@lti-tool/core
v0.12.1
Published
LTI 1.3 implementation for Node.js
Readme
lti-tool core
Core Features
- LTI 1.3 OIDC Flow - Complete authentication and launch verification
- Security - JWT verification, nonce validation, replay attack prevention
- Assignment and Grade Services (AGS) - Score submission to LMS
- Session Management - Secure session creation and retrieval
- Client Management - Platform and deployment configuration
Installation
npm install @lti-tool/coreQuick Start
import { LTITool } from '@lti-tool/core';
const ltiTool = new LTITool({
stateSecret: new TextEncoder().encode('your-secret-key'),
keyPair, // Your RSA keypair
storage: new MemoryStorage(),
});
// Configure your LMS
const clientId = await ltiTool.addClient({
/* ... */
});
await ltiTool.addDeployment(clientId, {
/* ... */
});
// Handle LTI flow
const authUrl = await ltiTool.handleLogin(loginParams);
const payload = await ltiTool.verifyLaunch(idToken, state);
const session = await ltiTool.createSession(payload);Documentation
- API Reference - (Coming soon) Complete API documentation
- Examples - (Coming soon) Working examples
Security
Production security features
- JWT signature verification using platform JWKS
- Nonce validation prevents replay attacks
- State verification prevents CSRF
- Client ID and deployment validation