Hubert - This plugin is actually a patch and I will want to review it more carefully as we are trying to discourage plugins which require patching core code. Thanks for your patience. Peace - Anthony

p.s. I also think it would be helpful if the files had licensing information to make it explicit that the code is GPL.

Hi,
this entry is currently unapproved.
Should we keep it here as currently being worked on, delete it or consider putting it into the "Others" category if it still doesn't conform to plugin standards?

i think : "Others" category - but we do need the GPL information.

Aparup, the current version of the plugin does have GPL information, so that should be fine.
The plugin contains two patches that are optional and not required for the plugin to work. There is also an optional installation step of copying libraries into Moodle's PEAR directory. So basically, the things that are not normal plugin things are optional. IMHO, that shouldn't disqualify it as a local plugin, but if it does, then I'm fine with moving it to the "Others" category.

Hi Hubert,
I've had a look and i do see the GPL.

Now that i've read it i tend to agree it its fine for the 'local' category as it won't compromise any automated installation processes. i do think that the readme should mention the plugin works fine without those steps (2 - thru 4).

The other thing is that the 'readme' is easier to read when its readme.txt .

In any case, publishing this now, its been too long.

Please consider adding to the 'useful links' section (bug tracker, docs)

Worthy of note: The function getBytes in local\openid_idp\openid-php\Auth\OpenID\CryptUtil.php (JanRain) attempts to read from '/dev/urandom' for maximum entropy when generating random strings.

Obviously '/dev/urandom' is unix specific and doesn't function on windows.

The workaround error message provided "Define Auth_OpenID_RAND_SOURCE as null to continue with an insecure random number generator." isn't satisfactory from a security standpoint.

I've found two (secure) workarounds (for PHP > 5.3) when running on windows.

Prior to the call to:
$f = @fopen(MCRYPT_DEV_URANDOM, "r");

1. return bin2hex(mcrypt_create_iv($num_bytes, MCRYPT_DEV_URANDOM));
2. return openssl_random_pseudo_bytes($num_bytes);

Hopefully this helps someone

Cheers,

-David

FYI: This plugin will not install on Moodle 3.0 due to missing $plugin->component in version.php

Tim Silva, I've found that adding the $plugin->component = 'x' value to the version.php file works in most cases. Having said that, I got past that error on this plugin only to be presented the plugin upload screen after Continuing. As far as I can tell, this plugin doesn't work any longer. I really wanted to try and make Moodle an OpenID Provider for Azure AD B2C to utilize.