WeBWorK Main Forum

LTI 1.3

LTI 1.3

by Balagopal Pillai -
Number of replies: 22
 I am trying to get LTI 1.3 working on a fresh install of Ubuntu 24.04 and Webwork 2.19. The LTI 1.3 communication seems to be working fine as I can see the following -  

      
     [2024-12-20 09:13:19.26163] [76062] [warn] [YH60x0G1Afxx] [/webwork2/ltiadvantage/login] The LTI Advantage login route was accessed with the appropriate parameters.

     [2024-12-20 09:13:19.44514] [76062] [info] [u5YJu_k4NjbF] ====== JWT PARAMETERS RECEIVED ======

     

     I can see my first name, last name, org_defined_id, username etc in the debug LTI log. Course info also exists -

      

      

    "https://purl.imsglobal.org/spec/lti-ags/claim/endpoint" => {

   "lineitems" => "https://daltest.brightspace.com/d2l/api/lti/ags/2.0/deployment/51584148-bfea-4fd7-bee6-7606ed8897c4/orgunit/294968/lineitems",

   "scope" => [

     "https://purl.imsglobal.org/spec/lti-ags/scope/lineitem",

     "https://purl.imsglobal.org/spec/lti-ags/scope/lineitem.readonly",

     "https://purl.imsglobal.org/spec/lti-ags/scope/result.readonly",

     "https://purl.imsglobal.org/spec/lti-ags/scope/score"

   ]

 },

 "https://purl.imsglobal.org/spec/lti/claim/deployment_id" => "51584148-bfea-4fd7-bee6-7606ed8897c4",

 "https://purl.imsglobal.org/spec/lti/claim/launch_presentation" => {

   "locale" => "en-CA"

 },

 "https://purl.imsglobal.org/spec/lti/claim/message_type" => "LtiResourceLinkRequest",

 "https://purl.imsglobal.org/spec/lti/claim/resource_link" => {

   "id" => "253534_294968"

 },

 "https://purl.imsglobal.org/spec/lti/claim/roles" => [

   "http://purl.imsglobal.org/vocab/lis/v2/membership#Learner",

   "http://purl.imsglobal.org/vocab/lis/v2/institution/person#Student",

   "http://purl.imsglobal.org/vocab/lis/v2/institution/person#Learner",

   "http://purl.imsglobal.org/vocab/lti/system/person#TestUser"

 ],

 "https://purl.imsglobal.org/spec/lti/claim/target_link_uri" => "https://webwork4.mathstat.dal.ca/webwork2/Math1030-Fall-2022/Test-Set",

 "https://purl.imsglobal.org/spec/lti/claim/tool_platform" => {

   "guid" => "88afb860-dec9-4203-9170-3daef7e7bc1b",

   "product_family_code" => "desire2learn"

 },

 "https://purl.imsglobal.org/spec/lti/claim/version" => "1.3.0",

 "iat" => 1734700399,

 "iss" => "https://daltest.brightspace.com",

 "name" => "Balagopal Pillai",

 "nbf" => 1734700399,

 "nonce" => "51d0304b05c19926f81a1e22252b7c5b1910ac25874ec5b644747f71050c538c",

 "sub" => "d7638d4e-c5d3-48da-a916-eeaf4691ca9e_3997"



       At the end of the log, the following summary appears -

        


[2024-12-20 10:00:03.65295] [86667] [warn] [6KynLSUpOfKZ] [/webwork2/ltiadvantage/launch] =========== SUMMARY ============

[2024-12-20 10:00:03.65304] [86667] [warn] [6KynLSUpOfKZ] [/webwork2/ltiadvantage/launch] User id is |my_real_username| (obtained from http://www.brightspace.com#username which was preferred_source_of_username)

[2024-12-20 10:00:03.65312] [86667] [warn] [6KynLSUpOfKZ] [/webwork2/ltiadvantage/launch] User email address is |my_real_username@dal.ca|

[2024-12-20 10:00:03.65317] [86667] [warn] [6KynLSUpOfKZ] [/webwork2/ltiadvantage/launch] strip_domain_from_email is |0|

[2024-12-20 10:00:03.65323] [86667] [warn] [6KynLSUpOfKZ] [/webwork2/ltiadvantage/launch] Student id is |my_real_banner_number_from_org_defined_id|

[2024-12-20 10:00:03.65329] [86667] [warn] [6KynLSUpOfKZ] [/webwork2/ltiadvantage/launch] preferred_source_of_username is |http://www.brightspace.com#username|

[2024-12-20 10:00:03.65334] [86667] [warn] [6KynLSUpOfKZ] [/webwork2/ltiadvantage/launch] fallback_source_of_username is ||

[2024-12-20 10:00:03.65338] [86667] [warn] [6KynLSUpOfKZ] [/webwork2/ltiadvantage/launch] preferred_source_of_student_id is |http://www.brightspace.com#org_defined_id|

[2024-12-20 10:00:03.65343] [86667] [warn] [6KynLSUpOfKZ] [/webwork2/ltiadvantage/launch] ================================

[2024-12-20 10:00:03.65784] [86667] [warn] [6KynLSUpOfKZ] [/webwork2/ltiadvantage/launch] Using current access token from database.


  

       Then the LTI link falls back to webwork login screen. Nothing else in the log and no error messages. I created an account in the course to match the netid username and assigned it
to Test-set homework set. The preferred_source_of_username is set to email. Seems to be working from the summary above. I was wondering if there is anything else to try. Thanks a lot.

In reply to Balagopal Pillai

Re: LTI 1.3

by Danny Glin -

Is there anything in the course login.log?

Also double check that $LTIVersion is set to 'v1p3' in authen_LTI.conf.

In reply to Danny Glin

Re: LTI 1.3

by Balagopal Pillai -

Here is from the course login log -

[Fri Dec 20 16:32:50 2024] LOGIN OK user_id=<my_net_id> login_type=normal credential_source=LTIAdvantage host=<ip address> port=44450 UA=Mozilla/5.0 (X11; CrOS x86_64 14541.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

I checked again and LTIVersion is set to v1p3. For some reason, the LTI session still ends up in the webwork login screen. But it looks like it almost about to work! Thanks.

In reply to Balagopal Pillai

Re: LTI 1.3

by Balagopal Pillai -
I have an update. Changing LTI grade mode to course would let me into the assignments via LTI when the set is posted in bright space with "Open as external resource"

Same setting above in LTI grade mode as homework, would give this error -

"The selected problem set (Test-Set) is not a valid set for <my_user_name>.

You must use your Learning Management System (D2L Brightspace) to access this set. Try logging in to the Learning Management System and visiting the set from there.

"
Test-set is already assigned to my account

With course mode, I have an additional issue. On grade submit, the following error occurs - LMS lineitem is not available for the course. Any help and suggestions are much appreciated. Thanks.
In reply to Balagopal Pillai

Re: LTI 1.3

by Glenn Rice -
Seeing the login screen after the LTI 1.3 launch request is usually the result of cookies being rejected.

Do you have $CookieSecure = 1 in localOverrides.conf? That will be needed if you are serving via SSL (i.e., with https). Unfortunately that is not the default setting for this. You will also need $CookieSameSite = "Lax" (which is the default for this) or $CookieSameSite = "Strict".

There are other reasons that cookies could be rejected as well. So if that does not solve your issue, then we will need more information.
In reply to Glenn Rice

Re: LTI 1.3

by Balagopal Pillai -
I have set the following in localOverrides.conf

$CookieSameSite = "Lax";
$CookieSecure = 1;

No difference with the above settings. Disabling "Open as external resource" will give the webwork login screen. Thanks a lot.
In reply to Balagopal Pillai

Re: LTI 1.3

by Glenn Rice -
Does disabling "Open as external resource" mean that the WeBWorK page is embedded in D2L? If that is the case, then what you are seeing is expected. Cookies are rejected for any site embedded in an iframe on an external site. You can change your browser's cookie settings to allow third party cookies, but that is becoming increasingly difficult to do. Definitely do not embed the WeBWorK page in D2L (i.e., make sure the "Open as external resource" is enabled) for students.
In reply to Glenn Rice

Re: LTI 1.3

by Balagopal Pillai -
Yes. Disabling "Open as external resource" option would make the LTI link open embedded in the same page as Brightspace. But with our Webwork 2.14 with LTI 1.1, embedding works as expected.

I am hoping to get LTI 1.3 going before 1.1 gets retired at some point in Brightspace (already security warnings are in place for 1.1 and it is named "legacy mode" now). The current Webwork 2.14 with LTI 1.1 setup is set to use homework mode as LTI grade mode and it has been working flawlessly over the years. Getting 1.3 to work has been a struggle so far unfortunately.
In reply to Balagopal Pillai

Re: LTI 1.3

by Glenn Rice -
LTI 1.1 works because it does not involve redirects. So even though the cookies are rejected the initial login still succeeds. However, if you try to go to another page within webwork the same thing will happen. LTI 1.3 works with redirects in the initial login. That is just the way it works.

The changes to cookies that are causing the issue are not our doing. That is the way that browser's are going.

Note that you can set $session_management_via = "key" in localOverrides.conf, and that will work for embedding within an iframe. It is less secure, but that will work embedded in an iframe.

I have to say though, that you really shouldn't be embedding WeBWorK in an iframe in the LMS. That is not how WeBWorK is intended to be used.
In reply to Glenn Rice

Re: LTI 1.3

by Balagopal Pillai -
I can most definitely go with no embedding. Tested it with
$session_management_via = "key"; and it no longer lands on login screen of webwork with embedding. But LTI 1.3 still has the following issues -

Homework mode for grade passback gives the following error -

""The selected problem set (Test-Set) is not a valid set for .

You must use your Learning Management System (D2L Brightspace) to access this set. Try logging in to the Learning Management System and visiting the set from there.

"

Course mode for grade passback gets me to the homework sets.
But grade on submit option gives the following error -

"LMS lineitem is not available for the course"

I was wondering if there is anything I am missing in the config. I will request our Brightspace architect to look through the webwork LTI 1.3 documentation to see if everything is setup properly on Brightspace side. Thanks.
In reply to Balagopal Pillai

Re: LTI 1.3

by Danny Glin -

If you are using homework mode for grade passback then you need to make sure that the External Learning Tool link in D2L is associated with a grade item in the grade book, otherwise WeBWorK doesn't have any information about where to send the grades, which leads to the "You must use your Learning Management System..." error.

If you are using the content selection tool to create the links then this should happen automatically, otherwise you will manually need to connect the link to a D2L grade book item.

In reply to Danny Glin

Re: LTI 1.3

by Balagopal Pillai -

Thanks a lot. I linked a grade item to the webwork LTI homework link and homework mode is now working! On submitting an answer (wrong one), I get the following error -

Submitting grade for user <my_user_name> and set Test-Set.

Using current access token from database.

Found data required for submitting grades to LMS.

Failed to send grade:

UnprocessableEntity

I was wondering if I am missing any additional config. 

In reply to Balagopal Pillai

Re: LTI 1.3

by Danny Glin -
It's possible that this is because you are a non-student user (see the second question at https://community.d2l.com/brightspace/kb/articles/23661-lti-advantage-developer-faq).

Have you tried this with a student account in D2L?
In reply to Danny Glin

Re: LTI 1.3

by Balagopal Pillai -

Yay! LTI 1.3 in homework mode is now working! 

From webwork after submitting answer.

Your score was recorded.

Your score was successfully sent to D2L Brightspace.

You have attempted this problem 1 time.

You received a score of 0% for this attempt.

Your overall recorded score is 0%.

You have 4 attempts remaining.


From debug log


Submitting grade for user <my_student_account> and set Test-Set.

Using current access token from database.

Found data required for submitting grades to LMS.

Successfully updated LMS grade.


Confirmed in Brightspace grades and it is recorded. Thanks a lot.

I have set up webwork to serve directly with hypnotoad. 

(1200 workers and 120 spares for a 128G vm) I see that there are random cpu spikes on hypnotoad processes. Could putting nginx on front for proxy be more efficient? Thanks again!

In reply to Balagopal Pillai

Re: LTI 1.3

by Balagopal Pillai -
I have a follow up question. I created a test student account and used that account to test LTI and it worked. But auto account creation on webwork didn't work. Please see the log below -

[2024-12-21 18:38:22.88359] [116494] [warn] [Otnni6os2G7l] [/webwork2/ltiadvantage/launch] ================================
[2024-12-21 18:38:22.88567] [116494] [warn] [Otnni6os2G7l] [/webwork2/ltiadvantage/launch] The adjusted LTI roles defined for this user are:
-- Learner
-- Student
-- Learner
The user will be assigned the highest role defined for them.
[2024-12-21 18:38:22.88577] [116494] [warn] [Otnni6os2G7l] [/webwork2/ltiadvantage/launch] New user: -- requested permission level is 0.
[2024-12-21 18:38:22.89107] [116494] [error] [Otnni6os2G7l] DBD::MariaDB::st execute failed: Incorrect string value: '\xE2\x80\xAFPM' for column `webwork`.`Math1030-Fall-2022_user`.`comment` at row 1 at /home/webwork/webwork2/lib/WeBWorK/DB/Schema/NewSQL/Std.pm line 930.

I was wondering why auto account creation failed in webwork. Thanks.
In reply to Balagopal Pillai

Re: LTI 1.3

by Glenn Rice -
The perl DateTime::Locale module now outputs a narrow no-break space between the date and time in the default date time format that is used in the comment. It sounds like that is causing a problem when that is saved to the database. This may be because you don't have MariaDB configured to work with the utf8mb4 character set.
In reply to Glenn Rice

Re: LTI 1.3

by Balagopal Pillai -
Please see below from 50-server.cnf -

# MySQL/MariaDB default is Latin1, but in Debian we rather default to the full
# utf8 4-byte character set. See also client.cnf
character-set-server = utf8mb4
collation-server = utf8mb4_general_ci

MariaDB is set correctly it looks like.

From webwork site.conf -


$ENABLE_UTF8MB4 =1; # setting this to 1 enables utf8mb4 encoding, setting this to
# 0 sets this for older mysql (pre 5.3) which cannot
# handle utf8mb4 characters.

$database_character_set=($ENABLE_UTF8MB4) ? 'utf8mb4' : 'utf8';

Please let me know if there is another place to look for encoding. Thanks.
In reply to Glenn Rice

Re: LTI 1.3

by Balagopal Pillai -
The encoding looks like this now.


--------------------------+----------------------------+
| Variable_name | Value |
+--------------------------+----------------------------+
| character_set_client | utf8mb3 |
| character_set_connection | utf8mb3 |
| character_set_database | utf8mb4 |
| character_set_filesystem | binary |
| character_set_results | utf8mb3 |
| character_set_server | utf8mb4 |
| character_set_system | utf8mb3 |
| character_sets_dir | /usr/share/mysql/charsets/ |
+--------------------------+----------------------------+
8 rows in set (0.002 sec)

+----------------------+--------------------+
| Variable_name | Value |
+----------------------+--------------------+
| collation_connection | utf8mb3_general_ci |
| collation_database | utf8mb4_general_ci |
| collation_server | utf8mb4_general_ci |
+----------------------+--------------------+
3 rows in set (0.001 sec)

I added the following to 50-client.cnf

[client-mariadb]
default-character-set=utf8mb4

Now encoding looks like below.


Variable_name | Value |
+--------------------------+----------------------------+
| character_set_client | utf8mb4 |
| character_set_connection | utf8mb4 |
| character_set_database | utf8mb4 |
| character_set_filesystem | binary |
| character_set_results | utf8mb4 |
| character_set_server | utf8mb4 |
| character_set_system | utf8mb3 |
| character_sets_dir | /usr/share/mysql/charsets/ |
+--------------------------+----------------------------+
8 rows in set (0.002 sec)

+----------------------+--------------------+
| Variable_name | Value |
+----------------------+--------------------+
| collation_connection | utf8mb4_general_ci |
| collation_database | utf8mb4_general_ci |
| collation_server | utf8mb4_general_ci |
+----------------------+--------------------+
3 rows in set (0.001 sec)


The error persists for auto account creation -


=========== SUMMARY ============
User id is |my_account.student| (obtained from http://www.brightspace.com#username which was preferred_source_of_username)
User email address is |my_account@dal.ca|
strip_domain_from_email is |0|
Student id is ||
preferred_source_of_username is |http://www.brightspace.com#username|
fallback_source_of_username is ||
preferred_source_of_student_id is |http://www.brightspace.com#org_defined_id|
================================
The adjusted LTI roles defined for this user are:
-- Learner
-- Student
-- Learner
The user will be assigned the highest role defined for them.
New user: my_account.student -- requested permission level is 0.
Error messages
DBD::MariaDB::st execute failed: Incorrect string value: '\xE2\x80\xAFAM' for column `webwork`.`Math1030-Fall-2022_user`.`comment` at row 1 at /home/webwork/webwork2/lib/WeBWorK/DB/Schema/NewSQL/Std.pm line 930.


Context
925: warn(
926: "It looks like the database is missing a column. You may need to upgrade your course tables. If this is the admin course then you will need to upgrade the admin tables using the upgrade_admin_db.pl script."
927: );
928: }
929:
930: die $errmsg;
931: }
932: }
933:
934: sub DESTROY {
935: }

Running upgrade db -

upgrade_admin_db.pl
Admin Course Up to Date


A maria db restart pumps out the following error in email


ERROR 1064 (42000) at line 1: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '-Fall-2022_achievement_user' at line 1


But running mariadb-check --all-databases shows no issues.

webwork.Math1030-Fall-2022_achievement OK
webwork.Math1030-Fall-2022_achievement_user OK
webwork.Math1030-Fall-2022_global_user_achievement OK
webwork.Math1030-Fall-2022_key OK
webwork.Math1030-Fall-2022_password OK
webwork.Math1030-Fall-2022_past_answer OK
webwork.Math1030-Fall-2022_permission OK
webwork.Math1030-Fall-2022_problem OK
webwork.Math1030-Fall-2022_problem_user OK
webwork.Math1030-Fall-2022_set OK
webwork.Math1030-Fall-2022_set_locations OK
webwork.Math1030-Fall-2022_set_locations_user OK
webwork.Math1030-Fall-2022_set_user OK
webwork.Math1030-Fall-2022_setting OK
webwork.Math1030-Fall-2022_user OK
webwork.OPL_DBchapter OK
webwork.OPL_DBsection OK
webwork.OPL_DBsubject OK
webwork.OPL_author OK
webwork.OPL_chapter OK
webwork.OPL_global_statistics OK
webwork.OPL_keyword OK
webwork.OPL_local_statistics OK
webwork.OPL_morelt OK
webwork.OPL_path OK
webwork.OPL_pgfile OK
webwork.OPL_pgfile_keyword OK
webwork.OPL_pgfile_problem OK
webwork.OPL_problem OK
webwork.OPL_problem_user OK
webwork.OPL_section OK
webwork.OPL_textbook OK
webwork.admin_achievement OK
webwork.admin_achievement_user OK
webwork.admin_global_user_achievement OK
webwork.admin_key OK
webwork.admin_password OK
webwork.admin_past_answer OK
webwork.admin_permission OK
webwork.admin_problem OK
webwork.admin_problem_user OK
webwork.admin_set OK
webwork.admin_set_locations OK
webwork.admin_set_locations_user OK
webwork.admin_set_user OK
webwork.admin_setting OK
webwork.admin_user OK
webwork.depths OK
webwork.location_addresses OK
webwork.locations OK
webwork.lti_course_map OK
webwork.lti_launch_data OK

Any suggestions are much appreciated. Thanks.
In reply to Glenn Rice

Re: LTI 1.3

by Balagopal Pillai -
I have an update. I ran the following -
upgrade-database-to-utf8mb4.pl -a

Then I cloned the course to a fresh one. (this course was unarchived from webwork 2.14) Tested again with my student account in Brightspace. A webwork account was created successfully at first LTI access. Grade passback is also showing no errors.

No more DB errors in log. Please see below -


[2024-12-22 15:01:12.82843] [124289] [warn] [885F1DagSHUc] [/webwork2/ltiadvantage/launch] =========== SUMMARY ============
[2024-12-22 15:01:12.82854] [124289] [warn] [885F1DagSHUc] [/webwork2/ltiadvantage/launch] User id is |my_account.student| (obtained from http://www.brightspace.com#username which was preferred_source_of_username)
[2024-12-22 15:01:12.82862] [124289] [warn] [885F1DagSHUc] [/webwork2/ltiadvantage/launch] User email address is |my_account@dal.ca|
[2024-12-22 15:01:12.82869] [124289] [warn] [885F1DagSHUc] [/webwork2/ltiadvantage/launch] strip_domain_from_email is |0|
[2024-12-22 15:01:12.82875] [124289] [warn] [885F1DagSHUc] [/webwork2/ltiadvantage/launch] Student id is ||
[2024-12-22 15:01:12.82880] [124289] [warn] [885F1DagSHUc] [/webwork2/ltiadvantage/launch] preferred_source_of_username is |http://www.brightspace.com#username|
[2024-12-22 15:01:12.82887] [124289] [warn] [885F1DagSHUc] [/webwork2/ltiadvantage/launch] fallback_source_of_username is ||
[2024-12-22 15:01:12.82892] [124289] [warn] [885F1DagSHUc] [/webwork2/ltiadvantage/launch] preferred_source_of_student_id is |http://www.brightspace.com#org_defined_id|
[2024-12-22 15:01:12.82896] [124289] [warn] [885F1DagSHUc] [/webwork2/ltiadvantage/launch] ================================
[2024-12-22 15:01:12.83066] [124289] [warn] [885F1DagSHUc] [/webwork2/ltiadvantage/launch] The adjusted LTI roles defined for this user are:
-- Learner
-- Student
-- Learner
The user will be assigned the highest role defined for them.
[2024-12-22 15:01:12.83077] [124289] [warn] [885F1DagSHUc] [/webwork2/ltiadvantage/launch] New user: my_account.student -- requested permission level is 0.
[2024-12-22 15:01:13.09582] [124289] [warn] [885F1DagSHUc] [/webwork2/ltiadvantage/launch] Using current access token from database.
[2024-12-22 15:02:51.15239] [124296] [warn] [JayhwLUIhjPB] [/webwork2/Math1030-Testing/Test-Set/1] Submitting grade for user my_account.student and set Test-Set.
[2024-12-22 15:02:51.15693] [124296] [warn] [JayhwLUIhjPB] [/webwork2/Math1030-Testing/Test-Set/1] Using current access token from database.
[2024-12-22 15:02:51.15731] [124296] [warn] [JayhwLUIhjPB] [/webwork2/Math1030-Testing/Test-Set/1] Found data required for submitting grades to LMS.
[2024-12-22 15:02:51.43865] [124296] [warn] [JayhwLUIhjPB] [/webwork2/Math1030-Testing/Test-Set/1] Successfully updated LMS grade.
[2024-12-22 15:04:52.66531] [124291] [warn] [KF3P9LYvMet5] [/webwork2/ltiadvantage/login] The LTI Advantage login route was accessed with the appropriate parameters.

So auto account creation in webwork is also working now over LTI!
In reply to Balagopal Pillai

Re: LTI 1.3

by Glenn Rice -
I suspected that might be the problem. If you are using a course archived from a version of webwork prior to 2.15, then you will need to use that script to update the course's database.

Although, when you started that you were working with a fresh install of webwork 2.19, I assumed you were working with a new course created with webwork 2.19.
In reply to Glenn Rice

Re: LTI 1.3

by Balagopal Pillai -
Thanks a lot. The next item for me to test is Content Selection. Hopefully in the new year after our Brightspace support adds the configuration for this feature.
In reply to Balagopal Pillai

Re: LTI 1.3

by Andras Balogh -

I don't know if I have the same problem but LTI 1.1 does not work in courses that were transferred from 2.17 (not 2.14)  to 2.19. 

I did run a UTF conversion with "sed -i 's/utf8mb4_0900_ai_ci/utf8mb4_unicode_ci/g'  *" and upgraded the course databases.

It seems to me that "upgrade-database-to-utf8mb4.pl  -c courseid" fixes the problem and there is no need for cloning. 

Do I understand this correctly? 

In reply to Andras Balogh

Re: LTI 1.3

by Balagopal Pillai -

My LTI 1.1 setup is with version 2.14. I don't have any versions using LTI between 2.14 and 2.18. I guess courses could be upgraded without cloning. But I never reuse the courses. Instead I simply clone them for the next term so that professors could start with a clean webwork course every term.