Show
Requirements
Run your site with public access (use ngrok or similar).
One account set up on https://test.badgr.com/ . Be careful because this is a different account than the ones in badgr.io used previously in other issues. Here, the account needs to be created in https://test.badgr.com/ .
A Google client ID and secret and email address for use in testing.
Setup badges
Login as admin.
Go to "Site administration | Badges | Add a new badge" and create a badge at site level.
Add criteria to the badge so it can be manually issued by role.
Enable the badge.
Issue the badge to the admin user and to teacher (t1) user.
Setup "IMS Global" oAuth2 service
Login as admin.
Access to the "Site home" and "Turn editing on".
Add a label, upload an image there and save changes.
Right-click over the uploaded image and copy the image address. You'll need to replace "https://471f8462.ngrok.io/m/stable_master/pluginfile.php/41/mod_label/intro/logo.png" of the next command to the copied image URL.
Register the oAuth2 service in the IMS Global IdentityServer4 executing the following command, replacing "https://471f8462.ngrok.io/" by your server URL. You'll probably need to adapt "https://471f8462.ngrok.io/m/stable_master/" to your Moodle URL:
curl --location --insecure --request POST 'https://dc.imsglobal.org/obauth/connect/register' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--data-raw '
{
"client_name": "Badge Moodle",
"client_uri": "https://471f8462.ngrok.io/",
"logo_uri": "https://471f8462.ngrok.io/m/stable_master/pluginfile.php/41/mod_label/intro/logo.png",
"tos_uri": "https://471f8462.ngrok.io/",
"policy_uri": "https://471f8462.ngrok.io/",
"software_id": "stablemaster-testing",
"software_version": "2020041700.01",
"redirect_uris": [
"https://471f8462.ngrok.io/m/stable_master/badges/oauth2callback.php"
],
"token_endpoint_auth_method": "client_secret_basic",
"grant_types": [
"authorization_code",
"refresh_token"
],
"response_types": [
"code"
],
"scope": "https://purl.imsglobal.org/spec/ob/v2p1/scope/profile.update https://purl.imsglobal.org/spec/ob/v2p1/scope/profile.readonly https://purl.imsglobal.org/spec/ob/v2p1/scope/assertion.create https://purl.imsglobal.org/spec/ob/v2p1/scope/assertion.readonly offline_access"
}'
You should get a result like this. Copy the client_id and the client_secret (you'll need them to configure the oAuth2 service)
{
"client_id": "LGC8WEFTxp8",
"client_secret": "3GAfOtFgflA",
"client_id_issued_at": 1587110808,
"client_secret_expires_at": 1618646808,
"client_name": "Badge Moodle",
"client_uri": "https://471f8462.ngrok.io/",
"logo_uri": "https://471f8462.ngrok.io/m/stable_master-badges/pluginfile.php/41/mod_label/intro/robot-1214536_1920.png",
"tos_uri": "https://471f8462.ngrok.io/",
"policy_uri": "https://471f8462.ngrok.io/",
"software_id": "13dcdc83-fc0d-4c8d-9159-6461da297388",
"software_version": "54dfc83-fc0d-4c8d-9159-6461da297388",
"redirect_uris": [
"https://471f8462.ngrok.io/m/stable_master/badges/oauth2callback.php"
],
"token_endpoint_auth_method": "client_secret_basic",
"grant_types": [
"authorization_code",
"refresh_token"
],
"response_types": [
"code"
],
"scope": "https://purl.imsglobal.org/spec/ob/v2p1/scope/profile.update https://purl.imsglobal.org/spec/ob/v2p1/scope/profile.readonly https://purl.imsglobal.org/spec/ob/v2p1/scope/assertion.create https://purl.imsglobal.org/spec/ob/v2p1/scope/assertion.readonly offline_access"
Go to "Site administration / Server / OAuth 2 services".
Create a custom service with the following information:
Name: "IMS Global"
Client ID: <previous client_id>
Client secret: <previous client_secret>
Enable Authenticate token requests via HTTP headers
Scopes included in a login request and Scopes included in a login request for offline access: "openid profile email"
Service base URL: https://dc.imsglobal.org
Logo URL: https://dc.imsglobal.org/obauth/icon.jpg
Save changes.
Check "Discovery" column in OAuth2 services table has a green tick mark for the "IMS Global" services created.
Access to the "Configure endpoints" page.
Check the following endpoints appears:
discovery_endpoint: https://dc.imsglobal.org/.well-known/badgeconnect.json
authorization_endpoint: https://dc.imsglobal.org/obauth/connect/authorize
privacypolicy_endpoint: https://www.imsglobal.org/privacystatement.html
registration_endpoint: https://dc.imsglobal.org/obauth/connect/register
termsofservice_endpoint: https://dc.imsglobal.org/terms
token_endpoint: https://dc.imsglobal.org/obauth/connect/token
Go to "Site administration / Badges / Manage backpacks".
Click the "Add a new backpack" button and create a new backpack with the following information:
Backpack API URL: https://dc.imsglobal.org/obprovider/ims/ob/v2p1
Backpack URL: https://dc.imsglobal.org
API version supported: Open Badges v2.1
OAuth2 services: IMS Global
Save changes.
Go to "Site administration / Badges / Backpack settings".
Select "https://dc.imsglobal.org" as Active external backpack.
Setup "Test Badgr.io" oAuth2 service
Register the oAuth2 service in the Badgr.io Testing service executing the following command, replacing "https://193f66f5407e.ngrok.io/" by your server URL. You'll probably need to adapt "https://193f66f5407e.ngrok.io/m/stable_master/" to your Moodle URL and review the logo_uri URL to add the same logo URL than before:
curl --location --insecure --request POST 'https://api.test.badgr.com/o/register' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--data-raw '
{
"client_name": "Badge Moodle",
"client_uri": "https://193f66f5407e.ngrok.io/",
"logo_uri": "https://193f66f5407e.ngrok.io/m/stable_master/pluginfile.php/97/mod_label/intro/logo.png",
"tos_uri": "https://193f66f5407e.ngrok.io/",
"policy_uri": "https://193f66f5407e.ngrok.io/",
"software_id": "stablemaster-testing",
"software_version": "2020041700.01",
"redirect_uris": [
"https://193f66f5407e.ngrok.io/m/stable_master/badges/oauth2callback.php"
],
"token_endpoint_auth_method": "client_secret_basic",
"grant_types": [
"authorization_code",
"refresh_token"
],
"response_types": [
"code"
],
"scope": "https://purl.imsglobal.org/spec/ob/v2p1/scope/profile.update https://purl.imsglobal.org/spec/ob/v2p1/scope/profile.readonly https://purl.imsglobal.org/spec/ob/v2p1/scope/assertion.create https://purl.imsglobal.org/spec/ob/v2p1/scope/assertion.readonly offline_access"
}'
You should get a result like this. Copy the client_id and the client_secret (you'll need them to configure the oAuth2 service)
{"client_id":"9ofl140KfgS54uIxbu2zv3v2xqO4EopdSvc02nqV","client_secret":"vsosCajNKEeT9ou9Z0eCRt0nMTsSF9UST2U46v2DJqv42BrZNrh05w8SY95a4lhi07i8z2hCMFzvrlrpFngdAHpWgrdTbGVZAb6rGDZPVBcbQx3NaPYdiB22jt2N7FvQ","client_id_issued_at":1603219589,"client_secret_expires_at":0}
Go to "Site administration / Server / OAuth 2 services".
Create a custom service with the following information:
Name: "Badgr.io Test"
Client ID: <previous client_id>
Client secret: <previous client_secret>
Enable Authenticate token requests via HTTP headers
Scopes included in a login request and Scopes included in a login request for offline access: "openid profile email"
Service base URL: https://api.test.badgr.com
Logo URL: https://placekitten.com/300/300
Save changes.
Check "Discovery" column in OAuth2 services table has a green tick mark for the "Badgr.io Test" service.
Access to the "Configure endpoints" page.
Check the following endpoints appears:
discovery_endpoint: https://api.test.badgr.com/.well-known/badgeconnect.json
discovery_endpoint: https://api.test.badgr.com/.well-known/badgeconnect.json
termsofservice_endpoint: https://badgr.com/terms-of-service.html
privacypolicy_endpoint: https://badgr.com/privacy-policy.html
registration_endpoint: https://api.test.badgr.com/o/register
authorization_endpoint: https://test.badgr.com/auth/oauth2/authorize
token_endpoint: https://api.test.badgr.com/o/token
Go to "Site administration / Badges / Manage backpacks".
Click the "Add a new backpack" button and create a new backpack with the following information:
Backpack API URL: https://api.test.badgr.com/
Backpack URL: https://test.badgr.com/
API version supported: Open Badges v2.1
OAuth2 services: Badgr.io Test
Save changes.
Testing scenario 1: Connect to IMS Global backpack
Login as admin.
Go to Dashboard / Preferences / Badges / Backpack settings.
Check the "Status" is "not connected" and the button "Connect to backpack" appears.
Click button "Connect to backpack".
Check the site is redirected to the backpack site and the login form is displayed.
Login using one of the existing users (alice or bob).
Check the screen requesting your permission is displayed with the following application access permissions:
Create or update Open Badges Profile
Get Open Badges Profile
Create Open Badges Assertion
Get Open Badges Assertions
Offline Access
Click button "Yes, Allow".
Check the "Backpack has been connected" message is displayed.
Check you're redirected to the Manage badges page.
Click the "Change backpack settings" button.
Check the status is "Connected".
Testing scenario 2: Send badge to the IMS Global backpack
Go to Dashboard / Preferences / Badges / Manage badges.
Click on the "Add to backpack" button.
Check the message "Added badge to backpack " is displayed.
Testing scenario 3: Connect to Badgr.io backpack
Login as admin.
Go to "Site administration / Badges / Backpack settings" and set the site backpack to https://test.badgr.com/ .
Log in as teacher (t1).
Go to Dashboard / Preferences / Badges / Backpack settings.
Check the "Status" is "not connected" and the button "Connect to backpack" appears.
Click button "Connect to backpack".
Check the site is redirected to the backpack site and the login form is displayed.
Login using the test.badgr.com user account.
Check the screen requesting your permission is displayed with the following application access permissions:
Know who you are on Badgr
Add badges into a User's Backpack
See who you are
Click button "Authorize".
Check you're redirected to the Moodle page and the following error is displayed: "A required parameter (scope) was missing".
This test.badgr.com service is under development and they are working on this issue to fix it (so that shouldn't be the expected behaviour but it's unrelated to this issue).
Testing scenario 4: OAuth2 services still works
Get the credentials (client id and secret) for the Google API following steps described in https://docs.moodle.org/en/OAuth_2_Google_service
Login as admin.
Go to "Site administration / Server / OAuth 2 services".
Create a Google service with the following information (leave the default values and change only these):
Name: "Google"
Client ID: <previous client_id>
Client secret: <previous client_secret>
Save changes.
Check "Configured", "Allow login" and "Discovery" columns in OAuth2 services table has a green tick mark for the "Google" service.
Access to the "Configure endpoints" page.
Check the following endpoints appears:
discovery_endpoint https://accounts.google.com/.well-known/openid-configuration
discovery_endpoint https://accounts.google.com/.well-known/openid-configuration
authorization_endpoint https://accounts.google.com/o/oauth2/v2/auth
device_authorization_endpoint https://oauth2.googleapis.com/device/code
token_endpoint https://oauth2.googleapis.com/token
userinfo_endpoint https://openidconnect.googleapis.com/v1/userinfo
revocation_endpoint https://oauth2.googleapis.com/revoke
Click over the "Connect to a system account" icon for the Google service (in the "System account conected" column).
Click the Continue button.
Check you're redirected to the Google authentication page.