LTI 1.1 misaligned auth after 22.10 upgrade
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Mahara |
Won't Fix
|
Undecided
|
Unassigned |
Bug Description
Mahara: 22.10.0
OS: Linux 20.04
DB: Postgres
Browser: n/a
Post an upgrade from 21.10 to 22.10, the LTI auth for an institution is misaligned and users can no longer log in.
Scenario with LTI integrated Blackboard LMS:
- In 21.10, create an institution1 with 1 LIT auth "Web services"
- Created 2 enabled registered external apps:
1. "Blackboard LTI" <- owner was deleted but still exists (i.e. create app then delete user)
2. "Blackboard LTI Mahara" <- genuine LTI and owner still exists
- Crete users in instintution1 with "webservice" auth
- Upgrde to 22.10
- All users should be converted to "Blackboard LTI Mahara" as that is the valid instance.
What happens: the users are still linked to the "webservice" auth which doesn't have any valid registered apps.
An additional SQL during the upgrade should:
* update all auth_remote_user records from the old auth to the new auth
* update all usr records from the old auth to the new auth
* the old "webservice" auth in the institution should be deleted
The problem I see is when there are two or more LTI auth that exist before the upgrade. Which one should Mahara choose automatically? I don't think we can make the decision there and will need to discuss.