Function lti::verify_lti_launch [−][src]
pub fn verify_lti_launch(
method: &str,
uri: &str,
params: &str,
consumer_secret: &str
) -> bool
Verify a given lti launch
Lti Launch verification essentially entails duplicating the process that the Tool Consumer used to produce the oauth_signature, then verifying the signatures match. This ensures that no data has been altered since the Tool Consumer signed the request.
Example
extern crate lti; let my_www_form_urlencoded_params = "oauth_consumer_key=asdf..."; let my_consumer_secret = "asdf"; let valid_launch: bool = lti::verify_lti_launch( // HTTP Method (for lti launches this should be a post) "POST", // Full Uri for the lti launch "https://my_domain/lti_launch", // Url encoded request parameters my_www_form_urlencoded_params, // Consumer secret shared between Tool Consumer and Tool Provider my_consumer_secret );
method - The HTTP method of the request, generally either GET or POST
uri - The destination uri of the lti launch request. This will generally be the uri of the tool provider lti launch route.
params - The stringified lti_launch parameters. This includes query paramters for a GET request, and form encoded parameters for a POST request. Details can be found here
consumer_secret - The shared secret for the given Tool Consumer