Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-71254

OAuth2: Display login errors on the login page

    XMLWordPrintable

    Details

    • Testing Instructions:
      Hide
      1. Navigate to admin/settings.php?section=manageauths and enable OAuth 2 authentication plugin.
      2. Configure Microsoft OAuth2 service as described here https://docs.moodle.org/310/en/OAuth_2_Microsoft_service
      3. Log out.
      4. Head to https://account.microsoft.com/account and log into your account.
      5. Click on the Privacy tab at the top of the page. You may need to verify your identity via an email code.
      6. Scroll down to the Other privacy settings section.
      7. Go to Apps and services > Apps and services that can access your data.
      8. Review the list of apps and establish which you want to revoke.
      9. Click on Edit below the corresponding app's name.
      10. Select Remove these permissions.
      11. Navigate to your moodle login page.
      12. Click on Microsoft button.
      13. Enter your email address and password.
      14. When account.live.com asks for your confirmation of logging click No:
      15. Confirm, that login page is displayed.
      16. Confirm, that "The user has denied access to the scope requested by the client application." error is displayed.
      Show
      Navigate to admin/settings.php?section=manageauths and enable OAuth 2 authentication plugin. Configure Microsoft OAuth2 service as described here https://docs.moodle.org/310/en/OAuth_2_Microsoft_service Log out. Head to https://account.microsoft.com/account  and log into your account. Click on the Privacy tab at the top of the page. You may need to verify your identity via an email code. Scroll down to the Other privacy settings section. Go to Apps and services > Apps and services that can access your data. Review the list of apps and establish which you want to revoke. Click on Edit below the corresponding app's name. Select Remove these permissions. Navigate to your moodle login page. Click on Microsoft button. Enter your email address and password. When account.live.com asks for your confirmation of logging click No: Confirm , that login page is displayed. Confirm , that "The user has denied access to the scope requested by the client application." error is displayed.
    • Affected Branches:
      MOODLE_311_STABLE, MOODLE_400_STABLE
    • Fixed Branches:
      MOODLE_311_STABLE
    • Pull from Repository:
    • Pull 3.11 Branch:
      MOODLE_311_MDL-71254
    • Pull Master Branch:
      master_MDL-71254

      Description

      When something goes wrong with OAuth2 and an error is returned back to the admin/oauth2callback.php script it just prints the error, while it would be better to redirect back to the login page and display the error there. So this would be consistent with other login errors like wrong password or suspended user.

      Screenshot:

        Attachments

          Activity

            People

            Assignee:
            mikhailgolenkov Mikhail Golenkov
            Reporter:
            mikhailgolenkov Mikhail Golenkov
            Integrator:
            Andrew Lyons Andrew Lyons
            Tester:
            Mathew May Mathew May
            Participants:
            Component watchers:
            Adrian Greeve, Jake Dallimore, Mathew May, Mihail Geshoski, Peter Dias, Sujith Haridasan
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:
              Fix Release Date:
              17/May/21

                Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 3 hours, 45 minutes
                3h 45m