we’ve got a Moodle environment (4.4+ (Build: 20240516)) which includes a number of plugins including:
- localo365
- authoidc
- repositoryoffice365
However, one of the builtin plugins (repositoryonedrive OneDrive Respository) includes a CRON task which executes and fails. The task self delays for 24 hours and then fails the following day around the same time. This environment and config was set up in Feb 2022 but has started failing around the time we upgraded from 4.3 to 4.4.
The CRON task gets an issuerID from config (which comes back with “1”) and then gets an issuer via oauth (comes back with the issuer object shown below).
$issuerid = get_config('onedrive', 'issuerid');
$issuer = coreoauth2api::get_issuer($issuerid);
Issuer object returned:
$issuer = {
data: {
id: "1",
timecreated: "1644397767", // 09/02/2022 09:09:27
timemodified: "1683811635", // 11/05/2023 13:27:15
usermodified: "96",
name: "Microsoft",
image: https://www.microsoft.com/favicon.ico,
baseurl: "",
clientid: "<<guid_removed>>",
clientsecret: "<<removed>>",
loginscopes: "openid profile email user.read",
loginscopesoffline: "openid profile email user.read offline_access",
loginparams: "",
loginparamsoffline: "",
alloweddomains: "<<two domains removed>>",
scopessupported:null,
enabled: "1",
showonloginpage: "1",
basicauth: "0",
sortorder: "0",
requireconfirmation: "1",
servicetype: "microsoft",
loginpagename: ""
},
errors:[],
validated:true
}
Finally it attempts to get a systemauth via oauth using the issuer but this comes back with false (bool) which the task checks for and throws a repository_exception with detail = “Cannot connect as system user”:
// Add the current user as an OAuth writer.
$systemauth = coreoauth2api::get_system_oauth_client($issuer);
if ($systemauth === false) {
$details = 'Cannot connect as system user';
throw new repository_exception('errorwhilecommunicatingwith', 'repository', '', $details);
}
I’ve checked that the clientID/secret are valid on the Azure side.
The Azure team assure me that no incoming messages have been received.
We’ve not changed any config on either Azure or Moodle around this area.
Other than that, I don’t know what else to do to dig deeper into the call that fails. I’m not even too sure what the purpose of the task is. My guess is that it appears to be clearing down temporary permissions to access onedrive files after 7 days.
The ondrive respository CRON task class file can be found here.