Problem to configure Oauth2 with Microsoft Office365

Problem to configure Oauth2 with Microsoft Office365

de Andrés Segovia -
Número de respuestas: 8

Hello,

In a Moodle 3.3 installation, I am trying to configure Oauth2 with Microsoft Office365.

I have a dedicated account for that purpose, and I configured the Oauth2 service without errors according to the guide:  https://docs.moodle.org/all/en/Service_OAuth_2_Microsoft

The problem I have is when I want to connect Moodle with Office365, it returns the error:

  error / Could not upgrade oauth token

I was searching on Google and I did not find any reference that could help me.

I validated the secret and the client id several times, to make sure they are correct.

I tried to configure and unconfigure several times, create the secret key several times and always return the same error.

I did not find errors in the related logs.

Can you please help me to solve this problem?

Thank you,
Andrés
Promedio de valoraciones: -
En respuesta a Andrés Segovia

Re: Problem to configure Oauth2 with Microsoft Office365

de Helen Foster -
Imagen de Core developers Imagen de Documentation writers Imagen de Moodle HQ Imagen de Particularly helpful Moodlers Imagen de Plugin developers Imagen de Testers Imagen de Translators

Hello Andrés,

Reading Damyon's post Re: Oauth2 problems in Moodle 3.3, it seems that as well as checking your client ID and secret (as you have already done), you also need to check in the Microsoft Application console for "anything suspicious (bad redirect url, APIs not enabled etc)."

Please let us know how you get on.

Promedio de valoraciones: -
En respuesta a Helen Foster

Re: Problem to configure Oauth2 with Microsoft Office365

de Andrés Segovia -
Thanks Helen,



Previously I read the post from Daymon's, and had reviewed the Microsoft

console. I do not see anything strange. Today I just checked the procedure

again and it seems to be correct.



Activate in Moodle the debug in developer mode, and I have some additional

information:



In the error log from apache:



Default exception handler: error/Could not upgrade oauth token Debug:

\nError code: Could not upgrade oauth token\n$a contents: \n* line 567 of

/lib/oauthlib.php: moodle_exception thrown\n* line 475 of

/lib/oauthlib.php: call to oauth2_client->upgrade_token()\n* line 736 of

/lib/classes/oauth2/api.php: call to oauth2_client->is_logged_in()\n* line

137 of /admin/tool/oauth2/issuers.php: call to

core\\oauth2\\api::connect_system_account()\n, .....



And in moodle:











I honestly do not know how to continue investigating to solve the problem.

Any help is appreciated



Thank you,

Andrés



2017-12-07 8:03 GMT-03:00 Helen Foster (via Moodle.org) <noreply@moodle.org>
Promedio de valoraciones: -
En respuesta a Andrés Segovia

Esta publicación en el foro ha sido borrada

El contenido de esta publicación en el foro ha sido borrado y ya no puede accederse a él.
En respuesta a Usuario eliminado

Re: Problem to configure Oauth2 with Microsoft Office365

de Andrés Segovia -

Thanks Rimas, this settings is unchecked in my configuration. 

I tested with this setting checked and unchecked and the problem persist.

Kind regards,

Andrés


Promedio de valoraciones: -
En respuesta a Usuario eliminado

Re: Problem to configure Oauth2 with Microsoft Office365

de Damyon Wiese -

Aha - thanks for the tip - so the question is why this was enabled in the first place (it is not the default)?

Were you mislead by the description of that setting etc?

Promedio de valoraciones: -
En respuesta a Andrés Segovia

Re: Problem to configure Oauth2 with Microsoft Office365

de Damyon Wiese -

From the debugging you posted, the most likely problem is that the system account is not connected. Go to the OAuth services screen and verify there is a tick in the system account connected column for your microsoft service. You may have to reconnect this account again after enabling a plugin that uses the service (like the Office 365 repository). 


If that's not the problem the only other related thing is that I saw one error reported which ended up being a php configuration issue limiting the valid length of a URL. oauth required very long urls for communication and e.g. the php suhosin security extension can sometimes put a restriction on it which breaks the oauth flow (https://stackoverflow.com/questions/7724270/max-size-of-url-parameters-in-get).


Promedio de valoraciones:Useful (2)
En respuesta a Damyon Wiese

Re: Problem to configure Oauth2 with Microsoft Office365

de Andrés Segovia -

Thanks Damyon,

The error occurs when I want to connect the account, and I was investigating your suggestion of the length of the URL and not the problem was not there.


Thanks,

Best regards,

Andrés

Promedio de valoraciones: -
En respuesta a Andrés Segovia

Re: Problem to configure Oauth2 with Microsoft Office365

de Andrés Segovia -

Without having made changes, after trying several times, I could connect Moodle with Office365. I really do not know why it worked.

Anyway, when I want to use an office 365 file when authenticating, I get the same error again.

Promedio de valoraciones: -