-
Bug
-
Resolution: Fixed
-
Major
-
2.3.3, 3.2.5, 3.3.2
-
MOODLE_23_STABLE, MOODLE_32_STABLE, MOODLE_33_STABLE
-
MOODLE_32_STABLE, MOODLE_33_STABLE
-
Talked to Scribner about this and here are some notes:
Basically it is not secure to backup the consumer key/secret in plain text. Also, restoring these consumer key/secret values to another site is not secure.
So, one path discussed was the following:
- On backup, encrypt the consumer key/secret values (These fields are mod_lti.resourcekey and mod_lti.password). The salt for the encryption would be created on demand using complex_random_string() and storing it in config_plugins.
- On restore and on same site, decrypt the consumer key/secret values and save them to the lti instance record.
A pitfall that I ran into is I'm not sure how to modify values prior to them being written out to the backup file.
Another potential route is to store these values in the db as encrypted values. This would required a db upgrade script to convert all of the currently stored values to be encrypted.