Details
-
Type:
Bug
-
Status: Closed
-
Priority:
Minor
-
Resolution: Fixed
-
Affects Version/s: 3.8
-
Component/s: External Tool (IMS-LTI)
-
Labels:
-
Testing Instructions:
-
Affected Branches:MOODLE_38_STABLE
-
Fixed Branches:MOODLE_37_STABLE, MOODLE_38_STABLE
-
Pull from Repository:
-
Pull Master Branch:
MDL-67988-jws-base64url -
Pull Master Diff URL:
Description
The JWKs key data returned by 'mod/lti/certs.php' includes 2 fields ("e" and "n") which are Base64url-encoded, and currently include padding (i.e. trailing '=' characters).
Per the JWS proposed standard RFC-7515, which is referenced by the JWK proposed standard RFC-7517 as defining Base64url encoding, values with this encoding should be encoded "with all trailing '=' characters omitted".
https://tools.ietf.org/html/rfc7517#section-2
https://tools.ietf.org/html/rfc7515#section-2