Some of our API functions are not working because the SSO login from the external server is not generating a session ID.
This is the script we are using:
/** MAKE SSO LOGIN
$username = moodle user name
$password = moodle password
**/
function local_api_sso_login($username, $password)
{
$SSO_URL = 'http://xx/login/index.php';
$str = '
<form name="login" class="m-t-1" action="' .
$SSO_URL . '" method="post" id="login">
<input id="anchor" type="hidden" name="anchor"
value="">
<script>document.getElementById(\'anchor\').value =
location.hash;</script>
<input type="hidden" name="username"
id="username" value="' . $username . '">
<input type="hidden" name="password"
id="password" value="' . $password . '">
<input type="hidden" name="rememberusername"
id="rememberusername" value="1">
<label for="rememberusername">Remember username</label>
</form>
<script>
document.login.submit();
</script>
';
echo $str;
}
Our developer had studied the login process of SSO login using above script vs Moodle direct login:
What is the difference in using the login/index.php from the SSO script vs the Moodle direct login? How can we include the session ID in the SSO login?