Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-61716

Filtering names of additional claims on alphanumext when using OAuth2 authentication

XMLWordPrintable

    • MOODLE_33_STABLE, MOODLE_34_STABLE, MOODLE_35_STABLE
    • MOODLE_33_STABLE, MOODLE_34_STABLE
    • MDL-61716-master
    • Hide
      • create an OAuth2 service instance
      • go to user field mappings and create a new mapping for this service
      • for external field name use URLs, OIDs or UUIDs as values
      • save this mapping
      • make sure, that the entered value stays the same after save and no special characters like "./:_-" etc are stripped
      • try to insert some html in the external field name
      • make sure that error is raised, that no html can be inserted into this field
      Show
      create an OAuth2 service instance go to user field mappings and create a new mapping for this service for external field name use URLs, OIDs or UUIDs as values save this mapping make sure, that the entered value stays the same after save and no special characters like "./:_-" etc are stripped try to insert some html in the external field name make sure that error is raised, that no html can be inserted into this field

      When Moodle requests additional scopes in oauth2 authentication, userinfo field names from these non standard scopes can have a variety of different formats to ensure uniqueness. ie:

      {"sub": "blah@gmail.com", ...
      "http://example.com/unique_id": "unique_id_at_example.com"}
      

      When trying to map second field to moodle internal field, this is stripped based on an alphanumext regex in admin/tool/oauth2/userfieldmappings.php

      The field ends up as 

      httpexamplecomunique_id

      and should be

      http://example.com/unique_id

            mastnym Martin Mastny
            mastnym Martin Mastny
            Tim Hunt Tim Hunt
            David Monllaó David Monllaó
            Anna Carissa Sadia Anna Carissa Sadia
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved:

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 2 hours
                2h

                  Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.