Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-65016

Many emails are sent if refreshing the OAuth2 token of a system account fails

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Minor
    • Resolution: Done
    • Affects Version/s: 3.5.4, 3.6, 3.7
    • Fix Version/s: None
    • Component/s: Authentication, Libraries
    • Labels:
    • Testing Instructions:
      Hide
      1. In your Moodle site, define 2 or more administrators.
      2. Create an OAuth2 issuer.
      3. Connect a system account.
      4. Go to the remote system, log in with the system account user.
      5. Revoke Moodle's authorisation.
      6. Execute the task.
      7. Check that only the main administrator has received an email or notification.
      Show
      In your Moodle site, define 2 or more administrators. Create an OAuth2 issuer. Connect a system account. Go to the remote system, log in with the system account user. Revoke Moodle's authorisation. Execute the task. Check that only the main administrator has received an email or notification.
    • Affected Branches:
      MOODLE_35_STABLE, MOODLE_36_STABLE, MOODLE_37_STABLE
    • Pull Master Branch:
    • Story Points:
      1
    • Sprint:
      Moppies Moodle 3.8 Sprint 1

      Description

      In the context of OAuth2, if the token of a system account cannot be refreshed for some reason, all( ! ) administrators get an hourly( ! ) notification about this problem.

      There may be several reasons that can lead to this, including a) the refresh token has expired for some reason, b) authorisation has been revoked in the target system, c) the target system is not reachable (e.g., in maintenance). In either case, it is necessary to look into this. However, not every admin has to do this; in our case, most of them don't even know what this means...

      (By the way, the "hourly" part is fine. It's just that not everyone needs to be informed. The main administrator should be sufficient. For example, our main administrator's emails are managed by an issue tracker, which we use to assign tickets to the intended person. Others may use the main admin's email to forward the notification accordingly.)

      Expected behaviour:
      Only the main administrator gets emails informing about the failure.

        Attachments

          Activity

            People

            • Assignee:
              jan.dagefoerde Jan Dageförde
              Reporter:
              jan.dagefoerde Jan Dageförde
              Peer reviewer:
              Víctor Déniz Falcón
              Participants:
              Component watchers:
              Jake Dallimore, Jun Pataleta, Amaia Anabitarte, Carlos Escobedo, Ferran Recio, Sara Arjona (@sarjona), Víctor Déniz Falcón
            • Votes:
              4 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Time Tracking

                Estimated:
                Original Estimate - 0 minutes
                0m
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 3 hours, 30 minutes
                3h 30m