[BUG] error/Could not upgrade oauth token

moodlehq / moodle-enrol_oneroster

OneRoster Enrolment plugin for Moodle

GNU General Public License v3.0

3 stars 7 forks source link

[BUG] error/Could not upgrade oauth token #16

Open VFXpro opened 3 years ago

VFXpro commented 3 years ago

Describe the bug I just installed the latest version of your plugin and clicked on "Test Connection"

To Reproduce Steps to reproduce the behavior:

Enter all settings into each field to configure the plugin. Used the API data directly from the Classlink API
Click on Test Connection
See error

Expected behavior A successful test connection.

Screenshots If applicable, add screenshots to help explain your problem.

Moodle (please complete the following information): 3.11

OneRoster Provider (please complete the following information):

OneRoster Provider name: Classlink
OneRoster Provider version OneRoster 1.1
OneRoster REST API version: [e.g. v1p1]

Additional context Add any other context about the problem here. OneRoster Plugin error Messages

VFXpro commented 3 years ago

I'm not sure if this is tied to Moodle 3.11 as I don't have access to an older version of Moodle.

VFXpro commented 3 years ago

It looks like I might not be providing the correct token URL... I reached to Classlink to figure out where is this token can be found.

bwml commented 3 years ago

I am having a similar issue. I know the token URL I'm using (/datahub/oauth/token) is correct because it works through Postman.

UPDATE I did a little debugging and, in my case, the issue is with the url-encoding here: oauth2_client.php:128 $idsecret = base64_encode(urlencode($this->clientid) . ':' . urlencode($this->clientsecret)); The issue is fixed if I remove the url-encoding. $idsecret = base64_encode($this->clientid . ':' . $this->clientsecret); We are using GG4L and they use periods (.) in their client-id.

We also found that in our case the additional scope context (oauth2_client.php:124) is breaking the authorization. The scopes referenced in the code AND in the IMS specification (https://purl.imsglobal.org/spec/or/v1p1/scope/*) are dead/invalid links. GG4L does not require this context, so I think scopes should be optional and configurable.

saxenapritesh commented 2 years ago

Hello @bwml can you tell me where you got these values :

Token URL One Roster Root URL Authentication Client ID Authentication Secret

Can you tell me where you find these values as it doesn't provide any documentation for that.

VFXpro commented 2 years ago

@saxenapritesh All this info is usually provided by the OneRoster API Provider.

saxenapritesh commented 2 years ago

@VFXpro

I have got these 3 values from classlink oneroaster :

One Roster Root URL Authentication Client ID Authentication Secret

But i didn't got anything regarding ( Token URL ) can you tell me where i will find or in your portal where you find that.

andrewnicols commented 2 years ago

@saxenapritesh, this will be somewhere within Classlink. It may be the same as the Root URL, or it may not be.

Looking at the Developer docs for Classlink, it looks like this is the URL: https://launchpad.classlink.com/oauth2/v2/auth

More docs are available at https://developer.classlink.com/docs/oauth2-workflow

saxenapritesh commented 2 years ago

Hello @andrewnicols and @VFXpro Is this plugin supported by Moddle 4.0 Vesrion ?