Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-59853

Creating/Updating custom OAuth 2 issuers can lead to omitted autoconfiguration and error messages

    XMLWordPrintable

    Details

    • Testing Instructions:
      Hide
      1. Go to "OAuth 2 services" admin page.
      2. Add a fake custom issuer that does not provide discovery, but has a favicon.ico in its root. For instance:
        1. Click "Create new custom service".
        2. Fill in required data: Name, Client ID, Client Secret (you may be creative, they all don't matter).
        3. As a Service base URL, fill in https://moodle.org/
        4. Click "Save changes".
      3. Verify that the output looks like the following screenshot. You need to see two notifications (one success, one warning) and the issuer in the table, together with its favicon.

       

      Expected output:

      Show
      Go to "OAuth 2 services" admin page. Add a fake custom issuer that does not provide discovery, but has a favicon.ico in its root. For instance: Click "Create new custom service". Fill in required data: Name, Client ID, Client Secret (you may be creative, they all don't matter). As a Service base URL , fill in https://moodle.org/ Click "Save changes". Verify that the output looks like the following screenshot. You need to see two notifications (one success, one warning) and the issuer in the table, together with its favicon.   Expected output:
    • Affected Branches:
      MOODLE_33_STABLE, MOODLE_34_STABLE
    • Pull Master Branch:
      MDL-59853-master

      Description

      When creating/updating OAuth 2 issuers in admin/tool/oauth2/issuers.php, Moodle tries autoconfigurations for 

      a) service endpoints (discover_endpoints())
      b) favicon (guess_image())

      If discover_endpoints() fails for any reason (e.g. service does not provide discovery information), it throws an exception that is caught too late, so that a) no icon is set and b) the user is presented with an error "error/Could not discover end points for identity issuernextCloud" (and yes, the space between "issuer" and the issuer name is missing  ). The issuer is created regardless.

      EXPECTED

      Try all autoconfiguration steps, no matter if one of them fails. Show a warning if one of them fails for any reason. Also, show a success message if an issuer was created.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                jan.dagefoerde Jan Dageförde
                Reporter:
                jan.dagefoerde Jan Dageförde
                Participants:
                Component watchers:
                Andrew Nicols, Jun Pataleta, Michael Hawkins, Shamim Rezaie, Simey Lameze, Jake Dallimore, Jun Pataleta, Amaia Anabitarte, Carlos Escobedo, Ferran Recio, Sara Arjona (@sarjona), Víctor Déniz Falcón
              • Votes:
                4 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated: