Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-66992

Add support for Open Badges 2.1

    XMLWordPrintable

    Details

    • Testing Instructions:
      Hide

      Part of these tests have been created from the attached document: Open Badges Spec v2.1_test instruction-3.docx 

      Requirements

      1. Run your site with public access (use ngrok or similar).
      2. 2 accounts set up on badgr.io.
      3. mailcatcher (or similar or working mail) to intercept emails.

      Setup oAuth2 service

      1. Login as admin.
      2. Access to the "Site home" and "Turn editing on".
      3. Add a label, upload an image there and save changes.
      4. Right-click over the uploaded image and copy the image address. You'll need to replace "https://471f8462.ngrok.io/m/stable_master/pluginfile.php/41/mod_label/intro/logo.png" of the next command to the copied image URL.
      5. Register the oAuth2 service in the IMS Global IdentityServer4 executing the following command, replacing "https://471f8462.ngrok.io/" by your server URL. You'll probably need to adapt "https://471f8462.ngrok.io/m/stable_master/" to your Moodle URL:

        curl --location --insecure --request POST 'https://dc.imsglobal.org/obcauth/connect/register' \
        --header 'Accept: application/json' \
        --header 'Content-Type: application/json' \
        --data-raw '
        {
          "client_name": "Badge Moodle",
          "client_uri": "https://471f8462.ngrok.io/",
          "logo_uri": "https://471f8462.ngrok.io/m/stable_master/pluginfile.php/41/mod_label/intro/logo.png",
          "tos_uri": "https://471f8462.ngrok.io/",
          "policy_uri": "https://471f8462.ngrok.io/",
          "software_id": "stablemaster-testing",
          "software_version": "2020041700.01",
          "redirect_uris": [
            "https://471f8462.ngrok.io/m/stable_master/badges/oauth2callback.php"
          ],
          "token_endpoint_auth_method": "client_secret_basic",
          "grant_types": [
            "authorization_code",
            "refresh_token"
          ],
          "response_types": [
            "code"
          ],
          "scope": "https://purl.imsglobal.org/spec/ob/v2p1/scope/profile.update https://purl.imsglobal.org/spec/ob/v2p1/scope/profile.readonly https://purl.imsglobal.org/spec/ob/v2p1/scope/assertion.create https://purl.imsglobal.org/spec/ob/v2p1/scope/assertion.readonly offline_access"
        }'

      6. You should get a result like this. Copy the client_id and the client_secret (you'll need them to configure the oAuth2 service)

        {
          "client_id": "LGC8WEFTxp8",
          "client_secret": "3GAfOtFgflA",
          "client_id_issued_at": 1587110808,
          "client_secret_expires_at": 1618646808,
          "client_name": "Badge OU",
          "client_uri": "https://471f8462.ngrok.io/",
          "logo_uri": "https://471f8462.ngrok.io/m/stable_master-badges/pluginfile.php/41/mod_label/intro/robot-1214536_1920.png",
          "tos_uri": "https://471f8462.ngrok.io/",
          "policy_uri": "https://471f8462.ngrok.io/",
          "software_id": "13dcdc83-fc0d-4c8d-9159-6461da297388",
          "software_version": "54dfc83-fc0d-4c8d-9159-6461da297388",
          "redirect_uris": [
            "https://471f8462.ngrok.io/m/stable_master/badges/oauth2callback.php"
          ],
          "token_endpoint_auth_method": "client_secret_basic",
          "grant_types": [
            "authorization_code",
            "refresh_token"
          ],
          "response_types": [
            "code"
          ],
          "scope": "https://purl.imsglobal.org/spec/ob/v2p1/scope/profile.update https://purl.imsglobal.org/spec/ob/v2p1/scope/profile.readonly https://purl.imsglobal.org/spec/ob/v2p1/scope/assertion.create https://purl.imsglobal.org/spec/ob/v2p1/scope/assertion.readonly offline_access"
        

      7. Go to "Site administration / Server / OAuth 2 services".
      8. Create a custom service with the following information:
        • Name: "IMS Global"
        • Client ID: <previous client_id>
        • Client secret: <previous client_secret>
        • Enable Authenticate token requests via HTTP headers
        • Scopes included in a login request and Scopes included in a login request for offline access: "openid profile email"
        • Service base URL: https://dc.imsglobal.org/obcauth
        • Logo URL: https://dc.imsglobal.org/obcauth/icon.jpg 
      9. Save changes. 

      Setup connection to external site

      1. Create a new backpack executing the following SQL query:

        INSERT INTO mdl_badge_external_backpack (backpackapiurl, backpackweburl, apiversion, sortorder) VALUES ('https://dc.imsglobal.org/obchost/ims/ob/v2p1', 'https://dc.imsglobal.org', '2.1', 2);

      Setup Badgr.io

      1. Go to "Site administration / Badges / Badges settings".
      2. Set the "Badge issuer email address" to the email address of one of the badgr.io accounts and Save changes.
      3. Access to "Site administration / Badges / Manage backpacks".
      4. Edit settings for "https://badgr.io".
      5. Enter the Badgr admin account password (the appropriate for the user account added in step #2).

      Setup badges

      1. Go to "Site administration | Badges | Add a new badge" and create a badge at site level.
      2. Add criteria to the badge so it can be manually issued by role.
      3. Enable the badge.
      4. Issue the badge to the admin user and to teacher (t1) user.

       

      Testing scenario 1: Backpack settings

      1. Access to "Site administration / Badges / Manage backpacks".
      2. Edit settings for "https://dc.imsglobal.org".
      3. Check the "Badge issuer password" field is not displayed.
      4. Select "IMS Global" in the "OAuth 2 services" list and save changes.
      5. Go to "Site administration /  Badges / Backpack settings".
      6. Select "https://dc.imsglobal.org" as Active external backpack.
      7. Access to "Site administration / Badges / Manage backpacks".
      8. Check "https://dc.imsglobal.org" is marked as the active external backpack.
      9. Check no error is displayed.

      Testing scenario 2: Connect to backpack site

      1. Go to Dashboard / Preferences / Badges / Backpack settings.
      2. Check the "Status" is "not connected" and the button "Connect to backpack" appears. Check also the email and password fields are not displayed.
      3. Click button "Connect to backpack".
      4. Check the site is redirected to the backpack site and the login form is displayed.
      5. Login using one of the existing users (alice or bob).
      6. Check the screen requesting your permission is displayed with the following application access permissions:
        • Create or update Open Badges Profile
        • Get Open Badges Profile
        • Create Open Badges Assertion
        • Get Open Badges Assertions
        • Offline Access
      7. Click button "Yes, Allow".
      8. Check the "Backpack has been connected" message is displayed.
      9. Check you're redirected to the Manage badges page.
      10. Click the "Change backpack settings" button.
      11. Check the status is "Connected".

       

      Testing scenario 3: Send badge to the backpack

      1. Go to Dashboard / Preferences / Badges / Manage badges.
      2. Click on the "Add to backpack" button.
      3. Check the message " Added badge to backpack " is displayed.

       

      Testing scenario 4: Connect to badgr.io still works

      1. Go to "Site administration / Badges / Backpack settings" and set the site backpack to https://badgr.io.
      2. Log in as teacher (t1).
      3. Go to Dashboard / Preferences / Badges / Backpack settings.
      4. Check the "Status" is "not connected" and the button "Connect to backpack" appears.
      5. Check also the email and password fields are displayed.
      6. Add the email address for the other badgr.io account as the email address for the backpack connection. Fill in also the correspondent password.
      7. Click button "Connect to backpack".
      8. Read the verification email and click on the link to verify the connection to the backpack.
      9. Go to Dashboard / Preferences / Badges / Backpack settings.
      10. Check the status is "Connected".

       

      Testing scenario 5: Send badge to the backpack (Badgr.io)

      1. Log in as teacher (t1).
      2. Repeat steps in testing scenario 3. The behaviour should be exactly the same.

        
       

      Show
      Part of these tests have been created from the attached document:  Open Badges Spec v2.1_test instruction-3.docx   Requirements Run your site with public access (use ngrok or similar). 2 accounts set up on badgr.io. mailcatcher (or similar or working mail) to intercept emails. Setup oAuth2 service Login as admin. Access to the "Site home" and "Turn editing on". Add a label, upload an image there and save changes. Right-click over the uploaded image and copy the image address. You'll need to replace "https://471f8462.ngrok.io/m/stable_master/pluginfile.php/41/mod_label/intro/logo.png" of the next command to the copied image URL. Register the oAuth2 service in the IMS Global IdentityServer4 executing the following command, replacing "https://471f8462.ngrok.io/" by your server URL. You'll probably need to adapt "https://471f8462.ngrok.io/m/stable_master/" to your Moodle URL: curl --location --insecure --request POST 'https://dc.imsglobal.org/obcauth/connect/register' \ --header 'Accept: application/json' \ --header 'Content-Type: application/json' \ --data-raw ' { "client_name": "Badge Moodle", "client_uri": "https://471f8462.ngrok.io/", "logo_uri": "https://471f8462.ngrok.io/m/stable_master/pluginfile.php/41/mod_label/intro/logo.png", "tos_uri": "https://471f8462.ngrok.io/", "policy_uri": "https://471f8462.ngrok.io/", "software_id": "stablemaster-testing", "software_version": "2020041700.01", "redirect_uris": [ "https://471f8462.ngrok.io/m/stable_master/badges/oauth2callback.php" ], "token_endpoint_auth_method": "client_secret_basic", "grant_types": [ "authorization_code", "refresh_token" ], "response_types": [ "code" ], "scope": "https://purl.imsglobal.org/spec/ob/v2p1/scope/profile.update https://purl.imsglobal.org/spec/ob/v2p1/scope/profile.readonly https://purl.imsglobal.org/spec/ob/v2p1/scope/assertion.create https://purl.imsglobal.org/spec/ob/v2p1/scope/assertion.readonly offline_access" }' You should get a result like this. Copy the client_id and the client_secret (you'll need them to configure the oAuth2 service) { "client_id": "LGC8WEFTxp8", "client_secret": "3GAfOtFgflA", "client_id_issued_at": 1587110808, "client_secret_expires_at": 1618646808, "client_name": "Badge OU", "client_uri": "https://471f8462.ngrok.io/", "logo_uri": "https://471f8462.ngrok.io/m/stable_master-badges/pluginfile.php/41/mod_label/intro/robot-1214536_1920.png", "tos_uri": "https://471f8462.ngrok.io/", "policy_uri": "https://471f8462.ngrok.io/", "software_id": "13dcdc83-fc0d-4c8d-9159-6461da297388", "software_version": "54dfc83-fc0d-4c8d-9159-6461da297388", "redirect_uris": [ "https://471f8462.ngrok.io/m/stable_master/badges/oauth2callback.php" ], "token_endpoint_auth_method": "client_secret_basic", "grant_types": [ "authorization_code", "refresh_token" ], "response_types": [ "code" ], "scope": "https://purl.imsglobal.org/spec/ob/v2p1/scope/profile.update https://purl.imsglobal.org/spec/ob/v2p1/scope/profile.readonly https://purl.imsglobal.org/spec/ob/v2p1/scope/assertion.create https://purl.imsglobal.org/spec/ob/v2p1/scope/assertion.readonly offline_access" Go to "Site administration / Server / OAuth 2 services". Create a custom service with the following information: Name: "IMS Global" Client ID: <previous client_id> Client secret: <previous client_secret> Enable Authenticate token requests via HTTP headers Scopes included in a login request and Scopes included in a login request for offline access: "openid profile email" Service base URL: https://dc.imsglobal.org/obcauth Logo URL: https://dc.imsglobal.org/obcauth/icon.jpg   Save changes.  Setup connection to external site Create a new backpack executing the following SQL query: INSERT INTO mdl_badge_external_backpack (backpackapiurl, backpackweburl, apiversion, sortorder) VALUES ('https://dc.imsglobal.org/obchost/ims/ob/v2p1', 'https://dc.imsglobal.org', '2.1', 2); Setup Badgr.io Go to "Site administration / Badges / Badges settings". Set the "Badge issuer email address" to the email address of one of the badgr.io accounts and Save changes. Access to "Site administration / Badges / Manage backpacks". Edit settings for "https://badgr.io". Enter the Badgr admin account password (the appropriate for the user account added in step #2). Setup badges Go to "Site administration | Badges | Add a new badge" and create a badge at site level. Add criteria to the badge so it can be manually issued by role. Enable the badge. Issue the badge to the admin user and to teacher (t1) user.   Testing scenario 1: Backpack settings Access to "Site administration / Badges / Manage backpacks". Edit settings for "https://dc.imsglobal.org". Check the "Badge issuer password" field is not displayed. Select "IMS Global" in the "OAuth 2 services" list and save changes. Go to "Site administration /  Badges / Backpack settings". Select "https://dc.imsglobal.org" as Active external backpack. Access to "Site administration / Badges / Manage backpacks". Check "https://dc.imsglobal.org" is marked as the active external backpack. Check no error is displayed. Testing scenario 2: Connect to backpack site Go to Dashboard / Preferences / Badges / Backpack settings. Check the "Status" is "not connected" and the button "Connect to backpack" appears. Check also the email and password fields are not displayed. Click button "Connect to backpack". Check the site is redirected to the backpack site and the login form is displayed. Login using one of the existing users (alice or bob). Check the screen requesting your permission is displayed with the following application access permissions: Create or update Open Badges Profile Get Open Badges Profile Create Open Badges Assertion Get Open Badges Assertions Offline Access Click button "Yes, Allow". Check the "Backpack has been connected" message is displayed. Check you're redirected to the Manage badges page. Click the "Change backpack settings" button. Check the status is "Connected".   Testing scenario 3: Send badge to the backpack Go to Dashboard / Preferences / Badges / Manage badges. Click on the "Add to backpack" button. Check the message " Added badge to backpack " is displayed.   Testing scenario 4: Connect to badgr.io still works Go to "Site administration / Badges / Backpack settings" and set the site backpack to https://badgr.io. Log in as teacher (t1). Go to Dashboard / Preferences / Badges / Backpack settings. Check the "Status" is "not connected" and the button "Connect to backpack" appears. Check also the email and password fields are displayed. Add the email address for the other badgr.io account as the email address for the backpack connection. Fill in also the correspondent password. Click button "Connect to backpack". Read the verification email and click on the link to verify the connection to the backpack. Go to Dashboard / Preferences / Badges / Backpack settings. Check the status is "Connected".   Testing scenario 5: Send badge to the backpack (Badgr.io) Log in as teacher (t1). Repeat steps in testing scenario 3. The behaviour should be exactly the same.     
    • Affected Branches:
      MOODLE_38_STABLE, MOODLE_39_STABLE
    • Fixed Branches:
      MOODLE_39_STABLE
    • Pull Master Branch:
      MDL-66992-master

      Description

      The OBv2.1 specification has now an "IMS Candidate Final": https://www.imsglobal.org/spec/ob/v2p1 

      Implementing it will help users to connect Moodle with all the badges providers supporting it.
       

      List of tasks

      • Implement all the methods required by OBv2.1 (such as GET/POST assertions or GET/POST profile). All they should be tested. If they aren't used for now from the UI, they should be tested calling them directly and validating the results.
      • Let admins create new backpacks.
      • Review the "collections" behaviour and display the "Badge import settings" section in Backpack settings (and call the required methods) only when the user backpack is Badgr (because, for now, it will only work for them because collections aren't defined in OBv2.1).

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Tung Thai Tung Thai
              Reporter:
              sarjona Sara Arjona (@sarjona)
              Peer reviewer:
              Sara Arjona (@sarjona)
              Integrator:
              Eloy Lafuente (stronk7)
              Tester:
              Anna Carissa Sadia
              Participants:
              Component watchers:
              Yuliya Bozhko, Amaia Anabitarte, Carlos Escobedo, Ferran Recio, Sara Arjona (@sarjona), Víctor Déniz Falcón
              Votes:
              6 Vote for this issue
              Watchers:
              14 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Fix Release Date:
                15/Jun/20

                  Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 2 days, 5 hours, 9 minutes
                  2d 5h 9m