This repository was archived by the owner on Jun 27, 2018. It is now read-only.
Support for SHA256 signature methodΒ #17
Description
Hey,
Is there a reason why SHA256 is not registered as an accepted signature method?
When I'm trying to authenticate a LTI launch request signed with SHA256 I'm getting an error from \IMSGlobal\LTI\OAuth\OAuthServer::get_signature_method that only SHA1 can be used.
If we add this line to https://github.com/IMSGlobal/LTI-Tool-Provider-Library-PHP/blob/master/src/ToolProvider/ToolProvider.php#L772 everything works as expected:
$server->add_signature_method(new OAuth\OAuthSignatureMethod_HMAC_SHA256());
Is there a way to configure ToolProvider to accept this signature method?
Thanks,
Mario