Dynamic Registration Uses Invalid Error Response Body

[jsbass]

Summary:

Canvas's dynamic registration response does not match the LTI/OIDC specification for an error response to dynamic registration.
OIDC Spec
LTI Spec

Steps to reproduce:

1. Use tool dynamic registration endpoint that sends invalid parameters to the registration URL
2. Receive error response from Canvas
3. Observe that the response body does not match the expected parameters

Expected behavior:

A 400 HTTP Status Code with a JSON body formed with at least the following parameters:

{
    "error": "invalid_redirect_uri | invalid_client_metadata | *other_code*",
    "error_description": ""
}

Actual behavior:

A 422 HTTP Status Code with a JSON body as below:

{
    "errors": [""]
}

Additional notes:

Non standard error codes and extra parameters are valid but the message should at least have the expected parameters in the error response as well as use the expected HTTP status code.

[jsbass]

Not sure how to handle the incorrect status code to not break existing integrations but, it should be easy enough to add the standard parameters but leave the "errors" parameter to the response body as well to support backwards compatibility.