Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-80961

Implement AWS SMS gateway plugin and hook SMS MFA into SMS API

XMLWordPrintable

    • MOODLE_405_STABLE
    • MDL-80961-main
    • Hide

      When it comes to testing, this resource for testing SMS sending in AWS will likely come in handy: https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html

      Prerequisites

      To test this issue you'll need a Moodle that you have admin access to.

      You will need a resource for testing SMS sending in AWS.

      Having an admin account makes it easier to move through all of the test settings.
      If you don't have cli access to the instance make sure you have access to two separate admin accounts. As part of the testing, it will lock out a user.

      Set up your SMS Sandbox

      1. Access to https://signin.aws.amazon.com with your credentials.
      2. From your AWS Console go to Amazon SNS / Mobile / Text messaging(SMS) and enable it.
      3. Include some "Sandbox destination phone numbers"
      4. From Security credentials: create a new Access keys for this and save the "Key", "Secret" and Region for the configuration in Moodle. 

      More information about SMS sandbox can be found 

      Test Mobile phone SMS Authentication (upgrade):

      1. Stand up a Moodle instance using the 404 branch (Don't apply the patch yet).
      2. Access to your Moodle as admin user.
      3. Navigate to: Site administration > plugins > administration tools > Multi-factor authentication.
      4. Enable the "MFA plugin enabled" Checkbox.
      5. Go to "SMS mobile phone".
      6. Enable the factor and include the AWS credentials created before.
      7. Apply the patch and upgrade the site.
      8. Access to your user preferences / "Multi-factor authentication preferences".
      9. Set up "SMS mobile phone" factor with a test phone number.
      10. Confirm you have received an SMS in your phone number.
      11. Enter the code you received and continue. 
      12. Open another browser and access to Moodle with your user.
      13. Enter your username and password.
      14. Confirm a new screen will be display where it will ask for the Mobile phone SMS.
      15. Confirm you have received an SMS in your mobile. 
      16. Enter the code in the box and click on verify code.
      17. Confirm{} you have been login successfully and you have access to Moodle.

      Test Mobile phone SMS Authentication (fresh install):

      1. Stand up a Moodle instance using this patch.
      2. Access to your Moodle as admin user.
      3. Navigate to: Site administration > plugins > administration tools > Multi-factor authentication.
      4. Enable the "MFA plugin enabled" Checkbox.
      5. Go to "Mobile phone SMS".
      6. Using the AWS credentials created before, run the following query in your db (this query is pg compatible) and replace the config values from AWS:

        insert into mdl_sms_gateways (gateway, enabled, config)
        values ('smsgateway_aws\gateway', 1, '{"countrycode":"0","gateway":"aws_sns","usecredchain":"0","api_key":"your_api_key","api_secret":"your_api_key","api_region":"your_api_region"}'); 

      7. Confirm you have a new entry in sms_gateway table.
      8. Access to your user preferences / "Multi-factor authentication preferences".
      9. Set up "Mobile phone SMS" factor with a test phone number.
      10. Confirm you have received an SMS in your phone number.
      11. Enter the code you received and continue. 

       

      NOTE: If you mess things up and locked yourself out, you can disable the whole MFA plugin from the CLI:

      php admin/cli/cfg.php --component=tool_mfa --name=enabled --set=0

      Note2: Reset user authentication factors

      1. Access to your Moodle as admin user
      2. Go to "Plugins" / Multi-factor authentication / Reset user authentication factors
      3. Search by one user with authentication factors
      4. Click on button "Reset user factor"
      1. Open another browser and access to Moodle with your user.
      2. Enter your username and password.
      3. Confirm a new screen will be display where it will ask for the Mobile phone SMS.
      4. Confirm you have received an SMS in your mobile. 
      5. Enter the code in the box and click on verify code.
      6. Confirm you have been login successfully and you have access to Moodle.
      Show
      When it comes to testing, this resource for testing SMS sending in AWS will likely come in handy: https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox.html Prerequisites To test this issue you'll need a Moodle that you have admin access to. You will need a resource for testing SMS sending in AWS. Having an admin account makes it easier to move through all of the test settings. If you don't have cli access to the instance make sure you have access to two separate admin accounts. As part of the testing, it will lock out a user. Set up your SMS Sandbox Access to https://signin.aws.amazon.com with your credentials. From your AWS Console go to Amazon SNS / Mobile / Text messaging(SMS) and enable it. Include some "Sandbox destination phone numbers" From Security credentials: create a new Access keys for this and save the "Key", "Secret" and Region for the configuration in Moodle.  More information about SMS sandbox can be found  https://aws.amazon.com/blogs/compute/introducing-the-sms-sandbox-for-amazon-sns/ https://docs.aws.amazon.com/sns/latest/dg/sns-sms-sandbox-verifying-phone-numbers.html https://docs.aws.amazon.com/sns/latest/dg/sns-getting-started.html Test Mobile phone SMS Authentication (upgrade): Stand up a Moodle instance using the 404 branch (Don't apply the patch yet). Access to your Moodle as admin user. Navigate to: Site administration > plugins > administration tools > Multi-factor authentication. Enable the "MFA plugin enabled" Checkbox. Go to "SMS mobile phone". Enable the factor and include the AWS credentials created before. Apply the patch and upgrade the site. Access to your user preferences / "Multi-factor authentication preferences". Set up "SMS mobile phone" factor with a test phone number. C onfirm you have received an SMS in your phone number. Enter the code you received and continue.  Open another browser and access to Moodle with your user. Enter your username and password. C onfirm a new screen will be display where it will ask for the Mobile phone SMS. C onfirm you have received an SMS in your mobile.  Enter the code in the box and click on verify code. C onfirm { } you have been login successfully and you have access to Moodle. Test Mobile phone SMS Authentication (fresh install): Stand up a Moodle instance using this patch. Access to your Moodle as admin user. Navigate to: Site administration > plugins > administration tools > Multi-factor authentication. Enable the "MFA plugin enabled" Checkbox. Go to "Mobile phone SMS". Using the AWS credentials created before, run the following query in your db (this query is pg compatible) and replace the config values from AWS: insert into mdl_sms_gateways (gateway, enabled, config) values ( 'smsgateway_aws\gateway' , 1 , '{"countrycode":"0","gateway":"aws_sns","usecredchain":"0","api_key":"your_api_key","api_secret":"your_api_key","api_region":"your_api_region"}' ); Confirm you have a new entry in sms_gateway table. Access to your user preferences / "Multi-factor authentication preferences". Set up "Mobile phone SMS" factor with a test phone number. Confirm you have received an SMS in your phone number. Enter the code you received and continue.    NOTE :  If you mess things up and locked yourself out, you can disable the whole MFA plugin from the CLI : php admin/cli/cfg.php --component=tool_mfa --name=enabled --set=0 Note2: Reset user authentication factors Access to your Moodle as admin user Go to "Plugins" / Multi-factor authentication / Reset user authentication factors Search by one user with authentication factors Click on button "Reset user factor" Open another browser and access to Moodle with your user. Enter your username and password. C onfirm a new screen will be display where it will ask for the Mobile phone SMS. C onfirm you have received an SMS in your mobile.  Enter the code in the box and click on verify code. C onfirm you have been login successfully and you have access to Moodle.
    • 10
    • Team Hedgehog 2024 Sprint 1.2, Team Hedgehog 2024 Sprint 1.3, Team Hedgehog 2024 Sprint 1.4, Team Hedgehog 2024 Review 1, Team Hedgehog 2024 Sprint 2.1

      Create a new gateway plugin based on the AWS SMS implementation already used by MFA, then update the MFA SMS factor to use the new SMS API / AWS gateway.

      Requirements:

      • Merge the base SMS API and gateway work from MDL-80960 into this issue, so they land together.
      • Create the AWS gateway plugin.
      • Update the MFA SMS factor to call the SMS API, instead of the existing implementation.

      Out of scope:

      • Removing the “old” placement of the AWS code MFA was previously calling.

            safat.shahin@moodle.com Safat Shahin
            michaelh Michael Hawkins
            Raquel Ortega Raquel Ortega
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved:

                Estimated:
                Original Estimate - 0 minutes
                0m
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 2 days, 2 hours, 7 minutes
                2d 2h 7m

                  Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.