{"id":19591988,"url":"https://github.com/catalyst/moodle-auth_userkey","last_synced_at":"2025-04-05T02:08:05.551Z","repository":{"id":10509396,"uuid":"65998101","full_name":"catalyst/moodle-auth_userkey","owner":"catalyst","description":"Log in to Moodle using one time user key based login URL. Auth plugin for organising simple SSO (single sign on) between moodle and your external web application.","archived":false,"fork":false,"pushed_at":"2025-02-06T05:20:49.000Z","size":187,"stargazers_count":87,"open_issues_count":17,"forks_count":56,"subscribers_count":32,"default_branch":"MOODLE_33PLUS","last_synced_at":"2025-03-29T01:12:35.841Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"https://moodle.org/plugins/auth_userkey","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/catalyst.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2016-08-18T13:10:02.000Z","updated_at":"2025-03-17T00:51:31.000Z","dependencies_parsed_at":"2023-11-11T11:25:44.428Z","dependency_job_id":"bc4cd9d7-fad3-4126-8c81-28cc060244a7","html_url":"https://github.com/catalyst/moodle-auth_userkey","commit_stats":null,"previous_names":[],"tags_count":14,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/catalyst%2Fmoodle-auth_userkey","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/catalyst%2Fmoodle-auth_userkey/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/catalyst%2Fmoodle-auth_userkey/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/catalyst%2Fmoodle-auth_userkey/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/catalyst","download_url":"https://codeload.github.com/catalyst/moodle-auth_userkey/tar.gz/refs/heads/MOODLE_33PLUS","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247276164,"owners_count":20912288,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-11T08:32:25.083Z","updated_at":"2025-04-05T02:08:05.532Z","avatar_url":"https://github.com/catalyst.png","language":"PHP","funding_links":[],"categories":[],"sub_categories":[],"readme":"![GitHub Workflow Status (branch)](https://img.shields.io/github/workflow/status/catalyst/moodle-auth_userkey/ci/MOODLE_33PLUS)\n\n\nLog in to Moodle using one time user key.\n=========================================\n\nAuth plugin for organising simple one way SSO(single sign on) between moodle and your external web\napplication. The main idea is to make a web call to moodle and provide one of the possible matching\nfields to find required user and generate one time login URL. A user can be redirected to this\nURL to be log in to Moodle without typing username and password.\n\n\nUsing\n-----\n1. Install the plugin as usual.\n2. Enable the userkey authentication plugin (Site administration -\u003e Plugins -\u003e Authentication and then enable User key).\n3. Configure the plugin. Set required Mapping field, User key life time, IP restriction and Logout redirect URL.\n4. Enable and configure just installed plugin. Set required Mapping field, User key life time, IP restriction and Logout redirect URL.\n5. Enable web service advance feature (Admin \u003e Advanced features), more info http://docs.moodle.org/en/Web_services\n6. Enable one of the supported protocols (Admin \u003e Plugins \u003e Web services \u003e Manage protocols)\n7. Create a token for a specific user and for the service 'User key authentication web service' (Admin \u003e Plugins \u003e Web services \u003e Manage tokens)\n8. Make sure that the \"web service\" user has 'auth/userkey:generatekey' capability.\n9. Authorise the \"web service\" user: Admin \u003e Plugins \u003e Web services \u003e External services, select 'Authorised users' for the web service, and add the user.\n10. Configure your external application to make a web call to get login URL.\n11. Redirect your users to this URL to be logged in to Moodle.\n\nConfiguration\n-------------\n\n**Mapping field**\n\nRequired data structure for web call is related to mapping field you configured.\n\nFor example XML-RPC (PHP structure) description for different mapping field settings:\n\n***User name***\n\n    [user] =\u003e\n        Array\n            (\n            [username] =\u003e string\n            )\n\n***Email Address***\n\n    [user] =\u003e\n        Array\n            (\n            [email] =\u003e string\n            )\n\n***ID number***\n\n    [user] =\u003e\n        Array\n            (\n            [idnumber] =\u003e string\n            )\n\n***Web service will return following structure or standard Moodle webservice error message.***\n\n    Array\n        (\n        [loginurl] =\u003e string\n        )\n\nPlease navigate to API documentation to get full description for \"auth_userkey_request_login_url\" function.\ne.g. http://yourmoodle.com/admin/webservice/documentation.php\n\nYou can amend login URL by \"wantsurl\" parameter to redirect user after they logged in to Moodle.\n\nE.g. http://yourmoodle.com/auth/userkey/login.php?key=uniquekey\u0026wantsurl=http://yourmoodle.com/course/view.php?id=3\n\nWantsurl maybe internal and external.\n\n\n**User key life time**\n\nThis setting describes for how long a user key will be valid. If you try to use expired key then you will\nget an error.\n\n**IP restriction**\n\nIf this setting is set to yes, then your web application has to provie user's ip address to generate a user key. Then\nthe user should have provided ip when using this key. If ip address is different a user will get an error.\n\n**Redirect after logout from Moodle**\n\nYou can set URL to redirect users after they logged out from Moodle. For example you can redirect them\nto logout script of your web application to log users out from it as well. This setting is optional.\n\n**URL of SSO host**\n\nYou can set URL to redirect users before they see Moodle login page. For example you can redirect them\nto your web application to login page. You can use \"enrolkey_skipsso\" URL parameter to bypass this option.\nE.g. http://yourmoodle.com/login/index.php?enrolkey_skipsso=1\n\n**Logout URL**\n\nIf you need to logout users after they logged out from the external application, you can redirect them \nto logout script with required parameter \"return\". \n\nE.g. http://yourmoodle.com/auth/userkey/logout.php?return=www.google.com \n\n\nUsers will be logged out from Moodle and then redirected to the provided URL. \nIn case when a user session is already expired, the user will be still redirected.  \n  \n\n**Example client**\n\n**Note:** the code below is not for production use. It's just a quick and dirty way to test the functionality.\n\nThe code below defines a function that can be used to obtain a login url. \nYou will need to add/remove parameters depending on whether you have update/create user enabled and which mapping field you are using.\n\nThe required library curl can be obtained from https://github.com/moodlehq/sample-ws-clients\n```php\n/**\n * @param   string $useremail Email address of user to create token for.\n * @param   string $firstname First name of user (used to update/create user).\n * @param   string $lastname Last name of user (used to update/create user).\n * @param   string $username Username of user (used to update/create user).\n * @param   string $ipaddress IP address of end user that login request will come from (probably $_SERVER['REMOTE_ADDR']).\n * @param int      $courseid Course id to send logged in users to, defaults to site home.\n * @param int      $modname Name of course module to send users to, defaults to none.\n * @param int      $activityid cmid to send logged in users to, defaults to site home.\n * @return bool|string\n */\nfunction getloginurl($useremail, $firstname, $lastname, $username, $courseid = null, $modname = null, $activityid = null) {\n    require_once('curl.php');\n        \n    $token        = 'YOUR_TOKEN';\n    $domainname   = 'http://MOODLE_WWW_ROOT';\n    $functionname = 'auth_userkey_request_login_url';\n\n    $param = [\n        'user' =\u003e [\n            'firstname' =\u003e $firstname, // You will not need this parameter, if you are not creating/updating users\n            'lastname'  =\u003e $lastname, // You will not need this parameter, if you are not creating/updating users\n            'username'  =\u003e $username, \n            'email'     =\u003e $useremail,\n        ]\n    ];\n\n    $serverurl = $domainname . '/webservice/rest/server.php' . '?wstoken=' . $token . '\u0026wsfunction=' . $functionname . '\u0026moodlewsrestformat=json';\n    $curl = new curl; // The required library curl can be obtained from https://github.com/moodlehq/sample-ws-clients \n\n    try {\n        $resp     = $curl-\u003epost($serverurl, $param);\n        $resp     = json_decode($resp);\n        if ($resp \u0026\u0026 !empty($resp-\u003eloginurl)) {\n            $loginurl = $resp-\u003eloginurl;        \n        }\n    } catch (Exception $ex) {\n        return false;\n    }\n\n    if (!isset($loginurl)) {\n        return false;\n    }\n\n    $path = '';\n    if (isset($courseid)) {\n        $path = '\u0026wantsurl=' . urlencode(\"$domainname/course/view.php?id=$courseid\");\n    }\n    if (isset($modname) \u0026\u0026 isset($activityid)) {\n        $path = '\u0026wantsurl=' . urlencode(\"$domainname/mod/$modname/view.php?id=$activityid\");\n    }\n\n    return $loginurl . $path;\n}\n\necho getloginurl('barrywhite@googlemail.com', 'barry', 'white', 'barrywhite', 2, 'certificate', 8);\n```\n\n\n# Crafted by Catalyst IT\n\nThis plugin was developed by Catalyst IT Australia:\n\nhttps://www.catalyst-au.net/\n\n![Catalyst IT](/pix/catalyst-logo.png?raw=true)\n\n# Contributing and Support\n\nIssues, and pull requests using github are welcome and encouraged! \n\nhttps://github.com/catalyst/moodle-auth_userkey/issues\n\nIf you would like commercial support or would like to sponsor additional improvements\nto this plugin please contact us:\n\nhttps://www.catalyst-au.net/contact-us\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcatalyst%2Fmoodle-auth_userkey","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcatalyst%2Fmoodle-auth_userkey","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcatalyst%2Fmoodle-auth_userkey/lists"}