params[u'oauth_signature'] = urllib.unquote(params[u'oauth_signature']).decode('utf8') # Add LTI parameters to OAuth parameters for sending in form. params.update(body) return params def max_score(self): return self.weight if self.has_score else None @XBlock.handler def grade_handler(se...
It is the provider's responsibility to confirm the signature on the POST request. If the signature is invalid then none of the information should be trusted. If the signature is valid then you should accept the identity assertion provided by the consumer and log the user in to your service....