Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-55331

Put in place a proper OIDC Implementation

    XMLWordPrintable

Details

    • Improvement
    • Status: Closed
    • Critical
    • Resolution: Fixed
    • 3.3, 3.4.3, 3.5, 3.6, Future Dev
    • 3.9.18
    • Authentication
    • MOODLE_33_STABLE, MOODLE_34_STABLE, MOODLE_35_STABLE, MOODLE_36_STABLE
    • MOODLE_39_STABLE
    • MDL-55331-oauth2-oidc
    • Hide

      Install the dependencies from Composer
      1. Make sure to have composer installed.
      2. Go to the moodle/auth/oauth2 directory.
      3. Open terminal for the directory.
      4. Run install command from the composer :
      $php composer.phar install

      Moodle Setup for OIDC
      1. Go to "Site administration".
      2. Select Server -> OAuth 2 Services.
      3. Set a new OIDC Service, ex. "Create a new Google service" oder "new custom service".
      4. Complete the setting for the OIDC service, Client ID service, depends on the OIDC provider.
      5. Finish the setting.
      6. Try to login with the new created OIDC service.
      7. The rest of the process will be automatically executed.
      8. The patch code will prove the incoming package from OIDC Service and verify the signature of the incoming ID Token.
      9. If the validation process failed an error would be returned.

      Show
      Install the dependencies from Composer 1. Make sure to have composer installed. 2. Go to the moodle/auth/oauth2 directory. 3. Open terminal for the directory. 4. Run install command from the composer : $php composer.phar install Moodle Setup for OIDC 1. Go to "Site administration". 2. Select Server -> OAuth 2 Services. 3. Set a new OIDC Service, ex. "Create a new Google service" oder "new custom service". 4. Complete the setting for the OIDC service, Client ID service, depends on the OIDC provider. 5. Finish the setting. 6. Try to login with the new created OIDC service. 7. The rest of the process will be automatically executed. 8. The patch code will prove the incoming package from OIDC Service and verify the signature of the incoming ID Token. 9. If the validation process failed an error would be returned.

    Description

      See https://moodle.org/plugins/auth_oidc for the plugin which is being widely used.

      Please review it for any major issues (especially security issues) and let's aim to get this integrated in core for 3.2.

      Attachments

        Issue Links

          has been marked as being related by

          Task - A task that needs to be completed. Tasks usually refer to work that must be done outside the product. MDL-55332 Evaluate oEmbed filter for integration in core (filter_oembed)

          • Critical - Crashes server, loss of data, severe memory leak
          • Closed

          Task - A task that needs to be completed. Tasks usually refer to work that must be done outside the product. MDL-50951 POLICY: Accepting new plugins into Moodle and removing unpopular ones

          • Minor - Minor loss of function where workaround is possible
          • Closed
          is blocked by

          Improvement - An enhancement to an existing Moodle feature. MDL-49672 Policy: Include third-party libraries using composer

          • Critical - Crashes server, loss of data, severe memory leak
          • Open
          is duplicated by

          Improvement - An enhancement to an existing Moodle feature. MDL-62647 OIDC Implementation to the moodle Core

          • Minor - Minor loss of function where workaround is possible
          • Closed

          Activity

            People

              phish108 Christian Glahn
              dougiamas Martin Dougiamas
              David Woloszyn, Huong Nguyen, Jake Dallimore, Meirza, Michael Hawkins, Raquel Ortega, Safat Shahin, Stevani Andolo
              Votes:
              13 Vote for this issue
              Watchers:
              19 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:
                14/Nov/22