wordpress LTI consumer plugin

194 views
Skip to first unread message

Carl LeBlond

unread,
Dec 23, 2016, 8:19:35 AM12/23/16
to Tsugi Developers
Hi All,

I'm trying to get this wordpress lti consumer plugin to play nice with tsugi.  Initially it complained about no PHPSESSID being posted so i add the following 


and


Now Tsugi complains that "You must be logged in to launch this content."

I'm close!  Any ideas?

Carl

Charles Severance

unread,
Dec 24, 2016, 10:37:53 AM12/24/16
to Tsugi Developers, Carl LeBlond
Carl,

You are going in the wrong direction.   There are two sessions - one from the WordPress and one from the LTI tool.  Thy are not the same.  The launch sequence is like this:

1) WordPress produces a form with the url, key, and secret and the OAuth signature + values

2) The browser POSTs that form to the Tsugi Tool using JavaScript.

3) When Tsugi receives that POST, it checks the key and secret for validity and if the key and secret are correct it makes a new session and puts the Tsugi login information into this new session.

4) Tsugi does a 302 redirect back to itself with the PHPSESSID as a GET parameter.   When Tsugi sees the GET request, it looks in the session for the Tsugi login information before it proceeds.

The message you are seeing is because you indeed made a session but it does not have the required Tsugi log in data.

You cannot “transfer” the WordPress session to Tsugi - that won’t work - you just need to launch Tsugi with the URL, key, and secret and let Tsugi do its thing.

I am still trying to figure out why the normal flow does not work for you.  

Does each user already have a WordPress account that they are logged in to?  The goal of LTI is to be logged in on one system (i.e. WordPress) and pass the log in information to a second system so the second system can *create* an account for that user.

The WordPress LTI Consumer is designed for that use case - Wordpress is being used as an LMS - all the students have WordPress accounts and they want to launch the tool and have those logins follow them to the tool.   

Make sense?

/Chuck

--
You received this message because you are subscribed to the Google Groups "Tsugi Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email to tsugi-dev+...@apereo.org.
Visit this group at https://groups.google.com/a/apereo.org/group/tsugi-dev/.

Carl LeBlond

unread,
Dec 24, 2016, 12:57:22 PM12/24/16
to Tsugi Developers
I see.  Thanks for the overview...I definitely have  a lot to learn.  I'm scrapping the wordpress idea anyway.

I was basically looking for a light weight front end that I could allow special users access to my Tsugi mods without going through their LMS.

In the end I should probably just use an LMS so i could have demos and such.
Reply all
Reply to author
Forward
0 new messages