LTI 1.3: Allow tool to use JWKS URI rather than Public Key

Prerequisite Note: This test is using ZTest but any other LTI 1.3 test tool allowing to supports Deep Linking and API Call and both public key and key set URL can be used. Site is configured with at least one course and one instructor As LTI 1.3 launches require to access to the platform public key set, the moodle instance must be reachable from the internet. Consider using ngrok ( https://ngrok.com). and update config.php ./ngrok http 80 Installing ZTest with Public RSA Key (existing functionality) We first install ZTest using a fixed public key, as was done in prior versions of Moodle. ZTest tool 1.3 is installed as a site external tool: Log in as an administrator Navigate to Site Administration > Plugins > External tool > Manage tools Click on configure a tool manually Fill the form as follow: Tool name: ZTest 1.3 Tool url: https://ztest.cengage.info/ztest/lti LTI Version: LTI 1.3 Choose Public Key Type: RSA Key Public key: copy the value from https://ztest.cengage.info/ztest/ LTI 1.3 Connect info tab Initiate Login URI: https://ztest.cengage.info/ztest/ws/lti/startlaunch?lti13=true&client_id=CLIENT_ID_HERE&platform=moodle Redirect URI: https://ztest.cengage.info/ztest/lti13 Click on ‘Show more’ Check Content-Item message Change the 'Privacy' setting ‘Accept grades from the tool’ to 'Delegate to Teacher'. In Services, IMS LTI Assignment and Grade Services, choose Use this service for grade and column mgmt Save changes. Once the tool is created, click the information icon (pie icon) and copy the client id Update the initiate login URI and replace CLIENT_ID_HERE with the client id value for that tool Verifying Deep Linking and API Calls are working Now that we have installed ZTest with Public RSA Key, we will verify the operations that are using that key, those are the operations where Moodle receive data from the tool and need to verify the data using the public key provided by the tool. Later, we will change the tool to key set URL and verify those operations are still functioning. As instructor, log to a course Turn editing ON Click Add an activity or resource and select external tool On the Add external tool page, select ZTest 13 tool for preconfigured tool Click on Select Content In the modal: Click content-item button Click on Select Content In the modal: Click on pie icon and select content-item Select Assignment and set points possible to 50 Click Submit button Verify Deep Linking worked: there are no error displayed on return The title for the link has been updated Grade section is visible Expand the grade section Maximum Score: 50 Save and display ZTest is launching Verify API can be called In the PIE menu select AnyCall In that Tab select get line items, this will populate the fields necessary to call that API press send Verify 200, this means the tool successfully acquired an access token Switch to key set url We will now switch to using the public key set url rather than a fixed key, and verify the operations using the tool's public key are still functional. Log in as an administrator Navigate to Site Administration > Plugins > External tool > Manage tools Edit ZTest: Public Key Type: Keyset URL Public keyset: https://ztest.cengage.info/ztest/lti/jwks.json Save Repeat the Verifying Deep Linking and API test and verify it still passes.