always include the tool nonce

why: a previous commit erroneously included the tool nonce only when the
     associated tool 'consumer_key' was present. This prevents an LTI
     tool from launching correctly (or at all)

refs INTEROP-8624

test plan:
- all specs pass
- successfully launch the LTI 1.3 Test Tool from an assignment

Change-Id: I96f8f0d23c73b97eb8052a656c2f3626096fc6c8
Reviewed-on: https://gerrit.instructure.com/c/canvas-lms/+/352421
Reviewed-by: Bence Árpási <bence.arpasi@instructure.com>
QA-Review: Bence Árpási <bence.arpasi@instructure.com>
Product-Review: Bence Árpási <bence.arpasi@instructure.com>
Tested-by: Service Cloud Jenkins <svc.cloudjenkins@instructure.com>

lib/lti/messages/jwt_message.rb

@@ -92,9 +92,9 @@ module Lti::Messages
 
     def self.cached_hash_to_launch(launch_payload, nonce)
       post_payload = launch_payload["post_payload"]
+      post_payload["nonce"] = nonce
       assoc_tool_data = launch_payload["assoc_tool_data"]
       if assoc_tool_data["consumer_key"].present?
-        post_payload["nonce"] = nonce
         signature = Lti::Helpers::JwtMessageHelper.generate_oauth_consumer_key_sign(assoc_tool_data, post_payload, nonce)
         post_payload["https://purl.imsglobal.org/spec/lti/claim/lti1p1"]["oauth_consumer_key"] = assoc_tool_data["consumer_key"]
         post_payload["https://purl.imsglobal.org/spec/lti/claim/lti1p1"]["oauth_consumer_key_sign"] = signature

spec/lib/lti/messages/jwt_message_spec.rb

@@ -209,10 +209,6 @@ describe Lti::Messages::JwtMessage do
         expect(decoded_jwt).not_to include "iss"
       end
 
-      it 'does not set the "nonce" claim' do
-        expect(decoded_jwt).not_to include "nonce"
-      end
-
       it 'does not set the "sub" claim' do
         expect(decoded_jwt).not_to include "sub"
       end