Steps to reproduce:
1. Run Opencast without HTTPS
2. Configure a HTTP proxy to use HTTPS and set the "X-Forwarded-SSL" header to "on". Configure Opencast to uses the proxy URL.
3. Configure LTI and try to authenticate
An error is returned:
HTTP ERROR 401
Problem accessing /lti. Reason:
Invalid signature for signature method HMAC-SHA1
The problem is that the SignatureBaseString of OAuth still contains "http" instead of "https" and thus validation fails. This is a result of a bug in `modules/matterhorn-kernel/src/main/java/org/opencastproject/kernel/filter/https/HttpsRequestWrapper.java:46` where `originalURL` is reseted to the "http" one.
The LTI tool is displayed.