LTI-XXX: patch for searching the right tool when the launch is starting

app/controllers/concerns/open_id_authenticator.rb

@@ -71,10 +71,7 @@ def validate_nonce(jwt_body)
   def validate_registration(jwt_body)
     issuer = jwt_body['iss']
 
-    options = {}
-    options['client_id'] = jwt_body['aud']
-
-    registration = RailsLti2Provider::Tool.find_by_issuer(issuer, options)
+    registration = RailsLti2Provider::Tool.find_by_issuer(issuer, { 'client_id' => jwt_body['aud'] })
 
     raise CustomError, :not_registered if registration.nil?
     raise CustomError, :disabled if registration.disabled?

app/controllers/concerns/platform_validator.rb

@@ -27,7 +27,8 @@ def lti_secret(key, _options = {})
 
   # LTI 1.3
   def lti_registration_exists?(iss, options = {})
-    RailsLti2Provider::Tool.find_by_issuer(iss, options).present?
+    registration = lti_registration(iss, options)
+    registration.present?
   end
 
   def lti_registration_params(iss, options = {})

app/controllers/message_controller.rb

@@ -226,12 +226,11 @@ def process_openid_message
     @jwt_body = jwt[:body]
     logger.debug("JWT Body: #{@jwt_body}")
 
-    tool = lti_registration(@jwt_body['iss'])
+    tool = RailsLti2Provider::Tool.find_by(uuid: @jwt_body['iss'], shared_secret: @jwt_body['aud'])
     # Cleanups the lti_launches table from old launches.
     tool.lti_launches.where('created_at < ?', 1.day.ago).delete_all
-    nonce = @jwt_body['nonce']
-    message = @jwt_body.merge(@jwt_header)
-    @lti_launch = tool.lti_launches.create(nonce: nonce, message: message)
+    # Create a new lti_launch.
+    @lti_launch = tool.lti_launches.create(nonce: @jwt_body['nonce'], message: @jwt_body.merge(@jwt_header))
 
     #############################
     # Monkey patch for Canvas: validate kid in registration, if not present, add the one in the jwt header.