lti13: Core functionality for LTI 1.3.

This is a package candidate release! Here you can preview how this package release will appear once published to the main package index (which can be accomplished via the 'maintain' link below). Please note that once a package has been published to the main package index it cannot be undone! Please consult the package uploading documentation for more information.

[maintain] [Publish]

A library implementing the core LTI 1.3 authentication protocol, suitable for use in implementing libraries for any web framework. An example use is

[Skip to Readme]


Change log
Dependencies aeson (>=1.4.7 && <1.6), base (>=4.12.0 && <5), bytestring (>=0.10.10 && <0.11), containers (>=0.6.2 && <0.7), http-client (>=0.6.4 && <0.7), http-types (>=0.12.3 && <0.13), jose-jwt (>=0.8.0 && <0.10), oidc-client (>=0.5.1 && <0.7), safe-exceptions (>=0.1.7 && <0.2), text (>=1.2.4 && <1.3) [details]
License LGPL-3.0-only
Author Jade
Maintainer Jade <software at lfcode dot ca>
Category Web
Bug tracker
Source repo head: git clone
Uploaded by jade at 2021-07-29T00:46:24Z


[Index] [Quick Jump]


Maintainer's Corner

Package maintainers

For package maintainers and hackage trustees

Readme for lti13-

[back to package description]


This is a minimal implementation of LTI 1.3 authentication for Haskell. It supports performing LTI launches and getting most of the interesting fields of the resource link request.

This library is intended to be used in developing integrations with web frameworks, although it can be used directly. A sample integration is yesod-auth-lti13.

Correct usage

Client code is expected to maintain a CSRF token, the state parameter, in session storage and check it is the same as the one from handleAuthResponse, failing authentication if it is not. Future versions of the library may introduce a mandatory callback to ensure clients do this. For an example of this, see the yesod-auth-lti13 sources.