Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-61921

Add native XOAUTH2 support

    XMLWordPrintable

    Details

    • Testing Instructions:
      Hide

      Prerequisites

      1. The remote service or "issuer" (Google, Facebook ...) to use should have been configured before. For this test, we will use the OAuth 2 Google service, configured following the steps defined in the OAuth_2_Google_service documentation:
      2. SMTP server for the outgoing (sending) mails. Again, for this test we will use Gmail SMTP server.
      3. IMAP server for the incoming mails. Again, for this test we will use Gmail IMAP server.

      Create the OAuth 2 Service in Moodle

      1. Log into your Moodle site as site administrator.
      2. Go to Site Administration > Server > OAuth 2 Service and choose: Create new Google Service
      3. Set the name of the new OAuth2 service to "Gmail - XOAUTH2"
      4. For the "Client ID" and "Client secret" values, use the ones provided by Google when creating the OAuth2 client.
      5. Set the values of "Scopes included in a login request" and "Scopes included in a login request for offline access" to "email https://mail.google.com" (without the quotes)
      6. Disable "Show on login page" option, as we won't use this OAuth2 service for interactive logins at all.
      7. Save changes.
      8. Connect the newly created OAuth2 service to a system account. As the system account use the credentials of the user owning the mailbox that will be used for incoming email processing.

      Apply the patch

      1. Add the pull repository from "Pull from Repository" and check out the branch from "Pull Master Branch", or generate the patch file from "Pull Master Diff URL" and manually apply it.

      Configure outgoing mail

      1. Go to Site administration > Server > Email > Outgoing Mail Configuration
      2. In the "SMTP" configuration:
        1. Set the "SMTP hosts" field to "smtp.gmail.com:587".
        2. Set "SMTP Security" to "TLS"
        3. Set "SMTP Auth Type" to "XOAUTH2" option.
        4. In "OAuth2 Service", select the OAuth2 service previously created ("Gmail - XOAUTH2")
        5. Fill "SMTP username" with the username that was used to connect the OAuth2 service to a system account. Set "SMTP password" to any non-empty value. It doesn't need to be the username password, as it is not used at all when using XOAUTH2. But it must be non-empty.
      3. Save changes.

      Configure incoming mail

      1. Go to Site administration > Server > Email > Incoming Mail Configuration
      2. In "General configuration":
        1. Check "Enable incoming mail processing" option.
      3. In "Mailbox configuration":
        1. Fill "Mailbox name" field with the name of the mailbox to use for incoming mail processing
        2. Fill "Email domain" field.
      4. In "Incoming mail server settings":
        1. Set the "Incoming Mail Server" to "imap.gmail.com".
        2. Set "Use SSL" to "SSL (Auto-detect SSL version)"
        3. Check "Use XOAUTH2" option.
        4. In "OAuth2 Service", select the OAuth2 service previously created ("Gmail - XOAUTH2")
        5. Fill "Username" with the username that was used to connect the OAuth2 service to a system account. Set "Password" to any non-empty value. It doesn't need to be the username password, as it is not used at all when using XOAUTH2. But it must be non-empty.
      5. Save changes.

      Configure message handlers

      1. Got to Site administration > Server > Email > Message Handlers
      2. Click on the gear icon for "Reply to forum posts"
      3. Check "Enabled" option
      4. Save changes.

      Testing the configuration

      1. Log into your Moodle site as a site administrator.
      2. Specify an email for the current user:
        1. In the top-right side of the screen, click in the user name.
        2. Select the "Profile" option.
        3. In the "User details" section confirm that the email is correct (i.e., it points to an address that can receive email messages).
      3. Enable email messaging for the current user:
        1. In the top-right side of the screen, click in the user name.
        2. Select the "Messages" option.
        3. Click the gear icon and ensure that the Email option in "Notification preferences" is on (enabled).
      4. Enable the Manual enrolments for the new courses:
        1. Go to Site administrator > Plugins > Enrolments
        2. In the "Manage enrol plugins" section enable the Manual enrolments method.
        3. In the same table, click on the settings link of the Manual enrolments plugin row.
        4. In the "Enrolment instance defaults" section, make sure that the "Add instance to new courses" option is checked (enabled).
        5. Save changes.
      5. Create a new course with a forum and subscribe to it:
        1. Go to Site administration > Courses > Add a new course.
        2. Set "Course full name" to "Test Course"
        3. Set "Course short name" to "Test Course"
        4. Save and display.
        5. Click on "Enrol users".
        6. Enrol the current user (yourself) as "Teacher" or "Manager" and click on "Enrol users".
        7. Return to the course.
        8. Turn edition on
        9. Add a new Forum activity. Give it a name like "Test forum"
        10. Set the forum type to "Standard forum for general use".
        11. In the "Subscription and tracking" section, set "Subscription mode" to "Forced subscription"
        12. Click on "Save and Display"
      6. Post a new message in the forum
        1. Select "Add a new discussion topic".
        2. Fill in "Subject" and "Message" with some text.
        3. Click on "Advanced".
        4. Check "Send forum post notifications with no editing-time delay"
        5. Click on "Post to forum".
      7. Run cron.php, so the forum tasks run and try to deliver the messages to the forum subscribers.
      8. If you have received a notification message in your email, the Outgoing mail configuration is working.
      9. Reply to that email with some content. Allow for a bit of time for the email to be delivered to the destination mailbox.
      10. Run cron.php, so the incoming mail processing tasks run and try to download and process the received message(s) in the mailbox. You may need to run it several times until the tasks are run.
      11. Check that the message is published in the forum. If so, the Incoming mail configuration is also working.
      Show
      Prerequisites The remote service or "issuer" (Google, Facebook ...) to use should have been configured before. For this test, we will use the OAuth 2 Google service, configured following the steps defined in the OAuth_2_Google_service documentation: SMTP server for the outgoing (sending) mails. Again, for this test we will use Gmail SMTP server. IMAP server for the incoming mails. Again, for this test we will use Gmail IMAP server. Create the OAuth 2 Service in Moodle Log into your Moodle site as site administrator . Go to Site Administration > Server > OAuth 2 Service and choose: Create new Google Service Set the name of the new OAuth2 service to "Gmail - XOAUTH2" For the "Client ID" and "Client secret" values, use the ones provided by Google when creating the OAuth2 client. Set the values of "Scopes included in a login request" and "Scopes included in a login request for offline access" to " email https://mail.google.com " (without the quotes) Disable "Show on login page" option, as we won't use this OAuth2 service for interactive logins at all. Save changes. Connect the newly created OAuth2 service to a system account. As the system account use the credentials of the user owning the mailbox that will be used for incoming email processing. Apply the patch Add the pull repository from "Pull from Repository" and check out the branch from "Pull Master Branch", or generate the patch file from "Pull Master Diff URL" and manually apply it. Configure outgoing mail Go to Site administration > Server > Email > Outgoing Mail Configuration In the "SMTP" configuration: Set the "SMTP hosts" field to "smtp.gmail.com:587". Set "SMTP Security" to "TLS" Set "SMTP Auth Type" to "XOAUTH2" option. In "OAuth2 Service", select the OAuth2 service previously created ("Gmail - XOAUTH2") Fill "SMTP username" with the username that was used to connect the OAuth2 service to a system account. Set "SMTP password" to any non-empty value. It doesn't need to be the username password, as it is not used at all when using XOAUTH2. But it must be non-empty. Save changes. Configure incoming mail Go to Site administration > Server > Email > Incoming Mail Configuration In "General configuration": Check "Enable incoming mail processing" option. In "Mailbox configuration": Fill "Mailbox name" field with the name of the mailbox to use for incoming mail processing Fill "Email domain" field. In "Incoming mail server settings": Set the "Incoming Mail Server" to "imap.gmail.com". Set "Use SSL" to "SSL (Auto-detect SSL version)" Check "Use XOAUTH2" option. In "OAuth2 Service", select the OAuth2 service previously created ("Gmail - XOAUTH2") Fill "Username" with the username that was used to connect the OAuth2 service to a system account. Set "Password" to any non-empty value. It doesn't need to be the username password, as it is not used at all when using XOAUTH2. But it must be non-empty. Save changes. Configure message handlers Got to Site administration > Server > Email > Message Handlers Click on the gear icon for "Reply to forum posts" Check "Enabled" option Save changes. Testing the configuration Log into your Moodle site as a site administrator. Specify an email for the current user: In the top-right side of the screen, click in the user name. Select the "Profile" option. In the "User details" section confirm that the email is correct (i.e., it points to an address that can receive email messages). Enable email messaging for the current user: In the top-right side of the screen, click in the user name. Select the "Messages" option. Click the gear icon and ensure that the Email option in "Notification preferences" is on (enabled). Enable the Manual enrolments for the new courses: Go to Site administrator > Plugins > Enrolments In the "Manage enrol plugins" section enable the Manual enrolments method. In the same table, click on the settings link of the Manual enrolments plugin row. In the "Enrolment instance defaults" section, make sure that the "Add instance to new courses" option is checked (enabled). Save changes. Create a new course with a forum and subscribe to it: Go to Site administration > Courses > Add a new course. Set "Course full name" to "Test Course" Set "Course short name" to "Test Course" Save and display. Click on "Enrol users". Enrol the current user (yourself) as "Teacher" or "Manager" and click on "Enrol users". Return to the course. Turn edition on Add a new Forum activity. Give it a name like "Test forum" Set the forum type to "Standard forum for general use". In the "Subscription and tracking" section, set "Subscription mode" to "Forced subscription" Click on "Save and Display" Post a new message in the forum Select "Add a new discussion topic". Fill in "Subject" and "Message" with some text. Click on "Advanced". Check "Send forum post notifications with no editing-time delay" Click on "Post to forum". Run cron.php, so the forum tasks run and try to deliver the messages to the forum subscribers. If you have received a notification message in your email, the Outgoing mail configuration is working. Reply to that email with some content. Allow for a bit of time for the email to be delivered to the destination mailbox. Run cron.php, so the incoming mail processing tasks run and try to download and process the received message(s) in the mailbox. You may need to run it several times until the tasks are run. Check that the message is published in the forum. If so, the Incoming mail configuration is also working.
    • URL:
    • Affected Branches:
      MOODLE_310_STABLE, MOODLE_33_STABLE, MOODLE_34_STABLE, MOODLE_35_STABLE, MOODLE_39_STABLE
    • Pull from Repository:
    • Pull 3.11 Branch:
      MDL-61921-311
    • Pull 3.11 Diff URL:
    • Pull Master Branch:
      MDL-61921-master
    • Pull Master Diff URL:

      Description

      When using GMail Services for outgoing and/or incoming messages in Moodle, it is required to lower the security of the GMail account: https://support.google.com/mail/answer/78754.

      It would be better to natively implement the support for the XOAUTH2, as required e.g. by GMail with the IMAP AUTHENTICATE and SMTP AUTH commands.

      In the Community, Iñaki Arenaza has already provided more than a working proof for the incoming mails:

        Attachments

          Issue Links

          has been marked as being related by

          Task - A task that needs to be completed. Tasks usually refer to work that must be done outside the product. MDL-60405 Upgrade Horde library to 5.2.22

          • Minor - Minor loss of function where workaround is possible
          • Closed

            Activity

              People

              Assignee:
              izendegi Iñigo Zendegi
              Reporter:
              matteo Matteo Scaramuccia
              Participants:
              Component watchers:
              Amaia Anabitarte, Carlos Escobedo, Ferran Recio, Ilya Tregubov, Sara Arjona (@sarjona)
              Votes:
              7 Vote for this issue
              Watchers:
              14 Start watching this issue

                Dates

                Created:
                Updated: