Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-73767

Oauth2 - Add Clever SSO as an SSO provider

    XMLWordPrintable

Details

    • MOODLE_311_STABLE, MOODLE_401_STABLE
    • MOODLE_401_STABLE
    • MDL-73767-master_clever_oauth2
    • Hide

      Testing Instructions

      Prerequisites

      1. Like any Oauth testing/setup, it's much easier with a Moodle site that has a public FQDN.  It's hard to test with dev boxes that don't have a "proper" publicly accessible URL. Alternatively, use ngrok.
      2. Go to https://apps.clever.com/signup and create a developer account
      3. Click on Settings in the left-hand menu of the developer dashboard
        1. Copy/note the Client ID and Secret for configuring Clever in Moodle later
        2. Configure Instant Login settings:
          • Add Redirect URL under OAuth Settings: {Your Moodle baseurl}/admin/oauth2callback.php
          • Add Supported User Types under Additional Settings: Students, Teachers
      1. Click on Home in the left-hand menu of the developer dashboard
        1. Under Your Districts, click on your district (will be of the form "#DEMO {Application name} (Dev) Sandbox")
        2. Scroll down and find/copy the Portal URL under Clever SSO Info
      2. Download and extract the default sandbox user list from Clever.
        • We will use the information in students.csv and teachers.csv to log in later in the Portal URL.
          • For students, the username and password are both the "Student_number".
          • For teachers, the username and password are both the "Teacher_number".
      3. Configure the Clever OAuth2 provider in Moodle:
        1. Enable OAuth2 authentication plugin (Site administration > plugins > manage authentication)
        2. Create / configure Clever OAuth2 using client ID and secret (Site administration -> Server -> OAuth 2 services)
          1. Click on the Clever button
          2. Populate ID and secret values
          3. Untick "Require email verification"
          4. Tick "I understand that disabling email verification can be a security issue."
          5. Save changes

      Test case

      1. Open an incognito browser window
      2. Open the link to the Portal URL for your Clever dev application (see step 4.2 in prereqs above)
      3. Log in to the portal as a student user account indicated in the downloaded CSV file.
      4. In the same window, navigate to your Moodle login page
      5. Click on the Clever login button
      6. Confirm that you are able to log in to Moodle with the Clever student account.
      7. Repeat the above steps for the Clever teacher user and confirm that you are able to log in to Moodle with the Clever teacher account.
      Show
      Testing Instructions Prerequisites Like any Oauth testing/setup, it's much easier with a Moodle site that has a public FQDN.  It's hard to test with dev boxes that don't have a "proper" publicly accessible URL. Alternatively, use ngrok . Go to https://apps.clever.com/signup and create a developer account Click on Settings in the left-hand menu of the developer dashboard Copy/note the Client ID and Secret for configuring Clever in Moodle later Configure Instant Login settings: Add Redirect URL under OAuth Settings: {Your Moodle baseurl}/admin/oauth2callback.php Add Supported User Types under Additional Settings: Students, Teachers Click on Home in the left-hand menu of the developer dashboard Under Your Districts , click on your district (will be of the form "#DEMO {Application name} (Dev) Sandbox") Scroll down and find/copy the Portal URL under Clever SSO Info Download and extract the default sandbox user list from Clever . We will use the information in students.csv and teachers.csv to log in later in the Portal URL . For students, the username and password are both the " Student_number ". For teachers, the username and password are both the " Teacher_number ". Configure the Clever OAuth2 provider in Moodle: Enable OAuth2 authentication plugin (Site administration > plugins > manage authentication) Create / configure Clever OAuth2 using client ID and secret (Site administration -> Server -> OAuth 2 services) Click on the Clever button Populate ID and secret values Untick " Require email verification " Tick " I understand that disabling email verification can be a security issue. " Save changes Test case Open an incognito browser window Open the link to the Portal URL for your Clever dev application (see step 4.2 in prereqs above) Log in to the portal as a student user account indicated in the downloaded CSV file. In the same window, navigate to your Moodle login page Click on the Clever login button Confirm that you are able to log in to Moodle with the Clever student account. Repeat the above steps for the Clever teacher user and confirm that you are able to log in to Moodle with the Clever teacher account.

    Description

      Add Clever SSO as a oauth2 provider in Moodle.

      Some requirements of the integration mean that it can't just be configured as a custom provider and it needs it's own class. Specifically Clever uses non-standard OIDC endpoints to get user information after the initial handshake phase. This is very similar to the existing Linkedin integration (but not exactly the same). More information on this flow can be found at; https://dev.clever.com/docs/identity-api#sso-oauth2-authorization-grant-flow

      We have a client after this and there is also others in the community that are after the same thing https://moodle.org/mod/forum/discuss.php?d=427547

      Attachments

        Issue Links

          Activity

            People

              ripalnathuji Ripal Nathuji
              mattp@catalyst-au.net Matt Porritt
              Matt Porritt Matt Porritt
              Jun Pataleta Jun Pataleta
              Angelia Dela Cruz Angelia Dela Cruz
              Votes:
              0 Vote for this issue
              Watchers:
              11 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - 0 minutes
                  0m
                  Remaining:
                  Remaining Estimate - 0 minutes
                  0m
                  Logged:
                  Time Spent - 2 hours, 45 minutes
                  2h 45m

                  Clockify

                    Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.