Very Basic NodeJS and LTI to Check LTI Parameters

Blog Post created by ahulme on Jan 22, 2018

I had a support case recently to check the Custom Parameters being send from Learn via LTI.  My normal go to is http://ltiapps.net as this works great for testing LTI both as a consumer and provider.


In my case I wanted to test using SSL and have a go with NodeJS.


Borrowing some of the code from the Signup List B2-to-REST Migration it was simple to create my first LTI tool with NodeJS just to return the values passed in the LTI Body. The project is attached here.





/*jshint sub:true*/
var https = require('http');
var fs = require('fs');
var express = require('express');
var app = express();
var lti = require('ims-lti');
var _ = require('lodash');
var bodyParser  = require('body-parser');
//I got the key I got the secrete #Urban Cookie Collective

var ltiKey = "mykeyagain";
var ltiSecret = "mysagain";

app.engine('pug', require('pug').__express);

app.use(bodyParser.urlencoded({ extended: false }));

app.set('view engine', 'pug');

//Setup a POST endpoint to take anything going to /launch_lti
app.post('/launch_lti', function(req, res, next){

  req.body = _.omit(req.body, '__proto__');
      if (req.body['oauth_consumer_key']===ltiKey){
          var provider = new lti.Provider(ltiKey, ltiSecret);
         //Check is the Oauth  is valid using the LTI plugin for NodeJS.
              provider.valid_request(req, function (err, isValid){
                  if (err) {
                  console.log('Error in LTI Launch:' + err);
                  else {
                  if (!isValid) {
                    console.log('\nError: Invalid LTI launch.');
                    res.status(500).send({ error: "Invalid LTI launch" });
                  else {
                      //User is Auth so pass back when ever we need. in this case we use pug to render the values to screen
                      res.render('start', { title: 'LTI SETTINGS', CourseID: 'CourseID: '+req.body['context_id'], userID: 'UserID: '+req.body['user_id'], UserRole: 'Course Role: '+req.body['roles'], FulllogTitle: 'Full Log: ', Fulllog: JSON.stringify(req.body) });
  else {
      console.log('LTI KEY NOT MATCHED:');
      res.status(403).send({ error: "LTI KEY NOT MATCHED" });      


//Setup the http server, When delyed locally this will run on port 5000, when deployed on Heroku it will assign a port and add SSL
var server = https.createServer(app).listen(process.env.PORT || 5000, function(){
  console.log("https server started");



I then deployed this to heroku so It would add SSL and is available for anyone to test.



Tool URL: https://porttestsupport.herokuapp.com/launch_lti

Key: mykeyagain

Secrete: mysagain


Add this to Learn as a course tool and when clicked it will give you the full Parameter list sent to the LTI tool.  This is the output from a Test Student.