rabser / moodle-auth_googleoauth2 Goto Github PK

On a secure server the login buttons are parsing as http not https how can I change those buttons to parse as https.

https://moodle.org/plugins/view.php?plugin=auth_googleoauth2

Regul RedTue, 24 Sep 2013, 10:01 PM
This plugin not work in my Moodle 2.5.2+

I research problem and find, what there is error in /auth/googleauth2/auth.php

In line 359 used authenticate_user_login function, that dont work with empty second parameter (password).

Replace
$user = authenticate_user_login($username, null);
-->
$user = get_complete_user_data('username', $username, $CFG->mnet_localhost_id);
or $DB-> get_record function
solve this problem.

add support for identity provider:
auth: loginpage_idp_list()

In the case we don't need to add a function call into the login page, we still need to keep it for backward compatibility. The Moodle identity provider system should only be the default for new install.

http://developer.github.com/v3/oauth/

To let third party plugin access the user access token.

As explained there: http://developer.github.com/v3/users/emails/

To avoid the administrator to read the documentation, the setting page of the plugin should contain all needed information.

Logins with Google Oauth2 are working fine, however, I have manual auth enabled as well for some other users and anyone can login to any of their accounts by using the generated username and any / no password.

It seems this is the only check in the user_login() function:

//username must exist and have the right authentication method
if (!empty($user) && ($user->auth == 'googleoauth2')) {
    return false;
}

Possible Solution:

//username must exist and have the right authentication method
if (!empty($user) && ($user->auth == 'googleoauth2')) {
    $code = optional_param('code', false, PARAM_TEXT);
    if($code === false){
        return false;
    }
    return true;
}

Scopes are deprecated (lib.php line 82)

https://developers.google.com/+/api/oauth#profile

https://www.googleapis.com/auth/userinfo.profile

Deprecated - replace with the equivalent profile scope.

https://www.googleapis.com/auth/userinfo.email

Deprecated - replace with the equivalent email scope.

Thank you

I have installed googleoauth2 plug-in on an vanilla instance of moodle 2.6.2. I configured google sign-on and could see the button on the login page, however there seems to be a couple of issues i.e.

1.I cannot test this on my local environment as the google authentication service does not seem to work with a private IP (my internal IP)

2.Enabling Oauth2 seems to have turned off the other normal form based authentication as well as my email self-sign-on module (so I cannot login to my own site now to do any changes !)

Please help !

Hello,

I found a problem with the "Windows Live Authentication".

At file auth.php, at line 122 you have:

$postreturnvalues = $curl->get('https://oauth.live.com/token?client_id='.$params['client_id'].'&redirect_uri='.$params['redirect_uri'].'&client_secret='.$params['client_secret'].'&code='.$params['code'].'&grant_type=authorization_code');

But this doesn't work for me, I should use:

$postreturnvalues = $curl->get('https://oauth.live.com/token?client_id=' . urlencode($params['client_id']) . '&redirect_uri=' . urlencode($params['redirect_uri'] ). '&client_secret=' . urlencode($params['client_secret']) . '&code=' .urlencode( $params['code']) . '&grant_type=authorization_code');

I have created a fork.
Best regards.

http://developer.linkedin.com/documents/authentication

Hi,

Thank you for making this. This is great. I am having a small problem that its probably simple to fix but I cant figure it out. I tried it in two sites to see if the problem was one of my sites. They are both hosted at Justhost.com. I am getting this same error on my two sites with both Google and Facebook, but the Windows Live is working fine. I am thinking its my security settings but not sure.

500 Server Error

A misconfiguration on the server caused a hiccup. Check the server logs, fix the problem, then try again.
URL: http://cursosctc.com/moodle/auth/googleoauth2/facebook_redirect.php?code=AQAC-rVSfF6SemxJ9Txwc61HUh9SsYRgqDcNgkDXKrJVV8jplAiTnHFPs67o_66CCMkWDhp6pa_Dcwabvwu4LldunRYtF5_sACsBRKPyX3mGSPpI_bqS8jLmNr0tOzUGwM3wBoq9JdskXqycNirwe1T7xjQ3EuD2JXkVmFhvPgnd4lJBEfX3WuXAV23rBNFPhGsi9YqjDaDZPoQGlrzkPxRaArvIro9tvLe3T7pzuCCqOB4UAD-E_aUXipAhj3A_hl1YPArgX8SJe48vts0rPIGl6DjTA
Dangerously writable: [/home3/cursosct/public_html/moodle/auth/googleoauth2/facebook_redirect.php]
FIXED

I successfully installed facebook, google+ and github buttons but once I logged in with one of them (g+ in particular) the other two disappeared. Only if I use another chrome user I can see the 3 of them.

I disconnect, I remove the account but nothing. Only the one is shown!

As you see in the image, I am not logged in, but only one button is shown

if needed add urlencode for Google and Facebook.

Any chance of adding a config option to show all auth providers by default?

Hello can you please support twitter login also for people who use twitter

Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.

In order to trace all changes we need a change log file.

Hi Mouneyrac
The first time I go to my Moodle's login page, I can see all three logos: Google, FB and Live. Then if I login using the Google icon, I can get it, it works, but if I logout and then re-login, I see only the Google icon on my Moodle's login page. If I click the "Use other signin with other service" link, I still see only the one Google logo. So if I wanted to sign in using my FB account, I can't.

Help!
Frankie Kam
http://moodurian.blogspot.com

To avoid CSRF (https://developers.google.com/accounts/docs/OAuth2Login#createxsrftoken / http://developer.linkedin.com/documents/authentication) use the state parameter if provided by the provider.

Hello all,

When i try create client id in Google API i receive a error about REDIRECT URI

See

https://docs.google.com/file/d/0B0vy23qkbnL5Wnlyam5oVWU0eG8/edit?usp=drivesdk

Redirect URLs: http://96.126.124.189/artesanatoeducacional/moodle/auth/googleoauth2/google_redirect.php
Javascript origins: http://96.126.124.189

thank you

I was doing Google apps- moodle integration,

https://github.com/mouneyrac/moodle-auth_googleoauth2, this plugin is not working in Moodle 2.5.5

I have change code on line 359 as per what you suggested earlier, but it's still not working.

Any help on this?

My moodle account is pawait.co.ke/train/edutechservices

I finally succeeded to make Google authentification to work. But there is still one problem. When I clear Cookies I am able to sign in to Moodle using Sign-in with Google button, and after two logins, I am not able to log in again using the same browser, but after cleaning the cookies I can log in again (but only twice), and so on. Do You have any idea how can I fix this issue? I am using Moodle 2.3.3+ on Debian. Thak You.

Regards,

Sabina

Hello Jerome, I found no layout.php file in my theme (Standard theme - for new browsers), there is also no login.php file.
Should I put the code in the general.php file of the Theme and then create a login.php file with your code inside? If so, what would be the proper code to include login.php in the general.php file? Thanks for your help, Marina

Hello,
I installed this plug-in and set up google api,
fill in the client_ID, secret, redirect url,login theme etc...
After I press the google "Allow Access" button,
It redirect to the index of file-list in moodle/auth/googleauth2/
(a security risk?)
thank you very much.
My moodle version is 2.0.3 on a mowes_portable(apache22,php535)

Hi Mouneyrac

I'm using Google Chrome.

1. I managed to login using my Google account into my Moodle site.
2. Then I logout and login as the Moodle admin user.
3. I delete my Moodle Google-user (the moodle account with my Gmail account in it).
4. I then logout from my admin account. I can only see the Google logo.
   I can't see the other two FB or Messenger/Live/Outlook.com logos.
5. I click on the Google login icon and I'm back in again!!
6. Shouldn't the plug in force me to re-enter my Gmail username and password?
   Seems to be a dangerous security issue here - if I don't clear my Chrome's browser cache, this happens. If I clear my chrome's cache, the username and password fields
   appear. So if I don't clear my chrome's cache, I could be asking for trouble.

BTW, the same thing happens if I choose to do my initial login with FB. Or with Messenger/Live/Outlook.com.

Kindly advise, help!
Frankie Kam
http://moodurian.blogspot.com

Does the current auth plugin allow restricting google oauth2 users to a specified domain? It appears to be possible by sending the hd=example.com (hosted domain) parameter with the request: https://groups.google.com/forum/#!topic/oauth2-dev/SRStIuewiws

Is it possible to add this feature if it doesn't exist?

Create a theme only extending Clean with the login page included. No changes to Clean theme must be done expect adding this line of code, so people can extend their existing Clean extend theme with this new one.

Hi! Thanks for the plugin. It's awesome! :)

But i've tested a Linkedin provider and got "Error writing to database".

Current JSON from Linkedin:
{
"emailAddress": "*******@gmail.com",
"firstName": "Dmitrii",
"lastName": "Metelkin",
"location": {
"country": {"code": "au"},
"name": "Sydney Area, Australia"
}
}

So, the following lines should be like this:
https://github.com/mouneyrac/moodle-auth_googleoauth2/blob/master/auth.php#L326
$newuser->country = strtoupper($linkedinuser->location->country->code);

https://github.com/mouneyrac/moodle-auth_googleoauth2/blob/master/auth.php#L327
$newuser->city = $linkedinuser->location->name;

Cheers,
Dmitrii

Hello (bonjour),

I'm not a developper but hopefully I have a small git account.

I am running moodle stable release 2.5.1 and installed OAuth2 about 2 month ago.

What I did

• I'm interested by google and facebook services so I did create dev account. Also I filled in the client ID & secret in the plugin's settings. (copy paste to be sure)
• read most documentation I could get on the plugin (first the readme file)
• checked that I was not trying to connect with an existing account.
• checked my client ID and secret ;
• changed http to https in the api console for google.
• posted in moodle forum (no reply)
• reinstalled the plugin
• waited, tryed again...

What I did not do:

• extensively checked the code.
• have a similar plugingwork else where. I'm a newbie
• and many other things... :o)

The error:

With google

I get the following error message after clicking the google button. and entering a valid login/pwd.

The authentication provider sent us a communication error. Please try to sign-in again."

My problem could come from
bash pauth.php:392: throw new moodle_exception('couldnotgetgoogleaccesstoken', 'auth_googleoauth2');

With Facebook:

• I enter a login/pwd
• I accept to give info to the plugin
  Then I get the same error as with google.

I need your help
Thank you

Quefaire?

Somehow I missed to integrate 73a0e4b in master

Hi Mouneyrac

I'm logged in as Admin on my Moodle site but I can't delete the user accounts that are created when logging in using Google. For example, I have these usernames:
social_user_4
social_user_6
but I can't delete them. Other user accounts can be deleted.

Frankie Kam

I'm running Moodle 2.5.3+ (Build: 20131115)

I've just installed the plugin. I am able to login with Facebook and Google.

For LinkedIn I'm getting "Error writing to database". Here's the anonymized debug info:

My LinkedIn First, Last, and email address were in the debug info.
Any advice would be appreciated.

Thanks,
Darrel

setup a continuous testing server for different Moodle branches.

Basically for the moment:
a) write behat tests for each version (may be the same)
b) automatically run the tests once a week (every new release).

It is not immediately obvious to me if this plugin is affected by anything that Google is deprecating. It appears to me that this plugin is not affected by anything on that web site but just wanted to be reasonably sure.

Thank you.

Hi,
I'm trying to find out why the plugin is working on a french host (ovh) and not on my prefred host (bluehost).

Can you tell me the technical requirements for this plugin?
I mean php modules, version that should be installed on the host?

Thanks.

Hey mates, I got this error does anyone knows how to fix?

error/facebook_failure

Meer informatie over deze fout

Debug info:
Error code: facebook_failure
$a contents:

Stack trace: line 11 of /auth/googleoauth2/facebook_redirect.php: moodle_exception thrown

this is in the facebook_redirect.php

In the readme add a specficiation section, explaining what are the red routes (critical use cases). For example what are the user expecting when they already have an account but with a different email... If it's too big then write a wiki page.

Mouneyrac!

After posting a ticket, the subject in my E-mail notification reads:

A new ticket is reported in tracker [{$a]}

The code "[{$a]}" appears on my E-mauil subject list. Shouldn't it be a description or name of the Ticket instead of some obscure code?

Regards
Frankie Kam

Hi,
I want to use this plugin for a provider that's not one of those supported. It's one that's unlikely to be needed by others so I plan to add fields for a "custom" or provider.

Do you think this is possible? Do you have an pointers for where to get started with the code and what's the best way to contribute back?

Andrew

Thanks for a great plugin! And for a quick first respons on the comments page.

I tried the earlier version with success.
Today when I tried to install yesterday's new version of the plugin on my newly updated moodle 2.5.2 (Build: 20130909), it installed without problem, but when I go to the plugin's settings page, all I get is a blank screen. Having switched debug mode on gives me:

Parse error: syntax error, unexpected '[', expecting ')' in .../moodle/auth/googleoauth2/auth.php on line 467

Any ideas on how to proceed to get it fixed?

Cheers,

Johan Nyman

I have implemented GoogleOauth2 on a live site, but due to some reasons the login gets redirected to edit.php page on moodle.
Even facebook, google, windows live send the authentication back to moodle, but due to some reason the user is not able to go beyond edit profile page.
All the parameters for GoogleOauth2 have been set correctly via admin panel.

Please suggest what needs to be done.

I have a problem with OAuth2 authentication for Moodle. I am currently using Moodle 2.3.3+. I have added OAuth plugin to Moodle. I followed all of the instructions and when I am singing in with Google, after clicking on Accept (Accept that this app will see my e-mail address and basic info about my acc) I get the following error from Moodle: "The authentication provider sent us a communication error. Please try to sign-in again."

Debug info:
Error code: couldnotgetgoogleaccesstoken
Stack trace:

line 392 of /auth/googleoauth2/auth.php: moodle_exception thrown
line 82 of /login/index.php: call to auth_plugin_googleoauth2->loginpage_hook()

Output buffer: Notice: Undefined property: stdClass::$access_token in /opt/rubystack/apps/moodle/htdocs/auth/googleoauth2/auth.php on line

The login page code will be generated by a single function so it's not as complex as now to add the code to your login page.

I like that can enter the login page any of the method inscripcion and is the same account, does anyone know anything about that?

Moodle Version 2.5

Hi,
nice to meet you.
is it possible to add a "domain" option in the configuration page,
that only accounts in a certain google_domain can register or login moodle?
thank you !

Hi,

I find that Name, Email, City, Country etc. fields are blank in the moodle profile of many new users. On internet search I found a similar issue at http://www.joomdle.com/en/forum/r025-no-longer-supported/2465-names-and-e-mail-addresses-are-blank-in-moodle but not related to OAuth2.