Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-59844

Enable OAuth 2 token-based authentication for requests in webdav_client

XMLWordPrintable

    • MOODLE_33_STABLE, MOODLE_34_STABLE
    • MOODLE_34_STABLE
    • MDL-59844-master
    • Hide
      1. Install the patched repository_owncloud plugin (https://github.com/learnweb/moodle-repository_owncloud, branch: demo-mdl-59844): git clone https://github.com/learnweb/moodle-repository_owncloud.git -b demo-mdl-59844 repository/owncloud.
      2. Set up Nextcloud (for convenience, get a short-term demo from https://demo.nextcloud.com)
      3. In Nextcloud settings, configure a client for Moodle: Login to Nextcloud as admin; Navigate to Settings -> Admin -> Security; Add a client (Name: "Moodle", Redirection URI: "Your Moodle URL + /admin/oauth2callback.php" – the redirect must be reachable from your machine, not from Nextcloud, e.g. "localhost" is fine!).
      4. Follow steps 3 and 4 from https://github.com/learnweb/moodle-repository_owncloud#installation to create an issuer and a repository instance.
      5. Open a file upload dialog somewhere in Moodle (e.g. in "Private files") and try logging in to Nextcloud.
      6. Verify that you can see the files from your Nextcloud folder.
      7. Click on a file and select it for upload (linking is not relevant here! It's the data transfer that must work).
      8. Open that file from within Moodle and verify that contents are identical.

      Please make sure that you are really on the patched version of the plugin (cf. the modified git clone instruction in step 1). The regular version rolls its own WebDAV client; whereas the new one would completely rely on the (now modified) webdavlib in Moodle core.

      Show
      Install the patched repository_owncloud plugin ( https://github.com/learnweb/moodle-repository_owncloud , branch: demo-mdl-59844 ): git clone https://github.com/learnweb/moodle-repository_owncloud.git -b demo-mdl-59844 repository/owncloud . Set up Nextcloud (for convenience, get a short-term demo from https://demo.nextcloud.com ) In Nextcloud settings, configure a client for Moodle: Login to Nextcloud as admin ; Navigate to Settings -> Admin -> Security ; Add a client (Name: "Moodle", Redirection URI: "Your Moodle URL + /admin/oauth2callback.php" – the redirect must be reachable from your machine, not from Nextcloud, e.g. "localhost" is fine!). Follow steps 3 and 4 from https://github.com/learnweb/moodle-repository_owncloud#installation to create an issuer and a repository instance. Open a file upload dialog somewhere in Moodle (e.g. in "Private files") and try logging in to Nextcloud. Verify that you can see the files from your Nextcloud folder. Click on a file and select it for upload (linking is not relevant here! It's the data transfer that must work). Open that file from within Moodle and verify that contents are identical. Please make sure that you are really on the patched version of the plugin (cf. the modified git clone instruction in step 1). The regular version rolls its own WebDAV client; whereas the new one would completely rely on the (now modified) webdavlib in Moodle core.

      Currently, the WebDAV client (lib/webdavlib.php) supports "basic" and "digest" authentication methods. In contrast, applications that use OAuth 2 token-based authentication want to use the "bearer" authentication method. In that method, actual authentication & authorisation has taken place beforehand elsewhere so that username and password have to be neither stored nor transmitted. Instead, credentials are replaced by a token which is passed as a header:

      Authorization: Bearer %s , where %s is replaced by a randomly generated token string.

      This is required for ownCloud / Nextcloud integrations that use the OAuth 2 code flow for authentication & authorisation. ownCloud and Nextcloud both rely heavily on WebDAV to work with files. Adding Bearer auth would help develop plugins a lot. Sadly it is not possible to just extend the webdav_client class, because all relevant methods are declared private and can therefore not be overriden.

        1. actually works.png
          actually works.png
          42 kB
        2. basic auth config.png
          basic auth config.png
          41 kB
        3. breakpoint __set.png
          breakpoint __set.png
          217 kB

            jan.dagefoerde Jan Dageförde
            jan.dagefoerde Jan Dageförde
            David Mudrák (@mudrd8mz) David Mudrák (@mudrd8mz)
            Andrew Lyons Andrew Lyons
            Ankit Agarwal Ankit Agarwal
            Votes:
            4 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved:

                Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.