-
Bug
-
Resolution: Fixed
-
Minor
-
3.8
-
MOODLE_38_STABLE
-
MOODLE_37_STABLE, MOODLE_38_STABLE
-
MDL-67988-jws-base64url -
The JWKs key data returned by 'mod/lti/certs.php' includes 2 fields ("e" and "n") which are Base64url-encoded, and currently include padding (i.e. trailing '=' characters).
Per the JWS proposed standard RFC-7515, which is referenced by the JWK proposed standard RFC-7517 as defining Base64url encoding, values with this encoding should be encoded "with all trailing '=' characters omitted".
https://tools.ietf.org/html/rfc7517#section-2
https://tools.ietf.org/html/rfc7515#section-2