Moodle plugins directory: Drupal Services | Moodle.org
Drupal Services
Authentication ::: auth_drupalservices
Maintained by chris porter
Provides session based SSO (Single Sign On) service between Moodle and Drupal. As well as user synchronization capability to import and update users from the Drupal user database. This work is based off the original work of Scott Schaffter and Arsham Skrenes and their module from moodle 1.9
https://moodle.org/mod/data/view.php?d=13&rid=4240&filter=1
Latest release:
49 sites
7 downloads
12 fans
Current versions available: 1
Provides session based SSO (Single Sign On) service between Moodle and Drupal. As well as user synchronization capability to import and update users from the Drupal user database. This work is based off the original work of Scott Schaffter and Arsham Skrenes and their module from moodle 1.9
https://moodle.org/mod/data/view.php?d=13&rid=4240&filter=1
Contributors
chris porter (Lead maintainer)
Please login to view contributors details and/or to contact them
I'm having problems with Drupal-side or Moodle-Drupal integration, maybe you can help me with debugging.
Status:
Success : cookies: SSO Cookie discovered properly
Fail : system/connect: User session data reachable but you aren't logged in!
Success : user/login: Logged in to drupal!
Fail : muser/Index: The muser resource is not available in the drupal service endpoint.
The WS call that fails:
array(26) { ["url"]=> string(48) "http://localhost/drupal/moodlesso/system/connect" ["content_type"]=> NULL ["http_code"]=> int(401) ["header_size"]=> int(0) ["request_size"]=> int(251) ["filetime"]=> int(-1) ["ssl_verify_result"]=> int(0) ["redirect_count"]=> int(0) ["total_time"]=> float(0.033002) ["namelookup_time"]=> float(1.1E-5) ["connect_time"]=> float(3.4E-5) ["pretransfer_time"]=> float(6.9E-5) ["size_upload"]=> float(0) ["size_download"]=> float(0) ["speed_download"]=> float(0) ["speed_upload"]=> float(0) ["download_content_length"]=> float(-1) ["upload_content_length"]=> float(0) ["starttransfer_time"]=> float(0.032964) ["redirect_time"]=> float(0) ["redirect_url"]=> string(0) "" ["primary_ip"]=> string(9) "127.0.0.1" ["certinfo"]=> array(0) { } ["primary_port"]=> int(80) ["local_ip"]=> string(9) "127.0.0.1" ["local_port"]=> int(57675) }
As you can see I'm getting 401 (unauthorized) but when trying to access http://localhost/drupal/moodlesso/system/connect manually I always (even as my remote user) get 404 (not found), so that 401 may be a red herring.
Other calls like http://localhost/drupal/moodlesso/user seem OK and I can see in services->resources settings that system -> connect is enabled.
Would you have any hints/ideas on the debugging next?
Tomek
Also, this is really not the place for support requests, Please submit them to the drupalservices plugin issue queue:
https://github.com/cannod/moodle-drupalservices/issues
Thanks for sharing your plugin, I will continue the review of https://moodle.org/plugins/download.php/7303/auth_drupalservices_moodle28_2014111400.zip not earlier than in 1 week so I'm listing my initial findings now.
1. Copyright information shold be put in all files (just like you have in auth.php).
2. There is a lot of notices during and after the installation of your plugin, if you turn on full debug in Moodle you should see them.
3. http://localhost/drupal/moodlesso/moodlesso returns for me: (notice cookie_domain is empty) Do I use correct Drupal plugin - I have Moodle SSO 7.x-1.x-dev.
4. I think you could mention that clean URLs are required for this to work (since you add /moodlesso to the URL)
5. Troubleshooting is a bit difficult - if anything is wrong (e.g. cookie) then all you get is message "The status of the Moodle/Drupal SSO connection is listed below" with no extra text below.
6. Do you know that you've bumped required PHP version to PHP 5.5 with this:
empty($drupalsession = $this->get_drupal_session())) ?
Moodle itself will run on lower version.
Tomek
I have a question for you about the efficiency of using settings.php vs the config_form method w/in the auth_plugin class. I much prefer the admin_settings_xxx() functions for providing settings fields, but it appears that these functions only work under the context of the settings.php file. the data passed in to the config_form() method don't seem to be able to accept the results of the admin_settings_xxx functions.
It would be great if I could drop the settings.php file entirely, since using it causes a double link to show up in the navigation area when visiting administration -> plugins -> auth.
Internal implementation of settings management can surely be improved later as it is possible to upgrade from one mechanism to another. Also, once this is public, Chris will get a lot of other comments from the community to work on. And can discuss further improvements in moodle.org forums.
David is right that the goal of a code review isn't to get a product to a perfect state, its to be sure it's written in the correct way, uses the right API's and won't expose users to security risks etc. Once publicly available to the community, those users will help identify the actual issues surrounding this code, and it'll be my (and any co-maintainers) job to resolve that quickly.
FYI Chris:
in sync_users(), this can't work:
foreach ($userlist as $uid) {...
because $userlist is not defined before that.