Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-61716

Filtering names of additional claims on alphanumext when using OAuth2 authentication

    XMLWordPrintable

Details

    • MOODLE_33_STABLE, MOODLE_34_STABLE, MOODLE_35_STABLE
    • MOODLE_33_STABLE, MOODLE_34_STABLE
    • MDL-61716-master
    • Hide
      • create an OAuth2 service instance
      • go to user field mappings and create a new mapping for this service
      • for external field name use URLs, OIDs or UUIDs as values
      • save this mapping
      • make sure, that the entered value stays the same after save and no special characters like "./:_-" etc are stripped
      • try to insert some html in the external field name
      • make sure that error is raised, that no html can be inserted into this field
      Show
      create an OAuth2 service instance go to user field mappings and create a new mapping for this service for external field name use URLs, OIDs or UUIDs as values save this mapping make sure, that the entered value stays the same after save and no special characters like "./:_-" etc are stripped try to insert some html in the external field name make sure that error is raised, that no html can be inserted into this field

    Description

      When Moodle requests additional scopes in oauth2 authentication, userinfo field names from these non standard scopes can have a variety of different formats to ensure uniqueness. ie:

      {"sub": "blah@gmail.com", ...
      "http://example.com/unique_id": "unique_id_at_example.com"}
      

      When trying to map second field to moodle internal field, this is stripped based on an alphanumext regex in admin/tool/oauth2/userfieldmappings.php

      The field ends up as 

      httpexamplecomunique_id

      and should be

      http://example.com/unique_id

      Attachments

        Activity

          People

            mastnym Martin Mastny
            mastnym Martin Mastny
            Tim Hunt Tim Hunt
            David Monllaó David Monllaó
            Anna Carissa Sadia Anna Carissa Sadia
            Adrian Greeve, Jake Dallimore, Mathew May, Mihail Geshoski, Sujith Haridasan
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:
              17/May/18

              Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 2 hours
                2h