed with invalid or missing parameters.
[Fri Aug 30 17:09:24.65524 2024] (eval): Bad news: authentication failed!
[Fri Aug 30 17:09:24.65616 2024] (eval): Rendering WeBWorK::ContentGenerator::Login

I disabled the key and went back to cookies. lti_message_hint, login_hint, client_id,iss, target_link_uri and lti_deployment_id looks ok.

Any suggestions are much appreciated.

Re: LTI 1.3 with WeBWorK 2.19

by Glenn Rice - Friday, 30 August 2024, 5:10 PM

That message means either that the iss parameter is not set in the request, or that it is not the same as $LTI{v1p3}{PlatformID} in authen_LTI_1_3.conf, or the client_id parameter is not set in the request, or it is not the same as $LTI{v1p3}P{ClientID} in authen_LTI_1_3.conf, or the lti_message_hint is not set in the request, or the login_hint is not set in the request. Since you have debugging turned on, you should see all of those parameters.

Re: LTI 1.3 with WeBWorK 2.19

by Balagopal Pillai - Friday, 30 August 2024, 5:50 PM

Please see below -

$LTI{v1p3}{PlatformID} = 'https://daltest.brightspace.com/';

From debug -

[Fri Aug 30 17:24:23.810297 2024] (eval): iss => "https://daltest.brightspace.com"

$LTI{v1p3}{ClientID} = '2585a0c5-7b4b-4c73-ac27-029ec12200ee';

From debug -

[Fri Aug 30 17:24:23.810584 2024] (eval): client_id => "2585a0c5-7b4b-4c73-ac27-029ec12200ee"

[Fri Aug 30 17:24:23.810493 2024] (eval): lti_message_hint => "mgsS4KNl87FjyKdWdDm2ltHZBra5e6yhWl3dF4LFWD4~"

[Fri Aug 30 17:24:23.810675 2024] (eval): login_hint => "d7638d4e-c5d3-48da-a916-eeaf4691ca9e_3997"

I was wondering if you could notice anything odd from the info above. Thanks.

Re: LTI 1.3 with WeBWorK 2.19

by Glenn Rice - Friday, 30 August 2024, 6:25 PM

There is a forward slash at the end of $LTI{v1p3}{PlatformID}, but that is not in the client_id parameter.

Re: LTI 1.3 with WeBWorK 2.19

by Balagopal Pillai - Friday, 30 August 2024, 8:20 PM

Thanks! Removing the forward slash made auth possible with LTI. Now it is becoming a puzzle box.

Setting $LTIGradeMode = ''; would get homework sets to work fine from BrightSpace via LTI.

But setting $LTIGradeMode = 'homework'; would give the following error -

The selected problem set (Demo) is not a valid set for <my username in brightspace>
The set is valid, as it works fine via LTI when grade passback is disabled.

Re: LTI 1.3 with WeBWorK 2.19

by Balagopal Pillai - Tuesday, 3 September 2024, 7:22 AM

I did some more testing today.

$LTIGradeMode = ''

No errors, works over LTI

$LTIGradeMode = 'course'

It works with LTI, but a grade submission causes the following error

WeBWorK::Authen::LTIAdvantage::SubmitGrade::warning: LMS lineitem is not available for the course

$LTIGradeMode = 'homework'

LTI login works, but no homework sets are accessible with the following error

The selected problem set (Demo) is not a valid set for <my username in BrightSpace>

I was wondering if you have seen this issue before with LTI 1.3. Thanks.

Using WeBWorK

WeBWorK Main Forum

LTI 1.3 with WeBWorK 2.19

LTI 1.3 with WeBWorK 2.19

Re: LTI 1.3 with WeBWorK 2.19

Re: LTI 1.3 with WeBWorK 2.19

Re: LTI 1.3 with WeBWorK 2.19

Re: LTI 1.3 with WeBWorK 2.19

Re: LTI 1.3 with WeBWorK 2.19

Re: LTI 1.3 with WeBWorK 2.19

Re: LTI 1.3 with WeBWorK 2.19