Differences

This shows you the differences between two versions of the page.

--- auth:ticket:integratorguide [2017/02/25 14:06]
admin [Ticket API]
+++ auth:ticket:integratorguide [2024/04/04 15:50] (current)
@@ Line 1: / Line 1: @@
-===== Integrator Guide =====
+<html><!-- nomoodle --></html>{{ :logo-apl.png?nolink |}} <html><!-- /nomoodle --></html>
-===== Auth Ticket : Direct access auth =====
+===== Ticket based authentication  : Integrator Guide=====
+=====Ticket Direct Access (to Moodle) plugin=====
+====Introduction====
 This guide is provided for :
@@ Line 10: / Line 14: @@
 This plugin provides the way to some other plugins to send pre-authenticated tickets to users. This addresses a set of security considerations :
+=== Ticket encryption methods ===
+This component provides either DES or RSA encryption methods to encode/decode tickets. Administrators must be aware of :
+   * DES (AES) uses internal Mysql/Maria DB AES_ENCRYP/AES_DECRYPT function that is not available (nor similar) in PostgreSQL.
+   * RSA is a more compatible method based on openssl underlying layer. Moodle needs have MNET network enabled and a valid local keypair available. The key length should be of 2048 bytes to ensure the ticket payload has sufficiant length to hold the targer urls. Openssl functions claim about length restrictions of the input payload when using 1024 rsa key length. (See http://php.net/manual/en/function.openssl-private-encrypt.php for more information).
 === Ticket validity time ===
@@ Line 30: / Line 41: @@
 ==== Ticket API ====
-The ticket API is contained in the lib.php.
+The ticket API is contained in the lib.php. The actual API offers four functions. The former pair are high level notification sending functions using tickets. The latter are low encode/decode function.
 === function ticket_notify($recipient, $sender, $title, $notification, $notificationhtml, $url, $purpose = '', $term = 'short') ===
@@ Line 64: / Line 75: @@
    @return true if at least one email could be sent or all are sent depending on $checksendall.
+=== function ticket_generate($user, $reason, $url, $method = 'des', $term = 'short') ===
+Generates a direct access ticket for this user.
+   @param int $userid the ID of the user to whom the ticket must be made for
+   @param string $reason the reason of the ticket
+   @param string $url the access URL the user will be redirected to after validating his return ticket.
+   @return the encoded ticket
+=== function ticket_decode($encrypted, $method = 'des') ===
+Decodes a direct access ticket for this user.
+   @param string $encrypted the received ticket
+   @param string $method the decrypt method. Supports 'des' using DB internal function or 'rsa' using openssl layer.
+   @return an object containing ticket information.
+<html><!-- nomoodle --></html>
+----
+====Credits====
+  * Valéry Frémaux (valery@activeprolearn.com)) Developments, Documentation
+  * Florence Labord (florence@activeprolearn.com) Documentation
+[[auth:ticket|Back to componant index]] - [[:Plugins|Plugins index]] - [[:start|Back to catalogue]]
+<html><!-- /nomoodle --></html>

Moodle ActiveProLearn Documentation

User Tools

Site Tools

Differences

Page Tools