Search moodle.org's
Developer Documentation

See Release Notes

  • Bug fixes for general core bugs in 4.2.x will end 22 April 2024 (12 months).
  • Bug fixes for security issues in 4.2.x will end 7 October 2024 (18 months).
  • PHP version: minimum PHP 8.0.0 Note: minimum PHP version has increased since Moodle 4.1. PHP 8.1.x is supported too.

Differences Between: [Versions 310 and 402] [Versions 311 and 402] [Versions 400 and 402]

This files exposes functions for LTI 1.3 Key Management.

Copyright: 2020 Claude Vervoort (Cengage)
License: http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
File Size: 138 lines (5 kb)
Included or required:0 times
Referenced: 0 times
Includes or requires: 0 files

Defines 1 class

jwks_helper:: (3 methods):
  get_private_key()
  get_jwks()
  fix_jwks_alg()


Class: jwks_helper  - X-Ref

This class exposes functions for LTI 1.3 Key Management.

get_private_key()   X-Ref
Returns the private key to use to sign outgoing JWT.

return: array keys are kid and key in PEM format.

get_jwks()   X-Ref
Returns the JWK Key Set for this site.

return: array keyset exposting the site public key.

fix_jwks_alg(array $jwks, string $jwt)   X-Ref
Take an array of JWKS keys and infer the 'alg' property for a single key, if missing, based on an input JWT.

This only sets the 'alg' property for a single key when all the following conditions are met:
- The key's 'kid' matches the 'kid' provided in the JWT's header.
- The key's 'alg' is missing.
- The JWT's header 'alg' matches the algorithm family of the key (the key's kty).
- The JWT's header 'alg' matches one of the approved LTI asymmetric algorithms.

Keys not matching the above are left unchanged.

param: array $jwks the keyset array.
param: string $jwt the JWT string.
return: array the fixed keyset array.