Add LTI 1.3 support with OIDC login and JWT authentication

[Copilot]

This PR implements minimal LTI 1.3 support alongside the existing LTI 1.0 functionality, providing a complete Learning Tools Interoperability solution.

What's Changed

New LTI 1.3 Endpoints

• GET /lti13/login - OIDC login initiation endpoint that handles the first step of LTI 1.3 authentication flow
• POST /lti13/launch - JWT token verification and launch handler for completing LTI 1.3 launches

Key Features

• OIDC Compliance: Implements proper OpenID Connect flow with state, nonce, and redirect parameters
• JWT Support: Handles LTI 1.3 JWT tokens with proper claims validation
• Security: Nonce-based replay attack prevention for both LTI versions
• Backward Compatibility: Maintains full compatibility with existing LTI 1.0 integrations

Example Usage

The LTI 1.3 login endpoint accepts standard OIDC parameters:

curl "http://localhost:3000/lti13/login?iss=https://platform.example.com&login_hint=testuser&target_link_uri=http://localhost:3000/lti13/launch"

This returns a proper OIDC redirect:

HTTP/1.1 303 See Other
location: https://platform.example.com/auth?response_type=id_token&client_id=rust-mini-lti-app&redirect_uri=http://localhost:3000/lti13/launch&login_hint=testuser&state=state_1234567890&response_mode=form_post&nonce=nonce_1234567890&prompt=none

Implementation Details

• Minimal JWT Verification: For demonstration purposes, signature verification is disabled. Production deployments should enable proper RSA signature verification.
• Claim Validation: Validates required LTI 1.3 claims including message type, version, and deployment ID
• Error Handling: Improved graceful error handling prevents panics on malformed requests
• Testing: Includes comprehensive integration tests covering both LTI versions

Dependencies Added

• jsonwebtoken - JWT token handling and verification
• rsa - RSA key operations for JWT signatures
• serde_json - JSON serialization (already available)

The implementation maintains the lightweight nature of the original application while providing modern LTI 1.3 compatibility for integration with contemporary learning management systems.

---

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.