Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-59853

Creating/Updating custom OAuth 2 issuers can lead to omitted autoconfiguration and error messages

    XMLWordPrintable

    Details

    • Testing Instructions:
      Hide
      1. Go to "OAuth 2 services" admin page.
      2. Add a fake custom issuer that does not provide discovery, but has a favicon.ico in its root. For instance:
        1. Click "Create new custom service".
        2. Fill in required data: Name, Client ID, Client Secret (you may be creative, they all don't matter).
        3. As a Service base URL, fill in https://moodle.org/
        4. Click "Save changes".
      3. Verify that the output looks like the following screenshot. You need to see two notifications (one success, one warning) and the issuer in the table, together with its favicon.

       

      Expected output:

      Show
      Go to "OAuth 2 services" admin page. Add a fake custom issuer that does not provide discovery, but has a favicon.ico in its root. For instance: Click "Create new custom service". Fill in required data: Name, Client ID, Client Secret (you may be creative, they all don't matter). As a Service base URL , fill in https://moodle.org/ Click "Save changes". Verify that the output looks like the following screenshot. You need to see two notifications (one success, one warning) and the issuer in the table, together with its favicon.   Expected output:
    • Affected Branches:
      MOODLE_33_STABLE, MOODLE_34_STABLE
    • Pull Master Branch:
      MDL-59853-master

      Description

      When creating/updating OAuth 2 issuers in admin/tool/oauth2/issuers.php, Moodle tries autoconfigurations for 

      a) service endpoints (discover_endpoints())
      b) favicon (guess_image())

      If discover_endpoints() fails for any reason (e.g. service does not provide discovery information), it throws an exception that is caught too late, so that a) no icon is set and b) the user is presented with an error "error/Could not discover end points for identity issuernextCloud" (and yes, the space between "issuer" and the issuer name is missing  ). The issuer is created regardless.

      EXPECTED

      Try all autoconfiguration steps, no matter if one of them fails. Show a warning if one of them fails for any reason. Also, show a success message if an issuer was created.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              jan.dagefoerde Jan Dageförde
              Reporter:
              jan.dagefoerde Jan Dageförde
              Participants:
              Component watchers:
              Andrew Nicols, Jun Pataleta, Michael Hawkins, Shamim Rezaie, Simey Lameze, Adrian Greeve, Jake Dallimore, Mathew May, Mihail Geshoski, Peter Dias, Amaia Anabitarte, Carlos Escobedo, Ferran Recio, Sara Arjona (@sarjona), Víctor Déniz Falcón
              Votes:
              4 Vote for this issue
              Watchers:
              4 Start watching this issue

                Dates

                Created:
                Updated: