Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-70689

Add new "IMS OBv2.1" OAuth 2 service

XMLWordPrintable

    • MOODLE_311_STABLE, MOODLE_400_STABLE
    • MOODLE_311_STABLE
    • MDL-70689-master
    • Hide

      Requirements

      1. Run your site with public access (use ngrok or similar).
      2. One account set up on https://test.badgr.com/.  Be careful because this is a different account than the ones in badgr.io used previously in other issues. Here, the account needs to be created in https://test.badgr.com/ .
      3. A Google client ID and secret and email address for use in testing.

      Setup badges

      1. Login as admin.
      2. Go to "Site administration | Badges | Add a new badge" and create a badge at site level.
      3. Add criteria to the badge so it can be manually issued by role.
      4. Enable the badge.
      5. Issue the badge to the admin user and to teacher (t1) user.

      Testing scenario A.1: Create IMS Global service (IMS OBv2.1)

      1. Login as admin.
      2. Go to "Site administration / Server / OAuth 2 services".
      3. Create a "IMS OBv2.1" service with the following information:
      4. Check "Client ID" and "Client secret" fields are not mandatory and "Service base URL" is mandatory.
      5. Save changes. 
      6. Check "Changes saved" notification is displayed.
      7. Check "Discovery" column in OAuth2 services table has a green tick mark for the "IMS Global" service created.
      8. Access to the "Configure endpoints" page.
      9. Check , at least, the following endpoint appears:
      10. Edit the "IMS Global"service.
      11. Check the "Client ID" and "Client secret" fields are not empty.

      Testing scenario A.2: Connect to IMS Global backpack

      1. Go to "Site administration / Badges / Manage backpacks".
      2. Click the "Add a new backpack" button and create a new backpack with the following information:
      3. Save changes.
      4. Go to Dashboard / Preferences / Badges / Backpack settings.
      5. Select "https://dc.imsglobal.org" as "Backpack provider".
      6. Check the "Status" is "not connected" and the button "Connect to backpack" appears.
      7. Click button "Connect to backpack".
      8. Check the site is redirected to the backpack site and the login form is displayed.
      9. Login using one of the existing users (alice or bob).
      10. Check the screen requesting your permission is displayed with the following application access permissions:
        • Get Open Badges Profile
        • Create Open Badges Assertion
        • Get Open Badges Assertions
        • Offline Access
      11. Click button "Yes, Allow".
      12. Check the "Backpack has been connected" message is displayed.
      13. Check you're redirected to the Manage badges page.
      14. Click the "Change backpack settings" button.
      15. Check the status is "Connected".

      Testing scenario A.3: Send badge to the IMS Global backpack

      1. Go to Dashboard / Preferences / Badges / Manage badges.
      2. Click on the "Add to backpack" button.
      3. Check the message "Added badge to backpack " is displayed.

       

      Testing scenario B.1: Create Badgr.io service (IMS OBv2.1)

      1. Login as admin.
      2. Go to "Site administration / Server / OAuth 2 services".
      3. Create a "IMS OBv2.1" service with the following information:
      4. Save changes. 
      5. Check "Changes saved" notification is displayed.
      6. Check "Discovery" column in OAuth2 services table has a green tick mark for the "Badgr" service created.
      7. Edit the "Badgr" service.
      8. Check the "Client ID" and "Client secret" fields are not empty.

      Testing scenario B.2: Connect to Badgr.io backpack

      1. Go to "Site administration / Badges / Manage backpacks".
      2. Click the "Add a new backpack" button and create a new backpack with the following information:
      3. Save changes.
      4. Log in as teacher (t1).
      5. Go to Dashboard / Preferences / Badges / Backpack settings.
      6. Select "https://test.badgr.com/" as "Backpack provider".
      7. Check the "Status" is "not connected" and the button "Connect to backpack" appears.
      8. Click button "Connect to backpack".
      9. Check the site is redirected to the backpack site and the login form is displayed.
      10. Login using the test.badgr.com user account.
      11. Check the screen requesting your permission is displayed with the following application access permissions:
        • Know who you are on Badgr
        • Add badges into a User's Backpack
        • See who you are
      12. Click button "Authorize".
      13. Check you're redirected to the Moodle page and " Backpack is connected " message is displayed.

       

      Testing scenario C: OAuth2 services still works

      1. Get the credentials (client id and secret) for the Google API following steps described in https://docs.moodle.org/en/OAuth_2_Google_service 
      2. Login as admin.
      3. Go to "Site administration / Server / OAuth 2 services".
      4. Create a Google service with the following information (leave the default values and change only these):
        • Name: "Google"
        • Client ID: <previous client_id>
        • Client secret: <previous client_secret>
      5. Save changes.
      6. Check "Configured", "Allow login" and "Discovery" columns in OAuth2 services table has a green tick mark for the "Google" service.
      7. Access to the "Configure endpoints" page.
      8. Check the following endpoints appears:
      9. Click over the "Connect to a system account" icon for the Google service (in the "System account conected" column).
      10. Click the Continue button.
      11. Check you're redirected to the Google authentication page.

       
       

      Show
      Requirements Run your site with public access (use ngrok or similar). One account set up on  https://test.badgr.com/ .  Be careful because this is a different account than the ones in badgr.io used previously in other issues. Here, the account needs to be created in  https://test.badgr.com/  . A Google client ID and secret and email address for use in testing. Setup badges Login as admin. Go to "Site administration | Badges | Add a new badge" and create a badge at site level. Add criteria to the badge so it can be manually issued by role. Enable the badge. Issue the badge to the admin user and to teacher (t1) user. Testing scenario A.1: Create IMS Global service (IMS OBv2.1) Login as admin. Go to "Site administration / Server / OAuth 2 services". Create a "IMS OBv2.1" service with the following information: Name: "IMS Global" Service base URL: https://dc.imsglobal.org/ Check "Client ID" and "Client secret" fields are not mandatory and "Service base URL" is mandatory. Save changes.  Check "Changes saved" notification is displayed. Check  "Discovery" column in OAuth2 services table has a green tick mark for the "IMS Global" service created. Access to the "Configure endpoints" page. Check  , at least, the following endpoint appears: discovery_endpoint:  https://dc.imsglobal.org/.well-known/badgeconnect.json   Edit the "IMS Global"service. Check the "Client ID" and "Client secret" fields are not empty. Testing scenario A.2: Connect to IMS Global backpack Go to "Site administration / Badges / Manage backpacks". Click the "Add a new backpack" button and create a new backpack with the following information: Backpack API URL:  https://dc.imsglobal.org/obprovider/ims/ob/v2p1 Backpack URL:  https://dc.imsglobal.org API version supported: Open Badges v2.1 OAuth2 services: IMS Global Save changes. Go to Dashboard / Preferences / Badges / Backpack settings. Select "https://dc.imsglobal.org" as "Backpack provider". Check  the "Status" is "not connected" and the button "Connect to backpack" appears. Click button "Connect to backpack". Check  the site is redirected to the backpack site and the login form is displayed. Login using one of the existing users (alice or bob). Check  the screen requesting your permission is displayed with the following application access permissions: Get Open Badges Profile Create Open Badges Assertion Get Open Badges Assertions Offline Access Click button "Yes, Allow". Check  the "Backpack has been connected" message is displayed. Check  you're redirected to the Manage badges page. Click the "Change backpack settings" button. Check  the status is "Connected". Testing scenario A.3: Send badge to the IMS Global backpack Go to Dashboard / Preferences / Badges / Manage badges. Click on the "Add to backpack" button. Check the message "Added badge to backpack " is displayed.   Testing scenario B.1: Create Badgr.io service (IMS OBv2.1) Login as admin. Go to "Site administration / Server / OAuth 2 services". Create a "IMS OBv2.1" service with the following information: Name: "Badgr" Service base URL: https://api.test.badgr.com/ Logo URL: https://api.test.badgr.com/static/images/logo.png * There is an issue with current Badgr manifest because image URL is invalid. So, for now, it's better, as this is a development environment, we can avoid it using the previous "Logo URL" (instead of getting it from the manifest). Save changes.  Check "Changes saved" notification is displayed. Check  "Discovery" column in OAuth2 services table has a green tick mark for the "Badgr" service created. Edit the "Badgr" service. Check the "Client ID" and "Client secret" fields are not empty. Testing scenario B.2: Connect to Badgr.io backpack Go to "Site administration / Badges / Manage backpacks". Click the "Add a new backpack" button and create a new backpack with the following information: Backpack API URL:  https://api.test.badgr.com/   Backpack URL:  https://test.badgr.com/   API version supported: Open Badges v2.1 OAuth2 services: Badgr.io Test Save changes. Log in as teacher (t1). Go to Dashboard / Preferences / Badges / Backpack settings. Select "https://test.badgr.com/" as "Backpack provider". Check  the "Status" is "not connected" and the button "Connect to backpack" appears. Click button "Connect to backpack". Check  the site is redirected to the backpack site and the login form is displayed. Login using the test.badgr.com user account. Check  the screen requesting your permission is displayed with the following application access permissions: Know who you are on Badgr Add badges into a User's Backpack See who you are Click button "Authorize". Check  you're redirected to the Moodle page and " Backpack is connected " message is displayed.   Testing scenario C: OAuth2 services still works Get the credentials (client id and secret) for the Google API following steps described in  https://docs.moodle.org/en/OAuth_2_Google_service   Login as admin. Go to "Site administration / Server / OAuth 2 services". Create a Google service with the following information (leave the default values and change only these): Name: "Google" Client ID: <previous client_id> Client secret: <previous client_secret> Save changes. Check  "Configured", "Allow login" and "Discovery" columns in OAuth2 services table has a green tick mark for the "Google" service. Access to the "Configure endpoints" page. Check  the following endpoints appears: discovery_endpoint  https://accounts.google.com/.well-known/openid-configuration discovery_endpoint  https://accounts.google.com/.well-known/openid-configuration authorization_endpoint  https://accounts.google.com/o/oauth2/v2/auth device_authorization_endpoint  https://oauth2.googleapis.com/device/code token_endpoint  https://oauth2.googleapis.com/token userinfo_endpoint  https://openidconnect.googleapis.com/v1/userinfo revocation_endpoint  https://oauth2.googleapis.com/revoke   Click over the "Connect to a system account" icon for the Google service (in the "System account conected" column). Click the Continue button. Check  you're redirected to the Google authentication page.    
    • Moppies Kanban

      While testing OBv2.1 with several backpack providers, such as Badgr or CampusLabs, we realised our current OBv2.1 implementation in Moodle is ignoring the content in manifest file /.well-known/badgeconnect.json.

      Tests with IMS Digital credential service worked in the past because they had .well-known/openid-configuration to discover the endpoints (it's not working any more because IMS has changed this testing service too to force to check the expected /.well-known/badgeconnect.json).

      Information such as authorization, token or revocation end points should be loaded from /.well-known/badgeconnect.json when using OBv2.1. So a new OBv2.1 service should be added to the OAuth 2 services page (/admin/tool/oauth2/issuers.php).

      More information about OBv2.1: https://www.imsglobal.org/spec/ob/v2p1/#api-manifest 

        1. buttons_afterpatch.png
          buttons_afterpatch.png
          67 kB
        2. buttons_beforepatch.png
          buttons_beforepatch.png
          63 kB
        3. Screenshot_1.jpg
          Screenshot_1.jpg
          84 kB
        4. Screenshot_2.jpg
          Screenshot_2.jpg
          95 kB
        5. Screenshot_3.jpg
          Screenshot_3.jpg
          20 kB
        6. Screenshot_4.jpg
          Screenshot_4.jpg
          48 kB
        7. Screenshot_5.jpg
          Screenshot_5.jpg
          68 kB
        8. Screenshot_6.jpg
          Screenshot_6.jpg
          64 kB

            sarjona Sara Arjona (@sarjona)
            sarjona Sara Arjona (@sarjona)
            Carlos Escobedo Carlos Escobedo
            Eloy Lafuente (stronk7) Eloy Lafuente (stronk7)
            Janelle Barcega Janelle Barcega
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

              Created:
              Updated:
              Resolved:

                Estimated:
                Original Estimate - 0 minutes
                0m
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 4 days, 4 hours, 40 minutes
                4d 4h 40m

                  Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.