CopyBot/mediacms
1
0
Fork 0
mirror of https://github.com/mediacms-io/mediacms.git synced 2026-01-20 15:22:58 -05:00
Code Issues Packages Projects Releases Wiki Activity

this

Browse Source
This commit is contained in:
Markos Gogoulos
2025-12-28 15:23:51 +02:00
parent 43ce685f08
commit 29ab2a715b
2 changed files with 9 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
lti/adapters.py
View File

@@ -120,9 +120,8 @@ class DjangoSessionService:
def check_state_is_valid(self, state, nonce):
"""Check if state is valid"""
state_key = f'state-{state}'
print(f"Checking state validity: state={state}, nonce={nonce}", flush=True)
print(f"Checking state validity: state={state}", flush=True)
print(f"Looking for state_key: {state_key}", flush=True)
print(f"Session keys: {list(self.request.session.keys())}", flush=True)
state_data = self.get_launch_data(state_key)
print(f"State data found: {state_data}", flush=True)
@@ -131,9 +130,10 @@ class DjangoSessionService:
print("ERROR: State data not found in session!", flush=True)
return False
is_valid = state_data.get('nonce') == nonce
print(f"State valid: {is_valid} (expected nonce: {state_data.get('nonce')}, got: {nonce})", flush=True)
return is_valid
# State exists, which is sufficient for CSRF protection
# Nonce is validated by PyLTI1p3 through JWT signature verification
print("State is valid!", flush=True)
return True
def get_cookie(self, key):
"""Get cookie value (for cookie service compatibility)"""