Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-56521

Considerations about LTI stuff being too (server-configuration) restrictive

    XMLWordPrintable

Details

    • MOODLE_30_STABLE, MOODLE_31_STABLE, MOODLE_32_STABLE

    Description

      When MDL-53832 was being tested, 2 problems were raised about configuration not matching expectations to make the provider/consumer couple to work:

      1) It seems that the consumer requires slasharguments (pathinfo) working in the server.
      2) It seems that the provider does use server_name (instead of wwwroot, or htttp_host...) and if it's missconfigured, the consumer fails because it does not matches its signature expectations.

      So this is about to discuss both cases (1 & 2) and see if we can make something to lower configuration requirements in order to get them working often. More specifically:

      1) Can we make the consumer to work without pathinfo.
      2) Should us normalize all Oauth signatures (it seems we have right now 3 versions of them in core) to use something better (wwwroot, or http_host, or maybe also consider HTTP_X_FORWARDED_xxx headers...). Custom modification and then PR upstream...

      That's it. For a little bit more of context, see the the original issue and the related comments.

      I'm initially marking this as must fix, to avoid forgetting it. Let's see how it evolves.... also, maybe some of the changes could be candidate to backport, as they are pre-existing.

      Attachments

        Issue Links

          Activity

            People

              Unassigned Unassigned
              stronk7 Eloy Lafuente (stronk7)
              Votes:
              1 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Clockify

                  Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.