Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-30043

login/token.php: should only check for EXTERNAL_TOKEN_PERMANENT

          Details

          • Type: Bug
          • Status: Closed
          • Priority: Major
          • Resolution: Fixed
          • Affects Version/s: 2.2
          • Fix Version/s: 2.2
          • Component/s: Web Services
          • Labels:
            None
          • Testing Instructions:
            Hide

            1- create a web service (enabled and authorised for a specific username)
            2- in the mysql/postgres 'external_services' table, set manually the SHORTNAME
            3- Enter in your browser: http://yourmoodle/login/token.php?service=SHORTNAME&username=USERNAME&password=PASSWORD

            //use a no-admin user who has the moodle/webservice:createtoken capability
            a) the user never visited his security keys page (i.e. no token exists for him) and everything is set up correctly => a token is returned
            b) you run a) a new time (so a token has been generated) => the same token is returned.

            Show
            1- create a web service (enabled and authorised for a specific username) 2- in the mysql/postgres 'external_services' table, set manually the SHORTNAME 3- Enter in your browser: http://yourmoodle/login/token.php?service=SHORTNAME&username=USERNAME&password=PASSWORD //use a no-admin user who has the moodle/webservice:createtoken capability a) the user never visited his security keys page (i.e. no token exists for him) and everything is set up correctly => a token is returned b) you run a) a new time (so a token has been generated) => the same token is returned.
          • Affected Branches:
            MOODLE_22_STABLE
          • Fixed Branches:
            MOODLE_22_STABLE
          • Pull from Repository:
          • Pull Master Branch:
          • Pull Master Diff URL:

            Description

            The login/token.php should not return a mix of different type of token. By default it should be EXTERNAL_TOKEN_PERMANENT (not sure if the script should return EXTERNAL_TOKEN_EMBEDDED though...)

              Gliffy Diagrams

                Attachments

                  Activity

                  Ascending order - Click to sort in descending order
                  Hide
                  Permalink
                  jerome Jérôme Mouneyrac added a comment -

                  Note that this fix is dependant of MDL-29931 being integrated first, it's why the compare URL is against MDL-29931.

                  Show
                  jerome Jérôme Mouneyrac added a comment - Note that this fix is dependant of MDL-29931 being integrated first, it's why the compare URL is against MDL-29931 .
                  Hide
                  Permalink
                  stronk7 Eloy Lafuente (stronk7) added a comment -

                  The main moodle.git repository has just been updated with latest weekly modifications. You may wish to rebase your PULL branches to simplify history and avoid any possible merge conflicts. This would also make integrator's life easier next week.

                  TIA and ciao

                  Show
                  stronk7 Eloy Lafuente (stronk7) added a comment - The main moodle.git repository has just been updated with latest weekly modifications. You may wish to rebase your PULL branches to simplify history and avoid any possible merge conflicts. This would also make integrator's life easier next week. TIA and ciao
                  Hide
                  Permalink
                  stronk7 Eloy Lafuente (stronk7) added a comment -

                  Not knowing a word about token types... if you think restricting by EXTERNAL_TOKE_PERMANENT is ok... I'm ok.

                  Integrated, thanks!

                  Show
                  stronk7 Eloy Lafuente (stronk7) added a comment - Not knowing a word about token types... if you think restricting by EXTERNAL_TOKE_PERMANENT is ok... I'm ok. Integrated, thanks!
                  Hide
                  Permalink
                  rwijaya Rossiani Wijaya added a comment -

                  This is working great.

                  Test passed.

                  Show
                  rwijaya Rossiani Wijaya added a comment - This is working great. Test passed.
                  Hide
                  Permalink
                  stronk7 Eloy Lafuente (stronk7) added a comment -

                  Yes, you got this finally upstream, just in time for Moodle 2.2beta. Congrats and thanks!

                  Ciao

                  Show
                  stronk7 Eloy Lafuente (stronk7) added a comment - Yes, you got this finally upstream, just in time for Moodle 2.2beta. Congrats and thanks! Ciao

                    People

                    • Votes:
                      0 Vote for this issue
                      Watchers:
                      0 Start watching this issue

                      Dates

                      • Created:
                        Updated:
                        Resolved:
                        Fix Release Date:
                        5/Dec/11