Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-71254

OAuth2: Display login errors on the login page

    XMLWordPrintable

Details

    • MOODLE_311_STABLE, MOODLE_400_STABLE
    • MOODLE_311_STABLE
    • MOODLE_311_MDL-71254
    • master_MDL-71254
    • Hide
      1. Navigate to admin/settings.php?section=manageauths and enable OAuth 2 authentication plugin.
      2. Configure Microsoft OAuth2 service as described here https://docs.moodle.org/310/en/OAuth_2_Microsoft_service
      3. Log out.
      4. Head to https://account.microsoft.com/account and log into your account.
      5. Click on the Privacy tab at the top of the page. You may need to verify your identity via an email code.
      6. Scroll down to the Other privacy settings section.
      7. Go to Apps and services > Apps and services that can access your data.
      8. Review the list of apps and establish which you want to revoke.
      9. Click on Edit below the corresponding app's name.
      10. Select Remove these permissions.
      11. Navigate to your moodle login page.
      12. Click on Microsoft button.
      13. Enter your email address and password.
      14. When account.live.com asks for your confirmation of logging click No:
      15. Confirm, that login page is displayed.
      16. Confirm, that "The user has denied access to the scope requested by the client application." error is displayed.
      Show
      Navigate to admin/settings.php?section=manageauths and enable OAuth 2 authentication plugin. Configure Microsoft OAuth2 service as described here https://docs.moodle.org/310/en/OAuth_2_Microsoft_service Log out. Head to https://account.microsoft.com/account  and log into your account. Click on the Privacy tab at the top of the page. You may need to verify your identity via an email code. Scroll down to the Other privacy settings section. Go to Apps and services > Apps and services that can access your data. Review the list of apps and establish which you want to revoke. Click on Edit below the corresponding app's name. Select Remove these permissions. Navigate to your moodle login page. Click on Microsoft button. Enter your email address and password. When account.live.com asks for your confirmation of logging click No: Confirm , that login page is displayed. Confirm , that "The user has denied access to the scope requested by the client application." error is displayed.

    Description

      When something goes wrong with OAuth2 and an error is returned back to the admin/oauth2callback.php script it just prints the error, while it would be better to redirect back to the login page and display the error there. So this would be consistent with other login errors like wrong password or suspended user.

      Screenshot:

      Attachments

        Activity

          People

            mikhailgolenkov Misha Golenkov
            mikhailgolenkov Misha Golenkov
            Andrew Lyons Andrew Lyons
            Mathew May Mathew May
            Adrian Greeve, Jake Dallimore, Mathew May, Mihail Geshoski, Sujith Haridasan
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:
              17/May/21

              Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 3 hours, 45 minutes
                3h 45m