Skip to content
Snippets Groups Projects
Select Git revision
  • testing protected
  • production default protected
  • integration protected
  • v1.0.4
  • v1.0.3
  • v1.0.2
  • v1.0.1
  • v1.0
8 results
Compare
Name Last commit Last update
lang/en
.gitattributes
.gitignore
.gitlab-ci.yml
LICENSE
README.md
auth.php
settings.php
todo.md
version.php
README.md

External Token Login Authentication Plugin

The External Token Login Authentication Plugin is an authentication plugin for Moodle. It allows users to login with a token, that gets verified against an external service for example oauth. You can login on the normal login page by just adding the POST or GET parameter 'token' to the login url. It's also possible to login users as a webservice. The users don't need to be a ext_token_login user for this.

Synopsis

Normal Login

Login with GET or POST parameter 'token=externaltoken':

https://yourmoodle.de/login/index.php?token=externaltoken

Webservice login

Login as a webservice and receive a webservice token with GET or POST parameters:

Warning: Site admins are not able to create webservice tokens, so it's not possible to log them in with this plugin over the webservice login.

https://yourmoodle.de/login/token.php?username=ext_token_login_user&password=&token=externaltoken&service=yourservice

Requirements

Dependencies

  • libcurl>=7.10.5 (to use curl in php)
  • an external authentication service
    • for example OAuth
    • it gets called with the GET parameters service_id, service_scope, access_token
    • it has to return the associated username as a json string in this format:
      • '{"status": "ok", "userId": $username}'

Moodle Webservice

Only required if you want to use the webservice login.

  1. Create a webservice, long and short name could be for example "webservice_w"

Optionally: If you want all users to login with this plugin

  1. Uncheck the Authorised users option
  2. Select No required capability

Installation

  1. Install it in Moodle to /auth/ext_token_login
    • cd $moodle/auth/ && git clone git@git.rwth-aachen.de:moodle_l2p_public/auth_plugin_ext_token_login.git ext_token_login
  2. Go to the plugin settings (side_administration->plugins->authentication->ext_token_login_authentication)
  3. Configure your url, OAuth Service-Id and OAuth Service-Scope
  4. Enable ext_token_login_authentication in side_administration->plugins->authentication->manage_authentication

Installation Normal Login

Only required if you want to use the normal login. This is if you go to the moodle login page and append a token to the url to login like a normal user but with a token instead of a username and password.

  1. Activate "Enable Loginpage Login" in plugin settings

  2. Now you can use normal login with your token

    https://yourmoodle.de/login/index.php?token=externaltoken

Installation Webservices

Only required if you want to use the webservice login.

  1. Enable webservices. Read the docs how to do this and make sure it works, so that there are no complications.

  2. Create a webservice dummy user (eg. 'ext_token_login_user') with the authentication method 'ext_token_login'.

    • It's enough to just insert the user with an SQL statement:

       INSERT INTO `moodle`.`mdl_user` (`username`, `auth`) VALUE ("ext_token_login_user", "ext_token_login");

    This is needed, because the webservice login don't have a (pre-authentication)hook that is called on every active plugin like it is on the normal login. The webservice login only activates the ext_token_login plugin for valid ext_token_login users, so we need this bypass.

  3. Save your webservice dummy user in the plugin settings and Enable Webservice Login

  4. Only if you have users with ext_token_login as authentication method (except the dummy webservice user), enable "Enable Password Login", to give these users the possibility to login to a webservice with there normal password. If this is not activated, they can only login with a token.

External Token Login Service

Required. You need an external service that validates your tokens. You can use (not anymore, but may be updated soon) this Example or the RWTH Aachen OAuth.

  1. Goto plugin settings and insert all required data for the oauth login.

How to use it:

Normal Login

Login with GET or POST parameter 'token=externaltoken':

https://yourmoodle.de/login/index.php?token=externaltoken

Webservices

Now every not ext_token_login user can login to the webservices by two ways, the normal (old) way that was already possible before by sending his username and password

https://yourmoodle.de/login/token.php?username=yourname&password=geheim&service=yourservice

And the second (new) way is to login with the ext_token_login user and a token. Username is now the created dummy user 'ext_token_login_user' and the password is empty. You have to add a third parameter 'token' which contains your external token.

https://yourmoodle.de/login/token.php?username=ext_token_login_user&password=&token=externaltoken&service=yourservice

Durinig the login the ext_token_login user get changed with the external user and the external user webservice token is returned.

RWTH Api

Settings for the RWTH Api.

Requirements

Check the requirements:

  1. Dependencies

Installation

  1. Install it in Moodle to /auth/ext_token_login
    • cd $moodle/auth/ && git clone git@git.rwth-aachen.de:moodle_l2p_public/auth_plugin_ext_token_login.git ext_token_login
  2. Run the l2p install script