· 7 years ago · Nov 29, 2018, 11:30 AM
1key :: launch_presentation_return_url
2value ::
3key :: lti_version
4value :: LTI-1p0
5key :: user_id
6value :: student
7key :: roles
8value :: Instructor
9key :: oauth_nonce
10value :: 160455874400102142031543488380
11key :: oauth_timestamp
12value :: 1543488380
13key :: lis_result_sourcedid
14value :: course-v1%3Aedx-integration-initiative%2B123456%2B2018_T2:-de03e087e09d4629ab61ee44cea69b43:student
15key :: context_id
16value :: course-v1:edx-integration-initiative+123456+2018_T2
17key :: oauth_consumer_key
18value :: the_client_key
19key :: resource_link_id
20value :: -de03e087e09d4629ab61ee44cea69b43
21key :: oauth_signature_method
22value :: HMAC-SHA1
23key :: oauth_version
24value :: 1.0
25key :: lis_outcome_service_url
26value :: /preview/xblock/block-v1:edx-integration-initiative+123456+2018_T2+type@lti+block@de03e087e09d4629ab61ee44cea69b43/handler/grade_handler
27key :: oauth_signature
28value :: 9ENcuZRA6akEc+cM753GB+zPzLE=
29key :: lti_message_type
30value :: basic-lti-launch-request
31key :: oauth_callback
32value :: about:blank
33
34@PostMapping("/api/start")
35 @ResponseBody
36 public String start(HttpServletRequest request) throws Exception {
37
38 String key = request.getParameter("oauth_consumer_key");
39 String signature = request.getParameter("oauth_signature");
40
41 // ...code to retrieve secret from DB based on key
42 String secret = "my_client_secret";
43
44 // Spring processing
45 CoreOAuthProviderSupport providerSupport = new CoreOAuthProviderSupport();
46String signatureBaseString = providerSupport.getSignatureBaseString(request);
47
48 SecretKey secretKey = new SecretKeySpec(secret.getBytes(), "AES");
49 HMAC_SHA1SignatureMethod signatureMethod = new HMAC_SHA1SignatureMethod(secretKey);
50 signatureMethod.verify(signatureBaseString, signature);
51 System.out.println("Success verification");
52 return "Success";
53 }