Skip to content
Snippets Groups Projects
Unverified Commit c122312d authored by Paulo Viadanna's avatar Paulo Viadanna Committed by Giovanni Cimolin da Silva
Browse files

BB-2332: Add preflight response validation

parent db90c57e
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
lti_consumer/lti_1p3/consumer.py
+ 22
0
View file @ c122312d
""" """
LTI 1.3 Consumer implementation LTI 1.3 Consumer implementation
""" """
import json
import time
from six.moves.urllib.parse import urlencode from six.moves.urllib.parse import urlencode
from . import exceptions from . import exceptions
...@@ -278,6 +280,10 @@ class LtiConsumer1p3: ...@@ -278,6 +280,10 @@ class LtiConsumer1p3:
return self.key_handler.get_public_jwk() return self.key_handler.get_public_jwk()
public_keys = jwk.KEYS()
public_keys.append(self.jwk)
return json.loads(public_keys.dump_jwks())
def access_token(self, token_request_data): def access_token(self, token_request_data):
""" """
Validate request and return JWT access token. Validate request and return JWT access token.
...@@ -344,3 +350,19 @@ class LtiConsumer1p3: ...@@ -344,3 +350,19 @@ class LtiConsumer1p3:
"expires_in": 3600, "expires_in": 3600,
"scope": scopes_str "scope": scopes_str
} }
def _validate_preflight_response(self, response):
"""
Validates a preflight response to be used in a launch request
Raises ValueError in case of validation failure
:param response: the preflight response to be validated
"""
try:
assert response.get("nonce")
assert response.get("state")
assert response.get("client_id") == self.client_id
assert response.get("redirect_uri") == self.launch_url
except AssertionError as e:
raise ValueError("Preflight reponse failed validation")
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment