Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-67749

Regenerated user tokens are missing the privatetoken

XMLWordPrintable

    • MOODLE_37_STABLE, MOODLE_38_STABLE
    • MOODLE_37_STABLE, MOODLE_38_STABLE
    • MDL-67749-master
    • Hide

      Setup

      1. Login as admin in a site using https.
      2. Go to Site administration ► Users ► Permissions ► Define roles.
      3. Click to Edit the role Authenticated user.
      4. In the Capability section, Allow the capability "moodle/webservice:createtoken".
      5. Now go to Site administration ► Mobile app ► Mobile settings.
      6. Enable "Enable web services for mobile devices".
      7. Now go to "Site administration ► Users ► Accounts ► Add a new user" and  create a new user in the site (not an admin user).

      Test create a token manually

      1. As admin, go to "Site administration ► Plugins ► Web services ► Manage tokens" and create a Token in the mobile app service for the user created in the step 7 of the previous section.
      2. Open the following URL in a browser (or you can do a CURL request if you prefer). Please notice you need to replace the site URL with yours, and set the username and password with the user created before. 

        https://MYSITE/login/token.php?username=user67749&password=test&service=moodle_mobile_app

      3. Check that the response includes a privatetoken and is not null.

      Test reset tokens

      1. As admin, go to "Site administration ► Plugins ► Web services ► Manage tokens" and delete the token created in the step 1 of the previous section.
      2. Open the following URL in a browser (or you can do a CURL request if you prefer). Please notice you need to replace the site URL with yours, and set the username and password with the user created before. 

        https://MYSITE/login/token.php?username=user67749&password=test&service=moodle_mobile_app

      3. Check that the response includes a privatetoken and is not null.
      4. Login with the user used in the previous step.
      5. Click your image in the top right and go to Preferences ► Security keys.
      6. Click "Reset" at the right of the token and confirm the action.
      7. Repeat step 2.
      8. Check that the response includes a privatetoken and is not null.

       

      Show
      Setup Login as admin in a site using https . Go to Site administration ► Users ► Permissions ► Define roles. Click to Edit the role Authenticated user . In the  Capability section, Allow the capability "moodle/webservice:createtoken". Now go to Site administration ► Mobile app ► Mobile settings. Enable "Enable web services for mobile devices". Now go to "Site administration ► Users ► Accounts ► Add a new user" and  create a new user in the site (not an admin user). Test create a token manually As admin, go to "Site administration ► Plugins ► Web services ► Manage tokens" and create a Token in the mobile app service for the user created in the step 7 of the previous section. Open the following URL in a browser (or you can do a CURL request if you prefer). Please notice you need to replace the site URL with yours, and set the username and password with the user created before. https://MYSITE/login/token.php?username=user67749&password=test&service=moodle_mobile_app Check that the response includes a  privatetoken and is not null. Test reset tokens As admin, go to "Site administration ► Plugins ► Web services ► Manage tokens" and delete the token created in the step 1 of the previous section. Open the following URL in a browser (or you can do a CURL request if you prefer). Please notice you need to replace the site URL with yours, and set the username and password with the user created before. https://MYSITE/login/token.php?username=user67749&password=test&service=moodle_mobile_app Check that the response includes a  privatetoken and is not null. Login with the user used in the previous step. Click your image in the top right and go to Preferences ► Security keys. Click "Reset" at the right of the token and confirm the action. Repeat step 2. Check that the response includes a  privatetoken and is not null.  

      STEPS TO REPRODUCE

      • In a site with Mobile services enabled and the capability ''moodle/webservice:createtoken' granted to authenticated users
      • Access with a non-admin user to a site using the Moodle app
      • In the Moodle web version go to the user profile -> Preferences -> Security keys and "Reset" the "Moodle mobile web service" token
      • Reconnect to the site using the Moodle app
      • Auto-login to a site (via clicking the Web Site option in the More menu) won't work and the user will be asked to enter its credentials

        1. image-2020-03-04-09-16-55-243.png
          image-2020-03-04-09-16-55-243.png
          130 kB

            dpalou Dani Palou
            jleyva Juan Leyva
            Juan Leyva Juan Leyva
            Sara Arjona (@sarjona) Sara Arjona (@sarjona)
            Janelle Barcega Janelle Barcega
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved:

                Estimated:
                Original Estimate - 0 minutes
                0m
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 3 hours, 10 minutes
                3h 10m

                  Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.