-
Improvement
-
Resolution: Fixed
-
Minor
-
None
-
3.3
1. Improve the moodle oauth 2 library so it is compatible with several prominant OAuth APIs (Google, Microsoft, Facebook is a nice start). Some specific problems are use of multi-part form encoding for token requests and duplicating Authentication headers on every request.
2. Provide a central administration page for configuring OAuth services in a generic way (including support for service discovery with OpenID Connect)
3. Allow system wide configuration of an OAuth service account which retrieves a "refresh token" for an OAuth API - allowing the system to retrieve access tokens and use the service account as part of an API.
4. Allow incremental authorization by remembering the approved scopes and requesting re-authentication when the un un-authorized scope is requested.
5. Implement a new auth plugin that displayes the installed OAuth services in a list on the login page and will login and update the user details via OAuth.
- blocks
-
MDL-58126 Update googledocs repository to use \core\oauth2\client
- Closed
- caused a regression
-
MDL-58618 Notice when using MNET auth
- Closed
-
MDL-77382 OAuth 2: broken error handling when denying access to scopes during authorization code flow
- Closed
- has a non-specific relationship to
-
MDL-58631 Insufficient documentation of changes in loginpage_idp_list() method
- Closed
- has been marked as being related by
-
MDL-59473 Poor Validation of Oauth2 Token Response causes a loop of redirections
- Closed
- will help resolve
-
MDL-30149 Create core oauthlib wrapper to handle OAuth centrally
- Closed