Skip to content

Commit d45fb80

Browse files
pgvandeldenpgvandelden
committed
use sha256 in launch
1 parent c9d4b91 commit d45fb80

File tree

2 files changed

+8
-8
lines changed

2 files changed

+8
-8
lines changed

lib/lti.ex

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,7 @@ defmodule LTI do
1515
oauth_version: "1.0",
1616
oauth_nonce: nonce(),
1717
oauth_timestamp: timestamp(),
18-
oauth_signature_method: "HMAC-SHA1"
18+
oauth_signature_method: "HMAC-SHA256"
1919
}
2020
end
2121

@@ -28,7 +28,7 @@ defmodule LTI do
2828
%OAuthData{} = oauth_params,
2929
%LaunchParams{} = launch_params
3030
) do
31-
:sha
31+
:sha256
3232
|> hmac_fun(
3333
encode_secret(secret),
3434
base_string(creds, oauth_params, launch_params)

test/lti_test.exs

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -27,7 +27,7 @@ defmodule LTITest do
2727
oauth_version: "1.0",
2828
oauth_nonce: "nonce",
2929
oauth_timestamp: "timestamp",
30-
oauth_signature_method: "HMAC-SHA1"
30+
oauth_signature_method: "HMAC-SHA256"
3131
}
3232

3333
@valid_launch_params %LTI.LaunchParams{
@@ -52,12 +52,12 @@ defmodule LTITest do
5252
launch_data = LTI.launch_query(oauth_params, @valid_launch_params, [])
5353

5454
assert "roles=Student" in launch_data
55-
assert "oauth_signature_method=HMAC-SHA1" in launch_data
55+
assert "oauth_signature_method=HMAC-SHA256" in launch_data
5656
end
5757

5858
test "signature/3 encodes all the variables" do
5959
assert LTI.signature(@credentials, @oauth_credentials, @valid_launch_params) ==
60-
"NgK2X7WQb+CwHikcJMjqnJTsSBk="
60+
"709pOpaAubqFMg2w3dPgNj5psL2NKr+of14tl3dYC2c="
6161
end
6262

6363
test "signature/3 encodes all the variables, with url with capitals" do
@@ -66,20 +66,20 @@ defmodule LTITest do
6666
@oauth_credentials,
6767
@valid_launch_params
6868
) ==
69-
"NgK2X7WQb+CwHikcJMjqnJTsSBk="
69+
"709pOpaAubqFMg2w3dPgNj5psL2NKr+of14tl3dYC2c="
7070
end
7171

7272
test "signature/3 with url with query string parameters" do
7373
assert LTI.signature(@credentials_with_query_string, @oauth_credentials, @valid_launch_params) ==
74-
"68JVqL7aRC1meflszD8p+onIvWI="
74+
"LzQhP77ayGyHsS7RnRLzHuLd56Oy1+iL1h9HY2tyGmk="
7575
end
7676

7777
test "signature/3 with url with query string with nested query parameters" do
7878
assert LTI.signature(
7979
@credentials_with_nested_query_string,
8080
@oauth_credentials,
8181
@valid_launch_params
82-
) == "f/DC8AEzcDcMUPs07nc0tPG8/CM="
82+
) == "AUU3pCgwluS7tRBLRCGnXeoY9MK2NCX+P5VpofkIgE0="
8383
end
8484

8585
test "oauth_params/1 should always be different" do

0 commit comments

Comments
 (0)