Integrating Moodle with an external tool
Hubert Chathi
MuchLearning
May 26 & 29, 2012
Hubert Chathi
About me
Programmer/Analyst at MuchLearning
developed integration with the MuchLearning platform
developed OpenID provider plugin for Moodle
developed OAuth authentication for Moodle
previously worked at Remote-Learner Canada
developed integration with JasperServer using MNet
improved OpenID authentication plugin
Remote-Learner has been involved with many different
integrations (e.g. OK Tech Web Services, Drupal, Alfresco,
Elluminate, Adobe Connect, Kaltura, . . . )
Hubert Chathi
About you
have you integrated a tool with Moodle? Which ones?
will you be integrating a tool with Moodle? Which ones?
Hubert Chathi
About this talk
high level overview
examine issues and considerations
explore alternatives
examples
very slight focus on programming (but should be relevant to
others too)
assume a basic knowledge of Moodle programming
assume that we're doing things the "Moodle way" (but should
be relevant for the other direction too)
primarily about web-based applications
feel free to ask questions
Hubert Chathi
Why integrate with Moodle?
The M in Moodle stands for "modular" -- it can be extended.
So why integrate instead of making it part of Moodle?
Hubert Chathi
What does "integrating" mean?
When someone says that they want to integrate Moodle with
[insert your favourite web-based application here], it could mean
that they want to . . .
Hubert Chathi
What does "integrating" mean?
common look-and-feel
share users/passwords
single sign-on
content embedding
share data
web services in Moodle 2.x
examples
MuchLearning
IMS LTI
Hubert Chathi
What does "integrating" mean?
common look-and-feel
share users/passwords
single sign-on
content embedding
share data
web services in Moodle 2.x
examples
MuchLearning
IMS LTI
Hubert Chathi
Many points of integration
Moodle has many types of plugins:
activity modules
blocks
course format
admin tools (as of 2.2)
authentication
repository (as of 2.0)
portfolio (as of 2.0)
local (as of 2.0)
etc. . .
Hubert Chathi
Additional considerations
customizability (how much) can the software be customized?
performance don't use up too much bandwidth/cpu/. . . and
don't be too slow
security make sure sensitive information isn't leaked
roles the tool should know who is a teacher/student/admin
navigation adding extra items to Moodle's navigation or settings
blocks, or to Moodle's breadcrumbs
My Moodle should the tool add information to the My Moodle
(a.k.a. "My home") or profile page?
Hubert Chathi
Additional considerations (continued)
grades e.g. Moodle needs the students' grades from the tool
push/pull e.g. will Moodle ask for information (e.g. in a cron or
on demand), or will the tool send it?
calendar does the external tool schedule events that should
show up in the students' calendars?
messaging should the tool use Moodle's messaging system to
send messages to the student?
log how much should be logged in Moodle's log?
Global search when global search is fixed. . . allow Moodle users to
find content in the external tool
Hubert Chathi
Outline
common look-and-feel mostly theme design, block
layout, etc.
share users/passwords
single sign-on
content embedding
share data
web services in Moodle 2.x
examples
MuchLearning
IMS LTI
Hubert Chathi
Outline
common look-and-feel
share users/passwords
single sign-on
content embedding
share data
web services in Moodle 2.x
examples
MuchLearning
IMS LTI
Hubert Chathi
Share users/passwords
Moodle auth plugins (e.g. LDAP, external DB)
allow the other app to use Moodle's user database
Moodle hashes passwords with salt
see validate internal user password in lib/moodlelib.php
Hubert Chathi
Outline
common look-and-feel
share users/passwords
single sign-on
content embedding
share data
web services in Moodle 2.x
examples
MuchLearning
IMS LTI
Hubert Chathi
Single sign-on (SSO)
existing Moodle auth plugins (e.g. Shibboleth, MNet, OpenID
(contrib))
Moodle as identity provider -- MNet, OpenID (contrib)
cookie/session sharing -- lots of restrictions, and more work,
but more seamless
OAuth
Single sign-out
when user logs out of identity provider, they are logged out of
all other services
only in MNet, or cookie/session sharing
Hubert Chathi
A bad sign-on protocol (don't do this)
System A generates links of the form:
System B looks at the userid parameter, and fetches the user
information from System A
Why is this bad?
Hubert Chathi
Another bad sign-on protocol (don't do this)
System A generates links of the form:
System B looks at the username and password parameters,
logs into System A as the user and fetches the user
information from System A
Why is this bad?
Hubert Chathi
Future considerations
current MNet protocol is deprecated
probably to be replaced with something based on OAuth (2?)
(plus OpenID?)
OAuth 2 is coming out
not backwards compatible with OAuth 1
supposedly simpler
requires HTTPS
new OpenID spec (OpenID Connect)
not backwards compatible with OpenID 2
based on OAuth 2
Hubert Chathi
Outline
common look-and-feel
share users/passwords
single sign-on
content embedding
share data
web services in Moodle 2.x
examples
MuchLearning
IMS LTI
Hubert Chathi
How do we get the tool's content into Moodle
(or vice versa)
frames
iframe
inject content via web services
inject content via JavaScript
Hubert Chathi
Frames v.s. iframe
frames are ugly and deprecated
iframes have fixed size (unless resized using JavaScript) --
may have two scrollbars, or may not take up the full screen
Hubert Chathi
Frames v.s. injection
styling, scripts, links work within frames without modification
injection looks more seamless
Hubert Chathi
Injection via web services v.s. JavaScript
web services requires Moodle to be able to log in as the user
(or at least, to fetch the user's view)
web services doesn't require client-side support
JavaScript may be tricky due to same origin policy (may need
to be proxied, or use something like JSONP)
JavaScript may result in a pause before content is loaded
Hubert Chathi
Outline
common look-and-feel
share users/passwords
single sign-on
content embedding
share data
web services in Moodle 2.x
examples
MuchLearning
IMS LTI
Hubert Chathi
Sharing data
direct database connection
web services
screen scraping
Hubert Chathi
Outline
common look-and-feel
share users/passwords
single sign-on
content embedding
share data
web services in Moodle 2.x
examples
MuchLearning
IMS LTI
Hubert Chathi
Web services in Moodle 2.x
configured under Site administration > Plugins > Web
services
plugins/core define functions that can be called
defines "services" (groups of functions)
users are given permissions to call services
web services can be called using different protocols
(e.g. XML-RPC, SOAP)
users have extra authentication methods for web services
token: user is identified by a unique token
can limit what service can be called, source IP address
Hubert Chathi
Web services in Moodle 2.x (continued)
How to write web services in Moodle 2.x
How to call Moodle web services
see admin/webservice/testclient.php and
webservice/{$protocol}/locallib.php:
webservice {$protocol} test client class
Hubert Chathi
Outline
common look-and-feel
share users/passwords
single sign-on
content embedding
share data
web services in Moodle 2.x
examples
MuchLearning
IMS LTI
Hubert Chathi
MuchLearning integration
use OpenID for single sign-on
REST web services called using OAuth (MDL-30599)
inject content using JavaScript
caches links to stylesheets, JavaScript
content is fetched every time
fetch table of contents (if applicable) using web services, and
added to navigation block
caches table of contents
push grades to Moodle gradebook using web services
module settings gets list of available activities (via JavaScript)
Hubert Chathi
MuchLearning integration
Figure: MuchLearning in Moodle
Hubert Chathi
IMS LTI (Learning Tools Integration)
standard for embedding a learning tool into an LMS
supported by Moodle (as of 2.2), Sakai, Blackboard,
Desire2Learn, . . .
Moodle can also be used as a learning tool (contrib plugin)
web services via OAuth
identity sent as part of OAuth request
content embedded via frame/iframe/separate window
push grades to Moodle gradebook using web services
fixed set of common roles (but can support custom roles)
Hubert Chathi
IMS LTI (continued)
Moodle sends launch data to tool, such as
link information
user information (incl. roles)
information about Moodle site
information about Moodle context
presentation information (e.g. extra stylesheets, locale)
return URL
callback information for grade push
sent as POST data (either using JavaScript or pushing a
button)
Hubert Chathi
IMS LTI (continued)
fairly basic protocol
embedding
user login
role setting
grade sync
some (non-standardized) support for common look-and-feel
for tool providers: fast way to support multiple LMSs
may be "good enough" to start, and may be able to add more
integration on top
Hubert Chathi
IMS LTI (continued)
Hubert Chathi
Conclusion
"integrating" can mean many different things
we compared different options for integration
we took a quick look at web services in Moodle 2
we looked at two examples of integrations
Hubert Chathi
Extra slides
Hubert Chathi
A more secure protocol (similar to MNet)
System B checks if user is logged in
if not, redirects to System A, to a URL of the form:
System A ensures that the user is logged in
System A redirects to system B, to a URL of the form:
System B (securely) asks System A who is associated with
[longrandomtoken] and [longrandomkey]
System A expires [longrandomtoken] and [longrandomkey]
Hubert Chathi
Another more secure protocol (similar to OpenID)
System B checks if user is logged in
if not, redirects to System A, to a URL of the form:
System A ensures that the user is logged in
System A redirects to system B, to a URL of the form: http:
System B makes sure that the user is associated with
[longrandomtoken] and checks the signature
Hubert Chathi
How to write web services in Moodle 2.x
1
create the following files within your plugin:
1
.../db/services.php
2
.../db/access.php (if needed)
3
.../externallib.php
2
bump the plugin version number
3
go to Site administration > Notifications
Hubert Chathi
services.php
$functions = array(
'[functionname]' => array(
'classpath'
=> '[path/to/plugins/externallib.php]',
'classname'
=> '[class that defines function]',
'methodname'
=> '[class method to be called]',
'description' => '[plain-language description]',
'capabilities'=> '[capability required to call]',
'type'
=> 'write', /* or 'read' */
),
);
Hubert Chathi
services.php (continued)
$services = array (
'[plain-language name]' => array(
'functions' => array(
'[functionname]'
),
'enabled' => 1,
'restrictedusers' => 1,
'shortname' => '[short name]'
),
);
Hubert Chathi
externallib.php
<?php
defined('MOODLE_INTERNAL') || die();
require_once("$CFG->libdir/externallib.php");
class [class from services.php]
extends external_api {
...
}
Hubert Chathi
externallib.php
in the class, for each web service function:
1
public static function [functionname] parameters
defines what type of parameters the function takes
return an external function parameters object (see
lib/externallib.php)
construct with array of external description objects, keyed
by parameter name
2
public static function [functionname]
implements the actual function
remember to check permissions
call self:validate context($context)
3
public static function [functionname] returns
defines what the type of data the function returns
return an external description object or null
Hubert Chathi