I am sysadmin for a service which also acts as an OAuth2 server.
A friend wants to use my OAuth2 service to create or authenticate logins on his Moodle server, but he is really struggling.
I have given him a client id and secret, which he has put in to Moodle. I have given him 3 uri's - to authorise, get a tokn, and get login data.
The login data uri returns a json object with 3 fields - username (the login the user uses on my system), firstname (the user's full name) and email (the user's email address).
He put those in too. On testing, everything seemed to go well - it redirected to my site, and redirected back again. But nothing else happened - Moodle did not call the token uri.
Any suggestions what may be wrong?
I have read the documentation, but it does not say what happens when the handshake is complete. There are 2 possible situations:
1) The email address belongs to someone already on Moodle. I would hope that this would log them in as this person - is that correct?
2) The email address doesn;t belong to an existing user. I would hope that this would create them a new account - is that correct?