Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-36580

External Tool does not backup/restore consumer key/secret

    XMLWordPrintable

    Details

    • Testing Instructions:
      Hide
      1. As a teacher in a course create External tool specifying key and secret. For example use http://lti.tools/test/tp.php with any key and secret "secret"
      2. Duplicate activity
      3. Edit the second activity - key and secret should be copied
      4. Create a backup of the course and restore on the same site
      5. Make sure key and secret were restored
      6. Restore the same backup file on another site (upgraded to include this patch)
      7. Make sure key and secret were NOT restored
      8. Visually examine the backup file and make sure that key and secret are present not as a plain text but as encrypted values
      9. On the first site find in the database SELECT value FROM mdl_config_plugins WHERE plugin='backup' AND name='backup_encryptkey'
      10. On the second site add to config.php: $CFG->forced_plugin_settings = array('backup' => array('backup_encryptkey' => 'THEVALUEFROMTHEPREVIOUSSTEP'));
      11. Restore the same backup file on the second site, the key and secret should be restored now

      Restoring an old LTI backup:

      1. Ensure that debug developer is enabled and PHP notices logging is enabled (on display or in logs).
      2. Restore an old backup course containing an LTI module (tip: you can find one attached @ MDL-46451).
      3. Confirm that there isn't any PHP Notice: Undefined property... message shown in the display and/or sent to web server error logs. Note that in display it only appears for 1-second because when the restore process ends, the existing contents are replaced.
      Show
      As a teacher in a course create External tool specifying key and secret. For example use http://lti.tools/test/tp.php with any key and secret "secret" Duplicate activity Edit the second activity - key and secret should be copied Create a backup of the course and restore on the same site Make sure key and secret were restored Restore the same backup file on another site (upgraded to include this patch) Make sure key and secret were NOT restored Visually examine the backup file and make sure that key and secret are present not as a plain text but as encrypted values On the first site find in the database SELECT value FROM mdl_config_plugins WHERE plugin='backup' AND name='backup_encryptkey' On the second site add to config.php: $CFG->forced_plugin_settings = array('backup' => array('backup_encryptkey' => 'THEVALUEFROMTHEPREVIOUSSTEP')); Restore the same backup file on the second site, the key and secret should be restored now Restoring an old LTI backup: Ensure that debug developer is enabled and PHP notices logging is enabled (on display or in logs). Restore an old backup course containing an LTI module (tip: you can find one attached @ MDL-46451 ). Confirm that there isn't any PHP Notice: Undefined property... message shown in the display and/or sent to web server error logs. Note that in display it only appears for 1-second because when the restore process ends, the existing contents are replaced.
    • Affected Branches:
      MOODLE_23_STABLE, MOODLE_32_STABLE, MOODLE_33_STABLE
    • Fixed Branches:
      MOODLE_32_STABLE, MOODLE_33_STABLE
    • Pull from Repository:
    • Pull Master Branch:

      Description

      Talked to Scribner about this and here are some notes:

      Basically it is not secure to backup the consumer key/secret in plain text. Also, restoring these consumer key/secret values to another site is not secure.

      So, one path discussed was the following:

      • On backup, encrypt the consumer key/secret values (These fields are mod_lti.resourcekey and mod_lti.password). The salt for the encryption would be created on demand using complex_random_string() and storing it in config_plugins.
      • On restore and on same site, decrypt the consumer key/secret values and save them to the lti instance record.

      A pitfall that I ran into is I'm not sure how to modify values prior to them being written out to the backup file.

      Another potential route is to store these values in the db as encrypted values. This would required a db upgrade script to convert all of the currently stored values to be encrypted.

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                22 Vote for this issue
                Watchers:
                24 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Fix Release Date:
                  13/Nov/17