amazon-ec2lticanvas-lms

Canvas LTI works on AWS dev but returns Invalid consumer key on production (Load balancer)


I am implementing a basic canvas LTI from a client to our AWS EC2. It works fine when the endpoint is our dev EC2. However, when the endpoint is our live site, in which the EC2s are behind a load balancer, it fails with "Invalid consumer key"

The base code is exactly the same and the EC2s are all from the same AMI.

Any ideas are appreciated!


Solution

  • The issue is that the aws load balancer was connecting to the EC2 targets via http port 80 and this was causing oauth to fail.

    I am not sure how changing/adding https/443 to the Target groups will affect my autoscaling group and health checks etc, so I edited the OAuth.php file, removing the part in the from_request function that checks if the server is https because we'll always be connecting via https for this.

    Changed this:

    public static function from_request($http_method=NULL, $http_url=NULL, $parameters=NULL) {
        $scheme = (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != "on")
                  ? 'http'
                  : 'https';
        $http_url = ($http_url) ? $http_url : $scheme .
                                  '://' . $_SERVER['SERVER_NAME'] .
                                  ':' .
                                  $_SERVER['SERVER_PORT'] .
                                  $_SERVER['REQUEST_URI'];
    
    

    To this:

     public static function from_request($http_method=NULL, $http_url=NULL, $parameters=NULL) {        
            $scheme = 'https';
            $http_url = ($http_url) ? $http_url : $scheme .
                '://' . $_SERVER['SERVER_NAME'] .
                ':' .
                443 .
                $_SERVER['REQUEST_URI'];