Help, I'm attempting to run the cert for our BLTI implementation and cannot get past this error:
Caught OAuth exception: Invalid signature ours= cxt494mZCIZeivfejnhZSu0Mr8I= yours=oO7V4SjmtrgrXyQyttbHbAuEM9s=

our system is using the same key/secret that I configure in the test setup but yet they appear to be yielding differences. I've showed this to the Dev (I'm the tester) and he is stumped. I did notice when I point to the test harness it goes through the auth process just fine and I do not get this error. This only happens when I run the certification tests on the IMS site. Any thoughts or suggestions?

Edited: 07/10/2012 at 11:55 AM by NateWagner

Are you referring to a tool provider conformance test at http://www.imsglobal.org/devel...p1/cert/toolsetup.php? It sounds to me like an incorrect key and/or secret is being used for the launch? Does the correct key and secret appear in the line below the "Set Data in Session" button? Does the correct key value appear at the top of the test pages? Are there any unusual characters in either the key or secret?

I'm sorry, I should have stated this is for an LMS cert, consumer test. I have verified the key/secret we configured in our LMS for the test cert launch matches what I configured in the test setup:
http://www.imsglobal.org/devel...lti-cert/lmssetup.php

running the test I get this result/error



IMS Basic LTI LMS Certification
http://www.imsglobal.org" target="_new
http://www.imsglobal.org/image...slogo96dpi-ialsm2.jpg

Test Setup key=069ed5c5fb71870a91ea4b5381e71bee software=eCollege BLTI LTI-1p0

OAuth Base String:
POST&http%3A%2F%2Fwww.imsglobal.org%2Fdevelopers%2Falliance%2FLTI%2Fblti-cert%2Flmscert.php&context_id%3D39a85e21-4399-4d95-aa07-9b1b60c9ea3c%26context_label%3DBLTI_CERT_101%26context_title%3DBLTI%2520CERT%2520101%26context_type%3DCourseSection%26launch_presentation_locale%3Den-US%26launch_presentation_return_url%3Dhttp%253A%252F%252Fblti.next.qaprod.ecollege.com%252Flaunch%252Ferror%26lis_person_contact_email_primary%3DPeterGriffin%2540eclg.com%26lis_person_name_family%3DGriffin%26lis_person_name_full%3DPeter%2520Griffin%26lis_person_name_given%3DPeter%26lti_message_type%3Dbasic-lti-launch-request%26lti_version%3DLTI-1p0%26oauth_consumer_key%3D069ed5c5fb71870a91ea4b5381e71bee%26oauth_nonce%3D5356601%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1342021056%26oauth_version%3D1.0%26resource_link_id%3D2189833%253A0123456789%26resource_link_title%3DBLTI%2520Test%26roles%3DInstructor%26tool_consumer_instance_description%3DArlington%252C%2520Texas%2520Degree%26tool_consumer_instance_guid%3Dcorin.cci.amid.degr.%26tool_consumer_instance_name%3Dcorin%26user_id%3D908f6c01-c018-4aed-9738-f9e062e3363e%26x%3DWith%2520Space%26y%3Dyes


Caught OAuth exception: Invalid signature ours= xYNHmpggPIriHzX+BazCsHEgYwo= yours=OhtI5I8TBqjbhJ7oYslFZZXhgNo=</p>

Base String: (View source to see real string)

POST&http%3A%2F%2Fwww.imsglobal.org%2Fdevelopers%2Falliance%2FLTI%2Fblti-cert%2Flmscert.php&context_id%3D39a85e21-4399-4d95-aa07-9b1b60c9ea3c%26context_label%3DBLTI_CERT_101%26context_title%3DBLTI%2520CERT%2520101%26context_type%3DCourseSection%26launch_presentation_locale%3Den-US%26launch_presentation_return_url%3Dhttp%253A%252F%252Fblti.next.qaprod.ecollege.com%252Flaunch%252Ferror%26lis_person_contact_email_primary%3DPeterGriffin%2540eclg.com%26lis_person_name_family%3DGriffin%26lis_person_name_full%3DPeter%2520Griffin%26lis_person_name_given%3DPeter%26lti_message_type%3Dbasic-lti-launch-request%26lti_version%3DLTI-1p0%26oauth_consumer_key%3D069ed5c5fb71870a91ea4b5381e71bee%26oauth_nonce%3D5356601%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1342021056%26oauth_version%3D1.0%26resource_link_id%3D2189833%253A0123456789%26resource_link_title%3DBLTI%2520Test%26roles%3DInstructor%26tool_consumer_instance_description%3DArlington%252C%2520Texas%2520Degree%26tool_consumer_instance_guid%3Dcorin.cci.amid.degr.%26tool_consumer_instance_name%3Dcorin%26user_id%3D908f6c01-c018-4aed-9738-f9e062e3363e%26x%3DWith%2520Space%26y%3Dyes

Raw GET Parameters:

x=With Space
y=yes
Raw POST Parameters:

context_id=39a85e21-4399-4d95-aa07-9b1b60c9ea3c
context_label=BLTI_CERT_101
context_title=BLTI CERT 101
context_type=CourseSection
launch_presentation_locale=en-US
launch_presentation_return_url=http://blti.next.qaprod.ecollege.com/launch/error
lis_person_contact_email_primary=PeterGriffin@eclg.com
lis_person_name_family=Griffin
lis_person_name_full=Peter Griffin
lis_person_name_given=Peter
lti_message_type=basic-lti-launch-request
lti_version=LTI-1p0
oauth_consumer_key=069ed5c5fb71870a91ea4b5381e71bee
oauth_nonce=5356601
oauth_signature=OhtI5I8TBqjbhJ7oYslFZZXhgNo=
oauth_signature_method=HMAC-SHA1
oauth_timestamp=1342021056
oauth_version=1.0
resource_link_id=2189833:0123456789
resource_link_title=BLTI Test
roles=Instructor
tool_consumer_instance_description=Arlington, Texas Degree
tool_consumer_instance_guid=corin.cci.amid.degr.
tool_consumer_instance_name=corin
user_id=908f6c01-c018-4aed-9738-f9e062e3363e

Anyone able to help out here, we are stuck attempting to get our LMS certified and at this point are unable to determine why everything is working with this test harness but when we attempt the Cert we get a mismatch on the Oauth sig.

Nate,

The only way is to check the base strings and compare them character by character. That is wy our test suite dumps out the base string.

/Chuck

This is why I came here....similar issue. I will try to compare character by character to see if it works.

I have compared the base string to the Oauth string and they are identical, which has me a bit perplexed as to how the auth sigs are different.

The base string is the long thing that looks like this. I have never found a situation where these matched and the signatures was different. The signature is computed directly from this string. Make sure you are not just looking at the first few characters...

POST&http%3A%2F%2Flocalhost%2F~csev%2Flti%2Ftool.php&context_id%3D456434513%26context_label%3DSI182%26context_title%3DDesign%2520of%2520Personal%2520Environments%26ext_submit%3DPress%2520to%2520Launch%26launch_presentation_css_url%3Dhttp%253A%252F%252Flocalhost%252F~csev%252Flti-ext%252Flms.css%26lis_person_contact_email_primary%3Duser%2540school.edu%26lis_person_name_family%3DPublic%26lis_person_name_full%3DJane%2520Q.%2520Public%26lis_person_name_given%3DGiven%26lis_person_sourcedid%3Dschool.edu%253Auser%26lti_message_type%3Dbasic-lti-launch-request%26lti_version%3DLTI-1p0%26oauth_callback%3Dabout%253Ablank%26oauth_consumer_key%3D12345%26oauth_nonce%3D509c8932023f99a83e5b9d0ce39c61a5%26oauth_signature_method%3DHMAC-SHA1%26oauth_timestamp%3D1342872571%26oauth_version%3D1.0%26resource_link_description%3DA%2520weekly%2520blog.%26resource_link_id%3D120988f929-274612%26resource_link_title%3DWeekly%2520Blog%26roles%3DInstructor%26tool_consumer_info_product_family_code%3Dims%26tool_consumer_info_version%3D1.0%26tool_consumer_instance_description%3DUniversity%2520of%2520School%2520%2528LMSng%2529%26tool_consumer_instance_guid%3Dlmsng.school.edu%26user_id%3D292832126