Search moodle.org's
Developer Documentation

See Release Notes

  • Bug fixes for general core bugs in 4.0.x will end 8 May 2023 (12 months).
  • Bug fixes for security issues in 4.0.x will end 13 November 2023 (18 months).
  • PHP version: minimum PHP 7.3.0 Note: the minimum PHP version has increased since Moodle 3.10. PHP 7.4.x is also supported.

Differences Between: [Versions 310 and 400] [Versions 311 and 400] [Versions 400 and 401] [Versions 400 and 402] [Versions 400 and 403]

This files exposes functions for LTI 1.3 Key Management.

Copyright: 2020 Claude Vervoort (Cengage)
License: http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
File Size: 133 lines (5 kb)
Included or required:0 times
Referenced: 0 times
Includes or requires: 0 files

Defines 1 class

jwks_helper:: (3 methods):
  get_private_key()
  get_jwks()
  fix_jwks_alg()


Class: jwks_helper  - X-Ref

This class exposes functions for LTI 1.3 Key Management.

get_private_key()   X-Ref
Returns the private key to use to sign outgoing JWT.

return: array keys are kid and key in PEM format.

get_jwks()   X-Ref
Returns the JWK Key Set for this site.

return: array keyset exposting the site public key.

fix_jwks_alg(array $jwks, string $jwt)   X-Ref
Take an array of JWKS keys and infer the 'alg' property for a single key, if missing, based on an input JWT.

This only sets the 'alg' property for a single key when all the following conditions are met:
- The key's 'kid' matches the 'kid' provided in the JWT's header.
- The key's 'alg' is missing.
- The JWT's header 'alg' matches the algorithm family of the key (the key's kty).
- The JWT's header 'alg' matches one of the approved LTI asymmetric algorithms.

Keys not matching the above are left unchanged.

return: array the fixed keyset array.
param: array $jwks the keyset array.
param: string $jwt the JWT string.