Jump to content

You're browsing the 2004-2023 VATSIM Forums archive. All content is preserved in a read-only fashion.
For the latest forum posts, please visit https://forum.vatsim.net.

Need to find something? Use the Google search below.
PLEASE READ - Webmaster Support Forum
This forum will be retired in the near future. Please direct all queries to our dedicated GitHub support page https://github.com/vatsimnetwork/developer-info/discussions 
Here you can find documentation on our services and we are continuing to migrate pertinent information into the Wiki pages https://github.com/vatsimnetwork/developer-info/wiki

Moodle SSO Integration


Michael Uy
 Share

Recommended Posts

Michael Uy
Posted
Posted

Hello everyone,

 

I am trying to integrate the SSO to our moodle site. I am using v2.7 as indicated on the readme file of Kieran's git repo. I am really not that familiar with php so I might get lost or something.

 

Going to the files:

I have placed all the vatsim folder to the auth folder of moodle. No changes were made to the files except the config.php where I will need to enter the secret key, base, etc. At this point, I am not sure whether I am going to the right direction or not. To add as well, I am using HMAC for the authentication method and I the moodle site is already approved with the SSO sites.

 

Hope someone can help a newbie out here

 

Thanks

Michael Uy

VATSIM Supervisor

Philippines vACC Manager, Web Services (ACCPHL5)

https://vatphil.com

632a180096534db3b606ea42467ad17b.png

Link to comment
Share on other sites

Jamie Fox 811029
Posted
Posted

It is much better to use RSA authentication if you possibly can. If using HMAC, you need to set the 'secret' but not the 'cert'. If using RSA, you need to set 'cert' but not 'secret'. Make sure that 'method' is set to the correct method (HMAC or RSA).

 

Before you attach anything to the live system, you should test using the demo system. Use the 'base' URL http://sso.hardern.net/server/ and the credentials (secret or cert, as required) from the Demo Credentials page. You'll then be able to test the system by logging in with the demo CIDs.

 

After you have it all working, you can set up your live system by swapping the 'base' URL for the real SSO URL, and swapping the credentials with your real credentials in your SSO account.

Link to comment
Share on other sites

Michael Uy
Posted
Posted

Many thanks for the reply Jamie. But once I have placed the files located on Kieran's repo. Is there still anything that I need to do other than configuring the fields on the config.php file?

Michael Uy

VATSIM Supervisor

Philippines vACC Manager, Web Services (ACCPHL5)

https://vatphil.com

632a180096534db3b606ea42467ad17b.png

Link to comment
Share on other sites

Jamie Fox 811029
Posted
Posted

You will also need to enable the plugin within Moodle itself, by using the Moodle administration web interface. How far have you got?

Link to comment
Share on other sites

Michael Uy
Posted
Posted

At the moment, I am using HMAC but I will be switching up to RSA once I get my public and private keys. Going to what you said, I have enabled VATSIM SSO on the 'Manage Authentication' page of Moodle. However, going to the 'Plugins Overview' page, it says that VATSIM SSO is disabled on the Availability column. With that, when I try to login, it returns an error that says this: auth_vatsim/An error occurred with the login process

Michael Uy

VATSIM Supervisor

Philippines vACC Manager, Web Services (ACCPHL5)

https://vatphil.com

632a180096534db3b606ea42467ad17b.png

Link to comment
Share on other sites

Jamie Fox 811029
Posted
Posted

The most likely reason for that error is that the SSO credentials are incorrect. Please could you verify that the auth method, the secret and the base URL are all correct?

Link to comment
Share on other sites

Michael Uy
Posted
Posted

I believe that everything is correct.

8d54ac67186e45df8e4abb11be05c667.png

Michael Uy

VATSIM Supervisor

Philippines vACC Manager, Web Services (ACCPHL5)

https://vatphil.com

632a180096534db3b606ea42467ad17b.png

Link to comment
Share on other sites

Jamie Fox 811029
Posted
Posted

Test it with the demo system first please. Among the many good reasons for this is that this if this works but the production system doesn't, that allows us to rule out many possible reasons. Once you have the demo system working properly, if the live system still doesn't work, we'll know it must be something in the credentials, or the account settings, (or possibly a TLS issue, as the demo system doesn't use that).

Link to comment
Share on other sites

Jamie Fox 811029
Posted
Posted

By the way, make sure you use the SSO_DEMO_VACC key, because the Moodle integration depends on receiving the member's email address via SSO. (Non-VACC SSO accounts do not have access to member email addresses.)

Link to comment
Share on other sites

Michael Uy
Posted
Posted

I have tried setting up the demo on the config and it works fine

Michael Uy

VATSIM Supervisor

Philippines vACC Manager, Web Services (ACCPHL5)

https://vatphil.com

632a180096534db3b606ea42467ad17b.png

Link to comment
Share on other sites

Jamie Fox 811029
Posted
Posted

In that case, there are two possibilities: correct credentials (you already posted, looks fine) and the server IP address. Is your server IP correct on your SSO account?

Link to comment
Share on other sites

Michael Uy
Posted
Posted

Yes, the server IP Address is correct.

Michael Uy

VATSIM Supervisor

Philippines vACC Manager, Web Services (ACCPHL5)

https://vatphil.com

632a180096534db3b606ea42467ad17b.png

Link to comment
Share on other sites

Jamie Fox 811029
Posted
Posted

A problem that a number of admins have encountered is that their outbound server IP is unexpectedly different from the inbound IP, particularly on servers with shared hosted. Could you check the IP please by running this bit of PHP on your server:

<?php
curl_exec(curl_init('https://cert.vatsim.net/sso/test.php'));

 

Also, check the domain of the return URL is correct. It must be on the SSO account domain, or a subdomain of that domain.

Link to comment
Share on other sites

Michael Uy
Posted
Posted

This wil be a pretty noobish question but since moodle is the only php script that is running on the website. Where could I possibly place that line of code?

Michael Uy

VATSIM Supervisor

Philippines vACC Manager, Web Services (ACCPHL5)

https://vatphil.com

632a180096534db3b606ea42467ad17b.png

Link to comment
Share on other sites

Jamie Fox 811029
Posted
Posted

Create a file called for example test.php and put it in there alongside the Moodle PHP files. Then navigate to it from your web browser (e.g. http://example.com/test.php)

Link to comment
Share on other sites

Michael Uy
Posted
Posted

The IP was indeed different so I have requested the IP now.

Michael Uy

VATSIM Supervisor

Philippines vACC Manager, Web Services (ACCPHL5)

https://vatphil.com

632a180096534db3b606ea42467ad17b.png

Link to comment
Share on other sites

Jamie Fox 811029
Posted
Posted

Thanks. The new IP is added so this should now be working.

Link to comment
Share on other sites

Michael Uy
Posted
Posted

I have configured it once again with the live credentials(still using HMAC) and am still getting the auth_vatsim/An error occurred with the login process error

Michael Uy

VATSIM Supervisor

Philippines vACC Manager, Web Services (ACCPHL5)

https://vatphil.com

632a180096534db3b606ea42467ad17b.png

Link to comment
Share on other sites

Jamie Fox 811029
Posted
Posted

Can you confirm you did run the test.php test successfully, and your new IP was confirmed there? Also, did you check your return domain is correct, as I previously mentioned?

Link to comment
Share on other sites

Michael Uy
Posted
Posted

The php code that tou gave me ran as expected and I did request that IP which is now approved. However for the return URL, I am not entirely sure how to configure that.

Michael Uy

VATSIM Supervisor

Philippines vACC Manager, Web Services (ACCPHL5)

https://vatphil.com

632a180096534db3b606ea42467ad17b.png

Link to comment
Share on other sites

Jamie Fox 811029
Posted
Posted

The example code attempts to auto-configure the return URL, so this may not work in every case. Try changing your config to the following:

$sso['return'] = 'http://example.com' . $_SERVER['PHP_SELF'];

where example.com is your domain (must be vatphil.com or a subdomain of vatphil.com). Also change http to https if you're using https.

Link to comment
Share on other sites

Michael Uy
Posted
Posted

I have configured that now but it stll returns the same error. I think though that it is not doing what is it supposed to do since I believe that once I click on login, it should redirect me to the base url but what it is doing is that I am still being sent to the actual login page for moodle.

Michael Uy

VATSIM Supervisor

Philippines vACC Manager, Web Services (ACCPHL5)

https://vatphil.com

632a180096534db3b606ea42467ad17b.png

Link to comment
Share on other sites

Michael Uy
Posted
Posted

Update:

I have set RSA as the authentication method both on the SSO account and on the config file with the private and public RSA keys placed. Turns out to still have the same error.

Michael Uy

VATSIM Supervisor

Philippines vACC Manager, Web Services (ACCPHL5)

https://vatphil.com

632a180096534db3b606ea42467ad17b.png

Link to comment
Share on other sites

Michael Uy
Posted
Posted

Found the problem. On the base URL, it is set as https://cert.vatsim.net/sso but it looks like the URL needed a slash in the end so it should've been https://cert.vatsim.net/sso/ and now it works perfectly.

 

Thank you very much Jamie for guiding me all through out. Much appreciated!

Michael Uy

VATSIM Supervisor

Philippines vACC Manager, Web Services (ACCPHL5)

https://vatphil.com

632a180096534db3b606ea42467ad17b.png

Link to comment
Share on other sites

Jamie Fox 811029
Posted
Posted

You're welcome. Glad you managed to get it sorted.

Link to comment
Share on other sites

 Share