Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

These instructions don't create the private key - which is needed for LTI to work. #1861

Open
opensussex opened this issue Apr 23, 2021 · 2 comments · May be fixed by #2361
Open

These instructions don't create the private key - which is needed for LTI to work. #1861

opensussex opened this issue Apr 23, 2021 · 2 comments · May be fixed by #2361

Comments

@opensussex
Copy link

canvas-lms/config/dynamic_settings.yml.example

Line 111 in 7d699a7

# key = OpenSSL::PKey::RSA.generate(2048)

I spend a good amount of time trying to debug an issue where the only error message was "Private key is needed" (see below)

It turned out the LTI keys that were generated using the code in the comment was creating public keys (which the command does indicate) - but it's not the private key needed for LTI to work.

I ended up using Canvas::Security::RSAKeyPair.new.to_jwk.to_json which worked and stopped the below error. I'd recommend updating the comment in this file to reflect this as I couldn't find any other documentation on this.

`Private key is needed.

    /var/canvas/vendor/bundle/ruby/2.6.0/gems/json-jwt-1.13.0/lib/json/jws.rb:114:in `sign'

/var/canvas/vendor/bundle/ruby/2.6.0/gems/json-jwt-1.13.0/lib/json/jws.rb:114:in sign' /var/canvas/vendor/bundle/ruby/2.6.0/gems/json-jwt-1.13.0/lib/json/jws.rb:17:in sign!'
/var/canvas/vendor/bundle/ruby/2.6.0/gems/json-jwt-1.13.0/lib/json/jwt.rb:35:in sign' /var/canvas/gems/lti-advantage/lib/lti_advantage/messages/jwt_message.rb:76:in create_jws'
/var/canvas/lib/lti/messages/jwt_message.rb:54:in generate_id_token' /var/canvas/app/controllers/lti/ims/authentication_controller.rb:159:in id_token'
/var/canvas/app/controllers/lti/ims/authentication_controller.rb:115:in validate_launch_eligibility!' /var/canvas/app/controllers/lti/ims/authentication_controller.rb:75:in authorize'
/var/canvas/vendor/bundle/ruby/2.6.0/gems/actionpack-6.0.3.5/lib/action_controller/metal/basic_implicit_render.rb:6:in send_action' /var/canvas/vendor/bundle/ruby/2.6.0/gems/actionpack-6.0.3.5/lib/abstract_controller/base.rb:195:in process_action'
/var/canvas/vendor/bundle/ruby/2.6.0/gems/actionpack-6.0.3.5/lib/action_controller/metal/rendering.rb:30:in process_action' /var/canvas/vendor/bundle/ruby/2.6.0/gems/actionpack-6.0.3.5/lib/abstract_controller/callbacks.rb:42:in block in process_action'
/var/canvas/vendor/bundle/ruby/2.6.0/gems/activesupport-6.0.3.5/lib/active_support/callbacks.rb:112:in block in run_callbacks' /var/canvas/app/controllers/application_controller.rb:2742:in manage_live_events_context'
/var/canvas/vendor/bundle/ruby/2.6.0/gems/activesupport-6.0.3.5/lib/active_support/callbacks.rb:121:in block in run_callbacks' /var/canvas/app/controllers/application_controller.rb:593:in compute_http_cost'
/var/canvas/vendor/bundle/ruby/2.6.0/gems/activesupport-6.0.3.5/lib/active_support/callbacks.rb:121:in block in run_callbacks' /var/canvas/app/controllers/application_controller.rb:610:in report_to_datadog'
/var/canvas/vendor/bundle/ruby/2.6.0/gems/activesupport-6.0.3.5/lib/active_support/callbacks.rb:121:in block in run_callbacks' /var/canvas/vendor/bundle/ruby/2.6.0/gems/inst_statsd-2.1.6/lib/inst_statsd/statsd.rb:95:in batch'
/var/canvas/app/controllers/application_controller.rb:588:in batch_statsd' /var/canvas/vendor/bundle/ruby/2.6.0/gems/activesupport-6.0.3.5/lib/active_support/callbacks.rb:121:in block in run_callbacks'
/var/canvas/lib/temp_cache.rb:30:in enable' /var/canvas/app/controllers/application_controller.rb:584:in enable_request_cache'
/var/canvas/vendor/bundle/ruby/2.6.0/gems/activesupport-6.0.3.5/lib/active_support/callbacks.rb:121:in block in run_callbacks' /var/canvas/app/controllers/application_controller.rb:578:in set_locale'
/var/canvas/vendor/bundle/ruby/2.6.0/gems/activesupport-6.0.3.5/lib/active_support/callbacks.rb:121:in block in run_callbacks' /var/canvas/vendor/bundle/ruby/2.6.0/gems/activesupport-6.0.3.5/lib/active_support/callbacks.rb:139:in run_callbacks'
/var/canvas/vendor/bundle/ruby/2.6.0/gems/actionpack-6.0.3.5/lib/abstract_controller/callbacks.rb:41:in process_action' /var/canvas/vendor/bundle/ruby/2.6.0/gems/actionpack-6.0.3.5/lib/action_controller/metal/rescue.rb:22:in process_action'
/var/canvas/vendor/bundle/ruby/2.6.0/gems/actionpack-6.0.3.5/lib/action_controller/metal/instrumentation.rb:33:in block in process_action' /var/canvas/vendor/bundle/ruby/2.6.0/gems/activesupport-6.0.3.5/lib/active_support/notifications.rb:180:in block in instrument'
/var/canvas/vendor/bundle/ruby/2.6.0/gems/activesupport-6.0.3.5/lib/active_support/notifications/instrumenter.rb:24:in instrument' /var/canvas/vendor/bundle/ruby/2.6.0/gems/activesupport-6.0.3.5/lib/active_support/notifications.rb:180:in instrument'
/var/canvas/vendor/bundle/ruby/2.6.0/gems/actionpack-6.0.3.5/lib/action_controller/metal/instrumentation.rb:32:in process_action' /var/canvas/vendor/bundle/ruby/2.6.0/gems/actionpack-6.0.3.5/lib/action_controller/metal/params_wrapper.rb:245:in process_action'
/var/canvas/vendor/bundle/ruby/2.6.0/gems/activerecord-6.0.3.5/lib/active_record/railties/controller_runtime.rb:27:in process_action' /var/canvas/vendor/bundle/ruby/2.6.0/gems/actionpack-6.0.3.5/lib/abstract_controller/base.rb:136:in process'
/var/canvas/vendor/bundle/ruby/2.6.0/gems/actionview-6.0.3.5/lib/action_view/rendering.rb:39:in process' /var/canvas/vendor/bundle/ruby/2.6.0/gems/actionpack-6.0.3.5/lib/action_controller/metal.rb:190:in dispatch'
/var/canvas/vendor/bundle/ruby/2.6.0/gems/actionpack-6.0.3.5/lib/action_controller/metal.rb:254:in dispatch' /var/canvas/vendor/bundle/ruby/2.6.0/gems/actionpack-6.0.3.5/lib/action_dispatch/routing/route_set.rb:50:in dispatch'
/var/canvas/vendor/bundle/ruby/2.6.0/gems/actionpack-6.0.3.5/lib/action_dispatch/routing/route_set.rb:33:in serve' /var/canvas/vendor/bundle/ruby/2.6.0/gems/actionpack-6.0.3.5/lib/action_dispatch/journey/router.rb:49:in block in serve'
/var/canvas/vendor/bundle/ruby/2.6.0/gems/actionpack-6.0.3.5/lib/action_dispatch/journey/router.rb:32:in each' /var/canvas/vendor/bundle/ruby/2.6.0/gems/actionpack-6.0.3.5/lib/action_dispatch/journey/router.rb:32:in serve'
/var/canvas/vendor/bundle/ruby/2.6.0/gems/actionpack-6.0.3.5/lib/action_dispatch/routing/route_set.rb:834:in call' /var/canvas/gems/plugins/respondus_soap_endpoint/lib/respondus_soap_endpoint/middleware.rb:80:in call'
/var/canvas/vendor/bundle/ruby/2.6.0/gems/rack-brotli-1.0.0/lib/rack/brotli/deflater.rb:34:in call' /var/canvas/vendor/bundle/ruby/2.6.0/gems/rack-2.2.3/lib/rack/deflater.rb:44:in call'
/var/canvas/vendor/bundle/ruby/2.6.0/gems/rack-2.2.3/lib/rack/chunked.rb:98:in call' /var/canvas/vendor/bundle/ruby/2.6.0/gems/rack-2.2.3/lib/rack/tempfile_reaper.rb:15:in call'
/var/canvas/vendor/bundle/ruby/2.6.0/gems/rack-2.2.3/lib/rack/etag.rb:27:in call' /var/canvas/vendor/bundle/ruby/2.6.0/gems/rack-2.2.3/lib/rack/conditional_get.rb:27:in call'
/var/canvas/vendor/bundle/ruby/2.6.0/gems/rack-2.2.3/lib/rack/head.rb:12:in call' /var/canvas/app/middleware/request_throttle.rb:64:in block in call'
/var/canvas/app/middleware/request_throttle.rb:321:in reserve_capacity' /var/canvas/app/middleware/request_throttle.rb:59:in call'
/var/canvas/vendor/bundle/ruby/2.6.0/gems/actionpack-6.0.3.5/lib/action_dispatch/http/content_security_policy.rb:18:in call' /var/canvas/gems/request_context/lib/request_context/session.rb:28:in call'
/var/canvas/vendor/bundle/ruby/2.6.0/gems/rack-2.2.3/lib/rack/session/abstract/id.rb:266:in context' /var/canvas/vendor/bundle/ruby/2.6.0/gems/rack-2.2.3/lib/rack/session/abstract/id.rb:260:in call'
/var/canvas/app/middleware/load_account.rb:29:in call' /var/canvas/vendor/bundle/ruby/2.6.0/gems/actionpack-6.0.3.5/lib/action_dispatch/middleware/cookies.rb:648:in call'
/var/canvas/vendor/bundle/ruby/2.6.0/gems/actionpack-6.0.3.5/lib/action_dispatch/middleware/callbacks.rb:27:in block in call' /var/canvas/vendor/bundle/ruby/2.6.0/gems/activesupport-6.0.3.5/lib/active_support/callbacks.rb:101:in run_callbacks'
/var/canvas/vendor/bundle/ruby/2.6.0/gems/actionpack-6.0.3.5/lib/action_dispatch/middleware/callbacks.rb:26:in call' /var/canvas/vendor/bundle/ruby/2.6.0/gems/actionpack-6.0.3.5/lib/action_dispatch/middleware/actionable_exceptions.rb:18:in call'
/var/canvas/vendor/bundle/ruby/2.6.0/gems/actionpack-6.0.3.5/lib/action_dispatch/middleware/debug_exceptions.rb:32:in call' /var/canvas/vendor/bundle/ruby/2.6.0/gems/actionpack-6.0.3.5/lib/action_dispatch/middleware/show_exceptions.rb:33:in call'
/var/canvas/vendor/bundle/ruby/2.6.0/gems/railties-6.0.3.5/lib/rails/rack/logger.rb:37:in call_app' /var/canvas/vendor/bundle/ruby/2.6.0/gems/railties-6.0.3.5/lib/rails/rack/logger.rb:28:in call'
/var/canvas/vendor/bundle/ruby/2.6.0/gems/actionpack-6.0.3.5/lib/action_dispatch/middleware/remote_ip.rb:81:in call' /var/canvas/vendor/bundle/ruby/2.6.0/gems/request_store-1.5.0/lib/request_store/middleware.rb:19:in call'
/var/canvas/gems/request_context/lib/request_context/generator.rb:71:in call' /var/canvas/vendor/bundle/ruby/2.6.0/gems/rack-2.2.3/lib/rack/method_override.rb:24:in call'
/var/canvas/app/middleware/prevent_non_multipart_parse.rb:33:in call' /var/canvas/vendor/bundle/ruby/2.6.0/gems/rack-2.2.3/lib/rack/runtime.rb:22:in call'
/var/canvas/vendor/bundle/ruby/2.6.0/gems/activesupport-6.0.3.5/lib/active_support/cache/strategy/local_cache_middleware.rb:29:in call' /var/canvas/vendor/bundle/ruby/2.6.0/gems/actionpack-6.0.3.5/lib/action_dispatch/middleware/executor.rb:14:in call'
/var/canvas/vendor/bundle/ruby/2.6.0/gems/rack-2.2.3/lib/rack/sendfile.rb:110:in call' /var/canvas/vendor/bundle/ruby/2.6.0/gems/actionpack-6.0.3.5/lib/action_dispatch/middleware/host_authorization.rb:76:in call'
/var/canvas/vendor/bundle/ruby/2.6.0/gems/railties-6.0.3.5/lib/rails/engine.rb:527:in call' /var/canvas/vendor/bundle/ruby/2.6.0/gems/railties-6.0.3.5/lib/rails/railtie.rb:190:in public_send'
/var/canvas/vendor/bundle/ruby/2.6.0/gems/railties-6.0.3.5/lib/rails/railtie.rb:190:in method_missing' /usr/lib/ruby/vendor_ruby/phusion_passenger/rack/thread_handler_extension.rb:107:in process_request'
/usr/lib/ruby/vendor_ruby/phusion_passenger/request_handler/thread_handler.rb:149:in accept_and_process_next_request' /usr/lib/ruby/vendor_ruby/phusion_passenger/request_handler/thread_handler.rb:110:in main_loop'
/usr/lib/ruby/vendor_ruby/phusion_passenger/request_handler.rb:416:in block (3 levels) in start_threads' /usr/lib/ruby/vendor_ruby/phusion_passenger/utils.rb:113:in block in create_thread_and_abort_on_exception'`
@pocketcolin
Copy link

pocketcolin commented Nov 29, 2023
edited
Loading

This is still an issue 2 years later. That comment is very misleading.

@nwalters512 nwalters512 linked a pull request Jun 4, 2024 that will close this issue
Open
@prb01-work
Copy link

For anyone stumbling on this step still, you need to do the following:

  1. Open a terminal on the canvas server, and run bundle exec rails console
  2. Then run, CanvasSecurity::RSAKeyPair.new.to_jwk.to_json
  3. Copy the output
  4. Open the /canvas/config/dynamic_settings.yml file, and paste in the new key in the store/canvas/lti-keys area

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Update default LTI keys nwalters512/canvas-lms
3 participants
@opensussex @pocketcolin @prb01-work