Function lti::verify_lti_launch[−][src]

pub fn verify_lti_launch(
    method: &str, 
    uri: &str, 
    params: &str, 
    consumer_secret: &str
) -> bool

Verify a given lti launch

Lti Launch verification essentially entails duplicating the process that the Tool Consumer used to produce the oauth_signature, then verifying the signatures match. This ensures that no data has been altered since the Tool Consumer signed the request.

Example

 extern crate lti;
 let my_www_form_urlencoded_params = "oauth_consumer_key=asdf...";
 let my_consumer_secret = "asdf";
 let valid_launch: bool = lti::verify_lti_launch(
   // HTTP Method (for lti launches this should be a post)
   "POST",

   // Full Uri for the lti launch
   "https://my_domain/lti_launch",

   // Url encoded request parameters
   my_www_form_urlencoded_params,

   // Consumer secret shared between Tool Consumer and Tool Provider
   my_consumer_secret
 );

method - The HTTP method of the request, generally either GET or POST

uri - The destination uri of the lti launch request. This will generally be the uri of the tool provider lti launch route.

params - The stringified lti_launch parameters. This includes query paramters for a GET request, and form encoded parameters for a POST request. Details can be found here

consumer_secret - The shared secret for the given Tool Consumer